To steal passwords when physically sitting at the computer, yes. But this is true with proprietary browsers as well, they just find where it's stored, i.e. security through obscurity, which doesn't work. There'll always be someone who figures out how to crack it, if nothing else, by de-assembling the binary. And once it's cracked once and announced, it's gone.
(If you use the Master Password feature so that your passwords are encrypted. Then open source or not doesn't matter. (Actually it helps, because then people can make sure the encryption is secure.) The catch is that you have to type in your Master Password occasionally or even Firefox can't get to the passwords.)
But this article is about stealing passwords remotely. That's another story. Even without a Master Password, the fact that it's open source doesn't effect how easily someone can steal it (ignoring the code quality and ease of bug-fixing in open source, since you're solely talking about the code being open). The website is only allowed to talk to the browser through the usual means. If it finds some other way to talk to the browser or the implementation of the usual means allows more access than desired, then we have a problem, like here.
As an analogy, say I have a bolted door, and you're trying to open it. Everyone knows how the door works; there's a bolt that gets in the way and stuff. If you're inside the house, then you can open it easily. However, if I only allow you to talk to the door from the outside, you can't open it because you can't unbolt the thing. (Ignoring chainsaws, explosives, and other nifty destructive things.)
And note that removeable devices are file-system-wise mounted in/media, a totally different place. And even then, it doesn't matter because both GNOME and KDE display an icon on the desktop per removeable device, kind of like how OS X does it... the Windows way of taking everything, ignoring context, and dropping it into a random letter onto My Computer is both unintuitive and makes automating anything a nightmare when the locations are inconsistent.
What the parent was referring to is situations when the users' documents and the rest of the system are on separate partitions, very common because of the ease of backup this provides. The user and various apps have no reason to and shouldn't have to know that the devices are different./home/username is far more sensible than a [A-Z]:\Documents and Settings\username\My Documents\, if nothing else, for consistency.
If the user has multiple hard drives not meant for the former, it won't be mounted under/home/username. It will be mounted and displayed by the Desktop in a more sensible place. In fact, nothing is normally ever mounted in your home directory.
That's the difference between how Windows does things and how the real world does it. Windows takes things, regardless of context and treats them all blindly under random letters by order, something unpredictable. Everyone else is somewhat more intelligent and, depending on the context and nature of the device, will handle it appropriately. Parts of the filesystem attach transparently to all, removeable devices temporarily attach to a predictable place based on device name and are presented as removeable to the user, etc.
Set browser.tabs.closeButtons 0 - close button on active tab 1 - default, close button on all tabs 2 - no close buttons at all 3 - close button on side, like 1.x
Only caveat is that the tablist button stays in option 3, so it looks rather awkward. I do not see an option to remove it.
Re:gnome-terminal scroll speed & moving window
on
Gnome 2.14 Released
·
· Score: 2, Informative
You'd be surprised. I certainly was. In fact, I had to test the various terminals I had installed after seeing the report.
xterm is actually one of the slowest terminals. At least, when anti-aliased text is used.
(All configured similarly where possible, white text on black, aa'ed Bitstream Vera Sans Mono)
=Terminal Tests= time cat/usr/share/dict/words
xterm 207 - got impatient real >32s (was at the Ms when I stopped it) user 0m0.000s sys 0m0.048s
Eterm 0.9.3-r4 - unfair, doesn't do aa'ed fonts real 0m18.319s user 0m0.000s sys 0m0.148s
urxvt 5.3 real 0m15.000s user 0m0.004s sys 0m0.236s
konsole 3.4.3 real 0m7.967s user 0m0.004s sys 0m0.172s
gnome-terminal 2.12.0 real 0m4.222s user 0m0.004s sys 0m0.180s
aterm 0.4.2-r11 - unfair, doesn't do aa'ed fonts real 0m3.594s user 0m0.004s sys 0m0.152s
mrxvt 0.4.1 real 0m0.472s user 0m0.000s sys 0m0.168s
(I used to use xterm, now I use mrxvt though occassionaly urxvt due to mrxvt's lack of unicode support (which is on the author's TODO list.))
Although, mrxvt kind of cheats a bit. It caches stuff. You can tell by running rain (from bsd-games) with 0 delay. All terms will have the animation spit out really fast, except mrvxt will skip every hundred frames or so. I find the caching good though. It doesn't interfere with anything I run and prevents scrolling-text syndrome that annoys me a lot.
Of course, and they are excellent browsers too. (I rotate between a wide variety of browsesr since I like all of them.)
But they never disrupted the monopoly.
Firefox's credit is being able to go mainstream and make the public aware of existence outside that horrid blue e.
If it weren't for Firefox, instead of nearly getting to be almost at a point of looking remotely like something that could fool one into thinking it's possibly not a pile of smelly brown stuff, IE would simply stay a pile of smelly brown stuff.
Now all we need is Linux to become more mainstream and maybe Windows will be almost useable!
IMO, they made a fairly bad choice. The contest was supposed to, among other things, show off what GIMP could do. The winner's strongest point was the photograph.
I know that my entry and each of my friend's numerous entries was done entirely from scratch with GIMP. I wouldn't be surprised if many others turned out that way.
---- The general public doesn't want to have to restart X everytime something goes wrong ----
I would expect the general public would rather
press Ctrl-Alt-Backspace to instantly kill only X and go back in*
than press Ctrl-Alt-Del 5 or 6 times, wait for Windows to respond, start rebooting, dismiss 5 or so End Now dialogs, wait for the entire OS to shutdown and get back up, log in, and wait some more.
*A display manager would take care of firing it up. Distros meant for the general public do have display managers
--- the general public doesn't want to hop into a bash shell to use apt-get --- Hence there are GUIs available that many distros (certainly ones meant for the general public) will use.
Slashdot Mirror
I mean come on, some stick figure with big old goofy shoes hauling a big bag up a pipe? That would be a kinesin moving a vesicle along a microtubule.
To steal passwords when physically sitting at the computer, yes. But this is true with proprietary browsers as well, they just find where it's stored, i.e. security through obscurity, which doesn't work. There'll always be someone who figures out how to crack it, if nothing else, by de-assembling the binary. And once it's cracked once and announced, it's gone.
(If you use the Master Password feature so that your passwords are encrypted. Then open source or not doesn't matter. (Actually it helps, because then people can make sure the encryption is secure.) The catch is that you have to type in your Master Password occasionally or even Firefox can't get to the passwords.)
But this article is about stealing passwords remotely. That's another story. Even without a Master Password, the fact that it's open source doesn't effect how easily someone can steal it (ignoring the code quality and ease of bug-fixing in open source, since you're solely talking about the code being open). The website is only allowed to talk to the browser through the usual means. If it finds some other way to talk to the browser or the implementation of the usual means allows more access than desired, then we have a problem, like here.
As an analogy, say I have a bolted door, and you're trying to open it. Everyone knows how the door works; there's a bolt that gets in the way and stuff. If you're inside the house, then you can open it easily. However, if I only allow you to talk to the door from the outside, you can't open it because you can't unbolt the thing. (Ignoring chainsaws, explosives, and other nifty destructive things.)
And note that removeable devices are file-system-wise mounted in /media, a totally different place. And even then, it doesn't matter because both GNOME and KDE display an icon on the desktop per removeable device, kind of like how OS X does it... the Windows way of taking everything, ignoring context, and dropping it into a random letter onto My Computer is both unintuitive and makes automating anything a nightmare when the locations are inconsistent.
/home/username is far more sensible than a [A-Z]:\Documents and Settings\username\My Documents\, if nothing else, for consistency.
/home/username. It will be mounted and displayed by the Desktop in a more sensible place. In fact, nothing is normally ever mounted in your home directory.
What the parent was referring to is situations when the users' documents and the rest of the system are on separate partitions, very common because of the ease of backup this provides. The user and various apps have no reason to and shouldn't have to know that the devices are different.
If the user has multiple hard drives not meant for the former, it won't be mounted under
That's the difference between how Windows does things and how the real world does it. Windows takes things, regardless of context and treats them all blindly under random letters by order, something unpredictable. Everyone else is somewhat more intelligent and, depending on the context and nature of the device, will handle it appropriately. Parts of the filesystem attach transparently to all, removeable devices temporarily attach to a predictable place based on device name and are presented as removeable to the user, etc.
about:config
Set browser.tabs.closeButtons
0 - close button on active tab
1 - default, close button on all tabs
2 - no close buttons at all
3 - close button on side, like 1.x
Only caveat is that the tablist button stays in option 3, so it looks rather awkward. I do not see an option to remove it.
You'd be surprised. I certainly was. In fact, I had to test the various terminals I had installed after seeing the report.
/usr/share/dict/words
xterm is actually one of the slowest terminals. At least, when anti-aliased text is used.
(All configured similarly where possible, white text on black, aa'ed Bitstream Vera Sans Mono)
=Terminal Tests=
time cat
xterm 207 - got impatient
real >32s (was at the Ms when I stopped it)
user 0m0.000s
sys 0m0.048s
Eterm 0.9.3-r4 - unfair, doesn't do aa'ed fonts
real 0m18.319s
user 0m0.000s
sys 0m0.148s
urxvt 5.3
real 0m15.000s
user 0m0.004s
sys 0m0.236s
konsole 3.4.3
real 0m7.967s
user 0m0.004s
sys 0m0.172s
gnome-terminal 2.12.0
real 0m4.222s
user 0m0.004s
sys 0m0.180s
aterm 0.4.2-r11 - unfair, doesn't do aa'ed fonts
real 0m3.594s
user 0m0.004s
sys 0m0.152s
mrxvt 0.4.1
real 0m0.472s
user 0m0.000s
sys 0m0.168s
(I used to use xterm, now I use mrxvt though occassionaly urxvt due to mrxvt's lack of unicode support (which is on the author's TODO list.))
Although, mrxvt kind of cheats a bit. It caches stuff. You can tell by running rain (from bsd-games) with 0 delay. All terms will have the animation spit out really fast, except mrvxt will skip every hundred frames or so. I find the caching good though. It doesn't interfere with anything I run and prevents scrolling-text syndrome that annoys me a lot.
That would be E17.
But isn't gold germicidal?
Of course, and they are excellent browsers too. (I rotate between a wide variety of browsesr since I like all of them.)
But they never disrupted the monopoly.
Firefox's credit is being able to go mainstream and make the public aware of existence outside that horrid blue e.
If it weren't for Firefox, instead of nearly getting to be almost at a point of looking remotely like something that could fool one into thinking it's possibly not a pile of smelly brown stuff, IE would simply stay a pile of smelly brown stuff.
Now all we need is Linux to become more mainstream and maybe Windows will be almost useable!
Considering that we _were_ the ones who tried to set the value of pi.
:-)
http://www.acc.umu.se/~olletg/pi/indiana.html
Us silly Hoosiers.
You can see the others for yourself if you like...
http://gimp.org/contest/gallery.cgi
IMO, they made a fairly bad choice. The contest was supposed to, among other things, show off what GIMP could do. The winner's strongest point was the photograph.
I know that my entry and each of my friend's numerous entries was done entirely from scratch with GIMP. I wouldn't be surprised if many others turned out that way.
----
The general public doesn't want to have to restart X everytime something goes wrong
----
I would expect the general public would rather
press Ctrl-Alt-Backspace to instantly kill only X and go back in*
than press Ctrl-Alt-Del 5 or 6 times, wait for Windows to respond, start rebooting, dismiss 5 or so End Now dialogs, wait for the entire OS to shutdown and get back up, log in, and wait some more.
*A display manager would take care of firing it up. Distros meant for the general public do have display managers
---
the general public doesn't want to hop into a bash shell to use apt-get
---
Hence there are GUIs available that many distros (certainly ones meant for the general public) will use.