Versions since IE4 have also had their icons labelled "The Internet" - I think that ended with the US DOJ Consent Decree.
No doubt calling their browser "Internet Explorer" instead of "Web Explorer" to take advantage of the then-more-well-known term "Internet" over "Web" worked out well for them.
Well, I dont think they wanted to call it "Web Explorer" since IBM was using that name for the OS/2 browser regardless. But, like you said, I am sure their reasons were for the suspicions you suggested.
...but there's a big whole in that argument, which, I'm sure, MS doesn't like being mentioned. IMHO, one of the biggest holes in security is the clueless user. We all know 'em. "Oooh, pretty cursors, and they're free," "I'll just email my username & password to someone so they can login to my account for *miscellaneous-reason*, and yes, that's over unencrypted email" "I just store all my info in My Documents," (including textfiles with usernames/passwords, personal info including credit card/bank account info, etc), "Bah! I can't view this crazy website properly! I'll just turn off the firewall/anti-malware program," "Oh, nifty IE toolbar! Sure I've never heard of this website/company/group/whatever providing it, but it looks pretty cool so I'll install it," "Internet cache? What's that? Defrag? Virus Scan? Fooey!" "Huh. I don't know who this person that emailed me is, or why they're emailing me about (insert tragic/horrific/frightening/miraculous/ridiculous or whatever urban legend/trope/myth/etc here), but I think I'll pass this email on like it says to. After all, if I don't send to at least 10 people in the next 5 minutes, then (insert promise of disaster/catastrophe or great happiness/wealth here, conditional on them forwarding spam)" "I made my password, 'Password'! Isn't it clever?
BINGO!!! This sums up a big part of the real problem... coupled with a lot of unfixed holes in the OS... like the recent.NET maybe-fix just released (it is the 6th major attempt - the previous 5 failed). To continue this example with documentation to prove the point:
Here's just ONE similar exploit and patch:
http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx
When that obviously failed to address nothing but specific methods for such attack vectors, that patch was replaced by this one:
http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx
When that obviously failed to address nothing but specific methods for such attack vectors, that patch was replaced by this one:
http://www.microsoft.com/technet/security/bulletin/MS09-061.mspx
And that was after 3 earlier service packs for.NET didn't fix these issue. This thing is like a boat with a hundred holes. patching 2 or 3 at a time doesnt solve the core problem... water is still able to pour right in. Thats somewhere around SEVEN YEARS of trying and not fixing the.NET issue.
So... take the "clueless user" factor, and add the "Microsoft somtimes (often?) takes YEARS to properly fix various of the serious exploits and you have a recipe for disaster that has nothing at all to do with software piracy.
Then they make idiotic claims (like again, for instance, regarding the latest.NET fix): "First we'd like to make it clear that any customers that have applied the update associated with MS09-054 are protected, regardless of the attack vector. And most customers need not take any action as they'll receive this update automatically through Automatic Updates."
Really? This time, finally, for real, they promise, users "are protected, regardless of the attack vector." - somehow I doubt that. But regardless, there have been tons of other similar scenarios (look at IE's track record and the slew of patches released, numerous for the same issue that was not properly resolved with the previous one (or ten)). Thus, again, that has nothing to do with piracy.
Until Microsoft can truthfully claim that piracy creates "clueless users" and also prevents them from properly fixing their code (their promises of such to the contrary), then piracy is not nearly as large a part of this equation as they want people to believe.
You're forgetting the part where the car company still holds a degree of liability since it was their poor design or manufacturing that caused an incident where innocent people got harmed. Car stolen or not, those innocents would not have gotten harmed from a brake failure if the brakes were not faulty to begin with.
This happened on a number of Dell systems, as well as various Sony and HP/Compaq systems - on brand new lines no less. We'd get a system in the tech shop that just came off the shelf, still boxed, unpack it from it's factory sealed box, start it up and finalize the install so we could install AV software for the purchaser and do the updates and such, and the newest WGA would get installed (process: finalize install, update, WGA fails authenticating because it's a pirated copy).
I believe in some of those cases Microsoft took the blame citing it caused by a "problem" they were having with the newest WGA. Did they publicly? I dont know.
Very true. I still remember the days of trying to remove some neat "bundled" crap/spyware that HP used to install, like Vongo. Or some of Microsoft's short lived "search anything, send the info to Microsoft" attempts, or some of Microsoft's earlier WMP editions that refused to not send information to Microsoft (well, to someone anyway...), no matter what privacy and "dont download additional content" and "dont verify digital rights" options you picked. And those were all fresh, out of the box setups or fresh out of the box setups with a WMP update that came straight from Microsoft.
Sorry, this does not apply as widespread as you think.
Most such things have nothing to do with someone's likeliness to install other pirated software because their copy of Windows is pirated.
- Many users of "pirated" copies of Windows obtained them from friends or work
- Most people who actually knowlingly pirate Windows are a little more computer savvy and have a good AV and AM solution installed
- Most "average Joe Computer User" people get infected by going to the wrong site, installing the wrong "neat game" they found on the web, etc - that has nothing to do with pirating Windows.
- Many "average Joe Computer User" people dont even know when they are infected - or dont realize it until their machine crashes or is near unusable.
Anything else is pure FUD.
How do I know this? Because, unlike Microsoft's latest "Pirated software is hurting everyone" campaign based off no real data (only what they fabricated or paid for to support their claims), I have TWENTY THREE YEARS of being in the repair industry to draw a more accurate sampling from, including a big chunk at CompUSA where I was repairing up to 200 computers a month (half of which turned out to be infected machines with no hardware problems).
Yes, but volunteers don't get retirement, or create other longstanding obligations on the taxpayer.
Wrong again... look up LOSAP.
It would be a simple thing for fire departments to be funded privately. They could even provide free fire service for residential neighborhoods while charging for their services on commercial buildings. The point is that there are a lot of ways to do things that don't involve having the government pay for all expenses through involuntary taxes.
Except that your whole premise is based on incorrect information as to how things currently work.
Paying for capital investments like fire tracks and stations is different from paying for salaries, benefits, union fees, retirement, etc for firemen.
Except, that is exactly what happens... again, look up LOSAP.
Volunteer fire departments cost far less than government run fire departments, and could easily be run without ANY support from any government.
Really? Perhaps, but not for the reasons you suspect. Volunteers get pensions, pension plans, medical, dental and a bunch of other benefits. The non-volunteer members (of VOLUNTEER departments) do not attribute points to their pension plan via LOSAP, but do in other ways (the same ways that paid employees elsewhere would).
Umm, yeah, we don't need them. Volunteer fire departments are more efficient and don't bankrupt cities with the longstanding obligations they create, as they have in California, and now in Houston.
You realize that taxpayer money is what funds volunteer fire departments, dont you? Because people volunteer to be a fireman at one doesnt magically make a bunch of fire trucks and the fire house and the property and the related taxes appear. Just like volunteer EMS stations... oh, and by the way, you'll find that there are still a number of non-volunteer people who work at either.
Really, research it. I dont have to. I do work for a few of them.
I agree 100% with what you wrote and what interpretations you have found.
I guess I was pointing out, as you seem to agree was this section (emphasis mine):
The self-consistent version (the one not found in many churches) is that...
Which is the part I find sad. Either few churches are correct, and it is something I can believe in... or the many are correct and it is something I do not want to be a part of.
Of course, I know which one I am willing to believe... I hope I'm correct...
And those sects I could never believe in. Such beliefs are a total contradiction of themselves.
One is supposed to live a good life, but wait, that doesnt matter as long as one gains faith right before they die as god only picks the best of mankind?
Or it simply means a new version is in the works, that is Windows only, and uses a different format. That would follow their history/track record pretty nicely.
You can also get more than one meal out of a fishing pole.
I've found the wooden fishing poles are a little more tasty than the fiberglass ones. But either way, unless you are a light eater, you can barely get even one meal out of a single fishing pole. Meanwhile, a cow makes considerably more than one meal.
Apparently, what you know is the truth, that this guy is trying to obsfucate. Otherwise people like the examples listed would have been fined/sued/jailed (or some combination of 2 or more of the above) quite some time ago.
Oddly, none of the above is true. First, aren't the laws (tax and otherwise) that a company is bound by based off of where they incorporate? If so, then these activities are a big "no-no"
And second, you may wish to review your "Fortune 500" statement. Are you discussing people or companies?
Looks like business as usual. Guess they will keep trying until (a) they can no longer afford to or (b) they set a precedent by actually having such a case go through the courts and win.
Well, as a side note, I am happy for this little security risk. You have no idea what this latest blunder has done for our little computer business. Well, that's partially a guess based off the infections, location in temporary directories and browser logs and the user reporting doing nothing other than web surfing without downloading anything (and of course, the plugin installed)... but I'd say it is a pretty good guess. Sadly, Mozilla blocked this plugin. My system, as of yesterday, was not patched, and still had the plugin installed. Surfing to a "wrong" site made AVG very unhappy as something it detected as malicious tried installing itself.
And of course, I am glad that ONCE AGAIN Microsoft claims they have fixed this code to prevent infections from all attack vectors. How in the world, with their track record on these things, could they be so sure?
As a computer tech, I should be upset with Mozilla for blocking a genuine income source. As an end user, I am very happy that they did. Anyways, time to look for and manually install this patch on my XP system. Glad the rest of our systems dont run Windows.
Here's just ONE similar exploit and patch:
http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx
When that obviously failed to address nothing but specific methods for such attack vectors, that patch was replaced by this one:
http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx
When that obviously failed to address nothing but specific methods for such attack vectors, that patch was replaced by this one:
http://www.microsoft.com/technet/security/bulletin/MS09-061.mspx
And that was after 3 earlier service packs for.NET didn't fix these issue. This thing is like a boat with a hundred holes. patching 2 or 3 at a time doesnt solve the core problem... water is still able to pour right in.
So... even though MS's Security/Patch Bulletin make no such claim, there is some idiot at Microsoft claiming this protects users from RCEs "regardless of attack vector" (which to me means, no more RCEs) - an absurd fantasy considering over a half dozen major attempts at fixing this. That instills a lot of faith in me.
Exactly how useful is any of that if I have thousands of dollars worth of programs, and like most computer users, cannot find a combination of (a) the media, and/or (b) the install keys?
Just curious. And no, I do not fit that category. I've got shelves full of my disks, packaging and keys... but most users do fit that category. Seems people who waited until Microsoft fixed Vista (and called that Service Pack Windows 7) are being punished for not laying out the cash for Vista. Why couldn't Windows 7 just install over XP in the same fashion Vista did? There aren't any radical enough changes in Windows 7 to prevent Microsoft from having allowed that capability just as they did with Vista. And dont give me the "well, XP isnt really supported" argument either (just in case you were considering it). Vista was a mistake that should not have been released until it was complete.
First we'd like to make it clear that any customers that have applied the update associated with MS09-054 are protected, regardless of the attack vector. And most customers need not take any action as they'll receive this update automatically through Automatic Updates.
Why exactly should I believe this? How many obviously failed attempts to patch remote code execution and other such holes in.NET have failed already? So, why does this patch suddenly protect us from ALL attack vectors? Do you really seriously think anyone with a brain and some technical knowledge should believe that?
But perhaps the best thing about this entire issue, is that Mozilla didn't block the plugins until AFTER they were patched and the mechanism of the block is retarded.
Dunno... because maybe they lack faith in Microsoft's claim to have patched.NET to protect users "regardless of the attack vector"? I for one know that with such a statement issued, I'd have little faith. It is simply the most retarded and clearly impossible statement ever. Wanna start taking bets as to when the next exploit for.NET and/or this plugin surface (regardless of MS insisting that everyone is protected "regardless of the attack vector")?
And it is nice to see that you are holding Mozilla responsible for Microsoft's fuckup. Mozilla did not write the plugin, Mozilla also did not ensure that the uninstall mechanism was disabled (until MS finally released a patch for that). Did they perhaps act late? Sure. But more importantly, shouldn't Microsoft have acted sooner thus requiring no actions from Mozilla at all? Or even more importantly, shouldn't Microsoft have made it clear they were installing this thing in the first place and let users opt out of the install? Or not disabled the uninstall option?
Now, on to the interoperability thing... couldn't Microsoft simply decide to follow web standards, instead of pushing their own, foisting "compatible" versions of their own methods into other products (and then most likely, as in the past killing those compatible versions when everyone is dependant on them)? So, that argument from you is kinda lame, considering such things are exactly what people have been complaining about Microsoft for doing for years.
Ray, something else to add to your arsenal (I mentioned here elsewhere). The existence of a "shared" directory does not mean anything was or could be shared with various BitTorrent clients. Various I have used require a shared directory set, but then allow a user to either (a) not actively share it (it exists, it can be shared later, but it isnt currently being shared), or (b) set the upload rate to zero while still "sharing" it (ie: aint gonna do a thing at 0bps even though it is "shared").
Methinks in many cases, the **AA should thus not be able to rely on the existence of a shared folder (and/or it's contents) as any sort of indication of sharing. And of course, as you have probably already thought of, even if shared, it gives no indication that the files in question were in such a folder when it was being actively shared.
I'd think the most the RIAA could prove from a shared folder is that the folder exists, it has certain content in it and... hmmm... well, that's it without actual proof that the torrent client actually shared anything.
but this doesn't stop every fucking lawyer from trying to pull this shit every time they want to stop people from running programs in ways their client doesn't like.
It probably doesnt stop many lawyers who dont fuck either... but then again, I've never conducted any sort of study or research, so I'm just guessing.
Yes, but that still means nothing. I have a BitTorrent client (used for legal means to help seed Star Trek New Voyages episodes) that "shares" folders with outbound speeds from full connection speed to incremental values down to zero.
Thus, I can have my "shared" torrent folder, and have the outbound speed set to zero or something with a near equal sharing consequence.
A shared folder really means nothing. I could "share" my "shared" folder all day long at 0k outbound. What would I be guilty of sharing?
Slashdot Mirror
Versions since IE4 have also had their icons labelled "The Internet" - I think that ended with the US DOJ Consent Decree.
No doubt calling their browser "Internet Explorer" instead of "Web Explorer" to take advantage of the then-more-well-known term "Internet" over "Web" worked out well for them.
Well, I dont think they wanted to call it "Web Explorer" since IBM was using that name for the OS/2 browser regardless. But, like you said, I am sure their reasons were for the suspicions you suggested.
Yup! :-)
Though I think the person you were asking probably simply has mommie and daddie buy them a new one. ;-)
Well, it really depends on what Materia you have equipped.
...but there's a big whole in that argument, which, I'm sure, MS doesn't like being mentioned. IMHO, one of the biggest holes in security is the clueless user. We all know 'em. "Oooh, pretty cursors, and they're free," "I'll just email my username & password to someone so they can login to my account for *miscellaneous-reason*, and yes, that's over unencrypted email" "I just store all my info in My Documents," (including textfiles with usernames/passwords, personal info including credit card/bank account info, etc), "Bah! I can't view this crazy website properly! I'll just turn off the firewall/anti-malware program," "Oh, nifty IE toolbar! Sure I've never heard of this website/company/group/whatever providing it, but it looks pretty cool so I'll install it," "Internet cache? What's that? Defrag? Virus Scan? Fooey!" "Huh. I don't know who this person that emailed me is, or why they're emailing me about (insert tragic/horrific/frightening/miraculous/ridiculous or whatever urban legend/trope/myth/etc here), but I think I'll pass this email on like it says to. After all, if I don't send to at least 10 people in the next 5 minutes, then (insert promise of disaster/catastrophe or great happiness/wealth here, conditional on them forwarding spam)" "I made my password, 'Password'! Isn't it clever?
BINGO!!! This sums up a big part of the real problem... coupled with a lot of unfixed holes in the OS... like the recent .NET maybe-fix just released (it is the 6th major attempt - the previous 5 failed). To continue this example with documentation to prove the point:
Here's just ONE similar exploit and patch:
http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx
When that obviously failed to address nothing but specific methods for such attack vectors, that patch was replaced by this one:
http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx
When that obviously failed to address nothing but specific methods for such attack vectors, that patch was replaced by this one:
http://www.microsoft.com/technet/security/bulletin/MS09-061.mspx
And that was after 3 earlier service packs for .NET didn't fix these issue. This thing is like a boat with a hundred holes. patching 2 or 3 at a time doesnt solve the core problem... water is still able to pour right in. Thats somewhere around SEVEN YEARS of trying and not fixing the .NET issue.
So... take the "clueless user" factor, and add the "Microsoft somtimes (often?) takes YEARS to properly fix various of the serious exploits and you have a recipe for disaster that has nothing at all to do with software piracy.
Then they make idiotic claims (like again, for instance, regarding the latest .NET fix): "First we'd like to make it clear that any customers that have applied the update associated with MS09-054 are protected, regardless of the attack vector. And most customers need not take any action as they'll receive this update automatically through Automatic Updates."
Really? This time, finally, for real, they promise, users "are protected, regardless of the attack vector." - somehow I doubt that. But regardless, there have been tons of other similar scenarios (look at IE's track record and the slew of patches released, numerous for the same issue that was not properly resolved with the previous one (or ten)). Thus, again, that has nothing to do with piracy.
Until Microsoft can truthfully claim that piracy creates "clueless users" and also prevents them from properly fixing their code (their promises of such to the contrary), then piracy is not nearly as large a part of this equation as they want people to believe.
You're forgetting the part where the car company still holds a degree of liability since it was their poor design or manufacturing that caused an incident where innocent people got harmed. Car stolen or not, those innocents would not have gotten harmed from a brake failure if the brakes were not faulty to begin with.
This happened on a number of Dell systems, as well as various Sony and HP/Compaq systems - on brand new lines no less. We'd get a system in the tech shop that just came off the shelf, still boxed, unpack it from it's factory sealed box, start it up and finalize the install so we could install AV software for the purchaser and do the updates and such, and the newest WGA would get installed (process: finalize install, update, WGA fails authenticating because it's a pirated copy).
I believe in some of those cases Microsoft took the blame citing it caused by a "problem" they were having with the newest WGA. Did they publicly? I dont know.
Very true. I still remember the days of trying to remove some neat "bundled" crap/spyware that HP used to install, like Vongo. Or some of Microsoft's short lived "search anything, send the info to Microsoft" attempts, or some of Microsoft's earlier WMP editions that refused to not send information to Microsoft (well, to someone anyway...), no matter what privacy and "dont download additional content" and "dont verify digital rights" options you picked. And those were all fresh, out of the box setups or fresh out of the box setups with a WMP update that came straight from Microsoft.
Sorry, this does not apply as widespread as you think.
Most such things have nothing to do with someone's likeliness to install other pirated software because their copy of Windows is pirated.
- Many users of "pirated" copies of Windows obtained them from friends or work
- Most people who actually knowlingly pirate Windows are a little more computer savvy and have a good AV and AM solution installed
- Most "average Joe Computer User" people get infected by going to the wrong site, installing the wrong "neat game" they found on the web, etc - that has nothing to do with pirating Windows.
- Many "average Joe Computer User" people dont even know when they are infected - or dont realize it until their machine crashes or is near unusable.
Anything else is pure FUD.
How do I know this? Because, unlike Microsoft's latest "Pirated software is hurting everyone" campaign based off no real data (only what they fabricated or paid for to support their claims), I have TWENTY THREE YEARS of being in the repair industry to draw a more accurate sampling from, including a big chunk at CompUSA where I was repairing up to 200 computers a month (half of which turned out to be infected machines with no hardware problems).
Yes, but volunteers don't get retirement, or create other longstanding obligations on the taxpayer.
Wrong again... look up LOSAP.
It would be a simple thing for fire departments to be funded privately. They could even provide free fire service for residential neighborhoods while charging for their services on commercial buildings. The point is that there are a lot of ways to do things that don't involve having the government pay for all expenses through involuntary taxes.
Except that your whole premise is based on incorrect information as to how things currently work.
Paying for capital investments like fire tracks and stations is different from paying for salaries, benefits, union fees, retirement, etc for firemen.
Except, that is exactly what happens... again, look up LOSAP.
Volunteer fire departments cost far less than government run fire departments, and could easily be run without ANY support from any government.
Really? Perhaps, but not for the reasons you suspect. Volunteers get pensions, pension plans, medical, dental and a bunch of other benefits. The non-volunteer members (of VOLUNTEER departments) do not attribute points to their pension plan via LOSAP, but do in other ways (the same ways that paid employees elsewhere would).
Regardless, it is the taxpayers that fund it all.
Umm, yeah, we don't need them. Volunteer fire departments are more efficient and don't bankrupt cities with the longstanding obligations they create, as they have in California, and now in Houston.
You realize that taxpayer money is what funds volunteer fire departments, dont you? Because people volunteer to be a fireman at one doesnt magically make a bunch of fire trucks and the fire house and the property and the related taxes appear. Just like volunteer EMS stations... oh, and by the way, you'll find that there are still a number of non-volunteer people who work at either.
Really, research it. I dont have to. I do work for a few of them.
I agree 100% with what you wrote and what interpretations you have found.
I guess I was pointing out, as you seem to agree was this section (emphasis mine):
The self-consistent version (the one not found in many churches) is that...
Which is the part I find sad. Either few churches are correct, and it is something I can believe in... or the many are correct and it is something I do not want to be a part of.
Of course, I know which one I am willing to believe... I hope I'm correct...
And those sects I could never believe in. Such beliefs are a total contradiction of themselves.
One is supposed to live a good life, but wait, that doesnt matter as long as one gains faith right before they die as god only picks the best of mankind?
Or it simply means a new version is in the works, that is Windows only, and uses a different format. That would follow their history/track record pretty nicely.
You can also get more than one meal out of a fishing pole.
I've found the wooden fishing poles are a little more tasty than the fiberglass ones. But either way, unless you are a light eater, you can barely get even one meal out of a single fishing pole. Meanwhile, a cow makes considerably more than one meal.
Apparently, what you know is the truth, that this guy is trying to obsfucate. Otherwise people like the examples listed would have been fined/sued/jailed (or some combination of 2 or more of the above) quite some time ago.
And second, you may wish to review your "Fortune 500" statement. Are you discussing people or companies?
Nothing beats a failure like failing again!
Well, as a side note, I am happy for this little security risk. You have no idea what this latest blunder has done for our little computer business. Well, that's partially a guess based off the infections, location in temporary directories and browser logs and the user reporting doing nothing other than web surfing without downloading anything (and of course, the plugin installed)... but I'd say it is a pretty good guess. Sadly, Mozilla blocked this plugin. My system, as of yesterday, was not patched, and still had the plugin installed. Surfing to a "wrong" site made AVG very unhappy as something it detected as malicious tried installing itself.
And of course, I am glad that ONCE AGAIN Microsoft claims they have fixed this code to prevent infections from all attack vectors. How in the world, with their track record on these things, could they be so sure?
As a computer tech, I should be upset with Mozilla for blocking a genuine income source. As an end user, I am very happy that they did. Anyways, time to look for and manually install this patch on my XP system. Glad the rest of our systems dont run Windows.
Here's just ONE similar exploit and patch:
http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx
When that obviously failed to address nothing but specific methods for such attack vectors, that patch was replaced by this one:
http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx
When that obviously failed to address nothing but specific methods for such attack vectors, that patch was replaced by this one:
http://www.microsoft.com/technet/security/bulletin/MS09-061.mspx
And that was after 3 earlier service packs for .NET didn't fix these issue. This thing is like a boat with a hundred holes. patching 2 or 3 at a time doesnt solve the core problem... water is still able to pour right in.
So... even though MS's Security/Patch Bulletin make no such claim, there is some idiot at Microsoft claiming this protects users from RCEs "regardless of attack vector" (which to me means, no more RCEs) - an absurd fantasy considering over a half dozen major attempts at fixing this. That instills a lot of faith in me.
Exactly how useful is any of that if I have thousands of dollars worth of programs, and like most computer users, cannot find a combination of (a) the media, and/or (b) the install keys?
Just curious. And no, I do not fit that category. I've got shelves full of my disks, packaging and keys... but most users do fit that category. Seems people who waited until Microsoft fixed Vista (and called that Service Pack Windows 7) are being punished for not laying out the cash for Vista. Why couldn't Windows 7 just install over XP in the same fashion Vista did? There aren't any radical enough changes in Windows 7 to prevent Microsoft from having allowed that capability just as they did with Vista. And dont give me the "well, XP isnt really supported" argument either (just in case you were considering it). Vista was a mistake that should not have been released until it was complete.
https://bugzilla.mozilla.org/show_bug.cgi?id=522777
So...
First we'd like to make it clear that any customers that have applied the update associated with MS09-054 are protected, regardless of the attack vector. And most customers need not take any action as they'll receive this update automatically through Automatic Updates.
Why exactly should I believe this? How many obviously failed attempts to patch remote code execution and other such holes in .NET have failed already? So, why does this patch suddenly protect us from ALL attack vectors? Do you really seriously think anyone with a brain and some technical knowledge should believe that?
But perhaps the best thing about this entire issue, is that Mozilla didn't block the plugins until AFTER they were patched and the mechanism of the block is retarded.
Dunno... because maybe they lack faith in Microsoft's claim to have patched .NET to protect users "regardless of the attack vector"? I for one know that with such a statement issued, I'd have little faith. It is simply the most retarded and clearly impossible statement ever. Wanna start taking bets as to when the next exploit for .NET and/or this plugin surface (regardless of MS insisting that everyone is protected "regardless of the attack vector")?
And it is nice to see that you are holding Mozilla responsible for Microsoft's fuckup. Mozilla did not write the plugin, Mozilla also did not ensure that the uninstall mechanism was disabled (until MS finally released a patch for that). Did they perhaps act late? Sure. But more importantly, shouldn't Microsoft have acted sooner thus requiring no actions from Mozilla at all? Or even more importantly, shouldn't Microsoft have made it clear they were installing this thing in the first place and let users opt out of the install? Or not disabled the uninstall option?
Now, on to the interoperability thing... couldn't Microsoft simply decide to follow web standards, instead of pushing their own, foisting "compatible" versions of their own methods into other products (and then most likely, as in the past killing those compatible versions when everyone is dependant on them)? So, that argument from you is kinda lame, considering such things are exactly what people have been complaining about Microsoft for doing for years.
Ray, something else to add to your arsenal (I mentioned here elsewhere). The existence of a "shared" directory does not mean anything was or could be shared with various BitTorrent clients. Various I have used require a shared directory set, but then allow a user to either (a) not actively share it (it exists, it can be shared later, but it isnt currently being shared), or (b) set the upload rate to zero while still "sharing" it (ie: aint gonna do a thing at 0bps even though it is "shared").
Methinks in many cases, the **AA should thus not be able to rely on the existence of a shared folder (and/or it's contents) as any sort of indication of sharing. And of course, as you have probably already thought of, even if shared, it gives no indication that the files in question were in such a folder when it was being actively shared.
I'd think the most the RIAA could prove from a shared folder is that the folder exists, it has certain content in it and... hmmm... well, that's it without actual proof that the torrent client actually shared anything.
1. Number of times the RIAA's "investigator" and sole witness has been deposed: 0
2. Number of times the RIAA's expert witness has been deposed: 1.
The day the RIAA and their minions burn in hell: priceless
but this doesn't stop every fucking lawyer from trying to pull this shit every time they want to stop people from running programs in ways their client doesn't like.
It probably doesnt stop many lawyers who dont fuck either... but then again, I've never conducted any sort of study or research, so I'm just guessing.
Yes, but that still means nothing. I have a BitTorrent client (used for legal means to help seed Star Trek New Voyages episodes) that "shares" folders with outbound speeds from full connection speed to incremental values down to zero.
Thus, I can have my "shared" torrent folder, and have the outbound speed set to zero or something with a near equal sharing consequence.
A shared folder really means nothing. I could "share" my "shared" folder all day long at 0k outbound. What would I be guilty of sharing?
Something to consider...