If your in the trenches, you already know that a lot of software is figuring out how to run on machines that are locked down and where the user is restricted.
For example, WebEx and GotoPC which allow for file transfer, remote control. These both work just fine behind a restrictive firewall and on a user with just "user" rights, on a PC with extra restrictive ACL's applied to it (not everyone full access to c:\ and flow down.) Users have full rights to most of HKCU and %userprofile%, so you drop the virus somewhere in there and launch it through RUN in the registry.
A few of the virus writers have figured this out. We see this type of activity on locked down KIOSKs running XP.
So while it's nice to say that if most users didn't have admin rights, these viruses would be stopped, the truth is that if most users didn't have admin rights these viruses would be written differently. They would sit there in IRC awaiting a 0 day exploit and grab "root" eventually.
Wow. This is why I switched to console games. I got so tired of spending time trying to get PC games to work (DRM, sound drivers, Sound Blaster settings...) that I switched to Sony PS1 and never looked back.
I have a few PC games. But now it's Nintendo all the way. Wii, GBA, and DS. No more spending hours trying to get past DRM that doesn't work with my specific DVD lower filter drivers.
If you go to VMWare's site you can download the free VMWare player product.
Once this is installed, you can go to the VMWare market place and location Windows 7 beta 1 build 7000.
Download it. It's a large.zip file. When it's done downloading, unzip it. The VMDK is over 5GB so this will fail on a FAT32 drive.
Once you have the files extracted, launch the Windows.7.Beta.1.7000.vmx file by opening it (double click.) The password is the same as the default user account.
I have it running under Fusion on a Mac and Workstation 6.5 on XP. Like other posters state, this is what Vista should have been. I like it. For my personal use, I'm a Mac guy. But at work my impression is that I will skip Vista and go right to Windows 7 for the bulk of our many stations. I have Vista on a few PC's, but it is slow much slower than XP & has no features my business users must have. Staffware doesn't work in Vista yet, so that's another holdup.
Anyway, if you really want to know what Win 7 is like, this is the easiest way to do it.
We have people with password protected documents. These people leave and their replacements need the password.
We have several brute force tools at our disposal to unlock these documents. We throw this on our VMWare cluster and let it run until it finds the password.
The government has at it's disposal some of the worlds fastest computers. Leaps and bounds quicker than anything consumers have.
If they can get your files, they can brute force the encryption open. The weakest link is your password. They can open your encryption very quickly if you have anything less than; a password with upper and lower case, numbers, special symbols, and super long. Most people use quickly reversed passwords, at least from experience in the hundreds I've had to brute open. What's to stop the FBI from breaking into your home, hiding a camera over your keyboard, and watching you type the password?
And while these drives try to solve that issue by toasting themselves if you enter the wrong password too often, nothing stops the government from tweaking the firmware so that it doesn't toast it for them. Drive recovery firms can take the platters out of a drive and put it in another drive to recover data. Even if there is some key unique to the drive that ties to the platters to try and address this issue (doubt it) that key has to be stored somewhere.
Encryption is a great thing. It makes it more difficult to get data. This is great to address the issue of lost drives that end up in the wrong hands such as laptops with credit card information. The average thief is not going to be able to get the data. He will replace the drive, sell it, and move on. This does nothing to hide things from the federal government.
>>Encrypt everyting. No more tapping, HTTP ad injections and other shit. They have no right to your internet information.
This doesn't work in a P2P file sharing scenario, as we are discussing. Why? Things like Limewire and eMule already use encryption for the transport, btw.
The problem is that in a P2P setup, I have to offer information about files I am downloading or sharing to other peers.
A filter could work by configuring the list of known ISP's IP addresses, then connecting to various PEERs doing searches for known infringing material. This alone can get a list of IP addresses. Grep that over their list and you are caught. Even though you are using encryption. This is what the RIAA is thinking. They can aid ISPs to get rid of the 1% of the users using 90% of the bandwidth.
What is the equal and opposite reaction? Peer guardian with a list of the ISP's filter's IP addresses. But it's still risky.
With the removal of DRM at iTunes and Amazon.com, there is no excuse not to pay for your music now.
IE (IExplore.exe) is a application that displays the menu bar at the top of the screen, and controls some registry settings.
The functionality that renders the webpages from code to a GUI display is in shared libraries such as inetres.dll, Mshtml.dll, and so on.
This is why you can launch Explorer and while at c:\ you can type in http:\\slashdot.org and it renders the webpage in Explorer (Not Internet Explorer.)
Outlook uses these same libraries to display HTML content in e-mail. You can browse the Internet through Outlook too, never opening Internet Explorer.
I can embed the webbrowser control in my VB programs and have these shared libraries render pages. I can even build my own web browser GUI over these shared libraries.
So can Microsoft remove IE from Windows? That depends on what your definition of removing IE is.
The problem is that when Microsoft added IE for free as part of the OS, they killed Netscape which was selling a browser. A much better browser in my opinion. I don't think Microsoft should be forced to install and support a 3rd party browser. But since they are a monopoly who has abused this particular application, I can see forcing them to pay for promotion of 3rd party browsers. I don't think they should focus on one browser though. While I like Firefox, others like Opera. It should be neutral.
IF you eliminate hardware, the next question is what did you install? Or Modify? Or what was updated?
Did you install a video game which installed StarForce non plug in play DRM drivers? That can slow you down. Did you install WinZip or Notepad++ or anything else which added explorer enhancements? Those can slow you down when they conflict with each other. Did you install iTunes and have the Upper/Lower filter drivers modified & conflicting with your Nero or Roxio upper/lower filters? Did you get a partial zip file downloaded which is causing your antivirus software to go into a loop?
Filemon/Regmon (Procmon) can tell you these things, but you really have to know what you are looking at.
I finally got fed up with these issues and switched to a Mac a bit over a year ago. No more debugging a crappy OS for me. At least not at home.
With free video hosting sites such as YouTube and free technical sites such as experts-exchange.com, what we need is a video hosting site which has free How do I... videos.
Show me videos on how to download MP3's as ring tones to my Samsung t809. It is possible, but they make it very hard since they want you to buy their downloadable ring tones.
Here is a need, now someone needs to make a site and earn a buck off filling the need.
So we are talking about the impossible. Instead of jumping through time, why not speed through it like in the old Time Machine movie? Create a bubble in which you speed through time. You are still affected by physics, so gravity is keeping you at your relative position on Earth.
If that's too much, then just jump in exactly 1 year increments. That way the Earth will be exactly where you left it. Probably be better to do this in unused air space than on the ground though.
Na, only a few people said who care. I say "Cool, another open source product."
I'll never use as a developer, but another free option is always good. Like someone else said, maybe there is some good code in there. Perhaps projects I do use will benefit from this.
Patch Tuesday broke a mission semi-critical server. Removing the patches did not fix it. It had to be FDisked and rebuilt.
And our backup guy forgot to add it to his new backup server rotation.
The vendor who built the server software (one off custom) did charge for his 12 hours to rebuild it.
Should we charge that back to Microsoft? The same patches only broke one other machine. 600 others were fine.
Too bad this OS wasn't written properly in the first place. At $300 a pop, the development quality assurance department should check every line of code for failure to check for buffer under or over flows, imo.
So here's the deal. If my server uses 12v, 5v, and -5v and has a 500Watts PSU, but the AC line coming in is 220V from an 80KVA UPS, then while both can kill me, the 220V is more deadly because it has more potential amperage.
It's a mute point. A 9V battery can kill.
So why do I have over 100 PSU's in my computer room? Servers with 3 PSU's for redundancy?
Why can't I have a single server room PSU which provides the 12V, 5V, and -5V on some sort of standardized plug? Make each connection a separate fused bus. Provide two connections between the server and the computer room PSU?
That PSU could be situated ideally for cooling, leaving much of the heat out of my server.
I have a few PSU's doing the AC-DC conversion, not well over 100.
Phase two, my PSU is now my 80KVA APC UPS. It's already doing AC-DC then DC back to AC. Then my PSU's go AC back to DC again. Have my APC UPS go AC-DC and run it at 12V, not 48V. Of course you would also need the 5V and -5V step down's too.
Some of our Cisco and 3com networking equipment can run DC. Just not the servers.
I like the concept of Tweeter. A way to communicate without having to direct the message to someone specific. And so far this doesn't fall under ediscovery.
I can send a tweet from my cell phone that I completed a project which has "this" impact on the network. Anyone who cares can see what I've done. If they didn't care before but something is broke then they can subscribe.
It's good for team communications when you don't have a real project management system.
Of course, you want to not use the public Tweeter to do this, but an internal one or one designed for privacy.
This is why, after a power outage, there are false starts of power. These are people turning on their generator, forgetting to turn off the mains switch, and inadvertently feeding everyone with power. Much more than their poor generator can handle.
Laptop - fits in your lap. Good term. That's where mine is often.
Netbook - ummm? So it has a network, so does everything. I never did like this term anyway. How about Palmtop? Oh, yea -- Palm(tm) so how about Petitetop? Yes, I do like that:)
With this, expect P2P to move to dynamic DNS. The P2P payload in the TXT DNS replies, MIME encoded perhaps.
If they are this draconian, why don't they just mandate VCR type screen recording of everyone's screens. Isn't that the only way they can truly accomplish their goals? Tampering would result in life imprisonment, by law.
How much is a cheap MP3 player? I can find 512MB for less than the cost of a RIAA CD.
So in RIAA thinking, why not drop the tunes on a cheap MP3 player. Remove the USB connection. Put in batteries that will perhaps last a year or two, non user replaceable. Make the device tamper proof (SecurID) so if you tamper with it you pull the chips apart.
Use the Macrovision technology where the audio is distorted in a way which is not detectable by the human ear, but by which trying to feed the audio out signal into a CD record/computer results in a useless copy.
Prohibit distribution by other means. e.g. Don't also release the media on CD/DVD or this is entirely worthless.
I have Firefox running on Vista, XP, 2000, 2003, Mac OS X, OpenSUSE, Mandriva, Ubuntu, and others. Firefox versions 2 and 3.
My experience is that the Auto Update mechanism in Firefox is flawed. A number of these PC's never trigger to be updated even if they are months behind. One of my Windows 2000 servers often takes about a week before it's auto updated.
Experience shows that it doesn't check for an update at every launch. And that sometimes it gets stuck, something gets corrupt, and not until you ask it to check will it check again.
Granted, this is much better than most software. However the update mechanism needs work.
Microsoft signs/encrypts and then checks the IE package signature. As much as a dog Microsoft, their update mechanism is one of the best.
Yes, but that is unstable. I don't know about you but when I'm making a backup of my media files to my external NTFS drive I would rather have it be slow and stable than risk a corrupt backup.
You can, however, disable NTFS-3G using the scripts in the TOOLS folder of the DMG and utilize the high speed reading ability until you need read-write. The scripts let you start/stop NTFS-3G.
By slow, I mean that I get 3MB/s in OSX but if I boot into XP bootcamp I can see ten times that speed.
>>Virgin Mobile which did away with that nonsense (I pay a flat 18 cents anywhere in the U.S.). That's how all cellphones should operate.
No nono -- I pay a flat.10/minute and.05 per message with Net10 which runs through Tracphone which in turn is AT&T's network. Why would I want.18/minute? No monthly fees, no $10/mo taxes, notta. Just.10/minute and that's it. $30 for two months of service and 300 minutes, which includes tax.
Last I checked it was simply $10 more to have 8Mb/s Internet w/out also having CableTV service.
With the advent of southparkstudios.com, hulu.com, NBC ABC CBS and FOX video on demain, Amazon (free) videos, et al I find myself wondering if I really want to keep Cable TV.
Then I sit back and hit Power and have Instant cable TV w/out having a hot laptop on me and streaming issues. So I think I'll keep it just a bit longer.
Slashdot Mirror
I would much rather see this run using Sparkle update, versus a root cron job.
http://guimkie.com/tutorials/adding-the-sparkle-framework/
http://foolsworkshop.com/applescript/2008/05/adding-a-check-updates-feature/
If your in the trenches, you already know that a lot of software is figuring out how to run on machines that are locked down and where the user is restricted.
For example, WebEx and GotoPC which allow for file transfer, remote control. These both work just fine behind a restrictive firewall and on a user with just "user" rights, on a PC with extra restrictive ACL's applied to it (not everyone full access to c:\ and flow down.) Users have full rights to most of HKCU and %userprofile%, so you drop the virus somewhere in there and launch it through RUN in the registry.
A few of the virus writers have figured this out. We see this type of activity on locked down KIOSKs running XP.
So while it's nice to say that if most users didn't have admin rights, these viruses would be stopped, the truth is that if most users didn't have admin rights these viruses would be written differently. They would sit there in IRC awaiting a 0 day exploit and grab "root" eventually.
Wow. This is why I switched to console games. I got so tired of spending time trying to get PC games to work (DRM, sound drivers, Sound Blaster settings...) that I switched to Sony PS1 and never looked back.
I have a few PC games. But now it's Nintendo all the way. Wii, GBA, and DS. No more spending hours trying to get past DRM that doesn't work with my specific DVD lower filter drivers.
If you go to VMWare's site you can download the free VMWare player product.
Once this is installed, you can go to the VMWare market place and location Windows 7 beta 1 build 7000.
Download it. It's a large .zip file. When it's done downloading, unzip it. The VMDK is over 5GB so this will fail on a FAT32 drive.
Once you have the files extracted, launch the Windows.7.Beta.1.7000.vmx file by opening it (double click.) The password is the same as the default user account.
I have it running under Fusion on a Mac and Workstation 6.5 on XP. Like other posters state, this is what Vista should have been. I like it. For my personal use, I'm a Mac guy. But at work my impression is that I will skip Vista and go right to Windows 7 for the bulk of our many stations. I have Vista on a few PC's, but it is slow much slower than XP & has no features my business users must have. Staffware doesn't work in Vista yet, so that's another holdup.
Anyway, if you really want to know what Win 7 is like, this is the easiest way to do it.
We have people with password protected documents. These people leave and their replacements need the password.
We have several brute force tools at our disposal to unlock these documents. We throw this on our VMWare cluster and let it run until it finds the password.
The government has at it's disposal some of the worlds fastest computers. Leaps and bounds quicker than anything consumers have.
If they can get your files, they can brute force the encryption open. The weakest link is your password. They can open your encryption very quickly if you have anything less than; a password with upper and lower case, numbers, special symbols, and super long. Most people use quickly reversed passwords, at least from experience in the hundreds I've had to brute open. What's to stop the FBI from breaking into your home, hiding a camera over your keyboard, and watching you type the password?
And while these drives try to solve that issue by toasting themselves if you enter the wrong password too often, nothing stops the government from tweaking the firmware so that it doesn't toast it for them. Drive recovery firms can take the platters out of a drive and put it in another drive to recover data. Even if there is some key unique to the drive that ties to the platters to try and address this issue (doubt it) that key has to be stored somewhere.
Encryption is a great thing. It makes it more difficult to get data. This is great to address the issue of lost drives that end up in the wrong hands such as laptops with credit card information. The average thief is not going to be able to get the data. He will replace the drive, sell it, and move on. This does nothing to hide things from the federal government.
>>Encrypt everyting. No more tapping, HTTP ad injections and other shit. They have no right to your internet information.
This doesn't work in a P2P file sharing scenario, as we are discussing. Why? Things like Limewire and eMule already use encryption for the transport, btw.
The problem is that in a P2P setup, I have to offer information about files I am downloading or sharing to other peers.
A filter could work by configuring the list of known ISP's IP addresses, then connecting to various PEERs doing searches for known infringing material. This alone can get a list of IP addresses. Grep that over their list and you are caught. Even though you are using encryption. This is what the RIAA is thinking. They can aid ISPs to get rid of the 1% of the users using 90% of the bandwidth.
What is the equal and opposite reaction? Peer guardian with a list of the ISP's filter's IP addresses. But it's still risky.
With the removal of DRM at iTunes and Amazon.com, there is no excuse not to pay for your music now.
Mozy.com or Carbonite.com will back that up. Assuming just because you have a 2TB drive, you don't start out with 2TB of new data.
Restores are another matter.
IE (IExplore.exe) is a application that displays the menu bar at the top of the screen, and controls some registry settings.
The functionality that renders the webpages from code to a GUI display is in shared libraries such as inetres.dll, Mshtml.dll, and so on.
This is why you can launch Explorer and while at c:\ you can type in http:\\slashdot.org and it renders the webpage in Explorer (Not Internet Explorer.)
Outlook uses these same libraries to display HTML content in e-mail. You can browse the Internet through Outlook too, never opening Internet Explorer.
I can embed the webbrowser control in my VB programs and have these shared libraries render pages. I can even build my own web browser GUI over these shared libraries.
So can Microsoft remove IE from Windows? That depends on what your definition of removing IE is.
The problem is that when Microsoft added IE for free as part of the OS, they killed Netscape which was selling a browser. A much better browser in my opinion. I don't think Microsoft should be forced to install and support a 3rd party browser. But since they are a monopoly who has abused this particular application, I can see forcing them to pay for promotion of 3rd party browsers. I don't think they should focus on one browser though. While I like Firefox, others like Opera. It should be neutral.
IF you eliminate hardware, the next question is what did you install? Or Modify? Or what was updated?
Did you install a video game which installed StarForce non plug in play DRM drivers? That can slow you down.
Did you install WinZip or Notepad++ or anything else which added explorer enhancements? Those can slow you down when they conflict with each other.
Did you install iTunes and have the Upper/Lower filter drivers modified & conflicting with your Nero or Roxio upper/lower filters?
Did you get a partial zip file downloaded which is causing your antivirus software to go into a loop?
Filemon/Regmon (Procmon) can tell you these things, but you really have to know what you are looking at.
I finally got fed up with these issues and switched to a Mac a bit over a year ago. No more debugging a crappy OS for me. At least not at home.
With free video hosting sites such as YouTube and free technical sites such as experts-exchange.com, what we need is a video hosting site which has free How do I... videos.
Show me videos on how to download MP3's as ring tones to my Samsung t809. It is possible, but they make it very hard since they want you to buy their downloadable ring tones.
Here is a need, now someone needs to make a site and earn a buck off filling the need.
So we are talking about the impossible. Instead of jumping through time, why not speed through it like in the old Time Machine movie? Create a bubble in which you speed through time. You are still affected by physics, so gravity is keeping you at your relative position on Earth.
If that's too much, then just jump in exactly 1 year increments. That way the Earth will be exactly where you left it. Probably be better to do this in unused air space than on the ground though.
Na, only a few people said who care. I say "Cool, another open source product."
I'll never use as a developer, but another free option is always good. Like someone else said, maybe there is some good code in there. Perhaps projects I do use will benefit from this.
Kudos to Sun.
Patch Tuesday broke a mission semi-critical server. Removing the patches did not fix it. It had to be FDisked and rebuilt.
And our backup guy forgot to add it to his new backup server rotation.
The vendor who built the server software (one off custom) did charge for his 12 hours to rebuild it.
Should we charge that back to Microsoft? The same patches only broke one other machine. 600 others were fine.
Too bad this OS wasn't written properly in the first place. At $300 a pop, the development quality assurance department should check every line of code for failure to check for buffer under or over flows, imo.
It's not voltage that kills you, it is amperage. That was like the first thing we were taught in Electronics 101.
http://www.rmcybernetics.com/science/cybernetics/electronics_volts_amps_watts.htm#ohmslaw
http://www.dribin.org/dave/blog/archives/2003/12/29/amps_vs_volts/
So here's the deal. If my server uses 12v, 5v, and -5v and has a 500Watts PSU, but the AC line coming in is 220V from an 80KVA UPS, then while both can kill me, the 220V is more deadly because it has more potential amperage.
It's a mute point. A 9V battery can kill.
So why do I have over 100 PSU's in my computer room? Servers with 3 PSU's for redundancy?
Why can't I have a single server room PSU which provides the 12V, 5V, and -5V on some sort of standardized plug? Make each connection a separate fused bus. Provide two connections between the server and the computer room PSU?
That PSU could be situated ideally for cooling, leaving much of the heat out of my server.
I have a few PSU's doing the AC-DC conversion, not well over 100.
Phase two, my PSU is now my 80KVA APC UPS. It's already doing AC-DC then DC back to AC. Then my PSU's go AC back to DC again. Have my APC UPS go AC-DC and run it at 12V, not 48V. Of course you would also need the 5V and -5V step down's too.
Some of our Cisco and 3com networking equipment can run DC. Just not the servers.
Google search URL Wash. I have this as an AJAX control on my iGoogle. It lets you view a page with just the text and links. No graphics.
This could save you a lot on bandwidth usage on pages where you are really only after the text content.
I like the concept of Tweeter. A way to communicate without having to direct the message to someone specific. And so far this doesn't fall under ediscovery.
I can send a tweet from my cell phone that I completed a project which has "this" impact on the network. Anyone who cares can see what I've done. If they didn't care before but something is broke then they can subscribe.
It's good for team communications when you don't have a real project management system.
Of course, you want to not use the public Tweeter to do this, but an internal one or one designed for privacy.
This is why, after a power outage, there are false starts of power. These are people turning on their generator, forgetting to turn off the mains switch, and inadvertently feeding everyone with power. Much more than their poor generator can handle.
Laptop - fits in your lap. Good term. That's where mine is often.
Netbook - ummm? So it has a network, so does everything. I never did like this term anyway. How about Palmtop? Oh, yea -- Palm(tm) so how about Petitetop? Yes, I do like that :)
With this, expect P2P to move to dynamic DNS. The P2P payload in the TXT DNS replies, MIME encoded perhaps.
If they are this draconian, why don't they just mandate VCR type screen recording of everyone's screens. Isn't that the only way they can truly accomplish their goals? Tampering would result in life imprisonment, by law.
Geez.
They can do this because they control the pipes.
The Internet is a bunch of computers all connected together through various networks.
What this screams for is an Internet where we don't get inter-connected through their pipes but our own. e.g. Wireless mesh.
RIAA type of fix;
How much is a cheap MP3 player? I can find 512MB for less than the cost of a RIAA CD.
So in RIAA thinking, why not drop the tunes on a cheap MP3 player. Remove the USB connection. Put in batteries that will perhaps last a year or two, non user replaceable. Make the device tamper proof (SecurID) so if you tamper with it you pull the chips apart.
Use the Macrovision technology where the audio is distorted in a way which is not detectable by the human ear, but by which trying to feed the audio out signal into a CD record/computer results in a useless copy.
Prohibit distribution by other means. e.g. Don't also release the media on CD/DVD or this is entirely worthless.
Cheap solution, IMO.
I have Firefox running on Vista, XP, 2000, 2003, Mac OS X, OpenSUSE, Mandriva, Ubuntu, and others. Firefox versions 2 and 3.
My experience is that the Auto Update mechanism in Firefox is flawed. A number of these PC's never trigger to be updated even if they are months behind. One of my Windows 2000 servers often takes about a week before it's auto updated.
Experience shows that it doesn't check for an update at every launch. And that sometimes it gets stuck, something gets corrupt, and not until you ask it to check will it check again.
Granted, this is much better than most software. However the update mechanism needs work.
Microsoft signs/encrypts and then checks the IE package signature. As much as a dog Microsoft, their update mechanism is one of the best.
Yes, but that is unstable. I don't know about you but when I'm making a backup of my media files to my external NTFS drive I would rather have it be slow and stable than risk a corrupt backup.
You can, however, disable NTFS-3G using the scripts in the TOOLS folder of the DMG and utilize the high speed reading ability until you need read-write. The scripts let you start/stop NTFS-3G.
By slow, I mean that I get 3MB/s in OSX but if I boot into XP bootcamp I can see ten times that speed.
>>Virgin Mobile which did away with that nonsense (I pay a flat 18 cents anywhere in the U.S.). That's how all cellphones should operate.
No nono -- I pay a flat .10/minute and .05 per message with Net10 which runs through Tracphone which in turn is AT&T's network. Why would I want .18/minute? No monthly fees, no $10/mo taxes, notta. Just .10/minute and that's it. $30 for two months of service and 300 minutes, which includes tax.
That's how it should be :)
Last I checked it was simply $10 more to have 8Mb/s Internet w/out also having CableTV service.
With the advent of southparkstudios.com, hulu.com, NBC ABC CBS and FOX video on demain, Amazon (free) videos, et al I find myself wondering if I really want to keep Cable TV.
Then I sit back and hit Power and have Instant cable TV w/out having a hot laptop on me and streaming issues. So I think I'll keep it just a bit longer.