54 posts • joined Saturday 20th October 2007 14:30 GMT
Wish that for once the zealots would step off their high horses and remembered that while Winblows is by and large the ultimate security hole, they also have by and far the largest userbase. Move everyone off Wintel land and start watching *nix get the beating from catering to (l)users.
No matter how secure your OS/apps is, it won't stop pbcak, thus, will ultimately also fail.
Dully remember, just because you have thousands of eyes on the source doesn't mean the flaw didn't go unnoticed. "Prior art" of existing *nix exploits proves this to be correct.
Win, by being ubiquitous, has a target painted in it's forehead. Are you sure you wanna borrow that?
p.s. bad security practices are NOT OS dependent. If we all move to "system z", you can expect the "clowns in control" to mess that one too.
Just another fine example of why (single) common words should never be allowed as trademarks/names.
It's 2013, one would have thought that by now it would be common sense that "blanket type" trademarks/patents was the root of all issues and that it's applicants should be thrown out the door (and fined) far faster than they managed to sneak in...
Re: But seriously
Ever had to draw, as in "painting" in a graphics app as opposed to "drawing" in AutoCAD/etc with a mouse? Not fun, not intuitive, not functional. And given tablets potential as a drawing tablet, Samsung might be wanting to cash in on that for digital artists instead of assuming they'll find fingerpainting in Photoshop either amusing or productive.
On the UI matter, deliberately designing it so that it accommodates fat fingered people and "touch with fingers" is fair design, but it's also a waste of potential. Give users a choice between "lame ui for fingers" and "slick 4x+ more functional ui for stylus" and watch them pick up the pen like thingy.
Then again, might be that Apple is still buthurt over Palm given they got it oh so right were Apple royally messed. Palm had stylus>stylus is bad. Newblown had stylus too>stylus must be evil incarnated.
Beer salute to my late III. 2 AA's lasted a month+. Monochrome, ugly and 100% reliable until the touchscreen went south...
If memory serves me right, i've read about an ancient exploit that cracked passwords by timing how long it took the OS to reject them (they had to be checking char by char and rejecting at first bad).
One would think guys working on such up and above stuff like heavy crypto would consider reasonably measurable right/wrong response time as an attack vector...
Or maybe they thought faster message processing for BoastingRightsTM was more important than adding artificial jitter to make it safer...
Re: can't resist
Dear sir, you have just made me spill my coffee...
I hereby salute you ^^
Don't need 'em either...
Think main problem is that we already have too much as is. My E7400 is old news, and i have it running at stock 2.8. That's a real change since it's the first time i've run stock on any box since my 1998 Cel300A@450.
If i think "upgrade", the image in my mind is HD's+RAM. And for that i can buy parts, no need to shift boxes.
Besides, where i live you fork out an extra €100-150 for a "name box" built out of lesser parts than you'd get built in a mom'n'pop store...
That 1st tier builders also like to install every lame PoS software they think you "might" want and then having to spend hours cleaning that crap out is just another good reason NOT to buy their wares.
Re: Platter size
You don't have 5 1/4 bays in your desktop? It's not even "news" as Quantum was doing it way back when.
They did it just because of the opposite thing, to provide the same storage space at lower density, but if you kept the density the same, the larger area would instantly translate to larger storage space. Given that the things were quite slim, at least those i had were just 1 platter 1/2 height, i'm quite willing to bet they could use at least a 2 platter full 5 1/4 height and squeeze a bit of storage space from the extra space.
Make it a 5.4k RPM one with 2/4TB and you have a willing buyer here, as i need more medium term storage without the cost of SSD and/or the power consumption and heating of the 7.2k+ jobbies.
Re: No they don't
Not smart to say the least. If your coder doesn't have a clue about security, he's not a coder, just a liability.
Not sure about your corner of the world, but where i'm at, it usually starts with user input not even being sanitized/validated, never mind exotic exploits...
A WAF does have it's merits, but if the whole web app was built from the ground up on idiotic assumptions and dimwit designs, it's about as good as steel plating your front door while leaving the windows wide open.
Manage to get bosses help into evaluating Win8's "user readiness". Wait for the hissy fit and the "will NOT roll this out". Pat your yourself in your BOFH back and tick another item on the todo list.
@someguy that said IT people are awkward in that we hate change, dig head out. We just hate change that bring no benefits at all and instead brings (more) problems. Fixing what wasn't broken and finding solutions for problems that didn't exist is a waste of two resources already in short supply, time and money.
Time to bring Gates back and to show "the monkey" the door, me thinks...
Sure, it's not one size fits all, but it's a damn good argument for forcing world+dog to run their "real environments" on a virtual with the underlying host being something safe that just serves as a launcher to said virtual.
Push comes to shove, you bring the sucker down, mount it's drives on a clean (and loaded with "heavy artillery") special purpose virtual and proceed to happily clean the bugger.
Worst case scenario, you already have your backup (the old HD image files) and can just start transferring data files from the compromised virtual to a new clean one.
Back in the NT4 days, making ppl use virtuals for "daily use" would have been torture. Nowadays, any halfway recent box will handle it just fine.
Happy, cause that's what a small investment in extra RAM and HD's made me...
Re: Hang on a tick...
Hmmm hmmm... Let me give you a small heads up.
If i wanted a car, i'd have searched for "car" and looked at the results. Same for everything else. So, if sitexyz doesn't have shit worth of content to show in real searches, the only thing your clients get from me is.... nothing.
Brain is trained to totally ignore any ad that slips through the blocks. And even if i notice it, 2nd stage kicks in telling me "ad, not important". That's what you people managed, a really epic achievement. Now people IGNORE ads. Even the important and meaningful ones.
So, all your client money is getting him is fattening YOUR wallet. It's doing next to nothing for him, well, except making him less wealthy of course.
If/when people do come around and not only start denying you referer data, but also start supplying you with JUNK referer data, your value will come down to what it really is, next to nothing.
Maybe then some of the advertising victims, i mean, clients, can stop squandering their greens and instead use it to top up what they constantly neglect, their sites real content.
Web will go on, it's just that you're gonna have to start doing some real work for your clients instead of just being a near zero value leech.
Re: Did a 10-year old think of this FAIL?
As name implies, they're not hardcore hacktivists. It's for the lulz. Thus, it was a fair target, as it's bound to provide LOTS of pissed up people and proportional amount of lulz.
While the attitude might fall in better with the usual trolls, they both operate on the same basic principle. Pissing you off. And guess what. They scored again, by the amount of "i took the piss" comments.
I'd go for the "nasty" dating sites next. Boy, i'm sure THAT would get MILLIONS of pissed people worth of lulz worldwide :)
Re: Gave up reading at
Almost same here. Next time reviewer wants to take stabs at iconic things, at least get freaking facts straight.
The last REAL Amiga is the A4000 circa 1992. Apple hardware of said time would have been a Quadra 900.
As far as OS goes, comparing AOS3x to System 7, sigh, you'd have had to use both to understand how vastly inferior Apples junk was...
As far as HW goes, Amiga did get 060's from 3rd party that made the 040's in Quadras look like snails on valium. That's why many a "Mac lover" back then bought Amigas and jammed Shapeshifter/Fusion on them. That was virtualization beeing done back in the days... Also cheaper to buy a fully kitted Amiga and a "dead Mac to nick ROM from" than to buy Apples overpriced stuff.
So, get your facts straight. The junk you're reviewing is some PC of sorts, whether it's good or bad is of no relevance to the Amiga line. Just slapping the brand on a box makes not said box an Amiga...
Will only ever change if and when the media starts pumping titles like "XYZ security compromised. AGAIN. IT department says it's powerless cause higher ranked idiots won't let them do their jobs".
100:1 the media outlets won't ever have the dangling ones to pull this off, ie, shoveling blame where it's due.
Beer: Every time your old taskmaster for whom your policies where "right up there with the nazis" calls in and sheepishly begs for help after getting "pwned" again. He's gonna pay for it so might as well down it... Maybe more than one as there will surely be LOTS of "overtime".
Same lameness as when Belkin replaced the definitely ugly and already shock full of useless "extras" n52 with the "new improved, powered by Razer" n52te. You got a better feeling keyb that was still stuck with the useless gimmicky bits but... oh, now you didn't have the godawesome macro software of the original. Out went something that could schedule several macros played together and "coded" from a decent UI in favor of a "one at a time" job with such a PITA "bling and flash" UI to "code" them in. Don't get me started on the drivers stability, it's so bad it's painful.
Do love my DeathAdder, but the wheel is biting the dust as the sensor/firmware fails to figure that a fluid spin in one direction that shows odd "ticks" in the other direction is just NOT happening. Funny enough, the old Logi MX500 has started doing the same after years (on another PC case you think it's the box...). Even my old (and dirt cheap) MS IM Optical wheel works better.
Might have to fish the Diamondback out of the junk pile, despite it being too small for my hands (and trust me, i have small hands...)and the side buttons being useless. At least the wheel/buttons work properly (for now).
Dream mouse: MS IM Optical wheel, DeathAdder size/shape, MX500 side buttons, Diamondback main buttons.
But to be bloody honest, next rodent will quite likely be a cheap MS/Logi one, at least i can throw it out the window and go get a new one moment he misbehaves. Up to my ears with "lot's of hype but didn't deliver" overpriced PoS "gamer mice".
Just... really... i mean... seriously...
Uncle Sam's boys are consistent. They ALWAYS end up looking like brain dead muppets.
Mildly amusing as cowboys, pretty much useless for anything else.
You should get one too as you seem to live in a walled garden...
Violent crimes per year on global scale? In the tens/hundreds of thousands? Related to Failbook? Couple of dozens tops?
It's the same thing as plane crashes you know? When they fall, few hundreds die. But they don't fall all the time. Road related casualties are what? Thousands per day? Heck, road related deaths per year make most modern wars death toll look like small change.
Difference is, some stuff has "shock and awe" value, some is run on the mill... Most just ISN'T evening news / newspaper material...
But never let any real wold stuff get in the way of your favorite tabloid and/or crackhead guru of the week views of the world.
Wonder how long till our demographics overlords come up with numbers on "vibrating time". Here's hoping the wabbit is USB powered...
Baffled at the seemingly lack of ergonomics on the said wabbit though. Or maybe i just cant see the right way to hold it...
p.s. Guess Apples content restrictions might be a safeguard, seeing that most their cult followers are a bunch of wankers to start with, no need to throw fuel at the fire is there...
I always thought i lived in a bassackwards backwater country, but seems we weren't the only ones to do the stupid CS move that followed the home/hobby computer>office computer stupidity. And while the "teaching Office is teaching nothing at all" isn't news, it's a whole different angle when politicians say it too...
Also, the argument that "the majority isn't interested" is a fallacy. They aren't interested in letters and spreadsheets either, they just deal with what get's thrown at them. Difference is, teaching how to dis(assemble) stuff and read/write basic (no pun) code might just do the trick of planting the seed of "independent thought" into them.
Then again, it's not in the gove's best interest to teach people how to think, is it...
No, no subliminal advertisement, just something i've lusted after ever since i was using MAME (and that was way back when my Amiga was still alive...).
The one with pockets too empty afford these beautiful toys... Used to have quarters but SF2 Tournament Edition was just too tempting...
Sounds bad, really...
No matter what, the point is that the *ware (hard+soft) got coerced into doing a sudden dive. Twice.
Now, i'm not really into planes software, but common sense says that when all your input fails and/or goes inconsistent, you DON'T change "state". You go with last set of "sane input" you had before things went to hell.
These people do have a budget to test their systems with fuzzed data and watch how it behaves, right? We not talking the toaster industry here, where the worse that can happen is burnt bread...
Beer, cause that was about as much "testing budget" as i could get for many softs i wrote...
Spot on. It's definitely a Windows problem and not a "ID10T using Admin account" problem.
One must infer that to think so, you actually also use a root account all day on your OS of choice.
Praise the lord that you can still feel smug despite that, because the odds of some malware of significance and magnitude ever landing on you are very small, because nobody will ever bother with the 0.5% out of the 5% that your tiny userbase represents.
Makes one wonder if besides being jealous of all the apps and games, the minority is now also jealous of our malware... Haters will hate it seems...
As for Adobe "fixing" things, well... hope is the carrot. Mine's the one with Foxit (until i find something smaller and faster and better, who says you can't have all three...).
"You will have to go a long way to convince me that child abuse equates to murder."
Depending on type of abuse, it's probably worse than murder. The dead guy doesn't have to live with what happened does he?
For the worst offenders, save the taxpayers money and pop a cap in them.
(or feed them to the bears/sharks... double saving)
In some other news, pigs can't fly...
Storage is cheap, bandwidth (and not just the network one) isn't. A modern CPU will decompress a file in memory in far less time than it takes to pull a larger file from storage into memory. That's the reasoning behind moving flash>PCIE. Removing (or widening at least) the current bottleneck.
As for the matter at hand, it comes down to how much junk metadata the content creating app will jam into the PDF. Adobe apps are particularly nasty there, trust me, and compression will give you HUGE savings.
Stuff like CutePDF or PDFCreator have a much better time (and smaller output) because they get handed the "raw print data" stripped of all the junk. Compression will give some savings still, just not on a major scale.
I'm no expert in these thingies, but while the multiple hardcoded account/password thing is at best mind boggling, i really don't get it why it's critical.
One would assume that while the devices are connected over a network, that network would be internal and isolated from "bad real world" as much as possible.
Thus, to gain access to a means to exploit these vulnerabilities, you'd have to go INSIDE the place. And if that happened, you already failed. The time it takes to tap the network, scan for devices, take control, and reprogram them is probably as much as it takes to blow the place sky high using conventional means.
Begs the question then, how many facilities went around and made the supposedly isolated (and operation critical) network a part of the general network to "make it easier". Or are they just worried because they now have to go about checking device integrity because it's not something noticeable as opposed to a explosive charge?
My 0.0002c on the former because being lazy and thinking about security after the failure is the norm not the exception.
I'm sure you're trying to be funny and all, but what you point out to is precisely what's wrong with this whole picture.
Had they been real terrorists, trained, hardened, and fueled by extreme religious fervor they would have endured it all with only the prospect of "righteous retribution" to keep them going.
Given a "turnover rate" so big of so many going into depression and suicide it spells something else. Spells you detained "ordinary people" that have no means at all to cope with the situation.
"other brown "foreigners""...
Care to explain wtf that means? Brown? Not people? It's guys like you that made mankind the PoS it became and to be bluntly honest, the only thing i think you lot are good for is to provide a cheap way to "close" Chernobyl, ie, dump the f'ing lot of you f'tards into the reactor until it's sealed under tons of charred bigot flesh.
At least 5s before they actually shoot, the would be RPG can be seen to be a camera. They had the option to call it off, but FPS and cowboy mentality won. Shooting the evac was icing on the cake.
Pretty much bet the ground personnel was 100% "wtf went on here...".
Bad as it would be, investigation, court martial and kicked off would still be an easy get off for the shooters.
Covering the fsck up by their CO's is were it starts to stink real bad.
Hope the media goes hard on it. Might make other CO's think that covering up bad things gone real bad could be an option, but covering up utterly stupid "Rambo's" isn't.
How about "stop apologizing and work on a fix"?
While Doc. Bontchev is right about the good files being several orders of magnitude more than the bad ones, core Windows files should be whitelisted against ANYTHING.
I mean, how hard can it be to keep track of Redmond's files and do a whitelist of them?
From last few years, every time a AV soft bricks boxes, it comes down to identifying Windows files as threats, so, what sort of catastrophic failure is it gonna take to get them on a whitelist?
And please dont use "resource usage" as an excuse, since the white list check only comes after a detection. Using a few more cycles per detection to avoid this sort of snafu is a drop of water on the ocean of resource waste that AV's already are.
Made my morning...
You just made my morning :)
First thing ill do when i get to the office will be to tell the art guys we are ditching PS and going for GIMP, cause a) its free and b) they can change it.
That will make their morning too, and ill get some free beer as ty later in the noon for making them laugh a bit.
Maybe its time FOSStards awoke to reality. a) was passed on to clients and b) we don't need to change that which works (unlike some cr@p they got along w/ a ex M firm...).
Or, if i was in a foul "FOSStard shattering" mood, a) Its free cause no one would pay for that crap and b) you can change my crap all you want too, wont make it gold tough.
@A J Stiles
Might hold, but doesn't really. If said Fred in a shed could not learn PS for free, he'd have to pay a course to learn it, because the industry cant work with $50 garbage that disregards said industry's requirements or fails to meet their expectations or cant deliver in time, etc etc etc.
And given that Paint.NET actually beats the living s..t out of 99% of said $50 apps while being free, said $50 apps have a "browser situation". They didn't loose sales because the "monopoly" played dirty. They lost sales because they SUCKED.
Now, regarding previous paragraph, there's nothing stopping FOSS guys from coming out with a PS beating app, if only they get head out of @ss and start actually coding it instead of using the "GIMP is free" line.
Troll or tard?
Pardon me, but imho the reason you provide your pass in (K)Ubuntu is that being a distro for the (m)asses they didnt feel comfy letting you have the root acc (Windows is a textbook case on not giving the (l)users the root/admin acc...).
Now, on a "Real Men TM" OS/Distro, you will be given the root/admin acc, because the people that made it have trust in you. They trust that if you ARE using the root/admin acc you have a (DAMN GOOD) reason to do it.
UAC or any other NannySecurityTM always lead to FAIL. Real security education is what you need, but no one preaches on that cause its not worth $$$.
And small wonder, Trend doesn't like that W7 isn't pushing the worthless AV sales. +1 M$, maybe one of these days (l)users will wake up and realize they can be safe wo/ using that cr@pware IF they practice "Safe HEX".
Beer, cause its a better use for cash than buying AV cr@pware...
Cant really see this picture... 15y fixing PC and i've seen all, from dust layers so thick it was solid to dead rats, from cola spill (yucky...) to pesticide (along w/ former roaches... (laptop FUBAR ofc)), but never tar layers.
Wonder what the smoking level need to be to build up actual tar layers of gooish icky stuff. Cause from my own boxes, mild smoking wont do it, at worst they build up dust.
Then again, this god forsaken hellhole i live in might be blessed w/ tar not sticking...
As for the Macjob, its appaling. Charging for parts+labor+mask+gloves is ok, refusing service isn't. Next on the list, REAL biohazard disposal crews will refuse service because of ... biohazards... This nanny society is going titsup, FAST.
PH, cause well, they always seem to be up...
While you might have a point that they breached your privacy, wouldn't that be case for say... 100% of illegitimate people trying to get your data? Think they care about legitimacy or law? Its why their CRIMINALS isn't it....
So, you got PWNED in a pretty trivial way. And instead of taking it as an opportunity to blog about "no such thing as secure when they have your wire" you went "cry mommy" and ruined your so professed "security expertise" profile in an epic way.
Any potential employer doing a google search will now find both names associated to "clueless" instead of "expert".
Bullet, meet foot.
"but most of the features XP has are needed"
If you really believe that, you might be interested in buying some property... in Pluto. Nice for vacations.
Really... cr@p like Indexing Service is pointless (would have been nice if done proper), System Restore was shite (aka broken imaging for the clueless (m)asses...). List goes on.
Quite bluntly, once you tried a nLite'ed XP w/ some power user toys thrown into the mix you REALLY start wondering whats wrong w/ the old workhorse that ppl actually moved on...
XP. No bling and why should i care...
Did anyone think of the possible side effect?
If (there was a phishing/logging attack AND some accounts got pwned AND details were disclosed to public AND its all over the news)
Cue in even BIGGER phishing/logging attack. // Backed by 100x more ppl now genuinely scared because they read some new about something they dont have a clue about (or got told by someone even more clueless than them...
Boy oh boy, can i see next weeks headlines... "Millions pwned by phishing attack fueled by scaremongering and poor information".
The reasoning is that if they make clients jump through one more hoop, they might loose either/both client/sale%. Thus, things remain as is...
What i think would be a better way, would be to FORCE them all to provide a REALLY SAFE process as alternative. That way anyone that cared more for safety could take a safe route, others the "fast and easy" way.
Anyway, just another nice example of how some bizz sector seem to be exempt of any checks at all...
Granted, for home PC's, its a nice piece, avoids many hassles. But for midsized places or production? Oh my...
Cant remember quite when, but id say it was 7y ago that i made it clear that any place i remoted to admin had a nice box (size not matter) running *nix. Router>Box's SSH port>Internal Network. Tunneling almost anything is a joy...
Random (but known ofc...) SSH port, 2048b key and my rather unfriendly password would make it a nice challenge to any script kidies around...
Ofc the potential for a SSH snafu was there, but in the end, id rather take my chances w/ that than trust something else...
Anyway, FAIL to TeamViewer for using a "reasonably popular" port and for the small mention of it in manual (check it, 2 lines worth and doesnt really state everything). FAIL to user too, for not checking out what DirectIn was and why on earth it would want to use UPnP to activate forwarding to port 80...
p.s. And yes, running Apache over Windoze on a production box really blows my mind... why on Earth...
Why the bashing...
While not a fan of Opera (not by a longshot ...) i see no point in bashing it like this.
So, ok, its just BBS/Hotline meets DynDns client meets Web2.0GoodnessTM all bundled together in a way even clueless (l)users can get it going.
Not being NewTechTM doesnt award a bash, and makes this "Opera series" of articles reek of PersonalVendettaTM.
Read your own writing. Lets assume you wrote an app, which does need said deprecated API call to properly function in v.2.0. Now, you can remove said call, make it 3.0 "clean" and get it through aproval. Wont work on 2.0 properly ofc. Or you can keep said call, making it work properly on 2.0, only it wont go through aproval.
Can anyone say "no customer choice"? At least on other devices i can read a disclaimer saying "product x might not function properly on OS y" and make my call. iDodo users could make it too, if brains not too full of "Steve's Holy Gospell" to be able to reason....
Bureaucracy at its best (worst?)
Seriously, don't know what's worse. M$ abusive stance or EU's pedantic bureaucracy. What's next? Adobe sues M$ because of Paint? Or one of the 10000 text editors makers sues on the grounds of bundling Notepad...
Been using Windoze since before said browser bundling. Have NOT been using IE for that long too.
Everyone had a choice, back then and now, most opted to using what was there, not because of this or that, but on account of plain laziness. Most were also clueless too...
Seriously, if the EC wants to do us a favor, sue M$ on the grounds of binding the browser to the OS in a totally unneeded way, and thus irresponsibly exposing users to a lot more problems than they should have.
Then again, what do i know, just a happy nLite user with a Windows so bare it even resembles just an OS... Coat, candle, prayer for a W7 version of nLite, no matter how squeaky clean M$ tell me it will be...
Not just them...
"...until large class-action lawsuit against one of these companies results in a multi-million dollar settlement."
Think some should fly MS's way too. After all, it WAS their poor judgment that made Windows behave in that dumbfscked way from the start....
And yes, quite easy to turn off, and lock down to "off state forever". Been in my "Post install ToDo's" list ever since it existed....
"Sure, slack is a great server OS, but as a desktop? Are you trying to turn them away from linux for life?"
All under 10. Equally capable of installing/configuring/maintaining Windows/Slack/Ubuntu/whatever, wich is, not at all... So, Jake wil be doing it, and placing nice shortcuts on their dektops, and probably doing remote maintenance/admin. Wich means, Slack will be as friendly to a 10yo as Jake makes it to be.
Added bonus of not having to go through the FriendlyDistroTM "where the fuck did they put it this time...", "what in hell where they thinking" or "why is this crap even here..." routine.
<Flame shield on>Still , even Slack is starting to carry too much crap these days, sign of times i guess...<Flame shield off>
back to System 7 or so...
Back then, any (beeffy) Amiga owner felt smug because our souped up boxes totally trounced Macs. 060 vs 040 was a no show...
Yes, it was somewhat a pain to get the Mac ROMS (buy if possible, hack an old Mac to death, etc...) but it did work pretty ok.
Did it piss Apple? Not really. Come on, how many Amigas were there? Even less so high specced ones (price, availability, etc)..
Forward to today. Is Psystar pissing off Apple? To no end. Why? Because they're probably selling half decent kit at half decent price, thus showing off how badly overpriced and underspecced Apples own boxes really are.
No love for Apple. They changed to x86 because they were loosing the race badly. But, in doing so, they opted into a market were competition is fierce and parts readily available. Now they need that lill EULA to keep them afloat selling overpriced kit. Good luck on maintaining the status quo now that someone is having the balls to challenge them on fair use and other rights.
Or maybe they can go back to putting (part) of the OS in the ROM and refusing to sell them (sounds familiar...). Then it would be back to scavenging parts from dead Macs... Hobbyist can do it, but a business cant run on it.
All is well
"Advocating that you should stop using anti-malware software is irresponsible."
Beg to differ. And you proved the point yourself. The box was safe until the moment YOU opted in on the scam by installing their fakeware. A simple "close browser" would have dealt with the menace. So, no anti-malware safe, dumb (l)user is not.
Nice article tough, even if a bit on the old side. This type of scam has been doing the rounds for years. Kudos to the malware writers too. Better graphics, decent English, and now the malware doesn't break down the box signaling its very existence. All in all, a 500% improvement.
In the end, all is good in the land. Users get ripped off by scamers for being clueless and uneducated, THEN they get ripped off by techies to fix the problem. How can it get any better?
Mine's the one i bought with money from (l)users for fixing their "small mistakes".
Memtest are nice but...
"May be the reason that every linux distro comes with memcheck."
Beg to differ, and so does a Corsair 1GB stick sitting on top of my box. Passes every memtest86/memtest+ test perfectly, crashes horrendously as soon as some "Real WorkTM" starts.
Stress testing, by own definition, is done under stress, not while the box is sitting doing zip...
Btw, also have a 15 year old laptop wich spits out errors in memtest86/mesmtest+ at an alarming rate, yet boots Win98/Slackware and works flawlessly all day.... Go figure.
Anyway, if not fake, and a hw fault, little the OS can come up with to save the day. If people are so wanton on pointing out a flaw, be it the lack of a (working) backup plan.
Jobs, cause a Kernel Panic in several languages and wo/ any relevant info on the cause is soooo pretty (much useless).
This sort of FUD is plain bollocks... and by the way...
"Just imagine you are 65 computer illiterate and want to go online with you new pc."
Im 32, no driving licence, no idea how to drive a car, but i can figure out how to "tun it on". So, i should just step up to a car, hit the gas and away we go... Sure, ill kill myself and probably someone else too, but it's NOT my fault, its the car maker's, because they made a car a clueless dumb@ss could not drive safely....
The "users are dumb/clueless/illiterate" argument has been used again and again. Still stinks. Either get an education like techies did (no, we weren't born "in the know") or get shafted and take it like a man.
In the end, like most thing in life, your problem, your responsibility, do as you see fit, and deal with whatever comes back to bite you.
Death.... complain to it that you didn't know better. Fat lot of good it will do to you...
Omg.... its the p word all over again...
"It might have done nothing to help, but they felt it was doing something to protect them from phishers."
That is called the placebo effect. If i have a BIG headache i take some XL stuff. Minor headache, probably take aspirin or paracetamol. If im not sure whether or not i have an headache i DONT drink water with sugar. Main reasons its because its pointless and useless.
Let me tell you some "news breaking" stuff. Many people have been doing LS's task in a more rudimentary way. Involves a transparent proxy and a fair bit of "rewriting". Behold, it too takes away many nasty things attached to your humble webpages. Does not go on a hellbent attempt on downloading the whole Internet tough. Lacks a "dont click this link, ForMoronsTM" too. Why should it have one? It will try and catch it IF AND WHEN the user actually goes there.
I dont bash LS's attempt. Its ok in my book to catch web traffic midway and take a look at it. I bash their utterly braindead way of going at it. I bash even more the outrageous way in wich they tell you "we know better" when its obvious they dont. I totally bash their utter lack of balls (for lack of better metaphor) in not standing up and taking it like men when it all goes tits up (three words: PR wont fly).
Evil Jobs, even his zealot clonelike PR/evangelism didnt stink so bad.
How many of these AC "Linkscanner was a GoodThingTM" comments actually come from frustrated malware writers.
Yes, because those folks whould actually welcome the 10x increased chance of getting a "link farm" cheap shot if a vulnerability was found in said Linkscanner...
On the off chance last AC was not a vxer, mind you, LS was NEVER a valuable security tool (the way it was implemented it was just a great attack vector), and El Reg is actually putting readers interests first, because for the Web at large LS was a nuisance at best and for users it was "insert something bad here" at best. Bad security model = no security at all.
Bill, because even MS can figure out their stuff is broken, faster...
@Chris Cheale - Oh really???
"For individual users... the pre-fetch grabs an additional few k's worth of text"
Goes to show how out of touch some people are with the REAL world...
Just for kicks, i did a couple of Google searches, stuff like "blank DVD", "drinking glass", "fizzy drinks", "temperature", etc...
Then i downloaded the html/asp/php/whatever pointed to in Google's search results and added up the filesizes. Got results from 800k to 1.25MB. So much for your "few k's". Make that an extra .5MB per search more likely.
So, run 10 searches in a row and you get God know what in traffic. And pray you dont get something like a manual/book page w/ old tags (pre-css), because those can easily rack up a couple of MB alone.
Whatever your take on the situation, IF LinkScanner is prescanning the search results "code", it will cause at the very least numberofresults*smallestpagesize of traffic. Since search engines seem to have settled on 10 results, LinkScanner is driving AT LEAST 10*smallestpagesize in data transfer.
One word : unnaceptable.
p.s. I didn't include the adwords links pages. Not sure if they get scanned. If they do, replace 10* with (10+(random(10 or so))*.
Paris, because even dumb blodes have more common sense...