Comment Re:Local? (Score 2, Insightful) 427
Agreed -- it IS rather bad, but generally speaking you're not expecting attacks from inside your LAN. As Windows vulnerabilities go, this isn't horrible in a practical sense.
FSF Attacks Windows 7's "Sins" In New Campaign 926
CWmike writes "The Free Software Foundation today launched a campaign against Microsoft Corp.'s upcoming Windows 7 operating system, calling it 'treacherous computing' that stealthily takes away rights from users. At the Web site Windows7Sins.org, the Boston-based FSF lists the seven 'sins' that proprietary software such as Windows 7 commits against computer users. They include: Poisoning education, locking in users, abusing standards such as OpenDocument Format (ODF), leveraging monopolistic behavior, threatening user security, enforcing Digital Rights Management (DRM) at the request of entertainment companies concerned about movie and music piracy, and invading privacy. 'Windows, for some time now, has really been a DRM platform, restricting you from making copies of digital files,' said executive director Peter Brown. And if Microsoft's Trusted Computing technology were fully implemented the way the company would like, the vendor would have 'malicious and really complete control over your computer.'"
Comment Re:32b? (Score 1) 756
Actually, quite a few companies ship laptops in this configuration. It allows them to advertise the 4 GB, and very nearly none of their audience will ever be wise to it. The last time I saw this was with a machine purchased literally two weeks ago. It's now happily churning along with Win7 x64, no functionality missing.
Comment Re:Big nothing. (Score 5, Informative) 164
I don't think you quite understand. These people didn't go to some torrent site and download Windows. They took Windows XP, built an illicit distribution with the activation bits etc removed, and sent that around -- probably for money. IOW, they enabled millions of other people to run stolen copies of Windows XP, possibly without even realizing it (third rate vendors have a nasty habit of using these bootleg Windows copies on their machines).
SFLC Says Microsoft Violated the GPL 237
After Microsoft donated driver code to the Linux kernel under the GPLv2, stories surfaced that they had done so under duress of already being in violation of the GPL. Microsoft quickly denied that any GPL violation was a driver for their decision to donate the code; the company's senior director of platform strategy, Sam Ramji, said at the time: "Microsoft's decision was not based on any perceived obligations tied to the GPLv2 license." Now the Software Freedom Law Center confirms that Microsoft was indeed in violation of the GPLv2 when it distributed its Hyper-V Linux Integration Components without providing source code. Community members led by Greg Kroah-Hartman contacted the company and coached them through the process of getting compliant. Microsoft now says that they had already been on the path for several months toward releasing the software under GPLv2 before Kroah-Hartman got in touch.
Comment Re:Serious bug in gcc? (Score 1) 391
I think there are some subtleties here that are not being correctly addressed. Specifically, what's legitimate from the viewpoint of the kernel, versus what is legitimate from the viewpoint of C.
On these systems it is perfectly valid (and correct) C to define a structure which has the layout of the attached devices and then cast 0 to a pointer to this structure and use that for I/O.
No, it isn't "valid", per se. It is how you get the desired effect, and might work fine on said device -- but it's a blatant violation of the rules of C.
Remember that C, like most languages, makes some very basic assumptions about the underlying platform and require certain things of it. One of these is you can't dereference NULL legally, end of story. From the kernel's point of view, strictly by the rules of the underlying processor and machine, this might be totally legal. But the C standard says quite explicitly that you can't be doing this under any condition. Not only that, it's undefined behavior -- you're in a particularly bad no man's land.
Legal in C and legal on the machine are NOT the same thing. Please remember that difference. C still has rules and assumptions that you have to follow, and when you don't, things like this happen. That's why the code behind this vulnerability is NOT correct. It obeys machine rules but not C's stricter rules.
Comment Re:Boy, what efficiency... (Score 5, Interesting) 477
The FedEx system doesn't handle hand written letters though, does it? You have to do a shipping label for most (all?) packages, with a digital bar code. USPS runs some very powerful OCR systems; maybe they're making the transactions so expensive. Just a thought.
Attacks Against Unpatched Microsoft Bug Multiply 122
CWmike writes "Attacks exploiting the latest Microsoft vulnerability are quickly ramping up in quantity and intensity, several security companies warned today as they rang alarms about the developing threat. Symantec, Sunbelt Software, and SANS' Internet Storm Center bumped up their warnings yesterday after Microsoft announced that attackers were exploiting a bug in an ActiveX control used by IE to display Excel spreadsheets. There is no patch for the vulnerability; Microsoft didn't release one in today's Patch Tuesday. A temporary fix that sets the 'kill bits' of the ActiveX control is available, but experts believe it's likely most users won't take advantage of the protection. Symantec raised its ThreatCon ranking to the second of four steps. "We're seeing it exploited, but currently on a limited scale," said Symantec's Ben Greenbaum. Sunbelt also bumped up its ranking, to high." Firefox users can't be too complacent; Secunia is warning of a 0-day in version 3.5.
Comment Re:Color me less excited :/ (Score 3, Insightful) 125
But it's not supposed to be a product! MS --> Research --. It's an architectural experiment, and sure, a lot of projects graduate from Research to an actual product group. The goal is NOT to make something you can take to the open market though. It's a proper research lab, and so of course its stuff is frequently lacking. If it were to be converted to a product, it'd be staffed up with a full team who would spend a year or two -- or seven in the case of some unfortunate victims -- making it viable for public consumption.
Comment Re:This is beyond garbage (Score 4, Insightful) 598
He's talking about Eclipse 3.1 because the article has nothing to do with what the title says. It's not about Mono vs Java, even though the author thinks it is. He spends most of his time basically talking about how Debian is garbage (which seems obvious to me but reasonable people can disagree). In fact the article seems to imply that Debian IS Linux, which is broken on several levels.
Comment Re:Most of the Apple distribution is Free (Score 2, Interesting) 322
Oh, cool! Where's the source to iTunes, Quicktime, iPhoto, any piece of iLife, XCode, Safari, iMovie, iDVD, Aperture, and iWork? I've always wanted to see that and I'm so thrilled that since most of the software on a Mac is GPL, most of that is surely available to me.
Comment Re:GCC, ICC, MSVC (Score 1) 240
I worked on a commercial PS3 title (none of that homebrew bull), where the GCC compiler is available as one of the options for the platform. It generates noticeably worse -- mainly longer -- code than is reasonable, and larger x86 code than Visual C++ generates. In turn, the larger code causes a lot of methods not to be inlined, and the cascaded effect (no doubt with caching issues etc thrown in) is notably slower. We're talking maybe 5-10% total here, but 5% because of a subpar compiler is pretty harsh.
Memory Usage of Chrome, Firefox 3.5, et al. 505
An anonymous reader writes "This experiment graphs the memory usage of Chrome and Firefox 3.5 (along with Safari and Opera) over a series of 150 Web page loads using an automated script. Firefox 3.5 shows the lowest memory usage in all categories, including average memory usage, maximum memory usage, and final memory usage. Chrome uses over 1 GB of memory due to its process architecture. Safari 4 and Opera show memory usage degradation over time, while Chrome and Firefox 3.5 are more reliable in freeing memory to the OS." IE 8 was not included "because the author could not find a way to prevent it from opening a new window on each invocation of the command."
Comment Re:what a troll (Score 1) 503
Just FYI, an open source reference implementation is NOT a standard, nor does it imply the existence of an open standard. So you may want to mention ACTUAL standards instead.
Comment Re:pffff (Score 1) 137
Additionally, please remember that in a patent, the abstract is not what is being patented. The abstract just provides the rough background for the actual patented invention, which is why it always sounds familiar.
