The point with most (all) MSIE-exploits is that you have to visit a page that has an exploit.
No, the page can visit YOU via the HTML email feature of Outlook Express, Outlook, and even Eudora in some cases. Until very recently, scripting and ActiveX were enabled by default for incoming emails on most mail clients.
>> Best they stick to what they do but focus their attention at serving their customer base and not catering to the OEMs.
News flash: Their customer base is the OEMs, not the readers. Your paltry few bucks per issue barely covers the cost of postage or distribution. The advertisers pay most of the costs.
>> If C# doesn't support a language feature, >> then you bet your Bill Gates nose stain >> that the Prolog port won't either
C# is just one of many languages available for.NET; Microsoft itself supports JScript and VB.NET in addition to C#. There's even a COBOL. Not all of the CLR's capabilities are exercised by every language, and C# is not the superset of them all. I'm sure Microsoft will need to expand the CLR functions to efficiently accomodate new languages that people want to port to the platform, but what do you expect for a 1.0 version?
Yep. Take a look here to see Microsoft's plans for cozying up to the DRM folks. The strange thing is that the final presentation on "Mercury" isn't available. That was the most interesting one. It was about how the DRM software would manage rights for portable media players over the Internet using public/private keys. And of course, Microsoft runs this whole DRM infrastructure for a nice fee.
I was there for most of the live presentation, and during the Q&A someone got up and asked what would happen if the keys were compromised, for example someone found a way to hack the unique id in a player. The MS guy indicated that the keys for an entire brand/model of player could be shut off if necessary. The next question, of course, was how the buyers of those players would feel when their expensive players became useless. The MS guy said that the decision to shut off access wouldn't be Microsoft's, but they could do so on a court order, for example.
Why would someone want to buy a portable media player (or desktop media player for that matter) that could become worthless a few months later because someone else hacked it and rendered the DRM insecure? You wouldn't. Why would a manufacturer want to take the chance that they'd be involved in a messy class-action suit from customers because their portable media player now can't play music? They wouldn't.>/b>
Are these boxes running NT with Dell "enhancements" or is this really 2000 or XP? NT didn't support power management so any that's in there is from Dell.
If these are 2000/XP boxes, do you have WMI enabled? If so you could connect to each box through a script and change the appropriate registry setting. You can also use WMI if you have explicitly installed it on NT. If you have 4000 Windows boxes you should definitely already be using WMI.
Do you have a common company-wide home page set for these users? Do they use IE4 or higher? If yes to both, you could put an ActiveX control on that home page and have it make the changes you need. Since your company home page is on the network behind the firewall it will be in the "local intranet" security zone and the user won't be queried when the ActiveX is installed.
Hidden Slashdot posts
on
Pet Bugs?
·
· Score: 4, Interesting
When I go to the front page I see one set of topics. If I go to "older stuff" I see a few topics there that seem like they should be on the front page, but aren't. I haven't checked any boxes under the preferences page's "Exclude stories from home page" so I would think they would all show up.
I know this must be happening for most Slashdot readers because the topics I don't see have maybe a dozen posts after a day. So is it happening to you too?
Thank you, but I prefer that *I* keep track of how I work, who I talk to, what I look at, how I make *my* documents, and with whom *I* share them. It's not up to the system to decide which data belongs to me since to do so it must analyze my things. To insinuate oneself either personally, or impersonally through the operating system would be simply rude.
In order to manage complexity we give up some control. We delegate. We let the computer decide how to manage memory, and where to put files on the disk. We let farmers grow the food and we buy it at Safeway. We let Texaco decide how to formulate the gasoline that goes into our cars.
Yes, there are downsides to delegating (file fragmentation, pesticide-laced food, and lead/MTBE respectively in the cases above) but we solve the problem as best we can and move on.
Computers have some serious problems right now, and MS is right that a LOT of them revolve around authentication. Yes, people could sign everything with PGP but they don't and the average computer user won't until it's integrated into their email package and other apps in a very convenient way.
At least Microsoft is trying to address the problem. Maybe their solution will be as wonderful as pesticide-laced foods, but the Linux community can always put out an organic alternative. If the MS solution turn out to be a cloaked attempt to force Hollywood DRM down our throats, consumers will reject it.
ASP is pretty language-agnostic. You can use VBScript, JScript, or PerlScript to write the code in the pages. Since ASP does a lot of nice things for its hosted languages (session context, form parsing, script precompile/caching) I can't see why you'd want to go Perl CGI when you could go PerlScript ASP.
And why is this modded "Funny"? In another couple of months when we start to hear about the fraud, come back and change it to insightful.
Given the cost of running a server farm and streaming a movie's worth of bandwidth I have to wonder whether getting the credit card for fraud wasn't the whole point all along.
... it's just a freaking bookstore, and it's always been just a freaking bookstore.
Right, a "bookstore" where you can buy games, electronics, toys, computer parts, cameras, barbeque grills, and patio furniture. New or on consignment. Where everything from DVDs to wind chimes can be reviewed by the people who bought it (yes I take the reviews with a grain of salt). Find me a physical store where you get this kind of selection and information.
Amazon has problems, no argument there, but they also have been using technology in ways that you shouldn't trivialize.
I try to do cross-browser pages but Opera falls short of Mozilla, NS6, or even IE5. By default it lies and identifies itself as IE in the user agent field. DOM2 support is almost totally missing although some functions seem to be there but are non-functional stubs. Arrrrgh! Here's a list of documented Opera annoyances.
Slashdot just told us that workstations are dirtier than toilets and now Sun wants people to share them on a regular basis? Be sure to bring a can of Lysol in your briefcase.
There are several problems that will prevent set top boxes from being sold in retail any time soon, regardless of that law.
The retailers say they can't make enough money selling only the boxes, and they deserve some money from the cable companies as well. (This is the cell phone model, Best Buy is getting kickbacks when they sell you that handset for 1 cent.)
They're also rightly concerned about the stability and ubiquity of the standards. Look at cable modems, which have become mostly a success story for retail sales. It only made sense for them to start selling DOCSIS cable modems when all the cable companies had deployed standards-compliant systems and the standards had shaken out. That has yet to happen with digital TV, it's probably a few years off.
Finally, they're afraid of having the content rug pulled out from under them with the down-res issue, and be stuck with stuff that the public is too smart to be suckered into buying. Here's an interesting letter from the NCTA to the FCC (PDF format) where the NCTA's weak response to that is "...without some affirmative action by the cable operator...those content restrictions will not be applied." Well, duh! So do you think Disney's contract with Time Warner will let them carry the Disney Channel and not turn on those restrictions?
If you live in an area served by Time Warner AOL cable, they will give you the choice-limiting box as part of the service. For analog service, you can simply bypass the box and use your cable-ready TV. But for digital cable and premium channels, you'll have to use their box.
Don't expect to buy some unencumbered replacement box from another source either. Most of these boxes are made just for the cable industry. Yes there are gray-market sources, so you can get a box that lets you watch HBO for free. That constitutes theft of service under 47 U.S.C section 553. They could use the same argument for these new boxes.
I agree, dirty tactics--on the part of the states. The Register actually posted some of the record from the trial. The states sprung this on both MS and the judge despite their expert working on it for at least two months. They delivered 67 CD-ROMS and 10 different builds of XP Embedded to MS as part of discovery. Don't you think it will take a few months to go through all that?
Read the record, you'll see the judge is rightly more pissed with the states than MS about this point.
Please don't let me disturb your conspriracy theory, but perhaps Microsoft really did need some time to build a defense to the last-minute introduction of the XP Embedded demo.
For example, let's say the states introduced into evidence an XP Embedded build that included no browser components, just a TCP/IP stack. No HTML rendering engine, no Internet cache, no Internet HTTP/FTP protocol support, no URL parsing routines, no system JavaScript. All of these are part of the existing documented Windows OS APIs, but browsers like Netscape don't use them because they invent their own wheels for portability's sake. So you should be able to show this particular build of XP Embedded running Netscape and having no part of Windows Internet technologies installed.
If the states try this, I would expect Microsoft to show that a lot of third-party software will not work properly with so much of the Windows API ripped out. That would include Quicken and my own script-based software, just to mention a couple dear to my heart.
Anyway, my point is that Microsoft probably does need some time to respond, and the time will depend on what the states plan to present. The word indefinite can mean "unlimited" but can also mean "not clear". Perhaps the time they need isn't clear until they have a chance to see what the states are planning.
All SCSI drives ship with write caching turned off. This is because they figure if you were willing to pay for a SCSI drive you must value your data.
All IDE drives ship with write caching turned on. This is because they want to win all the lame benchmarks that people run. Plus, they're mostly used in desktop PCs where you can blame disk corruption on lots of different things.:-)
A fifty percent pay cut says, "We know many of you will quit because of this horrendous abuse we are imposing on our employees, and to us, this is good, because if we just fired you, we'd have to pay unemployment benefits"
Ah, but that's the beauty of the way they're handling this. The pay cuts come almost immediately for the company, in a big lump sum. If someone doesn't like it they can A) find another job after a few weeks of hunting and quit after the company has already docked their pay 50 percent, or B) quit immediately and save the company even more money. The company can't lose! </sarcasm>
If you are an embedded systems software guy who wants to shoe-horn XP into hypothetical Windows-TiVo box, then XP Embedded is great. You get all the network and device support of XP but you don't have to bring along the UI which doesn't work so well on a TV screen. You control all the software that goes into the box. Life is good.
On a PC, XP Embedded or an equivalent Minimal Windows would be a nightmare. The user is now in the position of trying to manage which components go into the system without any technical knowledge of how they fit together, or even what they do.
Lets say the courts tell MS to rip out IE. The C:\Program Files\Internet Explorer\IExplore.exe file is only 89KB but they must be assuming you don't need all the components that IE uses: an HTML rendering window, an HTTP protocol handler, a common Internet file cache, a JScript engine, and so on.
Prepare ointment for fly insertion: All these components are documented in the Windows SDK and usable by third party apps. Programs like Quicken use them. Other parts of the OS such as Windows Scripting Host use them. *I* use them. If they aren't installed with the OS then developers who have built on them are screwed (and thus users are screwed by transitivity). I don't want to rewrite my apps, and neither does Intuit.
Maybe MS will let us distribute the pieces ourselves. What a mess that would be. Maybe you'll be asked to insert your Windows CD or download 40MB from a web site each time an app installs that needs the missing components, I'm sure my users will love that speed bump.
Or is this whole "you can't yank IE" argument about a 89KB IExplore.exe file and the blue "e" desktop icon? Nah, can't be.
I thought I might mod this to Funny but decided to post instead because people seem to be taking it seriously. What makes you think that burning oil will consume less oxygen.
One good thing about burning hydrocarbons is that it produces CO2. Yeah, yeah, global warming etc, but if we increase the CO2 in the atmosphere then it is good for the living things that need CO2 to live--plants. There is already some evidence that higher CO2 levels are causing increased crop yields. Here's one reference that Google brought up. The plants will produce oxygen in return, and life will be good again. So even if we convert to Hydrogen for cars, maybe we'll keep a few dozen coal and oil power plants in service to produce CO2 for our friends the plants.
Slashdot Mirror
The point with most (all) MSIE-exploits is that you have to visit a page that has an exploit.
No, the page can visit YOU via the HTML email feature of Outlook Express, Outlook, and even Eudora in some cases. Until very recently, scripting and ActiveX were enabled by default for incoming emails on most mail clients.
>> Nobody will accept Ziff Davis doing games.
Huh? They have owned Computer Gaming World for quite a while.
>> Best they stick to what they do but focus their attention at serving their customer base and not catering to the OEMs.
News flash: Their customer base is the OEMs, not the readers. Your paltry few bucks per issue barely covers the cost of postage or distribution. The advertisers pay most of the costs.
The NYT article said that ZD lost $30 million on Yahoo Internet Life since its launch. I think that's a pretty good reason to close it.
>> If C# doesn't support a language feature,
.NET; Microsoft itself supports JScript and VB.NET in addition to C#. There's even a COBOL. Not all of the CLR's capabilities are exercised by every language, and C# is not the superset of them all. I'm sure Microsoft will need to expand the CLR functions to efficiently accomodate new languages that people want to port to the platform, but what do you expect for a 1.0 version?
>> then you bet your Bill Gates nose stain
>> that the Prolog port won't either
C# is just one of many languages available for
Yep. Take a look here to see Microsoft's plans for cozying up to the DRM folks. The strange thing is that the final presentation on "Mercury" isn't available. That was the most interesting one. It was about how the DRM software would manage rights for portable media players over the Internet using public/private keys. And of course, Microsoft runs this whole DRM infrastructure for a nice fee.
I was there for most of the live presentation, and during the Q&A someone got up and asked what would happen if the keys were compromised, for example someone found a way to hack the unique id in a player. The MS guy indicated that the keys for an entire brand/model of player could be shut off if necessary. The next question, of course, was how the buyers of those players would feel when their expensive players became useless. The MS guy said that the decision to shut off access wouldn't be Microsoft's, but they could do so on a court order, for example.
Why would someone want to buy a portable media player (or desktop media player for that matter) that could become worthless a few months later because someone else hacked it and rendered the DRM insecure? You wouldn't. Why would a manufacturer want to take the chance that they'd be involved in a messy class-action suit from customers because their portable media player now can't play music? They wouldn't.>/b>
I just can't see how this can come to pass.
Are these boxes running NT with Dell "enhancements" or is this really 2000 or XP? NT didn't support power management so any that's in there is from Dell.
If these are 2000/XP boxes, do you have WMI enabled? If so you could connect to each box through a script and change the appropriate registry setting. You can also use WMI if you have explicitly installed it on NT. If you have 4000 Windows boxes you should definitely already be using WMI.
Do you have a common company-wide home page set for these users? Do they use IE4 or higher? If yes to both, you could put an ActiveX control on that home page and have it make the changes you need. Since your company home page is on the network behind the firewall it will be in the "local intranet" security zone and the user won't be queried when the ActiveX is installed.
When I go to the front page I see one set of topics. If I go to "older stuff" I see a few topics there that seem like they should be on the front page, but aren't. I haven't checked any boxes under the preferences page's "Exclude stories from home page" so I would think they would all show up.
I know this must be happening for most Slashdot readers because the topics I don't see have maybe a dozen posts after a day. So is it happening to you too?
In order to manage complexity we give up some control. We delegate. We let the computer decide how to manage memory, and where to put files on the disk. We let farmers grow the food and we buy it at Safeway. We let Texaco decide how to formulate the gasoline that goes into our cars.
Yes, there are downsides to delegating (file fragmentation, pesticide-laced food, and lead/MTBE respectively in the cases above) but we solve the problem as best we can and move on.
Computers have some serious problems right now, and MS is right that a LOT of them revolve around authentication. Yes, people could sign everything with PGP but they don't and the average computer user won't until it's integrated into their email package and other apps in a very convenient way.
At least Microsoft is trying to address the problem. Maybe their solution will be as wonderful as pesticide-laced foods, but the Linux community can always put out an organic alternative. If the MS solution turn out to be a cloaked attempt to force Hollywood DRM down our throats, consumers will reject it.
>> You don't have that choice with windows/IE
Right, you don't choose. The DLL runs in user space.
ASP is pretty language-agnostic. You can use VBScript, JScript, or PerlScript to write the code in the pages. Since ASP does a lot of nice things for its hosted languages (session context, form parsing, script precompile/caching) I can't see why you'd want to go Perl CGI when you could go PerlScript ASP.
And why is this modded "Funny"? In another couple of months when we start to hear about the fraud, come back and change it to insightful.
Given the cost of running a server farm and streaming a movie's worth of bandwidth I have to wonder whether getting the credit card for fraud wasn't the whole point all along.
To whoever modded this as "Interesting" I think if you reread carefully you will see a drop or two of sarcasm.
Or maybe you liked the B2 bomber analogy for Windows. Just a matter of time until Microsoft drops the big one I guess.
... it's just a freaking bookstore, and it's always been just a freaking bookstore.
Right, a "bookstore" where you can buy games, electronics, toys, computer parts, cameras, barbeque grills, and patio furniture. New or on consignment. Where everything from DVDs to wind chimes can be reviewed by the people who bought it (yes I take the reviews with a grain of salt). Find me a physical store where you get this kind of selection and information.
Amazon has problems, no argument there, but they also have been using technology in ways that you shouldn't trivialize.
I try to do cross-browser pages but Opera falls short of Mozilla, NS6, or even IE5. By default it lies and identifies itself as IE in the user agent field. DOM2 support is almost totally missing although some functions seem to be there but are non-functional stubs. Arrrrgh! Here's a list of documented Opera annoyances.
Slashdot just told us that workstations are dirtier than toilets and now Sun wants people to share them on a regular basis? Be sure to bring a can of Lysol in your briefcase.
...there is no flashing 12:00 on most DVD players.
There are several problems that will prevent set top boxes from being sold in retail any time soon, regardless of that law.
The retailers say they can't make enough money selling only the boxes, and they deserve some money from the cable companies as well. (This is the cell phone model, Best Buy is getting kickbacks when they sell you that handset for 1 cent.)
They're also rightly concerned about the stability and ubiquity of the standards. Look at cable modems, which have become mostly a success story for retail sales. It only made sense for them to start selling DOCSIS cable modems when all the cable companies had deployed standards-compliant systems and the standards had shaken out. That has yet to happen with digital TV, it's probably a few years off.
Finally, they're afraid of having the content rug pulled out from under them with the down-res issue, and be stuck with stuff that the public is too smart to be suckered into buying. Here's an interesting letter from the NCTA to the FCC (PDF format) where the NCTA's weak response to that is "...without some affirmative action by the cable operator...those content restrictions will not be applied." Well, duh! So do you think Disney's contract with Time Warner will let them carry the Disney Channel and not turn on those restrictions?
If you live in an area served by Time Warner AOL cable, they will give you the choice-limiting box as part of the service. For analog service, you can simply bypass the box and use your cable-ready TV. But for digital cable and premium channels, you'll have to use their box.
Don't expect to buy some unencumbered replacement box from another source either. Most of these boxes are made just for the cable industry. Yes there are gray-market sources, so you can get a box that lets you watch HBO for free. That constitutes theft of service under 47 U.S.C section 553. They could use the same argument for these new boxes.
I agree, dirty tactics--on the part of the states. The Register actually posted some of the record from the trial. The states sprung this on both MS and the judge despite their expert working on it for at least two months. They delivered 67 CD-ROMS and 10 different builds of XP Embedded to MS as part of discovery. Don't you think it will take a few months to go through all that?
Read the record, you'll see the judge is rightly more pissed with the states than MS about this point.
Please don't let me disturb your conspriracy theory, but perhaps Microsoft really did need some time to build a defense to the last-minute introduction of the XP Embedded demo.
For example, let's say the states introduced into evidence an XP Embedded build that included no browser components, just a TCP/IP stack. No HTML rendering engine, no Internet cache, no Internet HTTP/FTP protocol support, no URL parsing routines, no system JavaScript. All of these are part of the existing documented Windows OS APIs, but browsers like Netscape don't use them because they invent their own wheels for portability's sake. So you should be able to show this particular build of XP Embedded running Netscape and having no part of Windows Internet technologies installed.
If the states try this, I would expect Microsoft to show that a lot of third-party software will not work properly with so much of the Windows API ripped out. That would include Quicken and my own script-based software, just to mention a couple dear to my heart.
Anyway, my point is that Microsoft probably does need some time to respond, and the time will depend on what the states plan to present. The word indefinite can mean "unlimited" but can also mean "not clear". Perhaps the time they need isn't clear until they have a chance to see what the states are planning.
All SCSI drives ship with write caching turned off. This is because they figure if you were willing to pay for a SCSI drive you must value your data.
:-)
All IDE drives ship with write caching turned on. This is because they want to win all the lame benchmarks that people run. Plus, they're mostly used in desktop PCs where you can blame disk corruption on lots of different things.
This difference alone can give a massive advantage to IDE on write-intensive applications, especially on those new WD drives that have 8MB of cache. Of course if the sytem powers off suddenly you could have a problem, but you have a UPS, right? Also, if you run IDE on Windows, just make sure you keep up with the Windows patches for cache problems:
Write Cache on IDE/ATAPI Disks Is Not Flushed on Shut Down (Q153296)
ScanDisk Runs Even Though Windows Shut Down Correctly (Q273017)
Ah, but that's the beauty of the way they're handling this. The pay cuts come almost immediately for the company, in a big lump sum. If someone doesn't like it they can A) find another job after a few weeks of hunting and quit after the company has already docked their pay 50 percent, or B) quit immediately and save the company even more money. The company can't lose! </sarcasm>
>> really ugly Perl
This should have been moderated as "Redundant"
:-)
If you are an embedded systems software guy who wants to shoe-horn XP into hypothetical Windows-TiVo box, then XP Embedded is great. You get all the network and device support of XP but you don't have to bring along the UI which doesn't work so well on a TV screen. You control all the software that goes into the box. Life is good.
On a PC, XP Embedded or an equivalent Minimal Windows would be a nightmare. The user is now in the position of trying to manage which components go into the system without any technical knowledge of how they fit together, or even what they do.
Lets say the courts tell MS to rip out IE. The C:\Program Files\Internet Explorer\IExplore.exe file is only 89KB but they must be assuming you don't need all the components that IE uses: an HTML rendering window, an HTTP protocol handler, a common Internet file cache, a JScript engine, and so on.
Prepare ointment for fly insertion: All these components are documented in the Windows SDK and usable by third party apps. Programs like Quicken use them. Other parts of the OS such as Windows Scripting Host use them. *I* use them. If they aren't installed with the OS then developers who have built on them are screwed (and thus users are screwed by transitivity). I don't want to rewrite my apps, and neither does Intuit.
Maybe MS will let us distribute the pieces ourselves. What a mess that would be. Maybe you'll be asked to insert your Windows CD or download 40MB from a web site each time an app installs that needs the missing components, I'm sure my users will love that speed bump.
Or is this whole "you can't yank IE" argument about a 89KB IExplore.exe file and the blue "e" desktop icon? Nah, can't be.
I thought I might mod this to Funny but decided to post instead because people seem to be taking it seriously. What makes you think that burning oil will consume less oxygen.
One good thing about burning hydrocarbons is that it produces CO2. Yeah, yeah, global warming etc, but if we increase the CO2 in the atmosphere then it is good for the living things that need CO2 to live--plants. There is already some evidence that higher CO2 levels are causing increased crop yields. Here's one reference that Google brought up. The plants will produce oxygen in return, and life will be good again. So even if we convert to Hydrogen for cars, maybe we'll keep a few dozen coal and oil power plants in service to produce CO2 for our friends the plants.