Mozilla uses almost standards mode for the following conditions:...
* For the IBM doctype (<!DOCTYPE html SYSTEM "http://www.ibm.com/data/dtd/v11/ibmxhtml1-transit ional.dtd">)
This has not been true for quite a while. These days, the IBM doctype actually triggers "Quirks" mode, rather than "almost standards" mode.
Well, I think the main problem with Acrobat in the browser is the LAME thing they do to "speed things up".
To be faster, they don't load the whole document by default... just the part that you are currently viewing. So scrolling around results in tremendously long freezes while it loads data from the network.
Clicking "Save" to save a copy causes a full download, and suddenly the app feels much nicer!:)
Friends don't let friends log in via public key.:) By "thought to be secure", I mean another machine that I really trust (generally meaning administered by me).
If possible, restrict access by source IP address, limit the user accounts w/ SSH access, and don't allow remote root logins.
Another step to improve security if there are very few users is just to ONLY allow public key authentication. I've never seen such a box compromised remotely.
> So the owner of the store is at fault for storing his customers valuables somewhere that it is easy to steal?
If there are consequences for his customers, then yes he may be. It's called negligence, and he could easily be in a lot of trouble for it.
Having said that, you seem to think that this implies a lack of guilt for the robber. It clearly does not. The robber is just as guilty as if the store owner had practiced good security.
Not exactly... the ruling says nothing about how the software made it there in the first place. The ruling was based on the assumption that this kind of software was used by the user's consent.
This makes sense, as the lawsuit was also brought with that assumption.
The spyware issue (and the fact that WhenU.com is guilty in that regard) is a completely seperate issue, and one in with "1-800 Contacts" would have little interest.
I for one am very glad that the Gecko/Mozill engine is not our only choice in free software based renderers. There is some security in seeing that we have at least two projects with excellent browsers available for the community.
Congrats Konqueror team!
I wonder if anyone is working on a Windows port of this?
Netbeans does an approximation of this that catches some compilation issues, but not others. The nice thing is that it's more lazy approach can make it feel a little faster at times, though.
Also, the first Java IDEs to really do what you are talking about were Codeguide from Omnicore. Other IDEs have since eclipsed them on features, but their current product is still quite good!
The article is more about trying to log into Red Hat without a password ( BTW is it really that easy?).
Yes, he took advantage of the fact that a person with physical access has essentially unlimited power over the system.
Short of filesystem encryption of the root FS, there's really no way to avoid this, and all Linux distributions (or any other OS for that matter) are vulnerable to this attack.
If you buy service from the phone company do you want them telling you what numbers you can and cannot call?!?!
No, but they will gladly block unwanted pay-numbers if I ask them to. I think an internet equivalent would be for ISPs to block provide a super-easy way to block some unlikely/improbably used ports at their end.
Isn't that what everyone does with the black lists anyway? I think most of the smarter software packages just use the information as part of their normal weighting systems for determining whether or not to reject a message as spam. Ie, if the message looks spammy, and it is from a site on an RBL, then it probably is spam. If it's just from an RBL, then pass it on as normal.
The HD failure theory is very doubtful. It's very unlikely a failing drive would start giving bad data, and even more unlikely that he would notice this by skips in music (but still have a usable computer without apps crashing constantly).
More likely, it's just a perception thing. Ie, he hears the crackling once, and then knows it on every subsequent listening.
Slashdot Mirror
This has not been true for quite a while. These days, the IBM doctype actually triggers "Quirks" mode, rather than "almost standards" mode.
I am not familiar with this incident... could you please elaborate?
Well, I think the main problem with Acrobat in the browser is the LAME thing they do to "speed things up".
:)
To be faster, they don't load the whole document by default... just the part that you are currently viewing. So scrolling around results in tremendously long freezes while it loads data from the network.
Clicking "Save" to save a copy causes a full download, and suddenly the app feels much nicer!
Friends don't let friends log in via public key. :) By "thought to be secure", I mean another machine that I really trust (generally meaning administered by me).
Right... that's why your server only allows keys from machines that you trust. Ie, don't trust machines from random lusers.
If possible, restrict access by source IP address, limit the user accounts w/ SSH access, and don't allow remote root logins.
Another step to improve security if there are very few users is just to ONLY allow public key authentication. I've never seen such a box compromised remotely.
> So the owner of the store is at fault for storing his customers valuables somewhere that it is easy to steal?
If there are consequences for his customers, then yes he may be. It's called negligence, and he could easily be in a lot of trouble for it.
Having said that, you seem to think that this implies a lack of guilt for the robber. It clearly does not. The robber is just as guilty as if the store owner had practiced good security.
The two variables (guilts) are independant.
That page runs much faster once you block the big pile of Flash ads plastered all over it. It's amazing how much faster adblock makes the web!
So you already have one?
Not exactly... the ruling says nothing about how the software made it there in the first place. The ruling was based on the assumption that this kind of software was used by the user's consent.
This makes sense, as the lawsuit was also brought with that assumption.
The spyware issue (and the fact that WhenU.com is guilty in that regard) is a completely seperate issue, and one in with "1-800 Contacts" would have little interest.
Or better yet, use Wicket on Java and PostgreSQL.
Even better, just send the $250 to me, and I'll send you a _1000_ MB RAID.
See Schneier's Blog for more thoughts on the subject. I am sure it will get fleshed out more as more details emerge.
I for one am very glad that the Gecko/Mozill engine is not our only choice in free software based renderers. There is some security in seeing that we have at least two projects with excellent browsers available for the community.
Congrats Konqueror team!
I wonder if anyone is working on a Windows port of this?
Netbeans does an approximation of this that catches some compilation issues, but not others. The nice thing is that it's more lazy approach can make it feel a little faster at times, though.
Also, the first Java IDEs to really do what you are talking about were Codeguide from Omnicore. Other IDEs have since eclipsed them on features, but their current product is still quite good!
I am pretty sure that in some places (nationwide now?) 911 service is mandatory on all line phones, whether paid for or not.
I know it is with cells, and I'm pretty sure that has been extended to wired phones as well.
Yes, he took advantage of the fact that a person with physical access has essentially unlimited power over the system.
Short of filesystem encryption of the root FS, there's really no way to avoid this, and all Linux distributions (or any other OS for that matter) are vulnerable to this attack.
That's why physical security is so important.
Going along with the Dell examples, it seems that the support alert software they ship with new computers is a .net application.
MPlayer has a browser plugin that seemed to work fine here (mplayer 1.0_pre6).
No, but they will gladly block unwanted pay-numbers if I ask them to. I think an internet equivalent would be for ISPs to block provide a super-easy way to block some unlikely/improbably used ports at their end.
Isn't that what everyone does with the black lists anyway? I think most of the smarter software packages just use the information as part of their normal weighting systems for determining whether or not to reject a message as spam. Ie, if the message looks spammy, and it is from a site on an RBL, then it probably is spam. If it's just from an RBL, then pass it on as normal.
It's interesting to see this show returning, even in this limited form. It would be nice if they had a version with video.
I wonder if there's still some hope of another network picking this up at some point?
The HD failure theory is very doubtful. It's very unlikely a failing drive would start giving bad data, and even more unlikely that he would notice this by skips in music (but still have a usable computer without apps crashing constantly).
More likely, it's just a perception thing. Ie, he hears the crackling once, and then knows it on every subsequent listening.
I don't quite understand this... Windows firewall has made it quite easy to open/close specific ports for quite a while now.
Is that true at all? I certainly haven't seen that most Americans around here move much at all.