diamond.g
Apr 21, 08:51 AM
So are you going to tell me that paying for tethering ON TOP OF DATA YOU ALREADY PAID FOR is fair? Data is data is data... 4gb is 4gb no matter how I use it. Tethering cost are a joke!:mad: /end rant
You are joking right?
Well, just think of it as paying toll on a road that your taxes had already paid for (probably a bad example).
You are joking right?
Well, just think of it as paying toll on a road that your taxes had already paid for (probably a bad example).
WestonHarvey1
Apr 15, 01:14 PM
...isn't true.
Matthew 5:18-19
Mark 7:9-13
Luke 16:17
Also, I love the use of the term "true Christian". It's perfect:
http://en.wikipedia.org/wiki/No_true_Scotsman
Yeah, I was waiting for that one. It's pretty low-rent as far as fallacies go, I'm not sure why it is trotted out as often as it is. It's always used to argue stupid things like Hitler's religious beliefs represent the truest form of Christianity, and if you don't believe so, you're violating this sacred "No true Scotsman" fallacy.
No TRUE circle is square! Yeah, that one's true. You can't torpedo a well-defined institution by finding an example of someone not living up to its rules.
Matthew 5:18-19
Mark 7:9-13
Luke 16:17
Also, I love the use of the term "true Christian". It's perfect:
http://en.wikipedia.org/wiki/No_true_Scotsman
Yeah, I was waiting for that one. It's pretty low-rent as far as fallacies go, I'm not sure why it is trotted out as often as it is. It's always used to argue stupid things like Hitler's religious beliefs represent the truest form of Christianity, and if you don't believe so, you're violating this sacred "No true Scotsman" fallacy.
No TRUE circle is square! Yeah, that one's true. You can't torpedo a well-defined institution by finding an example of someone not living up to its rules.
jettredmont
May 2, 05:35 PM
Is your info from like 1993 ? Because this little known version of Windows dubbed "New Technology" or NT for short brought along something called the NTFS (New Technology File System) that has... *drumroll* ACLs and strict permissions with inheritance...
Unless you're running as administrator on a Windows NT based system, you're as protected as a "Unix/Linux" user. Of course, you can also run as root all the time under Unix, negating this "security".
Until Vista and Win 7, it was effectively impossible to run a Windows NT system as anything but Administrator. To the point that other than locked-down corporate sites where an IT Professional was required to install the Corporate Approved version of any software you need to do your job, I never knew anyone running XP (or 2k, or for that matter NT 3.x) who in a day-to-day fashion used a Standard user account.
In contrast, an "Administrator" account on OS X was in reality a limited user account, just with some system-level privileges like being able to install apps that other people could run. A "Standard" user account was far more usable on OS X than the equivalent on Windows, because "Standard" users could install software into their user sandbox, etc. Still, most people I know run OS X as Administrator.
The real differenc, though, is that an NT Administrator was really equivalent to the Unix root account. An OS X Administrator was a Unix non-root user with 'admin' group access. You could not start up the UI as the 'root' user (and the 'root' account was disabled by default).
All that having been said, UAC has really evened the bar for Windows Vista and 7 (moreso in 7 after the usability tweaks Microsoft put in to stop people from disabling it). I see no functional security difference between the OS X authorization scheme and the Windows UAC scheme.
I'd say it's people that try to just lump all malware together in the same category, making a trojan that relies on social engineering sound as bad as a self-replicating worm that spreads using a remote execution/privilege escalation bug that are quite ignorant of general computer security.
Absolutely. I think it is absolutely critical to discern between a social-engineering attack (ie, one that requires a user to take some action unwittingly) from an automated attack (a classic virus or worm). The latter is certainly less common these days (although the "big boys" wanting to send Iranian nuclear reactors into convulsions seem to be keeping the dark art of worming alive and well), and so a typical user is much more likely to fall victim to a phishing scam than to get something nasty like the Asuza virus which wipes out their hard drive after an incubation period.
From the main "security firms", though, the money is in making all malware seem automated and thus only able to be countered by an automated virus detection/isolation utility. There just isn't much money in telling people to not click "Install" when MACDefender's installer comes up while looking through Google Images.
Unless you're running as administrator on a Windows NT based system, you're as protected as a "Unix/Linux" user. Of course, you can also run as root all the time under Unix, negating this "security".
Until Vista and Win 7, it was effectively impossible to run a Windows NT system as anything but Administrator. To the point that other than locked-down corporate sites where an IT Professional was required to install the Corporate Approved version of any software you need to do your job, I never knew anyone running XP (or 2k, or for that matter NT 3.x) who in a day-to-day fashion used a Standard user account.
In contrast, an "Administrator" account on OS X was in reality a limited user account, just with some system-level privileges like being able to install apps that other people could run. A "Standard" user account was far more usable on OS X than the equivalent on Windows, because "Standard" users could install software into their user sandbox, etc. Still, most people I know run OS X as Administrator.
The real differenc, though, is that an NT Administrator was really equivalent to the Unix root account. An OS X Administrator was a Unix non-root user with 'admin' group access. You could not start up the UI as the 'root' user (and the 'root' account was disabled by default).
All that having been said, UAC has really evened the bar for Windows Vista and 7 (moreso in 7 after the usability tweaks Microsoft put in to stop people from disabling it). I see no functional security difference between the OS X authorization scheme and the Windows UAC scheme.
I'd say it's people that try to just lump all malware together in the same category, making a trojan that relies on social engineering sound as bad as a self-replicating worm that spreads using a remote execution/privilege escalation bug that are quite ignorant of general computer security.
Absolutely. I think it is absolutely critical to discern between a social-engineering attack (ie, one that requires a user to take some action unwittingly) from an automated attack (a classic virus or worm). The latter is certainly less common these days (although the "big boys" wanting to send Iranian nuclear reactors into convulsions seem to be keeping the dark art of worming alive and well), and so a typical user is much more likely to fall victim to a phishing scam than to get something nasty like the Asuza virus which wipes out their hard drive after an incubation period.
From the main "security firms", though, the money is in making all malware seem automated and thus only able to be countered by an automated virus detection/isolation utility. There just isn't much money in telling people to not click "Install" when MACDefender's installer comes up while looking through Google Images.
wdogmedia
Aug 29, 01:01 PM
Come on, people, let's cut Greenpeace some slack, here. Their fanaticism only goes to certain lengths...the reason they protest Apple and other U.S. businesses is because if they actually protested in places where pollution was a major issue (like China), they'd all get shot. :)
BornAgainMac
May 6, 06:31 AM
Maybe it isn't AT&T but the iPhone caller that is bragging about his iPhone, iMac, Apple, and Microsoft is dead, Flash sucks, Google copies... <click>
sinsin07
Apr 9, 09:28 AM
If you don't believe me, there's plenty of history to read. Just go look at the following industries that were disrupted by technology...
%IMG_DESC_7%
%IMG_DESC_8%
%IMG_DESC_9%
%IMG_DESC_10%
%IMG_DESC_11%
%IMG_DESC_12%
%IMG_DESC_13%
%IMG_DESC_14%
%IMG_DESC_15%
%IMG_DESC_16%
%IMG_DESC_17%
%IMG_DESC_18%
%IMG_DESC_19%
cwelsh
Apr 21, 08:57 AM
So are you going to tell me that paying for tethering ON TOP OF DATA YOU ALREADY PAID FOR is fair? Data is data is data... 4gb is 4gb no matter how I use it. Tethering cost are a joke!:mad: /end rant
You are joking right?
Nope. Whether it is fair or not is a completely different topic (I personally feel it is not) but that is what you agreed to in your contract, which specifically states the normal data plans data does not apply to tethering.
I liken this to numerous DLC that appears in videogames today. Often the additonal content is stored on the disk so when you buy the game (data) you technically have bought the DLC already but in order to access it (much like tethering) you need to pay a fee.
I'm not looking to get into a philosophical war over the fairness of tethering, i'm just offering my opinions based on the contract and agreement i've signed.
You are joking right?
Nope. Whether it is fair or not is a completely different topic (I personally feel it is not) but that is what you agreed to in your contract, which specifically states the normal data plans data does not apply to tethering.
I liken this to numerous DLC that appears in videogames today. Often the additonal content is stored on the disk so when you buy the game (data) you technically have bought the DLC already but in order to access it (much like tethering) you need to pay a fee.
I'm not looking to get into a philosophical war over the fairness of tethering, i'm just offering my opinions based on the contract and agreement i've signed.
Xenious
Aug 29, 01:03 PM
Greenpeace ranks #1 in psycho environmentalist organizations... film at 11.
digitalbiker
Aug 29, 11:11 PM
The experts in this area all agree on CO2, caused by oxidation (burning) fossile fuel, is by far the most significant factor in the change of our climate.
This just isn't true!
It depends on which experts you ask. Most classic geophysicists & geologists do not believe man is causing global warming. Global warming is a natural process and has happened many times over the lifespan of the earth. Sometimes it precedes an ice age sometimes it is ralated to internal changes within the earth core. It has occured in our past and it appears to be occuring now. The real reason for cooling and warming of the Earth are not well understood.
Environmental scientists agree that man is causing global warming. All of their theories are based on models. But these models are designed trying to prove that man's production of greenhouse gas is the cause and they are way too simplified. We do not have enough information on all of the critical factors affecting climate change to build proper models.
Reality may be somewhere in between. However global warming has taken place on Venus and is currently taking place on Mars. Man obviously did not cause thes activities and it may or may not be related to the Earth's current episode of warming.
I am not arguing with the idea of reducing greenhouse gas emissions if we can practically. Why contribute to a problem. I just don't think that we can effect climate change on a global scale and if the Earth choses to warm for whatever reason we will not be able to stop it.
This just isn't true!
It depends on which experts you ask. Most classic geophysicists & geologists do not believe man is causing global warming. Global warming is a natural process and has happened many times over the lifespan of the earth. Sometimes it precedes an ice age sometimes it is ralated to internal changes within the earth core. It has occured in our past and it appears to be occuring now. The real reason for cooling and warming of the Earth are not well understood.
Environmental scientists agree that man is causing global warming. All of their theories are based on models. But these models are designed trying to prove that man's production of greenhouse gas is the cause and they are way too simplified. We do not have enough information on all of the critical factors affecting climate change to build proper models.
Reality may be somewhere in between. However global warming has taken place on Venus and is currently taking place on Mars. Man obviously did not cause thes activities and it may or may not be related to the Earth's current episode of warming.
I am not arguing with the idea of reducing greenhouse gas emissions if we can practically. Why contribute to a problem. I just don't think that we can effect climate change on a global scale and if the Earth choses to warm for whatever reason we will not be able to stop it.
FloatingBones
Apr 28, 09:12 AM
Almost all of that is due to the iPad. They had around 4% of the global market for computers last year.
If you run the numbers, you'll see it's actually closer to 5% than 4%. Call it 4.5%.
If you run the numbers, you'll see it's actually closer to 5% than 4%. Call it 4.5%.
wrlsmarc
Jun 19, 02:07 PM
Just spent the last week in Manhattan. Wow. Service has seriously improved. I used my data card for the week to check email and work from my hotel. Good speeds and very reliable. I lost one connection over a period of 6 days and that may have been my data card fault. I use a mifi from Novatel, the device can sometimes be quirky establishing a connection. Overall my performance was solid.
I aslo used my iPhone extensively for conversation. I did not drop one call the whole week and was on it continuously. In years past driving around corners would result in suspect connections but none of that happened this trip. Finally, my iPad data rates were near 2kpbs download speeds with acceptable latency.
I assume that much of the negative chatter about AT&T is from those that have not used their service in a while. Bad memories tend to run long. I live in San Francisco and service is improving there as well, although the New York market I would rate as pretty perfect.
I aslo used my iPhone extensively for conversation. I did not drop one call the whole week and was on it continuously. In years past driving around corners would result in suspect connections but none of that happened this trip. Finally, my iPad data rates were near 2kpbs download speeds with acceptable latency.
I assume that much of the negative chatter about AT&T is from those that have not used their service in a while. Bad memories tend to run long. I live in San Francisco and service is improving there as well, although the New York market I would rate as pretty perfect.
Jcoz
Mar 18, 11:40 AM
<soapbox -- move on if you are not interested>
It's you. He's right. I could care less about the whiners who say "I need 10GB per month to tether all my devices to my iPhone." I don't like subsidizing that. If you use that much data on your iPhone directly without tethering then more power to you -- that was AT&T's mistake for offering an unlimited plan.
But the "unlimited plan" they offered did not say "unlimited devices on one plan". It was very specifically restricted to the iPhone. To those who have cheated system, I applaud your brilliance for working around the rules. But when the rule maker starts cracking down on your circumvention crying that it is "unfair" is a bit comical.
Everybody signs a contact with their carriers when they get service. They sure as heck know what they are signing up for -- some of amount of money every month for some sort of access to their network with some set of limitations.
Sure, if you buy an iPhone it is yours. You can do what you want with it. However, your use of the carrier's network is subject to a contract with specific terms. If you don't like the terms then you don't need to agree to them. But if you choose to agree to them and try to cheat the carrier through unfair practices then don't expect others to be happy about subsidizing your practice through increased rates or degraded service.
The carrier is going to make their money one way or the other. They are a corporation driven by profits. Retail stores raise prices to compensate for shoplifting just like carriers raise rates to compensate for network expansion and lost customers due to network overload from those who circumvent the agreement they signed up for.
Any measure by the carrier to crack down on those who cheat the system is a welcome effort to those who choose not to cheat the system. They could be jerks and just decide that its not worth the effort to go after those folks and make everybody pay for it.
Do I believe that AT&T will drop their rates once they crack down on the bandwidth cheaters? Heck no. Do I believe that the network performance will get better for the rest of us without added monthly fees, probably. Either way, what's fair is fair. Nobody is born entitled to an iPhone and mobile data. But the sense of entitlement in this country has gotten so out of hand.
</soapbox>
What about tiered plan users being forced into 4gb plans that cost 50% more than 5gb iphone plans (aka unlimited)?
Why should ANYONE on a well defined data plan (non-unlimited) have to pay additional cost to use that data that was paid for?
It's you. He's right. I could care less about the whiners who say "I need 10GB per month to tether all my devices to my iPhone." I don't like subsidizing that. If you use that much data on your iPhone directly without tethering then more power to you -- that was AT&T's mistake for offering an unlimited plan.
But the "unlimited plan" they offered did not say "unlimited devices on one plan". It was very specifically restricted to the iPhone. To those who have cheated system, I applaud your brilliance for working around the rules. But when the rule maker starts cracking down on your circumvention crying that it is "unfair" is a bit comical.
Everybody signs a contact with their carriers when they get service. They sure as heck know what they are signing up for -- some of amount of money every month for some sort of access to their network with some set of limitations.
Sure, if you buy an iPhone it is yours. You can do what you want with it. However, your use of the carrier's network is subject to a contract with specific terms. If you don't like the terms then you don't need to agree to them. But if you choose to agree to them and try to cheat the carrier through unfair practices then don't expect others to be happy about subsidizing your practice through increased rates or degraded service.
The carrier is going to make their money one way or the other. They are a corporation driven by profits. Retail stores raise prices to compensate for shoplifting just like carriers raise rates to compensate for network expansion and lost customers due to network overload from those who circumvent the agreement they signed up for.
Any measure by the carrier to crack down on those who cheat the system is a welcome effort to those who choose not to cheat the system. They could be jerks and just decide that its not worth the effort to go after those folks and make everybody pay for it.
Do I believe that AT&T will drop their rates once they crack down on the bandwidth cheaters? Heck no. Do I believe that the network performance will get better for the rest of us without added monthly fees, probably. Either way, what's fair is fair. Nobody is born entitled to an iPhone and mobile data. But the sense of entitlement in this country has gotten so out of hand.
</soapbox>
What about tiered plan users being forced into 4gb plans that cost 50% more than 5gb iphone plans (aka unlimited)?
Why should ANYONE on a well defined data plan (non-unlimited) have to pay additional cost to use that data that was paid for?
The DRis
Mar 18, 12:16 PM
http://modmyi.com/forums/iphone-news/755094-t-cracking-down-mywi-tethering.html
They're bluffing and hoping to get those high data users off of their unlimited data plans by having them forget to call in and opt out. So just stay on your toes.
Dirty Mother*Bleeping* bandits.
Eff em all. Use the data.
They're bluffing and hoping to get those high data users off of their unlimited data plans by having them forget to call in and opt out. So just stay on your toes.
Dirty Mother*Bleeping* bandits.
Eff em all. Use the data.
Mord
Jul 12, 06:42 AM
my scanner came with photoshop 5.
rasmasyean
Apr 22, 09:28 PM
Well, I can see why there would be "a lot" of atheists here from a "statistical" relation.
1) Mac users are prolly richer on average.
Let's be honest, many ppl consider Macs a rip-off, really. :D But if you have money to blow, who cares!
Wealth goes up with educational attainment. Numerous studies show this.
Educational attainment causes theism to go down. Numerous studies show this too.
This applies for young (not yet "educated") ppl from "wealthy" families as well because parents who don't take theism seriously are less likely to pass it on to children.
2) PRSI forum users are into "knowledge" and current events.
The internet is one big information gateway in general.
Those who are enthusiastic enough to use it for the purpose of extracting knowledge, are likely more educated (refer #1) and/or know much more about the world. The more you know about the world and your environment and other cultures (aka educated), the less your exposure is restricted to your immediate community. Therefore, you are more open to other religious as well as the idea of "not picking a side".
1) Mac users are prolly richer on average.
Let's be honest, many ppl consider Macs a rip-off, really. :D But if you have money to blow, who cares!
Wealth goes up with educational attainment. Numerous studies show this.
Educational attainment causes theism to go down. Numerous studies show this too.
This applies for young (not yet "educated") ppl from "wealthy" families as well because parents who don't take theism seriously are less likely to pass it on to children.
2) PRSI forum users are into "knowledge" and current events.
The internet is one big information gateway in general.
Those who are enthusiastic enough to use it for the purpose of extracting knowledge, are likely more educated (refer #1) and/or know much more about the world. The more you know about the world and your environment and other cultures (aka educated), the less your exposure is restricted to your immediate community. Therefore, you are more open to other religious as well as the idea of "not picking a side".
iJohnHenry
Apr 23, 11:02 PM
I am not sure what all that other rambling on you were going on about ... most of it made no sense
Thank you. I thought it was only me.
We don't have the answers, so why must we persist in this feckless inquiry??
No, we are not the centre of the Universe, as was believed not-so-long-ago, but still our delusions of grandeur carry us forward, along this path to nothingness.
Thank you. I thought it was only me.
We don't have the answers, so why must we persist in this feckless inquiry??
No, we are not the centre of the Universe, as was believed not-so-long-ago, but still our delusions of grandeur carry us forward, along this path to nothingness.
TuckBodi
Aug 23, 10:04 AM
I had maybe one dropped call this whole year. But I don't talk on my phone as much as someone else may.
I had one an hour ago........and another an hour before that.
I had one an hour ago........and another an hour before that.
KnightWRX
May 2, 05:51 PM
Until Vista and Win 7, it was effectively impossible to run a Windows NT system as anything but Administrator. To the point that other than locked-down corporate sites where an IT Professional was required to install the Corporate Approved version of any software you need to do your job, I never knew anyone running XP (or 2k, or for that matter NT 3.x) who in a day-to-day fashion used a Standard user account.
Of course, I don't know of any Linux distribution that doesn't require root to install system wide software either. Kind of negates your point there...
In contrast, an "Administrator" account on OS X was in reality a limited user account, just with some system-level privileges like being able to install apps that other people could run. A "Standard" user account was far more usable on OS X than the equivalent on Windows, because "Standard" users could install software into their user sandbox, etc. Still, most people I know run OS X as Administrator.
You could do the same as far back as Windows NT 3.1 in 1993. The fact that most software vendors wrote their applications for the non-secure DOS based versions of Windows is moot, that is not a problem of the OS's security model, it is a problem of the Application. This is not "Unix security" being better, it's "Software vendors for Windows" being dumber.
It's no different than if instead of writing my preferences to $HOME/.myapp/ I'd write a software that required writing everything to /usr/share/myapp/username/. That would require root in any decent Unix installation, or it would require me to set permissions on that folder to 775 and make all users of myapp part of the owning group. Or I could just go the lazy route, make the binary 4755 and set mount opts to suid on the filesystem where this binary resides... (ugh...).
This is no different on Windows NT based architectures. If you were so inclined, with tools like Filemon and Regmon, you could granularly set permissions in a way to install these misbehaving software so that they would work for regular users.
I know I did many times in a past life (back when I was sort of forced to do Windows systems administration... ugh... Windows NT 4.0 Terminal Server edition... what a wreck...).
Let's face it, Windows NT and Unix systems have very similar security models (in fact, Windows NT has superior ACL support out of the box, akin to Novell's close to perfect ACLs, Unix is far more limited with it's read/write/execute permission scheme, even with Posix ACLs in place). It's the hoops that software vendors outside the control of Microsoft made you go through that forced lazy users to run as Administrator all the time and gave Microsoft such headaches.
As far back as I remember (when I did some Windows systems programming), Microsoft was already advising to use the user's home folder/the user's registry hive for preferences and to never write to system locations.
The real differenc, though, is that an NT Administrator was really equivalent to the Unix root account. An OS X Administrator was a Unix non-root user with 'admin' group access. You could not start up the UI as the 'root' user (and the 'root' account was disabled by default).
Actually, the Administrator account (much less a standard user in the Administrators group) is not a root level account at all.
Notice how a root account on Unix can do everything, just by virtue of its 0 uid. It can write/delete/read files from filesystems it does not even have permissions on. It can kill any system process, no matter the owner.
Administrator on Windows NT is far more limited. Don't ever break your ACLs or don't try to kill processes owned by "System". SysInternals provided tools that let you do it, but Microsoft did not.
All that having been said, UAC has really evened the bar for Windows Vista and 7 (moreso in 7 after the usability tweaks Microsoft put in to stop people from disabling it). I see no functional security difference between the OS X authorization scheme and the Windows UAC scheme.
UAC is simply a gui front-end to the runas command. Heck, shift-right-click already had the "Run As" option. It's a glorified sudo. It uses RDP (since Vista, user sessions are really local RDP sessions) to prevent being able to "fake it", by showing up on the "console" session while the user's display resides on a RDP session.
There, you did it, you made me go on a defensive rant for Microsoft. I hate you now.
My response, why bother worrying about this when the attacker can do the same thing via shellcode generated in the background by exploiting a running process so the the user is unaware that code is being executed on the system
Because this required no particular exploit or vulnerability. A simple Javascript auto-download and Safari auto-opening an archive and running code.
Why bother, you're not "getting it". The only reason the user is aware of MACDefender is because it runs a GUI based installer. If the executable had had 0 GUI code and just run stuff in the background, you would have never known until you couldn't find your files or some chinese guy was buying goods with your CC info, fished right out of your "Bank stuff.xls" file.
That's the thing, infecting a computer at the system level is fine if you want to build a DoS botnet or something (and even then, you don't really need privilege escalation for that, just set login items for the current user, and run off a non-privilege port, root privileges are not required for ICMP access, only raw sockets).
These days, malware authors and users are much more interested in your data than your system. That's where the money is. Identity theft, phishing, they mean big bucks.
Of course, I don't know of any Linux distribution that doesn't require root to install system wide software either. Kind of negates your point there...
In contrast, an "Administrator" account on OS X was in reality a limited user account, just with some system-level privileges like being able to install apps that other people could run. A "Standard" user account was far more usable on OS X than the equivalent on Windows, because "Standard" users could install software into their user sandbox, etc. Still, most people I know run OS X as Administrator.
You could do the same as far back as Windows NT 3.1 in 1993. The fact that most software vendors wrote their applications for the non-secure DOS based versions of Windows is moot, that is not a problem of the OS's security model, it is a problem of the Application. This is not "Unix security" being better, it's "Software vendors for Windows" being dumber.
It's no different than if instead of writing my preferences to $HOME/.myapp/ I'd write a software that required writing everything to /usr/share/myapp/username/. That would require root in any decent Unix installation, or it would require me to set permissions on that folder to 775 and make all users of myapp part of the owning group. Or I could just go the lazy route, make the binary 4755 and set mount opts to suid on the filesystem where this binary resides... (ugh...).
This is no different on Windows NT based architectures. If you were so inclined, with tools like Filemon and Regmon, you could granularly set permissions in a way to install these misbehaving software so that they would work for regular users.
I know I did many times in a past life (back when I was sort of forced to do Windows systems administration... ugh... Windows NT 4.0 Terminal Server edition... what a wreck...).
Let's face it, Windows NT and Unix systems have very similar security models (in fact, Windows NT has superior ACL support out of the box, akin to Novell's close to perfect ACLs, Unix is far more limited with it's read/write/execute permission scheme, even with Posix ACLs in place). It's the hoops that software vendors outside the control of Microsoft made you go through that forced lazy users to run as Administrator all the time and gave Microsoft such headaches.
As far back as I remember (when I did some Windows systems programming), Microsoft was already advising to use the user's home folder/the user's registry hive for preferences and to never write to system locations.
The real differenc, though, is that an NT Administrator was really equivalent to the Unix root account. An OS X Administrator was a Unix non-root user with 'admin' group access. You could not start up the UI as the 'root' user (and the 'root' account was disabled by default).
Actually, the Administrator account (much less a standard user in the Administrators group) is not a root level account at all.
Notice how a root account on Unix can do everything, just by virtue of its 0 uid. It can write/delete/read files from filesystems it does not even have permissions on. It can kill any system process, no matter the owner.
Administrator on Windows NT is far more limited. Don't ever break your ACLs or don't try to kill processes owned by "System". SysInternals provided tools that let you do it, but Microsoft did not.
All that having been said, UAC has really evened the bar for Windows Vista and 7 (moreso in 7 after the usability tweaks Microsoft put in to stop people from disabling it). I see no functional security difference between the OS X authorization scheme and the Windows UAC scheme.
UAC is simply a gui front-end to the runas command. Heck, shift-right-click already had the "Run As" option. It's a glorified sudo. It uses RDP (since Vista, user sessions are really local RDP sessions) to prevent being able to "fake it", by showing up on the "console" session while the user's display resides on a RDP session.
There, you did it, you made me go on a defensive rant for Microsoft. I hate you now.
My response, why bother worrying about this when the attacker can do the same thing via shellcode generated in the background by exploiting a running process so the the user is unaware that code is being executed on the system
Because this required no particular exploit or vulnerability. A simple Javascript auto-download and Safari auto-opening an archive and running code.
Why bother, you're not "getting it". The only reason the user is aware of MACDefender is because it runs a GUI based installer. If the executable had had 0 GUI code and just run stuff in the background, you would have never known until you couldn't find your files or some chinese guy was buying goods with your CC info, fished right out of your "Bank stuff.xls" file.
That's the thing, infecting a computer at the system level is fine if you want to build a DoS botnet or something (and even then, you don't really need privilege escalation for that, just set login items for the current user, and run off a non-privilege port, root privileges are not required for ICMP access, only raw sockets).
These days, malware authors and users are much more interested in your data than your system. That's where the money is. Identity theft, phishing, they mean big bucks.
KnightWRX
May 2, 11:14 AM
The fight can't be won, it's useless... there will always be those people who go, "Oh my god... random email, you need my credit card, social security number, and my youngest child? Sure thing! Here you go!"
And then freak out because their bank accounts are all empty and their kid's running off with some 40 year old. It'll never end.
That's never been a reason to give up. I was raised on Shonen Anime. I don't know the meaning of the words "giving up". ;)
And then freak out because their bank accounts are all empty and their kid's running off with some 40 year old. It'll never end.
That's never been a reason to give up. I was raised on Shonen Anime. I don't know the meaning of the words "giving up". ;)
Peace
Sep 20, 11:05 AM
eyeHome does not support HD and it never will. I got this in an email directly from Elgato. That is the biggest difference. Also, the general consensus is that eyeHome is not in the same league of robustness/intuitiveness as other elgato products or Apple products. eyeHome cannot even play back eyeTV 500 , eyeTV Hybrid recordings.
EyeHome uses 480P and upscales to 720P..There is no high def in the EyeHome.
EyeHome uses 480P and upscales to 720P..There is no high def in the EyeHome.
bigwig
Oct 27, 05:43 PM
That is simply false. The schedular in Mac OS X handles 8 cores just fine... what Applications do with them in a different story.
Scaling isn't really a product of your scheduler, it's a product of eliminating bottlenecks to multiple threads of execution. I'm glad that Apple is working on this. I didn't come up with this from whole cloth or animosity towards Apple, I saw several benchmarks showing how poorly OSX scaled, which I hope are now out of date.
I mentioned SGI several times here because I used to do kernel work for them, so I have a real good idea what it takes to scale performance on large (256-1024 CPU) systems. Btw, that's not a cluster, that's a single kernel being shared by all processors.
Scaling isn't really a product of your scheduler, it's a product of eliminating bottlenecks to multiple threads of execution. I'm glad that Apple is working on this. I didn't come up with this from whole cloth or animosity towards Apple, I saw several benchmarks showing how poorly OSX scaled, which I hope are now out of date.
I mentioned SGI several times here because I used to do kernel work for them, so I have a real good idea what it takes to scale performance on large (256-1024 CPU) systems. Btw, that's not a cluster, that's a single kernel being shared by all processors.
Shivetya
Apr 28, 12:29 PM
Its not like the market for $1000+ computers is inexhaustible. They had to throw in tablets while they can to maintain market position because once the cheap tablets start coming out (and they will, it took a while for notebooks to get cheap and look at where they are now).
jav6454
Mar 18, 01:39 AM
Somehow this doesn't surprise me at all. However, this is one more reason to stick at 4.1.0.
So far, the only real reason for 4.3.0 is Personal Hotspot, but since that is being monitored, then, I'll be happy to stick in 4.1.0 and give the finger to AT&T.
So far, the only real reason for 4.3.0 is Personal Hotspot, but since that is being monitored, then, I'll be happy to stick in 4.1.0 and give the finger to AT&T.
everettmarshall
Apr 13, 08:38 AM
Not having seen FCPX first hand I will completely withhold judgement on the app until I do.
But I will make the observation that it seems for some, the price point is what makes this app "less" pro. The fact that more people can get it and call themselves video or film editors when they are no more an editor than someone who buys a tool set at Lowe's is a mechanic.
Having the tools doesn't mean you know how to use them - but with more people having the tools thinking they do - the value of those that REALLY do can be affected if it appears that "anyone" can do it.
But I will make the observation that it seems for some, the price point is what makes this app "less" pro. The fact that more people can get it and call themselves video or film editors when they are no more an editor than someone who buys a tool set at Lowe's is a mechanic.
Having the tools doesn't mean you know how to use them - but with more people having the tools thinking they do - the value of those that REALLY do can be affected if it appears that "anyone" can do it.
Комментариев нет:
Отправить комментарий