Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment: Re:Windows !!! (Score 1) 91

by hairyfeet (#49556793) Attached to: Buggy Win 95 Code Almost Wrecked Stuxnet Campaign

How many vulnerabilities is there in Ubuntu 6? Debian Sid? Windows XP is FIFTEEN YEARS OLD and was designed to run on a Pentium II 400MHz with 128MB of RAM. If they are too damned cheap to upgrade or replace a PC that is a decade plus old why should that be MSFT's problem? Apple doesn't support the G3s and G4s either but you don't see anybody trying to claim that as any "proof" of anything.

As for your other point its nothing but moving the goalposts and therefor meaningless, because we both know if the numbers were reversed the FOSSies wouldn't be arguing about what "level" the vulnerability is, which just FYI means exactly jack and shit as we have seen with tricks like the "WTF" virus you can use a low level vulnerability (in that case unprivileged user ID spoofing allowing the attacker to send a message) to then effect a higher level attack (user thinks message is legit, clicks on link provided which takes user to a page filled with zero day attacks) so the idea of "levels" really doesn't mean shit anymore.

Comment: Re: Good enough to criticize the mechanisms (Score 1) 129

Mod parent up. This is one of the most informative things I've ever read on /. in a comment.

It's usually people just trying to win semantic wars about stuff and trash Microsoft (or open sores or whatever).

Nicely done. I've got a Mac and I /don't/ have any of that old-skool software you mention, but if I did this is exactly what I'd want to do (or perhaps dual-boot... not sure if OS X likes side-by-side installs).

First, thanks for the "props" (blush); but now I feel ashamed.

Why? Because of what you mentioned about dual-booting two versions of OS X. And then it hit me: you're right! That's the ZERO-Cost (not counting download bandwidth) solution! So, here you go...

And also, since all accessible partitions automatically mount at startup (unless you do some simple command-line witchery), you should have no problem accessing/moving any desired stuff from the "old OS" to the new one. IIRC, these Partitions appear in the Finder like any other Volume.

Now, like any other dual-boot system, you really are only "in" ONE OS at a time. So, if you want to start migrating your "life" to the newer OS, but still seamlessly incorporate your Legacy apps into your workflow, then dual-boot is NOT for you. In that case, use the Virtualization method instead.

But if you only occasionally need to run some apps in the "old" OS, then dual-boot might be for you!

+ - Microsoft's K-12 CS and H-1B Visa Agenda: From Think Tank to Law of the Land

Submitted by theodp
theodp writes: Led by Steve Ballmer, Bill Gates and Mark Zuckerberg, with corporate contributions from the likes of Microsoft and Google, a $30M campaign to promote K-12 computer science education was a smash success, winning over the President and lawmakers, who are poised to make CS a 'core academic subject' in a rewritten No Child Left Behind Act, which could result in hundreds of millions of dollars in new spending that the tech giants suggested could be funded using fees from additional H-1B visas they're coincidentally lobbying for to bring in foreign programming talent. Since the NY Times' Eric Lipton just won a 2015 Pulitzer Prize for investigative reporting that shed light on how foreign powers buy influence at think tanks, it probably bears mentioning that Microsoft's 'two-pronged' K-12 CS and H-1B visa agenda — which is on the verge of becoming the law of the land — was hatched at an influential Microsoft-backed think tank mentioned in Lipton's reporting, the Brookings Institution. On September 27, 2012, the Center for Technology Innovation at Brookings "hosted a forum on STEM education and immigration reforms and how these policy innovations can recharge American competitiveness and economic opportunity for current and future generations of workers." Keynote remarks were delivered by Brad Smith, executive VP and general counsel of Microsoft, who took the occasion to introduce Microsoft's National Talent Strategy. "So, Brad," asked the Brookings Institution's Darrell West, "you're the only [one] who mentioned this topic of making the problem bigger. So, we galvanize action by really producing a crisis ['like climate change', as Microsoft partner later put it], I take it?" Smith replied, "Yeah, I think we have the opportunity to do two things...the immigration and education issues are, to some degree, opposite sides of the same coin. The coin itself is about the need to have people with the right skills to do the work that the country needs to get done...And, you know, it will require additional people from outside the United States in the short term [20+ years, according to the WSJ] but let's use that to help address the broader and to some degree deeper and longer lasting problem that we face with respect to our educational system. It also gives us the opportunity to connect with people who may not have seen this connection or to connect with people who care more about one issue or the other, but bring them together" (video @ 49:24). Fittingly, in attendance two years later at the White House as President Obama tackled the national CS crisis as he 'learned to code' from a nonprofit headed by Smith's next-door-neighbor at the Brookings-trumpeted and nationally-covered Hour of Code event was Fred Humphries, a top Microsoft lobbyist and Brookings partner. According to visitor records, Humphries returned to the White House the next day with Smith and Microsoft CEO Satya Nadella to quietly meet with officials. While in D.C., Nadella also lobbied for high-skilled immigration. And that, kids, is How a Bill [Gates Agenda] Becomes a Law!

Comment: Re:This never works (Score 3, Insightful) 296

by hairyfeet (#49548885) Attached to: Microsoft, Chip Makers Working On Hardware DRM For Windows 10 PCs

What he is talking about is DIVX (all caps), named to make people think of the OTHER DivX , which was an attempt at "DRM in a box" that went over about as well as a loud ripping fart in an elevator.

I predict other than the *philes (the same folks that bought Beta, Laserdisc, and anything else that claimed to be "better" than the rest) 4K is gonna flop as bad as 3D TV, the reasons why are numerous, 1.- DVD is "good enough" for the majority, which is why after all these years BD is still not a blip compared to the massive DVD install base, 2.- The bandwidth in the USA to stream 4K without getting capped? EXTREMELY rare, most folks would be lucky to be able to watch 2 vids before they get capped, 3.- The not insignificant investment from users that really like what 1080p looks like now, and 4.- The fact it won't work with anything they already have, thus causing the "I gotta buy the Beatles albums again" syndrome which in a "jobless recovery" isn't gonna fly.

Considering the majority of PCs still don't come with BD? I'm really not worried about 4K DRM, it'll be another WMA, only bitch is the wasted die space used by your GPU and/or board for this shit you'll never use. Damn, now I'm gonna have to grab that R9 270x before they have time to add that shit.

Comment: Re: SystemD added? (Score 4, Insightful) 466

by hairyfeet (#49547115) Attached to: Ubuntu 15.04 Released, First Version To Feature systemd

Uhhhh...yeah dude? The post he is referring to used "compartmentalized", "intrinsic" and "homogeneous" in less than 3 sentences....normal folks and IT guys? yeah they don't talk like that. So the poster is either 1.- A shill, or 2.- Works in PR or marketing, because those guys DO talk like that.

Frankly I was shocked he didn't roll out "synergy" but I think they wised onto it thanks to Dilbert ragging on it so many times.

Comment: Re:Good enough to criticize the mechanisms (Score 1) 129

Sorry for replying to my own post.

When I mentioned running PPC apps under OS X Server 10.6, an alarm went off in my head about the Server install not including Rosetta. Seems I was right. But there is an easy solution. Rosetta can be installed from the 10.6 Server DVD by executing a Command Line in Terminal.

Also, while searching for the above, I ran into an Apple Support Forum thread that talked about installing the 10.6.8 OS X client under Parallels. However, the method for that unauthorized virtualization is left as an exercise for the reader...

Comment: Re:Good enough to criticize the mechanisms (Score 1) 129

Then, Apple simply adds checking of DyLibs and other add-ons to OS X, and closes this hokey forever. Problem solved!

So, thanks to the black hat who brought this exploit to Apple's attention; so that they can take care of it.

WEll, not quite. Apple doesn't add essential security updates to pre Lion (10.7) systems. Since the rot set in after 10.6.8, many users are still on these OS versions simply because they're more accessible.. i.e. no new "improvements", and of course, many (like me) have just THOUSANDS of $ invested in software that is entirely obsoleted by 10.7 and up systems. These are developers that have either been bankrupted , or driven out of business, by the endless "improvements" in OSX (like the highly respected "Little Wing pinball", or Unsanity, creators of "Shapeshifter"), or they no longer supply updates to their OSX software. Using Snow Leopard, which is the last version to support the last 10 years worth of OSX software, exposes you to everyt malignant code for OSX in existence. Apple believes that the risk of infecting those user's computers with worms or trojans is good for the company's bottom line, somehow.... or what they are implying is that there is NO such malware after all...

As the owner of many PPC Macs, including a G5 tower that runs 10.5, (as well as "modern" Macs that can run Yosemite), and who has Mac consulting clients that still run 10.6.8'for the same reasons you mention (familiarity and software investment), I fully understand!

However, for at least the Intel Macs, there is a relatively inexpensive solution: Run 10.6 SEVER under virtualization.

So, for $69, you can purchase VMWare Fusion 7 (standard edition) direct from VMWare and then by CALLING Apple, for $19.95, you can (still) purchase the only version of OS X which is authorized by Apple for virtualization: MacOS X 10.6 Server Install Retail disc, part #0Z691-6495. So, for under $100, you can keep your Snow Leopard environment for your stuff that won't run on current versions of OS X, and still have a Mac that can enjoy security updates, newer features, etc.

Is it ideal? No. Do I wish Apple would support OS versions forever? You bet! However, it DOES provide a relatively inexpensive way to "bridge the Lion-gap", especially for those who have significant investments in pre-Lion software). Heck, you could even still run any PPC stuff under Rosetta!

So, how does this help with vulnerabilities? Simple. Like my friends who have both OS X and Windows on their Macs, you simply don't use your "vulnerable" OS to access the Internet. However, in the case of OS X, I'm not sure whether malware targeting new versions of OS X would have much luck running under Snow Leopard, anyway.

And as for having to use SL Server, I couldn't find a reasonable " guide" online to doing the same thing with a "client" version of 10.6.8, so I decided that using Server was a good enough solution.

And as for OS X being "ruined" in recent versions, I think that, if you start actually using newer versions, you'll find it is actually not nearly as "iOS-ified" or "ruined" as people would have you believe, and that the new features, such as vastly improved Multi-monitor support, Convergence, being able to do calls and texts from your Mac, etc, are really pretty damned nice!

Comment: Re:Clickbait (Score 1) 129

Gatekeeper is supposed to prevent unsigned/non-Mac App Store code from running... so either if a download has been MitM'd or if the user was coerced into downloading something shady (e.g. trojan). The bypass I described bypasses this requirement - allowing unsigned code to be injected into existing downloads or hackers to now re-distribute unsigned/malicious trojans. So yah, it's about allowing unsigned code to execute - when Gatekeeper should block that.


Gatekeeper's default setting allows only signed apps; but the user can opt for lesser security. But that's on the user, not Apple.

Comment: Re:Good enough to criticize the mechanisms (Score 1) 129

In no way does what the guy is describing magically allow code to take control of the full OS. If an application is executing, and then executes a maliciously crafted dylib, that dylib is still running as the user who executed the parent application - a.k.a. not root unless you've bent over backwards to re-enable the root user and log in as root because you completely hate security and best practices.

so, IOW, about 100 Mac Users worldwide.

One can't proceed from the informal to the formal by formal means.