Everyone with broadband should have some other device between their computer and the big, bad internet to handle firewall duties.
The sad truth is that they don't, hence the plethora of botnets run by scumbags. The sheeple tend to plug their PCs right into their cable/dsl modems. Many (though not all) of the broadband providers are guilty of facilitating this by handing out cheap modems that don't double as firewall/routers.
Access to media outlets is not generally blocked -- I can't think of a single site that is, unless it includes pr0n. The only exception may be some of the European rags that included the so-called "page 3 girls" nudie pix. And those used to be up...may still be now.
Here's an idea for those naysayers who are using this article for political grandstanding (pro or con) -- join the military and discover for yourself what is blocked or not.
Shut the hell up and sling some more code, like now. And make sure you document it before checking it in with CM.
WTF do you mean you need another %&#()) tool? EMACS isn't sufficient?
Damn whiners.
This sounds like the hated WINS or SAP... I thought we were moving away from broadcast-based schemes. Why not just bite the bullet and use DNS with resource records? Oops...that's too difficult for the average user too.
And then for the home user we have such insecure options as the universal PnP discovery service.
You really should research what you say before spewing lies.
Lies?
Here's what is in the wiki... Finally, it is best to stick with the advice given by Apple and format the windows partition as fat32. If you use ntfs there is a possibility the GPT/MBR partition tables will no longer agree. However if you do decide to stick with fat32 your windows partition cannot be greater than 32GB.
Great... Apple wants you to run the XP partition as FAT32 instead of NTFS... can we possibly make it more insecure?
Caveat emptor: I haven't bought my Mac yet so I can say that I haven't tried this... yet.
...before some non-open source software vendor comes along and gets a court order to shut this down or other such injunction / legal action claiming release of proprietary information?
For the noob, Expert's Exchange isn't free. You have to either answer questions to get awarded points, or buy them outright. It started off free, but then progressed to its current model.
So somebody notifies them of a problem 40 days ago and they have time to fix a BETA but not the actual released product?
A similar thought crossed my mind. The only thing I can rationalize is that the pre-release Betas are on a different (and looser) development cycle so bugfixes can be more quickly made available. Less functionality testing is required because it isn't in production. If the patch breaks something, try again.
Things are more stringent on the production side of the house. That said, they need to pull out all stops to fix security holes.
The vulnerability has also been confirmed in Internet Explorer 7 Beta 2 Preview (January edition) though it could be avoided by turning off Active Scripting, as suggested by Microsoft Security Response Center blog.
Per the same blog, the 20 March release of IE7 Beta is not vulnerable.
With Apple's Intel offerings starting to look great, people that want to run OS X for fun will be swayed once they try it, and people like me who have no use for XP are already planning on buying a new MacBook for OSX/Linux dual boot.
Makes sense for part of the user base, but as is pointed out elsewhere in this thread, Alienware's primary market is the hardcore gamer... and unfortunately the bulk of the hardcore games run on Windowz. Yes, there is WINE, VMWare and some ported games, but...
1. It's a game. Go on with your life and stop whining.
2. Suspect there is more to this story that we're being fed. The most interesting and enlightening component is the apparent successful use of WINE for a graphically-intensive app.
3. Blizzard isn't clean here, but they've undoubtedly been tricked before by various nefarious actors and so one can see how they might be just a little bit suspicious of this activity.
4. Sounds like he's quibbling about the TOS -- one can see how Blizzard would interpret 'botism' to include use of recurring macros whilst the character is flagged as do-not-disturb, and repetitively hits the same mob(s). In his defense, one could argue that Blizzard should increase the randomization, and perhaps randomly in-game nuke (or whatever happens in WoW) characters engaged as such.
5. Maybe he should claim membership in the GLBT guild, and cry discrimination.
6. It's a game.
7. See #6.
This could be a hit, if the costs keep down, for the small-medium business and home broadband markets. But I have trouble seeing how this will take significant market share in the Enterprise except for perhaps edge or LAN devices. For one thing, you pay Cisco, Juniper, Foundry, whomever for wire-speed implementations (among other issues) that rely largely on the ASICs and the overarching hardware architecture, beyond just the OS.
For the home market, there are already open-source software solutions such as for the Linksys WRT54-series wireless router, which is itself based on the GPL. See http://www.wi-fiplanet.com/tutorials/print.php/356 2391 for more info.
Until someone funds an open-source chip foundry, these won't replace the core.
Even the drive shafts on those things are so massive that they can never be allowed to stop turning or gravity will bend them and they'll become useless
Actually, it's more a factor of balancing the thermal loads (vice gravity) on the turbine blades and shaft to prevent uneven cooling, which would cause warping and possible blade damage. The physical clearances are rather tight, and if the thing warps...bad juju.
Enterprise never carried any propulsion parts as all that was needed was boilerplate parts of the same mass for the drop tests.
Mod parent up. This is entirely correct. Enterprise was mostly a shell, other than the cockpit, hydraulic systems, APU, flight controls and airframe. No engines or exo-atmospheric / on-orbit gear to speak of.
Also remember that Enterprise whoilly consists of original equipment...it has never been upgraded so at this point in the lifecycle, very little could be used on the other orbiters.
If worse comes to worse they could probably steal parts from Enterprise (sitting in a museum in Dulles VA) if something unique and expensive breaks.
They already have... at least the RCC wing panels were taken for testing after the Columbia failure.
Let's be fair here, fellow/.'ers... if this was MSFT we were talking about, the flames and castigations would be vociferous and widespread. Apple is doing some of the same bullying activity that we all dislike Microsoft for here. Where are the shills?
Ok, you can have your choices...
We can ask Redmond to fix the security vulnerabilities, we can ask Redmond to bring back the Teletubbie Hill with Vista, or we can ask them to fix various USB-related and ACPI power issues. Choose 1.
Don't be picky.
It definitely is a trojan, and a harmless one at that. It seems that if you have configured your computer correctly, you would have to enter your admin password in order to allow it to do any harm.
You raise valid points here. This is a single instance, but undoubtedly more will come and we need to view these developments agnostically.
Unfortunately, despite all best efforts to dissuade the novices, folks still tend to run as root or admin on their systems. A large percentage of Windows virii won't infect unless the user has admin privs, and unfortunately, M$ doesn't do a good enough job of dissuading this in their earlier platforms. Vista supposedly (I haven't hacked on it yet) does a better job of pushing least privilege and a *nix-like SU model (but since at least the 2000 platform, the RUN AS option existed) -- don't know how this'll work with the clueless crowd yet.
The advantage of *nix is that it at least (in most cases) makes the user think twice about running as root.
My point is - if we get novices (and some lazy experienced types) using OS X or RedHat or whatever, some will undoubtedly run as root, admin etc because they are too lazy or too clueless to run as least privileges. Ergo, the existance OS X virii & trojans should not be taken lightly.
In addition to the memory/cpu hogging, Debianized FireFox also crashes very very often...:-(
This seems to plague the Win32 build as well -- Firefox used to work like a charm, but since upgrading to the 1.5x branch it seems to crash all too frequently. Can't peg a cause other than the fact that having multiple pages open seems to cause the problem (3 typically does the trick). Annoying as heck.
The problem with that is, in order for the revocation to take effect the user needs to download the root certs update which will be provided by their browser vendor/
Err...sort of. The user would need a root update if the SSL vendor's root isn't already contained in the user's browser cache. If they didn't have the correct root, then the "valid" SSL cert would appear invalid to the browser because the cert couldn't be traced back down the chain.
To check for certificate revocation, you have to have your browser set to do so. The latest build of IE6 doesn't have this enabled by default for the target server (although it does have publisher revocation checking enabled by default). Not sure about Firefox. Both Firefox and Windows (though not via IE) provide the ability to upload certificate revocation lists locally.
Slashdot Mirror
Everyone with broadband should have some other device between their computer and the big, bad internet to handle firewall duties.
The sad truth is that they don't, hence the plethora of botnets run by scumbags. The sheeple tend to plug their PCs right into their cable/dsl modems. Many (though not all) of the broadband providers are guilty of facilitating this by handing out cheap modems that don't double as firewall/routers.
Access to media outlets is not generally blocked -- I can't think of a single site that is, unless it includes pr0n. The only exception may be some of the European rags that included the so-called "page 3 girls" nudie pix. And those used to be up...may still be now.
Here's an idea for those naysayers who are using this article for political grandstanding (pro or con) -- join the military and discover for yourself what is blocked or not.
Shut the hell up and sling some more code, like now. And make sure you document it before checking it in with CM. WTF do you mean you need another %&#()) tool? EMACS isn't sufficient? Damn whiners.
This sounds like the hated WINS or SAP... I thought we were moving away from broadcast-based schemes. Why not just bite the bullet and use DNS with resource records? Oops...that's too difficult for the average user too.
And then for the home user we have such insecure options as the universal PnP discovery service.
Ack.
You really should research what you say before spewing lies.
Lies?
Here's what is in the wiki... Finally, it is best to stick with the advice given by Apple and format the windows partition as fat32. If you use ntfs there is a possibility the GPT/MBR partition tables will no longer agree. However if you do decide to stick with fat32 your windows partition cannot be greater than 32GB.
Great... Apple wants you to run the XP partition as FAT32 instead of NTFS... can we possibly make it more insecure?
Caveat emptor: I haven't bought my Mac yet so I can say that I haven't tried this... yet.
...before some non-open source software vendor comes along and gets a court order to shut this down or other such injunction / legal action claiming release of proprietary information?
And I should have added that you use points to pay for access to answers...archived ones, at least...and to "pay" folks who answer you.
how is this better than... Expert's Exchange
For the noob, Expert's Exchange isn't free. You have to either answer questions to get awarded points, or buy them outright. It started off free, but then progressed to its current model.
So somebody notifies them of a problem 40 days ago and they have time to fix a BETA but not the actual released product?
A similar thought crossed my mind. The only thing I can rationalize is that the pre-release Betas are on a different (and looser) development cycle so bugfixes can be more quickly made available. Less functionality testing is required because it isn't in production. If the patch breaks something, try again.
Things are more stringent on the production side of the house. That said, they need to pull out all stops to fix security holes.
The vulnerability has also been confirmed in Internet Explorer 7 Beta 2 Preview (January edition) though it could be avoided by turning off Active Scripting, as suggested by Microsoft Security Response Center blog.
Per the same blog, the 20 March release of IE7 Beta is not vulnerable.
Caveat emptor... I haven't tested it.
Oops...better run Windows. Errr...maybe not. Back to UNICS (http://support.internetconnection.net/DEFINITIONS /Definition_of_Unix.html).
With Apple's Intel offerings starting to look great, people that want to run OS X for fun will be swayed once they try it, and people like me who have no use for XP are already planning on buying a new MacBook for OSX/Linux dual boot.
Makes sense for part of the user base, but as is pointed out elsewhere in this thread, Alienware's primary market is the hardcore gamer... and unfortunately the bulk of the hardcore games run on Windowz. Yes, there is WINE, VMWare and some ported games, but...
1. It's a game. Go on with your life and stop whining. 2. Suspect there is more to this story that we're being fed. The most interesting and enlightening component is the apparent successful use of WINE for a graphically-intensive app. 3. Blizzard isn't clean here, but they've undoubtedly been tricked before by various nefarious actors and so one can see how they might be just a little bit suspicious of this activity. 4. Sounds like he's quibbling about the TOS -- one can see how Blizzard would interpret 'botism' to include use of recurring macros whilst the character is flagged as do-not-disturb, and repetitively hits the same mob(s). In his defense, one could argue that Blizzard should increase the randomization, and perhaps randomly in-game nuke (or whatever happens in WoW) characters engaged as such. 5. Maybe he should claim membership in the GLBT guild, and cry discrimination. 6. It's a game. 7. See #6.
Hillary is not a socialist, she is just a career politican, an authocrat and ... quite nuts.
One could argue, as many conservatives do, that she displays a marxist bent.
This could be a hit, if the costs keep down, for the small-medium business and home broadband markets. But I have trouble seeing how this will take significant market share in the Enterprise except for perhaps edge or LAN devices. For one thing, you pay Cisco, Juniper, Foundry, whomever for wire-speed implementations (among other issues) that rely largely on the ASICs and the overarching hardware architecture, beyond just the OS.
6 2391 for more info.
For the home market, there are already open-source software solutions such as for the Linksys WRT54-series wireless router, which is itself based on the GPL. See http://www.wi-fiplanet.com/tutorials/print.php/35
Until someone funds an open-source chip foundry, these won't replace the core.
Even the drive shafts on those things are so massive that they can never be allowed to stop turning or gravity will bend them and they'll become useless Actually, it's more a factor of balancing the thermal loads (vice gravity) on the turbine blades and shaft to prevent uneven cooling, which would cause warping and possible blade damage. The physical clearances are rather tight, and if the thing warps...bad juju.
Enterprise never carried any propulsion parts as all that was needed was boilerplate parts of the same mass for the drop tests. Mod parent up. This is entirely correct. Enterprise was mostly a shell, other than the cockpit, hydraulic systems, APU, flight controls and airframe. No engines or exo-atmospheric / on-orbit gear to speak of. Also remember that Enterprise whoilly consists of original equipment...it has never been upgraded so at this point in the lifecycle, very little could be used on the other orbiters.
If worse comes to worse they could probably steal parts from Enterprise (sitting in a museum in Dulles VA) if something unique and expensive breaks.
They already have... at least the RCC wing panels were taken for testing after the Columbia failure.
Neither... it's called a tax write-off.
Let's be fair here, fellow /.'ers... if this was MSFT we were talking about, the flames and castigations would be vociferous and widespread. Apple is doing some of the same bullying activity that we all dislike Microsoft for here. Where are the shills?
Ok, you can have your choices...
We can ask Redmond to fix the security vulnerabilities, we can ask Redmond to bring back the Teletubbie Hill with Vista, or we can ask them to fix various USB-related and ACPI power issues. Choose 1.
Don't be picky.
It definitely is a trojan, and a harmless one at that. It seems that if you have configured your computer correctly, you would have to enter your admin password in order to allow it to do any harm.
You raise valid points here. This is a single instance, but undoubtedly more will come and we need to view these developments agnostically.
Unfortunately, despite all best efforts to dissuade the novices, folks still tend to run as root or admin on their systems. A large percentage of Windows virii won't infect unless the user has admin privs, and unfortunately, M$ doesn't do a good enough job of dissuading this in their earlier platforms. Vista supposedly (I haven't hacked on it yet) does a better job of pushing least privilege and a *nix-like SU model (but since at least the 2000 platform, the RUN AS option existed) -- don't know how this'll work with the clueless crowd yet.
The advantage of *nix is that it at least (in most cases) makes the user think twice about running as root.
My point is - if we get novices (and some lazy experienced types) using OS X or RedHat or whatever, some will undoubtedly run as root, admin etc because they are too lazy or too clueless to run as least privileges. Ergo, the existance OS X virii & trojans should not be taken lightly.
In addition to the memory/cpu hogging, Debianized FireFox also crashes very very often... :-(
This seems to plague the Win32 build as well -- Firefox used to work like a charm, but since upgrading to the 1.5x branch it seems to crash all too frequently. Can't peg a cause other than the fact that having multiple pages open seems to cause the problem (3 typically does the trick). Annoying as heck.
The problem with that is, in order for the revocation to take effect the user needs to download the root certs update which will be provided by their browser vendor/
Err...sort of. The user would need a root update if the SSL vendor's root isn't already contained in the user's browser cache. If they didn't have the correct root, then the "valid" SSL cert would appear invalid to the browser because the cert couldn't be traced back down the chain.
To check for certificate revocation, you have to have your browser set to do so. The latest build of IE6 doesn't have this enabled by default for the target server (although it does have publisher revocation checking enabled by default). Not sure about Firefox. Both Firefox and Windows (though not via IE) provide the ability to upload certificate revocation lists locally.