NASA may understand things related to aeronautics and space, but, sadly, they sure as heck don't understand HTML very well:
(a href="../../images/20100723_D2010_0723_D298_50.jpg" target="_blank" class="captionText")
(img src="../../images/20100723_D2010_0723_D298_50.jpg" width="120" height="90"...
(a href="../../images/20100723_D2010_0723_D298_50.jpg")Full Size Image(/font)(/a)...
and:
(a href="../../images/20100723_D2010_0723_D853_50.jpg" target="_blank" class="captionText")
(img src="../../images/20100723_D2010_0723_D853_50.jpg" width="120" height="90"...
(a href="../../images/20100723_D2010_0723_D853_50.jpg")Full Size Image(/font)(/a)...
and:
(a href="../../images/20100723_D2010_0723_D867_50.jpg" target="_blank" class="captionText")
(img src="../../images/20100723_D2010_0723_D867_50.jpg" width="120" height="90"...
(a href="../../images/20100723_D2010_0723_D867_50.jpg")Full Size Image(/font)(/a)...
Ummm... Houston? We have a problem here!
The "width" and "height" attributes of the HTML "img" tag *DOES NOT CHANGE THE SIZE OF THE IMAGE FILE*. It only changes the how that (image) FILE is/rendered/ on the screen.
The entire 2.31 MB (9.4 x 6.3 inches (23.8 x 15.9 cm) 2250 x 1500 Pixel), 1.57 MB (5.8 x 8.1 inches (14.8 x 20.6 cm) 1400 x 1942 Pixel), and 2.01 MB (8.8 x 5.8 inches (22.3 x 14.8 cm) 2104 x 1400 Pixel) files will/still/ be downloaded whenever the page is displayed.
They'll just get squeezed into a tiny 120 x 90 pixel area on the page, which sort of renders moot the whole point of providing thumbnails, doesn't it?
What/should/ be, at most, a several kilobyte web page is, thanks to the rocket scientist that wrote your page's HTML code, is now a 5.9+ MEGABYTE web page, that even with high speed DSL/does/ take a while to load.
I've seen this mistake made far too many times by amateur web authors. You'd think the folks at NASA would be smart enough to get it right.
I mean this isn't exactly rocket science we're talking about here!
But then maybe that's the problem? They only understand rocket science, so anything that/isn't/ rocket science completely baffles them??
I didn't so much have my ATM Debit Card card stolen as I did my identity.
What they (the criminals) actually did was electronically "skim" my card, thereby obtaining not only all of my bank account information (account number, etc -- all the stuff recorded on the magnetic strip of the card) but also my pin number. (Their keypad where you enter you pin number into was connected to another box that saved the two pieces of information together so they has everything they needed to clone and use the card).
We noticed it on the next bank statement. There were transactions for places in California and we live in Seattle, WA and we don't travel.
The next day I went to the bank to deposit a check and asked the teller what I should do. She immediately asked me whether I happened to make any purchases recently at the store across the street. Surprised that she would know I answered yes. She then told me the cops has just arrested the owner for fraud/identity theft. Apparently there were many dozens of victims, all in this area and many of them also customers of the same bank as mine (Bank of America).
Long story short, the bank refunded the entire amount (over $900) while the investigation was underway since it was likely the investigation would complete in my favor (and since they obviously had the resources to recover their losses better than I did to cover mine).
I'm surprised your bank isn't handling the situation similarly, unless your card was indeed stolen and not simply used as part of a much larger across-state-lines wide-spread identity theft ring (which the feds (FBI) took over investigating/prosecuting).
Half the people I heard from said that if they scroll all the way to the bottom they can read the answers for free, and the other half say this doesn't work. This confused me for the longest time until I finally figured out the answer.
Expertsexchange allows you to scroll down to the bottom to get a free answer the first time you visit their page, then gives your browser a cookie saying that you have gotten your free answer, and won't show you any more. So if you want to ensure that you can always scroll to the bottom, you simply have to block cookies from them and you are good to go.
A much easier (and faster too!) way to see the answer for free every time is to simply click the Google's "Cached" link and then scroll to the bottom.
No need to mess with blocking of cookies or any other crap.
You're not tied into Google in any way and can easily block them for good by pointing their domain to 127.0.0.1 in your hosts file.
Which one?
They and other large name-brand high-tech companies have so freaking many it's impossible to truly block them all.
This is a serious problem for the complete opposite reason however: identifying which domains you wish to allow rather than block. I have my browser security set rather high (and use a custom filtering proxy as well) that prevents e.g. javascript from running anywhere except for those sites I choose trust. All other sites are blocked.
Simply allowing "primary-domain-name.com" doesn't cut it, since primary-domain-name.com uses javascript served by secondary-domain-name.com as well as other-owned-domain-names-you-never-knew-about-and-have-no-way-of-learning-about.com too.
As I said it' a problem, and to the best of my knowledge not one that's easily solvable.
It's amazing how much misinformation is being spread on this subject.
(Or rather I should say it's amazing how well the average citizen is being brainwashed into believing the current political agenda on the issue.)
The issue is NOT whether the globe is getting warmer or not, but whether manmade CO2 is the CAUSE of it. The controversy is NOT whether the climate is changing, but whether humans are driving climate change.
The planet IS getting warmer. There is no controversy over that.
The climate IS changing. There is no controversy over that.
That humans are causing the global climate change IS the controversy.
That manmade CO2 is responsible for global warming IS the controversy.
Available evidence does NOT support the claim that man is responsible for global warming.
Atmospheric CO2 levels are indeed increasing, but available evidence does NOT support the claim that manmade (human produced) CO2 emissions the driving cause of global climate change.
To believe otherwise is to buy into the current propaganda.
It's all political and it's all complete bullshit.
So very many programmers tend to forget that strncpy DOES NOT ALWAYS NULL TERMINATE!
The only time it does is when the source data is shorter than the destination buffer. If the source string is longer than the destination buffer however, then the end result is the string is NOT null terminated, thereby leading to Bad Things(tm) happening whenever some other code does a strlen on the result (or worse, uses the return value from strlen(result) to determine how much data needs to be memcpy'ed somewhere).
"But there are "legal issues" that need to be resolved before this "telephonic neighbourhood watch" can be put into action, said a spokesman for the company."
Yeah, like maybe admitting that your new "invention" that "basically intercepts all calls" has already been invented by someone else here in the states. Someone called Verizon. They've been offering their "Call Intercept" calling feature for quite a few years now:
CALL INTERCEPT
Screen calls - even from anonymous callers.
Call Intercept screens unidentified calls and lets you handle them however you like. Fewer unwanted calls means more peace and quiet for you at home.
How Call Intercept Works
* This automated service works with Caller ID service.
* Unidentified callers that typically show up as "Anonymous," "Out of Area," "Private" or "Unavailable" on your Caller ID display are prompted to record their identity before your phone rings.*
* Once the caller records his or her identity, the service alerts you with a unique ring and displays "Call Intercept" on your Caller ID unit.
* When you pick up the phone, Call Intercept plays the recording and then gives you several options for handling the call.
Additional Benefits
* Unidentified callers who don't record their name hear a pre-recorded message stating that you do not accept unidentified calls, and then are disconnected.
* Use of a four-digit Personal Identification Number (PIN) that you choose allows friends and family to bypass the screening process. When Call Intercept is bypassed using the PIN, you hear a unique ring and "Priority Call" appears on the Caller ID display.
* If no one answers, Call Intercept will allow the caller to leave a message on your answering machine or Home Voice Mail service.
* You have the ability to change your four-digit Personal Identification Number (PIN) and to turn Call Intercept on and off. Simply dial 1 800 527 7070 and follow the voice prompts.
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." - Rich Cook
1. Use the "site:" operator when Googling your question:
mfc how draw transparent bitmap site:experts-exchange.com
2. View desired search result.
3. SCROLL DOWN THE PAGE past all the bogus "All comments and solutions are available to Premium Service Members only" crap, to the very bottom of the page.
Note: this only works with Google (or possibly only with any search engine). Accessing their "answers" pages directly from their own site doesn't work. (For that you DO have to pay.)
But since most(?) people use a search engine to find their answers, knowing about the above provides a whole new source of high quality technical information.
Okay, you have a point about that. I'm sure my bank is the same way too.
But my point(s) still stand: using a FILE that EXISTS on one's computer as a password is foolish IMHO.
The only secure password is the one that only "exists" in your head and not on your hard drive where anyone with physical access to your computer can get to it.
Maybe I'm missing something, but how can a file-based password -- being an object that actually exists on your computer (thus accessible to anyone with physical access to your computer EVEN FOR A FEW MOMENTS) -- be MORE secure(?!) than something that does NOT actually exist anywhere but in your mind only?
Consider:
1. many people access their bank accounts, their PayPal accounts, etc, using their computer.
2. only static (unchanging) files can be used for passwords. This means no executable files that might be upgraded as a result of a new version of an application or security patch being installed, no parameter files,.INI files, etc. (i.e. nothing that could possibly be "edited" or modified in any way.) This reduces the number of files potentially usable as "password files" by several orders of magnitude.
3. to login to you bank account you only need to use the correct picture or song file, etc. Someone with physical access could easily scan all the image and song files, etc on your computer (i.e. all those that could potentially be used as a password file (which as stated is not that many really)) saving the "password hash" for each to, say, a USB stick that could then be taken to another computer and used in a trivial intelligent brute force attack on your bank account.
What's worse, what about potential file loss/damage? (Hard drive crash and no backup? So sorry! You're literally farqed unless you can somehow re-download that same hard-to-find image/sound you downloaded from, um, what was that damn web site where I got that file from again HOW many years ago???)
A password that exists only in your mind can never be lost or stolen or otherwise recovered by someone with a few minutes (seconds?) of physical access to your system.
Yes, yes! I know about the argument that if someone has physical access to your computer then all bets are off, but that argument doesn't apply in this scenerio IMO. Physical access to your system only gives them physical access to the data on your system, but not to your bank account, etc.
IMHO the best way is to use something like Password Safe for storing all of your 12-16 character (including numbers and special characters) passwords, whose 256-bit twofish encrypted password database is protected by a very long pass-PHRASE "MASTER" password that only exists in your mind and nowhere else.
Or maybe that's why it's called punishment - it's not supposed to be pleasant
Wrong.
The punishment is, was, and always has been, to simply be locked up. Period. To be separated from society, unable to move freely through it. THAT has ALWAYS been "the punishment", and ONLY that. Nothing more.
The punishment has NEVER been to have to wait hours before being allowed to got to the bathroom.
The punishment has NEVER been to only be allowed 2 minutes for a shower.
The punishment has NEVER been to be treated like a dog, to be beat mercilessly, raped, fed tasteless food, denied prompt and proper medical treatment, or other wise treated inhumanly or with disrespect.
The punishment has ONLY ever been to be locked up.
And as for saving a text file and not finding it later because windows helpfully renamed it something.txt.txt (it takes your.txt extension and "knows" that you're only allowed to modify the first part of the filename)
That's the application you're using that's doing that and not Windows. I've experienced the same phenomenon myself but I forget which program it was now.
I do remember this though: it only seemed to occur whenever:
"Text file (*.txt)" was selected in the Save dialog's drop-down File-types list, and
The filename I entered included the ".txt" extension (i.e. I was specifying redundant information)
If I'd instead select "All files (*.*)" and then enter "something.txt" as the filename, it then did indeed save it under that exact name and not "something.txt.txt" like before.
What I suspect was happening was, the [helpful?!] program was, because you selected "Text files" as the filetype in the dropdown, always blindly adding the ".txt" extension to whatever you entered as a filename. That is to say, since you already told it you wanted a ".txt" file extension (by virtue of your having specified "Text files" in your dropdown "Save As" filetype), you didn't need to also specify that again. All you really needed to enter was the filename. But because you entered "something.txt" as the filename, the program [correctly?!] presumed you wanted the file called "something.txt.txt"!
Yeah, stupid program making a bad presumption I agree, but then whoever said all programmers were smart?;-)
This doesn't really solve anything, though, since people can't reasonably be expected to know a safe file extension from a dangerous one....
...
Obviously the little bit of metadata provided by displaying the file extension is better than none at all, but it's not going to make email attachments all that much safer.
I beg to differ. In my experience does help -- quite a bit.
Even though most people (myself included, and I consider myself to be one of the more sophisticated/experienced Windows users) wouldn't necessary know all of (or even most of) those other file extensions you mentioned were "executable" type file extensions, they would at least know some of them were.
Most malware writers use extensions such as ".exe", ".scr", ".vbs", etc, and not the more arcane ones.
And I hope you'll agree that all but the most careless and idiotic of Windows users would likely hesitate before clicking on an attachment that ended with "...mp3.exe" (or "...mp3.scr", etc).
True, you point is well taken, but until malware users start using more of those rather arcane file extensions you mentioned (and continue to stick with the more common ones), what I suggest s/b good enough as far as addressing the described problem.
And when they do start using them, well... We can cross that bridge when we come to it.
"Well, considering that Windows by default doesn't show the file extension for known filetypes, as far as all the noobs can tell, the file they just double-clicked was "Artist - song.mp3", since they wouldn't even see the.exe at the end. Sweet deal eh?
Which is why I've been telling people for years the first thing they should do after installing Windows (immediately after selecting the "Show hidden files and folders" option and unchecking (clearing) the "Hide extensions for known file types" and "Hide protected operating system files" options in Control Panel -> Folder Options, View tab) is to run REGEDIT and do a 'Find' for all occurrences of "NeverShowExt" and delete every single one found. All of them (spare none).
Yes, it is admittedly unappealing (at first) to see all your shortcuts (including those in your Start and Programs menus) with an ugly ".lnk" extension following them, but trust me, you get used to it pretty quickly.
Perhaps it's just me but I personally prefer my operating system not to lie to me by default. The above procedure ensures that it doesn't.
p.s. your example is a poor one; the ".exe" extension is always shown (never hidden) by default.
Slashdot Mirror
The Radioactive Boy Scout
The Changing Face of Control Room Design
Handbook of Control Room Design and Ergonomics [Hardcover]
NASA may understand things related to aeronautics and space, but, sadly, they sure as heck don't understand HTML very well:
(a href="../../images/20100723_D2010_0723_D298_50.jpg" target="_blank" class="captionText") ... ...
(img src="../../images/20100723_D2010_0723_D298_50.jpg" width="120" height="90"
(a href="../../images/20100723_D2010_0723_D298_50.jpg")Full Size Image(/font)(/a)
and:
(a href="../../images/20100723_D2010_0723_D853_50.jpg" target="_blank" class="captionText") ... ...
(img src="../../images/20100723_D2010_0723_D853_50.jpg" width="120" height="90"
(a href="../../images/20100723_D2010_0723_D853_50.jpg")Full Size Image(/font)(/a)
and:
(a href="../../images/20100723_D2010_0723_D867_50.jpg" target="_blank" class="captionText") ... ...
(img src="../../images/20100723_D2010_0723_D867_50.jpg" width="120" height="90"
(a href="../../images/20100723_D2010_0723_D867_50.jpg")Full Size Image(/font)(/a)
Ummm... Houston? We have a problem here!
The "width" and "height" attributes of the HTML "img" tag *DOES NOT CHANGE THE SIZE OF THE IMAGE FILE*. It only changes the how that (image) FILE is /rendered/ on the screen.
The entire 2.31 MB (9.4 x 6.3 inches (23.8 x 15.9 cm) 2250 x 1500 Pixel), 1.57 MB (5.8 x 8.1 inches (14.8 x 20.6 cm) 1400 x 1942 Pixel), and 2.01 MB (8.8 x 5.8 inches (22.3 x 14.8 cm) 2104 x 1400 Pixel) files will /still/ be downloaded whenever the page is displayed.
They'll just get squeezed into a tiny 120 x 90 pixel area on the page, which sort of renders moot the whole point of providing thumbnails, doesn't it?
What /should/ be, at most, a several kilobyte web page is, thanks to the rocket scientist that wrote your page's HTML code, is now a 5.9+ MEGABYTE web page, that even with high speed DSL /does/ take a while to load.
I've seen this mistake made far too many times by amateur web authors. You'd think the folks at NASA would be smart enough to get it right.
I mean this isn't exactly rocket science we're talking about here!
But then maybe that's the problem? They only understand rocket science, so anything that /isn't/ rocket science completely baffles them??
Makes you wonder sometimes....
"MythBusters beat fingerprint security system"
http://www.youtube.com/watch?v=LA4Xx5Noxyo
They beat it using: latex, gelatin, and perhaps most amazing of all, a PHOTOCOPY of a fingerprint!
"Raw Video: Dash Cam Catches Meteor's Fall"
(http://www.youtube.com/watch?v=6m4ZIO8t0dI)
Well, almost.
I didn't so much have my ATM Debit Card card stolen as I did my identity.
What they (the criminals) actually did was electronically "skim" my card, thereby obtaining not only all of my bank account information (account number, etc -- all the stuff recorded on the magnetic strip of the card) but also my pin number. (Their keypad where you enter you pin number into was connected to another box that saved the two pieces of information together so they has everything they needed to clone and use the card).
We noticed it on the next bank statement. There were transactions for places in California and we live in Seattle, WA and we don't travel.
The next day I went to the bank to deposit a check and asked the teller what I should do. She immediately asked me whether I happened to make any purchases recently at the store across the street. Surprised that she would know I answered yes. She then told me the cops has just arrested the owner for fraud/identity theft. Apparently there were many dozens of victims, all in this area and many of them also customers of the same bank as mine (Bank of America).
Long story short, the bank refunded the entire amount (over $900) while the investigation was underway since it was likely the investigation would complete in my favor (and since they obviously had the resources to recover their losses better than I did to cover mine).
I'm surprised your bank isn't handling the situation similarly, unless your card was indeed stolen and not simply used as part of a much larger across-state-lines wide-spread identity theft ring (which the feds (FBI) took over investigating/prosecuting).
FYI: it's "experts-exchange.com" (note the dash), not expertsexchange.
Half the people I heard from said that if they scroll all the way to the bottom they can read the answers for free, and the other half say this doesn't work. This confused me for the longest time until I finally figured out the answer.
Expertsexchange allows you to scroll down to the bottom to get a free answer the first time you visit their page, then gives your browser a cookie saying that you have gotten your free answer, and won't show you any more. So if you want to ensure that you can always scroll to the bottom, you simply have to block cookies from them and you are good to go.
A much easier (and faster too!) way to see the answer for free every time is to simply click the Google's "Cached" link and then scroll to the bottom.
No need to mess with blocking of cookies or any other crap.
Works every time.
You're not tied into Google in any way and can easily block them for good by pointing their domain to 127.0.0.1 in your hosts file.
Which one?
They and other large name-brand high-tech companies have so freaking many it's impossible to truly block them all.
This is a serious problem for the complete opposite reason however: identifying which domains you wish to allow rather than block. I have my browser security set rather high (and use a custom filtering proxy as well) that prevents e.g. javascript from running anywhere except for those sites I choose trust. All other sites are blocked.
Simply allowing "primary-domain-name.com" doesn't cut it, since primary-domain-name.com uses javascript served by secondary-domain-name.com as well as other-owned-domain-names-you-never-knew-about-and-have-no-way-of-learning-about.com too.
As I said it' a problem, and to the best of my knowledge not one that's easily solvable.
She. Her name is Kathy Ceceri. She's a she, not a he.
(subject)
I'm surprised no one has mentioned it.
It's amazing how much misinformation is being spread on this subject.
(Or rather I should say it's amazing how well the average citizen is being brainwashed into believing the current political agenda on the issue.)
The issue is NOT whether the globe is getting warmer or not, but whether manmade CO2 is the CAUSE of it. The controversy is NOT whether the climate is changing, but whether humans are driving climate change.
The planet IS getting warmer. There is no controversy over that.
The climate IS changing. There is no controversy over that.
That humans are causing the global climate change IS the controversy.
That manmade CO2 is responsible for global warming IS the controversy.
Available evidence does NOT support the claim that man is responsible for global warming.
Atmospheric CO2 levels are indeed increasing, but available evidence does NOT support the claim that manmade (human produced) CO2 emissions the driving cause of global climate change.
To believe otherwise is to buy into the current propaganda.
It's all political and it's all complete bullshit.
Physician, heal thyself:
http://www.youtube.com/watch?v=qyoLuTjguJA
Hint: Gun control actually increases violent crime. When there are more guns in the hands of citizens violent crime decreases.
It's counter-intuitive I know, but there you have it. <shrug>
(No, I don't work for them. I just got tired of Adobe's crap and gave them a try. Haven't looked back since.)
Mod parent up!
So very many programmers tend to forget that strncpy DOES NOT ALWAYS NULL TERMINATE!
The only time it does is when the source data is shorter than the destination buffer. If the source string is longer than the destination buffer however, then the end result is the string is NOT null terminated, thereby leading to Bad Things(tm) happening whenever some other code does a strlen on the result (or worse, uses the return value from strlen(result) to determine how much data needs to be memcpy'ed somewhere).
strncpy is bad.
Use strlcpy (BSD) or MS's strcpy_s instead.
"But there are "legal issues" that need to be resolved before this "telephonic neighbourhood watch" can be put into action, said a spokesman for the company."
Yeah, like maybe admitting that your new "invention" that "basically intercepts all calls" has already been invented by someone else here in the states. Someone called Verizon. They've been offering their "Call Intercept" calling feature for quite a few years now:
CALL INTERCEPT
Screen calls - even from anonymous callers.
Call Intercept screens unidentified calls and lets you handle them however you like. Fewer unwanted calls means more peace and quiet for you at home.
How Call Intercept Works
* This automated service works with Caller ID service.
* Unidentified callers that typically show up as "Anonymous," "Out of Area," "Private" or "Unavailable" on your Caller ID display are prompted to record their identity before your phone rings.*
* Once the caller records his or her identity, the service alerts you with a unique ring and displays "Call Intercept" on your Caller ID unit.
* When you pick up the phone, Call Intercept plays the recording and then gives you several options for handling the call.
Additional Benefits
* Unidentified callers who don't record their name hear a pre-recorded message stating that you do not accept unidentified calls, and then are disconnected.
* Use of a four-digit Personal Identification Number (PIN) that you choose allows friends and family to bypass the screening process. When Call Intercept is bypassed using the PIN, you hear a unique ring and "Priority Call" appears on the Caller ID display.
* If no one answers, Call Intercept will allow the caller to leave a message on your answering machine or Home Voice Mail service.
* You have the ability to change your four-digit Personal Identification Number (PIN) and to turn Call Intercept on and off. Simply dial 1 800 527 7070 and follow the voice prompts.
Source:
http://tinyurl.com/5qprsu (web page)
or:
http://tinyurl.com/5qprsu (PDF)
"Programming today is a race between
software engineers striving to build bigger
and better idiot-proof programs, and the
Universe trying to produce bigger and better
idiots. So far, the Universe is winning."
- Rich Cook
1. Use the "site:" operator when Googling your question:
mfc how draw transparent bitmap site:experts-exchange.com
2. View desired search result.
3. SCROLL DOWN THE PAGE past all the bogus "All comments and solutions are available to Premium Service Members only" crap, to the very bottom of the page.
Note: this only works with Google (or possibly only with any search engine). Accessing their "answers" pages directly from their own site doesn't work. (For that you DO have to pay.)
But since most(?) people use a search engine to find their answers, knowing about the above provides a whole new source of high quality technical information.
Okay, you have a point about that. I'm sure my bank is the same way too.
But my point(s) still stand: using a FILE that EXISTS on one's computer as a password is foolish IMHO.
The only secure password is the one that only "exists" in your head and not on your hard drive where anyone with physical access to your computer can get to it.
Maybe I'm missing something, but how can a file-based password -- being an object that actually exists on your computer (thus accessible to anyone with physical access to your computer EVEN FOR A FEW MOMENTS) -- be MORE secure(?!) than something that does NOT actually exist anywhere but in your mind only?
.INI files, etc. (i.e. nothing that could possibly be "edited" or modified in any way.) This reduces the number of files potentially usable as "password files" by several orders of magnitude.
Consider:
1. many people access their bank accounts, their PayPal accounts, etc, using their computer.
2. only static (unchanging) files can be used for passwords. This means no executable files that might be upgraded as a result of a new version of an application or security patch being installed, no parameter files,
3. to login to you bank account you only need to use the correct picture or song file, etc. Someone with physical access could easily scan all the image and song files, etc on your computer (i.e. all those that could potentially be used as a password file (which as stated is not that many really)) saving the "password hash" for each to, say, a USB stick that could then be taken to another computer and used in a trivial intelligent brute force attack on your bank account.
What's worse, what about potential file loss/damage? (Hard drive crash and no backup? So sorry! You're literally farqed unless you can somehow re-download that same hard-to-find image/sound you downloaded from, um, what was that damn web site where I got that file from again HOW many years ago???)
A password that exists only in your mind can never be lost or stolen or otherwise recovered by someone with a few minutes (seconds?) of physical access to your system.
Yes, yes! I know about the argument that if someone has physical access to your computer then all bets are off, but that argument doesn't apply in this scenerio IMO. Physical access to your system only gives them physical access to the data on your system, but not to your bank account, etc.
IMHO the best way is to use something like Password Safe for storing all of your 12-16 character (including numbers and special characters) passwords, whose 256-bit twofish encrypted password database is protected by a very long pass-PHRASE "MASTER" password that only exists in your mind and nowhere else.
Or maybe that's why it's called punishment - it's not supposed to be pleasant
Wrong.
The punishment is, was, and always has been, to simply be locked up. Period. To be separated from society, unable to move freely through it. THAT has ALWAYS been "the punishment", and ONLY that. Nothing more.
The punishment has NEVER been to have to wait hours before being allowed to got to the bathroom.
The punishment has NEVER been to only be allowed 2 minutes for a shower.
The punishment has NEVER been to be treated like a dog, to be beat mercilessly, raped, fed tasteless food, denied prompt and proper medical treatment, or other wise treated inhumanly or with disrespect.
The punishment has ONLY ever been to be locked up.
Separated from society.
Period.
That's the application you're using that's doing that and not Windows. I've experienced the same phenomenon myself but I forget which program it was now.
I do remember this though: it only seemed to occur whenever:
If I'd instead select "All files (*.*)" and then enter "something.txt" as the filename, it then did indeed save it under that exact name and not "something.txt.txt" like before.
What I suspect was happening was, the [helpful?!] program was, because you selected "Text files" as the filetype in the dropdown, always blindly adding the ".txt" extension to whatever you entered as a filename. That is to say, since you already told it you wanted a ".txt" file extension (by virtue of your having specified "Text files" in your dropdown "Save As" filetype), you didn't need to also specify that again. All you really needed to enter was the filename. But because you entered "something.txt" as the filename, the program [correctly?!] presumed you wanted the file called "something.txt.txt"!
Yeah, stupid program making a bad presumption I agree, but then whoever said all programmers were smart? ;-)
Obviously the little bit of metadata provided by displaying the file extension is better than none at all, but it's not going to make email attachments all that much safer.
I beg to differ. In my experience does help -- quite a bit.
Even though most people (myself included, and I consider myself to be one of the more sophisticated/experienced Windows users) wouldn't necessary know all of (or even most of) those other file extensions you mentioned were "executable" type file extensions, they would at least know some of them were.
Most malware writers use extensions such as ".exe", ".scr", ".vbs", etc, and not the more arcane ones.
And I hope you'll agree that all but the most careless and idiotic of Windows users would likely hesitate before clicking on an attachment that ended with "...mp3.exe" (or "...mp3.scr", etc).
True, you point is well taken, but until malware users start using more of those rather arcane file extensions you mentioned (and continue to stick with the more common ones), what I suggest s/b good enough as far as addressing the described problem.
And when they do start using them, well... We can cross that bridge when we come to it.
Since for as long as I can remember. <shrug>
Perhaps the reason you were never able to make them show is because you either:
Trust me, it does work as described.
Try it again.
Which is why I've been telling people for years the first thing they should do after installing Windows (immediately after selecting the "Show hidden files and folders" option and unchecking (clearing) the "Hide extensions for known file types" and "Hide protected operating system files" options in Control Panel -> Folder Options, View tab) is to run REGEDIT and do a 'Find' for all occurrences of "NeverShowExt" and delete every single one found. All of them (spare none).
Yes, it is admittedly unappealing (at first) to see all your shortcuts (including those in your Start and Programs menus) with an ugly ".lnk" extension following them, but trust me, you get used to it pretty quickly.
Perhaps it's just me but I personally prefer my operating system not to lie to me by default. The above procedure ensures that it doesn't.
p.s. your example is a poor one; the ".exe" extension is always shown (never hidden) by default.
Now ".vbs" files on the other hand...