I don't care if Flash is 50% faster than HTML5 video. I don't want the vulnerability-laden Flash on my primary OS just to watch a YouTube video. Period.
Recently quit a lot of independent security researchers and companies showed evidence that if you do any kind of business in China, you are BOUND to be hacked by "someone" from China. They also said that there is no defence against it (the China attacks will eventually always succeed).
Google was one of the victims of such attacks. They considered the facts. What do we get by doing business in China?
1) Small market share (the Chinese search engine Baidu dominates the search engine market in China)
2) Trojans on our internal networks.
Let's give up (because of 1 and 2). But let's do it in a way that wins us PR points. Let's do it in a way that makes us look good. Like, true fighters for freedom.
Let's tell them we're not going to obey their laws and regulations. We (Google) KNOW that they will not allow us to get away with that. But we don't care, because we've decided to leave anyway.
... because hardware means accountability and traceability. Software intrusions are much more convenient for them because the attacks are practically anonymous and nobody can really prove who in China carried them out.
IE has something better. Learn something about Trusted Sites and the myriads of settings you can apply to them (like enabling scripting).
You can argue about easy of use, but that's not what you talked about. You talked about security. And blocking scripts on per-site basis (using lists) IS possible already in IE6.
Replace "bully their way" with "pay statutory and/or actual trademark infringement damages AND purchase a license from Fujitsu to use the trademark like any decent business should have", and you might be on the right track.
You know, there's a difference between "doesn't work" and "works differently".
So, to the moronic moderator who modded me Troll -- DirectSound does work on Windows Vista and 7 (no matter how much you apparently wish it wasn't true).
From TFA: "To be sure, Kurmus's attack only worked because Twitter's API allowed him to post the captured data steam to a tweet that he was then able to retrieve."
While the glitch itself was minor and was fixed in a few days
Pardon my ignorance, the glitch was minor?
What?
The fact that emails contain back-mailed passwords to many kinds of online services, including those involving payments (which is stupid practice, but the online service providers do it anyway, they send you the password when you sign up)...
The fact that I can reset your password to any third-party online service account where I know that you use it and that you associated it with this email account...
Still minor glitch? Reading others emails? Really? I or TFA must be missing something.
If you think you're protected by disabling JavaScript -- you're not. The same attack can be performed without JavaScript. You just compromise the iframe content (either on the nytimes server or on the ad server). Why they used JavaScript is beyond me. They didn't have to.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
So you think it's ok to see a total misleading bullshit moderated +5 Informative? Then you must be a crazy person. The moderation system is there to weed out nonsense, garbage and crap and to promote only quality posts to the the +5 level.
I will continue to mod any incorrect or misleading posts down, because that's one of the reasons why I have mod points.
and over 8-10 chars if there is a hardware mechanism that locks permanently or refuses access for longer and longer periods of time the more wrong guesses given)
How do you know that the TPM key has been generated securely [i.e. it's something more secure than SHA2 (some_serial_number + manafacturer key)] and that it has no backdoor? Do you feel secure using black boxes?
Slashdot Mirror
Flash is more than a video player.
The only website where I happen to be required to use Flash is YouTube. For more, it's nothing more than a video browser plugin.
The Flash plug-in is not going away.
Away from my OS, it is.
I don't care if Flash is 50% faster than HTML5 video. I don't want the vulnerability-laden Flash on my primary OS just to watch a YouTube video. Period.
What this is all about.
Recently quit a lot of independent security researchers and companies showed evidence that if you do any kind of business in China, you are BOUND to be hacked by "someone" from China. They also said that there is no defence against it (the China attacks will eventually always succeed).
Google was one of the victims of such attacks. They considered the facts. What do we get by doing business in China?
1) Small market share (the Chinese search engine Baidu dominates the search engine market in China)
2) Trojans on our internal networks.
Let's give up (because of 1 and 2). But let's do it in a way that wins us PR points. Let's do it in a way that makes us look good. Like, true fighters for freedom.
Let's tell them we're not going to obey their laws and regulations. We (Google) KNOW that they will not allow us to get away with that. But we don't care, because we've decided to leave anyway.
Rather than sending this to "Ask Slashdot", you ought to send it to "Ask a Lawyer" (prepare to pay).
and also having no intention to use Windows 7 any time in the near future
The browser ballot is presented to Windows XP and Vista users as well (via auto-update).
... because hardware means accountability and traceability. Software intrusions are much more convenient for them because the attacks are practically anonymous and nobody can really prove who in China carried them out.
IE has something better. Learn something about Trusted Sites and the myriads of settings you can apply to them (like enabling scripting).
You can argue about easy of use, but that's not what you talked about. You talked about security. And blocking scripts on per-site basis (using lists) IS possible already in IE6.
Parallel Algorithm Leads To Crypto Breakthrough
Crypto Breakthrough? Huh? What's that supposed to mean?
I mean, yes, his DES-cracking hardware is about 800x faster than a PC. Where's the "Crypto Breakthrough"?
Replace "bully their way" with "pay statutory and/or actual trademark infringement damages AND purchase a license from Fujitsu to use the trademark like any decent business should have", and you might be on the right track.
Even if your car had such a bizarre tank, I can't see any "orders of magnitude" difference there between 1/2 and 1/4. You do?
My comprehension is fine
Uh, no, it isn't. You've confirmed it again.
They gave us a "simple car analogy". Is the tank in your case somehow "base 2"? Practice your reading comprehension before commenting any further.
you assume that tank-fullness linear?!
LOL. Yes, of course. They wanted to give us a "simple car analogy". Or is the tank in your car somehow non-linear?
You know, there's a difference between "doesn't work" and "works differently".
So, to the moronic moderator who modded me Troll -- DirectSound does work on Windows Vista and 7 (no matter how much you apparently wish it wasn't true).
DirectSound doesn't even work on Windows7
Where did you hear that? Because, that's nonsense (or, as you say, complete bogus).
From TFA: "To be sure, Kurmus's attack only worked because Twitter's API allowed him to post the captured data steam to a tweet that he was then able to retrieve."
> and at least some of the attack scenarios are not uncommon.
That sentence is modded informative? Where is the informative part? WHICH scenarios? References?
While the glitch itself was minor and was fixed in a few days
Pardon my ignorance, the glitch was minor?
What?
The fact that emails contain back-mailed passwords to many kinds of online services, including those involving payments (which is stupid practice, but the online service providers do it anyway, they send you the password when you sign up)...
The fact that I can reset your password to any third-party online service account where I know that you use it and that you associated it with this email account...
Still minor glitch? Reading others emails? Really? I or TFA must be missing something.
Huh? I mean seriously what are these Mozilla people talking about?
Open source projects have been exempted by the US from crypto export restrictions for years.
See this page:
http://www.bis.doc.gov/encryption/pubavailencsourcecodenofify.html
The only thing an open source admin needs to do is to notify the authorities of the fact that he is making it available for download. That's it.
I wonder how good the Mozilla lawyers really are...
If you think you're protected by disabling JavaScript -- you're not. The same attack can be performed without JavaScript. You just compromise the iframe content (either on the nytimes server or on the ad server). Why they used JavaScript is beyond me. They didn't have to.
Could this spell the beginning of the end for IE?
Or the end of privacy?
And the most important piece of information comes at the very end of the summary (just not to diminish the sensation or prevent FUD):
They do not work on newer WPA 2 devices or on WPA systems that use the stronger Advanced Encryption Standard (AES) algorithm.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
So you think it's ok to see a total misleading bullshit moderated +5 Informative? Then you must be a crazy person. The moderation system is there to weed out nonsense, garbage and crap and to promote only quality posts to the the +5 level.
I will continue to mod any incorrect or misleading posts down, because that's one of the reasons why I have mod points.
and over 8-10 chars if there is a hardware mechanism that locks permanently or refuses access for longer and longer periods of time the more wrong guesses given)
How do you know that the TPM key has been generated securely [i.e. it's something more secure than SHA2 (some_serial_number + manafacturer key)] and that it has no backdoor? Do you feel secure using black boxes?
Isn't this a way to permanently disable Flash cookies?
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html
Note that this isn't just documentation. If you have Flash installed, the first what looks like a screenshot is actually the Flash config panel.
Adobe could improve it by adding "Clear all cookies on exit".