38 posts • joined Friday 12th June 2009 19:05 GMT
Or, more likely...
...there's a series of alien beacons around our system just outside the Oort cloud broadcasting a message like:
"STAY AWAY! The inhabitants of this system are freaking psychopaths! If in distress you'd be better served to blow your ship up right now rather than try landing there!
YOU HAVE BEEN WARNED!"
Or perhaps the beacons might use more emphatic language... (laughing)
I like a user who admits they are an idiot--in print!
"I have no sympathy for idiot users, but Macs are still inherently secure."
Then you're saying you have no sympathy for *yourself*, because macs are not secure--they're simply not attacked as much.
Look at Pwn to Own. Macs have fallen 3 years in a row, usually first.
Of course, to be fair, perhaps you aren't using the dictionary defintion of secure: "free from danger or risk". Well, I suppose in that sense a baby in a rich man's house is more secure than a baby in a war zone--unless the baby in the war zone is in a Bolo of course...
But if you mean "impregnable: immune to attack; incapable of being tampered with" then you are living in a dream world, as Pwn to Own clearly demonstrated.
So which meaning of secure are you using? Think carefully now...
Didn't work for me
I tried the demo and got a blank white page--and nothing else. No apps, no warnings, no popups, zilch.
What do you mean you have to have Java installed? Oh, so now I have to install something to get infected? :)
You should do more reading
The guy who hacked the iPhone specifically said he could have gotten email, contacts, photos or anything else he wanted, he just chose the SMS.
As for hijacking a browser to go somewhere, that's pathetically easy. One way is to compromise the *ads* running on a trusted site.
This *IS* scary stuff. iPhones are owned by people who haven't a clue about what to do or not do--mixed with Apple's official smugness makes this seriously dangerous.
One poster mentioned hacking the GPS function. How'd you like to be the target of a mugger who knows this hacker...
Phones are a whole other level of danger because you carry them with you in public. And people do stupid things like text to someone they're having an affair with. Blackmail gold!
Um, not really
"Always love the "if I can find this bug, why couldn't Apple/Microsoft/Linux kernel developers" questions. Because they're busy building the o/s, that's why. "
Kind of a silly argument there. MS, Apple, etc hire *thousands* of programmers. Surely they could spare 2 or 3 for vulnerability checking.
Oh, and Charlie Miller's making a presentation on how he finds bugs. :) Wonder if Apple has any employees there to hear it?
Look, I'm not arguing law, which has no rationality behind it (only what an opportunist can convince idiot lawmakers of), I'm arguing fact. Trespass is entry where you aren't permitted to be. Guess what guessing another person's password does? :)
As for who co-opted what, why do bad guys refer to themselves as hackers? Although the media certainly didn't help the situation.
And given the word's origin, it means exactly what I said it means. Anything else isn't hacking, it's either fraud or trespass. A hack was originally an elegant piece of code, now it's a piece of code with evil intent.
Ignorant Journalists and their equally ignorant editors
Propagating false information, no less. Whatever happened to fact checking?
Good God! It's bad enough the term "hacker" has been coopted by the bad guys, who should actually be known as "crackers", probably derived from "safe cracker".
Setting that aside, guessing a password is NOT HACKING. Jeez.
Hacking (in current usage) is creating programs tha do bad things.
Guessing passwords is more akin to tresspass. It takes no programming at all--in fact it doesn't involve anything more than using a computer the way it was intended to be used!
So your headline should actually be "1 in 4 UK students admit to trying to snoop on others accounts". But that doesn't have the magic word "hacking", does it?
I expect better of you. Try not to make a habit of such shoddy reporting. If I want this kind of story, I'd read the Sun.
PIN pads are something different
A PIN pad is the keyboard unit found in an ATM, it's a self-contained computer with a huge number of safeguards that prevent exactly this sort of thing.
What Hancock Fabric is talking about is just a credit card reader--a completely different thing. Calling these things terminals is really misleading. They have few if any safeguards and are absolutely NOT PIN pads.
"But where in VS can I do something like substitute strings in a source file using regular expressions? You know: sed - programmers best friend! VS would have a 12 step wizard to accomplish the same thing, I am sure."
Actually, it's right on the Replace dialog, there's a checkbox called "Use", with a combo box that defaults to regular expressions, although wildcards are also a choice.
And another dropdown that lets you choose the scope, ranging from "selection" to "project" to "entire solution."
IDEs got popular for a *reason*, and it isn't all "click and drool". Nor only for beginners. After all, if you make a tool easy for beginners, it can also be useful for experts too. Especially if that tool is a force multiplier...
No one expects the IDE!
I hear all these Luddite carpenters on this thread:
"I don't need no circle saw, dadgummit! Nor a lathe neither! I got my trusty saw and wood plane right here! Anybody can't make a table leg perfect every time with a plane ain't got the right to call themselves a carpenter!"
I hear them enthuse about emacs and company--forgetting that emacs isn't a text editor, it's a way of life--and does some of the functions of an IDE.
I'm also hearing web-developers and C++ jocks leading the anti-IDE charge, and I just shake my head.
At the *bare minimum* an IDE has 3 indispensible aids to a developer:
1) An integrated debugger that can step through code and let you alter variables on the fly as you test
2) a syntax colorizer and code indentation control with Intellisense (to use MS as an example)
3) a visual design tool for forms and reports.
These three things together can cut development time to 1/10'th what it would have been without them. And produce higher quality code.
Then lets talk about the little niceties. I'll use VS-2008 for my example since that's what I'm using this particular second. Intellisense in VS 2008 has a nifty little feature that *dynamically* remembers which of two similar identifiers you use the most, and presents it first, even if it's alphabetically second. This is a righteous feature! :)
Lets talk about code folding, also available in VS 2008. I like this, a lot. I like it even better that VS knows how to do it usefully. Makes navigation so much easier...
So to those sneering at IDE's, you really should move out of your caves. Basic Notepad level text editors (of which there are millions) make your life so much harder than it needs to be. Emacs *is* an IDE, although definitely a "roll your own" one, and much poorer than the likes of a VS 2008.
Bottom line? Why slog through the mundane stuff? Let the computer do it. Oh, and the disdain about detecting unused variables etc in the IDE? Have you lot considered being the second person through the code months later? Pretty nice to see the little squiggle underline that flags an issue right where you can immediately fix it--whatever that issue might be.
Humans are visually oriented. IDEs leverage that fact, and save you time. Learn to play to their strengths, not bitch about their weaknesses.
Like any other tool, really...
Sometimes there are no words...
I can add absolutely nothing to this article, truth is indeed stranger than fiction.
I must say that if this were a plotline in fiction, it could only appear in a James Bond film...
He's pushing his product, what did you expect him to say?
Netbooks serve *1* market. The market that needs a tiny laptop with a (nearly) full-sized keyboard where the size of the netbook outweighs the (massive) disadvantage of a limited screen. 1024x600 is *usually* enough for emergency work...
That's why I have one. I carry it with me so I can use terminal server to perform admin functions when it's impractical to drive into the office for whatever reason and I happen to be away from home. Add 3G cell-modem access and it's a wonderful (if limited) tool.
Let's face it. Netbooks *suck* compared to laptops--which suck compared to desktops--except in the one aspect which defines them.
A laptop is mobile. A netbook is ultra-portable. But those are expensive capabilities because you lose so much to have them.
Nobody I know would willingly use a netbook as their only system for working an 8 hour day. Very few would use a laptop (always excepting the 17"+ screen monsters that are known as "desktop replacements". :) Those should really be called "hinged all-in-ones" anyway.
Have these people never heard of auto-update?
I mean come *on*. Conficker needs an unpatched system or it won't work! Let's see, there are so many levels of fail here it's dizzying.
1) *EVERY* AV program catches Conficker!!!! EVERY SINGLE ONE. Meaning these system didn't have AV. Which, in today's environment is like going into battle stark naked and blindfolded!
2) The patch has been out for well over a year now. November of 2008 if memory serves. Why wasn't it applied? On top of which auto-update would have patched it wihout anyone having to do *anything*.
3) Conficker needs admin access, so running as a normal user blocks it. This is admin 101 stuff.
So basically the police failed at basic security--how ironic.
Utter, sensational, EPIC FAIL.
Same old same old
The next few months will be interesting. What happens when the status quo stays the status quo? :)
I'll officially go on record to say IE's share won't change from this action, proving yet again that the EU (and Neelie Kroos in particular) are idiots. After all, the N version of XP sold *so* well... (chuckle).
And lets not forget how paniced the EC was when MS said "you don't want a browser? Fine, no browser for you!" :)
@Henry Wertz 1
"No it was not. Vista was and is CRAP! I've SEEN it running, it's slow as hell, and I hit bugs and UI inconsistencies (not "oh the border looks different" but actual ones..) within minutes of using it, not doing anything exotic but just using the Windows Explorer."
I call BS. I have over a dozen Vista business systems running, only 2 have 2GB of RAM, the rest have 1GB. They run just fine, and these computers cost $500 on down to $400, depending on when they were bought, and they run Intel graphics.
Aero runs just fine. The systems are stable, they haven't given me a bit of trouble, and while I will happily buy Win 7 systems in the future I have absoutely no desire to upgrade the Vista systems to Win 7.
Vista is not slow, it's not buggy, it's rock solid. Win 7 has some speed optimizations and memory reductions (mostly for video) but I upgraded a Vista machine with Win 7 (test bed) and while it's fun and a nice improvement, it's not enought to prompt me to spend my pitiful budget upgrading Vista machines.
The interviewees are right. Users bitched without ever trying Vista. The Mojave experiment proved that early on.
Sounds pretty fishy to me
Modern ATMs do NOT, I repeat *NOT* store the full ATM number. They haven't for at least 2 years now, specifically to avoid this kind of thing.
Further, to register on a network the machine would have to have new DES keys entered. If the gentleman could do that with "just a few faxes and phone calls" then VISA would be very interested in talking to the people he contacted--and putting them out of business.
VISA has Views on such matters, you see. Views with hobnailed boots, extreme prejudice and lawyers who can extract hundreds of thousands in fines *per violation*.
One of my responsibilities at work is to be the head key custodian for our DES keys. Trust me, setting up an ATM on a network involves a huge number of checks and balances. Dual control safes, no one person ever sees both halves of the DES Keys, dual control at installation time, three witnesses to the DES key once the convelope has been opened--it's a pain in the butt.
Anyone caught not doing it that way is out of business--and that's just the beginning of their pain. So by all means let the gentleman contact VISA.
We'd all be better off!
So user bitching results in less protection
That's why I slide the UAC setting back up to its Vista-level equivalent. And install MSE. So far MSE actually caught (and cleaned) a browser modifier trojan that Bitdefender missed. This was on Vista though.
Home users with Win 7? Definitely use MSE, and return that UAC slider to the highest setting! It's simple:
1. On the Control Panel click "Review Computer Status".
2. Click "Change User Account Control Settings" (second choice on left pane)
3. Give an administrator password
4. Slide the UAC slider all the way to the top.
5. Click OK. You may be prompted for the admin password again.
While I don't personally carry a gun...
...my company has a large (80%+) percentage of employees that *do*, as a matter of security. I am happy to report none of our employees have been shot since the company has been in business (15 years). Counting employees that left the company that number exceeds a thousand people.
I also am happy to report we have had no incidents of workplace violence, nor have our employees ever had to actually shoot anyone.
This study is, as many people have said, fatally flawed.
I have grown up around guns, I know how to shoot, I know how to handle and store them safely, and while I don't own any guns lots of my relatives do, being avid hunters and collectors of both rifles and pistols. (I on the other hand, collect swords. :))
Quite curiously, not one of my relatives (all the way out to second and third cousins) has ever been shot. Keep in mind this is a very large group too (a few hundred) counting over five generations that I know about personally, on both my father's and mother's side.
Those who advocate gun control (ie forbidding citizens to have guns at all) are seldom the ones who grew up with them. They also tend to be more fearful in general, and want The Authorities to handle everything. Of course the whole point of the right to bear arms is the fact the Founding Fathers didn't trust The Authorities in the first place. :)
Train a child in proper handling of weapons (guns, knives, swords, bows, whatever) and they won't turn into a slavering psychopath and murder their entire school. Well, unless they were born that way of course.
Even then, I would point out no one *except* the Columbine shooters were armed. Had someone else had a gun the death toll *would* have been smaller. Oh, and lets not forget the monsters tried to use *explosives* as well as guns...
In short, it isn't the gun, it's the person. A good person with a gun won't hurt you. A monster without a gun will still find a way to kill you.
Finally, to the poster who talked about men with small genitalia compensating, that's rubbish. I know lots of women who have guns, including one who received a very nice pistol as a wedding present. What are the women compensating for, hmm? (laughing)
Oh come on
Conficker? Well over a year after the patch? After all the press?
So: Computers weren't patched. Meaning Auto-patch was turned off. Why?
So: AV program was either absent or not patched. Why?
So: IT department not monitoring PCs. Why? Politics, penny-pinching or incompetence?
Epic fail, that college!
Downloaded MSE about an hour ago
I like MSE, it's quiet, effective, and low impact. Couple that with UAC (a *good* thing, idiots' rants notwithstanding), the Windows Firewall in Vista or 7, and I'm a happy camper.
Not to mention it's *free*. As in beer. Nor is MS trying to shove it down anyone's throat. It's also either best in breed or damn near.
Mix in Windows 7 and I think the ABM ranters are going to find themselves on the cold steps of a City Hall, in the dead of winter, ranting to the falling snow. :)
It's a start
Ok, it's a start. Reinstating the book with an apology is what should have happened *the next day*. This is what, a month later?
Still, the PR beheading they took seems to have had some effect. I *still* don't hear them killing the delete feature in the Kindle. You can bet Sony is watching...
*Upgrading* to XP????
Let me guess. They're running a mix of Windows 95/98? :)
Upgrading to XP? Are you kidding me?
And *please*, please don't tell me they're currently running Windows 2000 because that's a great OS even today, and an errant virus wouldn't require an upgrade from 2000 to XP!
They do understand XP has been end-of-lifed, right? As in the only copies available are sitting in a warehouse somewhere? Good luck finding 1800 of them...
Microsoft doesn't even allow you to downgrade Vista to XP at this point.
Besides, if they are running 95/98 they *can't* upgrade to XP. The hardware won't take it.
So we're looking at a situation where Windows 2000 machines don't *need* to be upgraded OR we're looking at Win 95/98 machines that *can't* be.
If they have to replace the machines anyway, hold off till they can get Win 7 machines!
Which will include MS's free AV program.
British IT must be rubbish indeed. Either that or someone's been reading too much BOFH...
Conficker? Doubt it!
Surely to God it could *NOT* have been Conficker? That patch has been out for *OVER 1 YEAR*.
Come on, Reg, we expect better of you. Or are you saying British IT at all levels is simply rubbish?
Use Windows Authentication mode!
If you use the Windows authentication mode this is a non-issue--and your life is a LOT easier to boot!
I can see why MS isn't bothering to fix this one--it's a good way to get people using the right authentication mode!
Let's start by jailing...
...Trevor Baylis himself, for being a bloody stupid idiot. See the patent success story that was the dawn of the aircraft industry. Or software patents today.
Bleh. Axe the entire patent idea. Copyright, yes, that's a fixed expression (a single instance). Patents, no (*any* instance of an idea belongs to me!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)
And *How* long has the Conficker fix patch been out? :)
Seems to me the IT staff isn't keeping up with their patches...
I mean, come on! The patch was released almost a year ago! I can understand 2-3 months delay (maybe) but 12?
I suggest an alternate headline:
"Hospital IT staff incompetent: systems unpatched for 12 months infected"
This kills Open Office and other XML word processors too you know
So i4i has single-handedly outlawed word processing. :)
Of course MS can always fall back to the .DOC format, can't they? :) Which means MS pays what, $300 million and kills every single Word competitor.
Cheap at the price! (laughing)
iRead, Kindle-comptetitor, not computer
I'm betting it's *NOT* a computer. I'm betting it's a Kindle-competitor, one that can also play movies and music. :)
After all, Steve has always said they'll never build another Newton. But he never said they wouldn't build an eBook reader.
Popularize the ebook reader and Apple could have another one-trick pony in the stable. Both the iPod and the iPhone are getting a bit long in the tooth.
Lord knows their computers aren't going anywhere fast...
"Boycott Amazon because they obey the law?"
They didn't obey the law. They *extended* the law--without the force of government (do what we say or we kill you) on their side.
There were any number of legitimate solutions that did not involve book burning. If I own a physical book (even one published without permission) the *publisher* is on the hook, not the customer. I own the book. No one has the right to claim otherwise. (And the "law" of eminent domain does not apply here).
Boycott *is* the appropriate response. Amazon did an amazing stupid thing. They have to learn that they do not "license" content, they *sell* copies of it. End of story. Copyright is about the right to copy. It does not dictate anything about the illegal copies once made--only the penalty for having made those copies. If you don't believe me read the US Copyright code. (And yes, this is a US matter since Amazon is a US company).
And no, software EULA's are still a legal gray area that has never been tested. Ever. Like a book, software cannot be controlled by copyright beyond the right to physically copy (and/or distribute) the work.
And before anyone has the dim-bulb idea that software is different because it copied into memory to execute better think again. A *BOOK* is copied into human memory every time it is read. There is no difference in terms of "copying for use".
Both a software copied into memory and a book copied into human memory are transient copies, not permanent. Both are encoded representations of instructions. After all, when you read you are translating symbols into meaning. Therefore there is little conceptual difference between computers and brains (in this one limited aspect).
Since copyright law *requires* the ability to read copies of books (that is, after all, the desired end result of selling a book!) the same is true for software. So don't even bother with EULA arguments please.
Besides, merely erasing the copies has no effect on Amazon's legal liabilities--they are *STILL* on the hook for those 18,000 copies. Thus it makes no sense to have erased them. The infringment already occurred, erasing existing copies doesn't make it go away.
Just ask RIAA... :)
Amazon are book burners
Amazon destroyed *books*. The fact they were e-books stored in flash memory is irrelevant. They *destroyed books*.
The apology was a good start but far from sufficient. Bezos should have publically committed Amazon to never repeating this action, as a corporate promise with legally binding force, and removed the capability from the Kindle.
Failing that, only complete boycott of Amazon is sufficient response.
As such, not only will I never buy a Kindle, I will never buy another Amazon product, and I will (and have) told as many people as I know never to buy from Amazon again.
A small thing, but if enough people do it Amazon can be dealt a groin shot that will bring them crashing to their knees (and their senses).
Boycott them. Until they learn book burning is going to put them out of business.
...hash collision. In other words, two different email addresses that produce the same hash total. And yes, it's very very very common.
Hashes do collide. And when a hash is used as an ID--oh my. It's "kitty bar the door!". I can just see the lawsuits flying now.
Moderation has been a problem since the Compuserve days. Then it was rather draconian, you bothered people too much, racked up too many complaints and *boom* you were banned.
Given you had to pay for access/membership and they knew who you were it worked well enough.
But the web is another animal. Anonymity is too easy, everything from changing your email address as often as you brush your teeth, to using proxies to obscure your IP.
Sounds like one of those "good ideas" that turn out to be "stupid idiotic ideas". Sigh.
@@So Google screwed up
Hadn't had my caffine yet. :) What I meant was that Google uses Linux systems internally in their servers--if I recall correctly they actually use a customized version of Linux. This means their programmers are experts on *Linux*, but not necessarily Windows--as this incident proves.
On the other hand, if they silently (and deliberately) disabled the search index process it means they committed a faux pas. If their files do cause the search index process to fail the polite thing to do would have been to inform MS.
Certainly they should have informed the *user* and given them the choice of not installing the product. You have to wonder how Google files break the indexing process tho--I'm curious about the actual mechanism since nothing else breaks it.
Finally, it is Google that's to blame for leaving the service disabled when you uninstall the plugin. That's just plain Fail no matter how you spin it.
So Google screwed up
It happens, especially when you aren't familiar with the system you're mucking about with. Google folks are Linux, right? What do they know about Windows?
And thus they screwed up. At least if you're not wearing a tinfoil hat that is. A tinfoil type would say they deliberately torpedoed MS. But "do no evil", right?
Of course if I was to learn that some user-with-delusions-of-adequacy downloaded this plugin because "Vista sucks" then I'd be a mite peeved. And tempted to let that user lie in the bed they made. Ah, fantasies. Everybody needs a few...
Nice Spin. Too bad it's completely wrong
Man, even when MS throws in the towel some people have got to whine.
MS has *surrendered* Utterly. They removed IE *completely*. Opera won. You wanted a level playing field, *well here it is*. MS is FORCING everyone in the EU to choose a browser--you aren't allowed *not* to!
Will this make Neelie and her henchfolk look like the slimy money-gougers they are? Of course it will. And there *will* be much rejoicing in Redmond. Seems like MS finally grew a pair--it's only taken 10 years...
Oh, and that part about Windows N? *THAT WAS THE COMMISSION'S OWN REMEDY! Egg on face all 'round. A dozen Roc eggs. :)
Past time MS told the EU to put up or shut up--and that's what they've done. Here's Windows 7. Here's an IE disk *if you want it*, if not you can go without a browser at all or Mozilla and company can pull an AOL and shower all and sundry with CDs.
Or the OEMS can load every single *free* browser on the planet on every machine they build. (Funny how all this noise and fury is about something that costs *nothing*, isn't it?)
CHOICE. You wanted it, and by God MS is going to make absolutely sure you *make* it.
Where's the rejoicing, hmm? Surely every Firefox fan, Safari zealot and Opera afficianado will be beating down peoples' doors to install the browser they champion? Surely FOSS will hold parades down the streets of every European capitol? MS has lost!
There have been loudmouths who opined that MS should simply abandon the EU altogether. Obviously MS wants your money too badly to do that. But here's a small taste of what it would be like if they did.
Here's the chance for the ABM crowd to show their mettle. They've always boasted their stuff is better, now *prove* it!
Surely OEMs can whip up a simple ballot screen? What about the FOSS folks? Now's your time, here's the clarion call for the downfall of MS!
Go for it.
Instead of whining like spoiled 3 year olds...
OK, here's the deal
Most of the posters here are completely clueless about what MS is going to do.
1. MS is NOT going to sell the normal version of Win 7 in Europe, it's the E versions ONLY. You *ARE NOT ALLOWED* to buy the version of Windows 7 the rest of the world will be using.
2. MS is going to pull IExplore.exe (and its associated files like help etc) from Win 7. This is the "browser" called Internet Explorer.
3. Trident (the rendering engine), Java (the Sun version), and all the other things that render the net are STAYING in Win 7. This means third party software that uses Trident will still work, Java apps will still work, etc.
4. OEMs will be installing the browser (or browsers) *they* want. So if you buy a new computer from someone else you WILL have a browser already installed. Perhaps more than one. IE *could* be one of them, but IE will be free to the OEM just like Firefox is now. There's no financial incentive to include (or exclude) IE.
5. If you buy a retail version (Home E, Pro E) then you do NOT get a browser AT ALL. However, MS will offer CD's to install IE 8 *SEPARATELY*.
So, in summary, Europe is only allowed the E versions, MS will not allow non-E versions into Europe. The E version is identical to the Non-E version except for the lack of Iexplore.exe (and a couple of support files). New computers will come with whatever damn browser(s) the manufacturer pleases. There's a CD for retail versions (available seperately for free) if you want IE.
Now, carry on. :)
- Xmas Round-up Ten top tech toys to interface with a techie’s Christmas stocking
- Google embiggens its fat vid pipe Chromecast with TEN new supported apps
- Microsoft: Don't listen to 4chan ... especially the bit about bricking Xbox Ones
- Exploits no more! Firefox 26 blocks all Java plugins by default
- Shivering boffins nail Earth's coldest spot