...maybe put that brainpower into solving the actual global problem, rather than finding a bandaid solution to the local symptom....
Fahrenheit 451 is interesting, because contrary to what many believe it wasn't really about government censorship, and the culprit in the story isn't the state, but the people, and how they embraced apathy and lack of substance with watching TV over reading books.
For one thing, they're the same thing, as an apathetic electorate tolerates this sort of censorship. For another, a work means what it means, not what its author intended it to mean. Or does the law prevent death of the author from taking effect until 70 years after the literal death of the author?
They didn't just tolerate it, they actively caused it. Turning to mindless entertainment and shortened 'factoids' (that lack substance and depth) on TV. Bradbury saw the TV as an opiate. Only after people stopped reading did the state employ firemen to burn books.
For those who missed the reference and didn't click the links, this is a reference to Fahrenheit 451.
Fahrenheit 451 is interesting, because contrary to what many believe it wasn't really about government censorship, and the culprit in the story isn't the state, but the people, and how they embraced apathy and lack of substance with watching TV over reading books. Source:the author
Apple that everyone loved. Today they're the company that many love to hate.
Except people aren't that emotional. Apple simply produced compelling products the iPod, iPhone and iPad and many here enjoyed their computers before Apple became an electronics company. They market well, and are popular in the media (and shareholders), They are out of favour as their product lines look tired compared to the competition, and the chance of repeated success in new markets looks increasingly unlikely (iwatch, itv, iconsole), and well the share price, profits, revenues, market share, technical edge, brand value are all down.
Pretending that people are randomly emotional about mega corporations is simply weird. People on the whole buy(and respond well to companies) of products which have reasonable value and quality...marketed well, and those products are coming from Google(and their OEMs) not Apple(or Microsoft) who foolishly think their users are cattle.
For most people this is the rational way of looking at it, yes. But Apple most certainly have managed to produce a more.. fervent.. kind of supporters. That far transcends the usual fan-boys many tech companies have. If you have managed to avoid them, good for you, a few years back I found that voicing any criticism of Apple brought them out in force (and I knew a couple of them real life too). And you can often see today when the shine has come off Apple somewhat that they now think that everybody loves to hate Apple, and voice this frequently.
BBC made a very interesting documentary that among other things included researching the emotions Apple evokes in some of their supporters (including using MRI scanners!): According to a BBC documentary, Apple stimulates the same part of the brain as religious imagery does in believing people. The program is recommended viewing for anyone interested in this topic.
Gee, should I never eat again, because the food might be contaminated? I said I fixed one instance. I didn't say I solved the entire malware problem!
Uhm.. late coming back here, but my point was that you manually fixed a symptom on this system that might (!) just be indicative of something more. I would still recommend running a good clean-boot-from-external media-based cleaner just to be sure (not the ones you mentioned, but Kaspersky perhaps, and no, I'm not a Kaspersky sales rep, their rescue disc is free).
I started with Excession some years ago, and have been working my way through the others. They've all been well worth reading. Mr. Banks death is true loss.
Excession is still my favourite. Gulp indeed.
You did live through IE 3 and 4 right?
I did, and they knocked Netscape of the throne in all respects (seriously, IE4 was *the* best browser at the time). I don't dispute they have been sluggish. But if you know anything about large scale software QA, 3-4 weeks are nothing. That is why we used to have sensible disclosure guidelines, which this Google guy completely ignores.
Their PR shills are out in full force to try turn this into a "google is teh evil" incident.
Ah.. the new Goodwins law of Slashdot discussions. Thanks. I just also posted recommendation to use Chrome and FF over IE10, but I guess that is just part of the conspiracy.
He reported the vuln to Microsoft early March.
Any sources for this? As all articles, including the ones linked in summary here, claims he just published them directly and did not report anything to Microsoft beforehand. The March publication included.
Do you have an citation on claiming otherwise? Or are the Google PR shills out in force?
History tells us that telling Microsoft privately puts it on their radar for three to five years out. Disclosing publicly actually gets a patch to users.
This guy gave them 4 weeks before publishing actual exploit code (not just vulnerability info), and did not report it to Microsoft before publishing the vulnerability. To produce and, most importantly, QA a patch to the most used OS environment in the world is not trivial and takes time. Even if you want to stick it to MS, this is a big middle-finger from this Google guy to user all over the world.
This malware (which puts up the appearance of a credit/debit card and asks for all you information) calls a server in the Ukraine. It was delivered by eMail (to a naive user) and intercepts attempts to reach your financial institution via their website. It presents, after login (did they capture the login info?), a panel looking like the credit/debit card, asking for the user to fill in all information, including account number, CVC, address, and other personal information (why anyone would fill in that data is beyond me!) After much gnashing of teeth, I discovered it was undetectable by any known virus checker I use (AVG, Malwarebytes, Spybot), so I had to dig deeper. It turned out that the malware was using any references to 127.0.0.1 (local machine) for it's hook. All I had to do was edit the HOSTS file and add the domain names of the miscreant with a reference to a different IP address that is known to be a deadend (you could, for example, use 127.7.7.7). When the malware couldn't execute, it couldn't disable the various malware detectors, and several files were then identified and removed.
Word of caution, "this malware" is a dangerous phrase these days, as the base hidden infection is often capable of downloading completely different payloads on the fly (often as a result of an auction business not unlike Googles - it contacts servers and download highest bidder at the moment). Doing a boot from external media cleaning is highly recommended on an infected system (and periodically regardless) to avoid that the malware blocks the antimalware.
Don't use IE6. Don't use IE7. Don't Use IE8. Its 2013. Use Chrome, Firefox, or IE 10+ Install chrome, chrome://plugins/ , block automatic execution of java and flash. Make it so you need to click. Install an adblocker to reduce driveby downloads. Install noscript + ghostery if you are wearing aluminum foil on your head. Auto install security updates. If something disables it most likely you have a virus. Keep everything up to date. Don't install toolbars or weather apps from unknown sources.
Right now IE10 actually seems to be the browser that out of the box has the least critical vulnerabilities according to multiple reports, and kudos deserved for that, but what it unfortunately lack are the protection addons that you list - adblocker and noscript (ghostery doesn't really help much in this context). That is a big difference, and I wouldn't surf the net without it. Safe surfing and attachment habits are simply not enough anymore. There was a report recently that most infections are now coming from legitimate websites, through ads or code injection. You can't manually protect yourself against this threat, as we used to. For this reason I would not run without (the often maligned around here) always-on AV/AM-scanner. Times have changed my friends.
A better reason to ignore the torrent of mobile malware FUD being spewed by all the Windows AV vendors.
They're terrified because their business model involves being parasites bandaiding a virus ridden OS that's now failing in the market. Like fleas without a dog, hey're desperate to find a new host, but since modern mobile OSs aren't as colander-like as Windows, they're being forced further and further into snake-oil realms.
This story deserves nothing but ridicule.
I'm an Android user myself, but I think we need to be careful with this sentiment. For Mac users this kind of sentiment led to OS-X Flashback being the biggest malware epidemic in modern times in terms of percentage of user base infected. Beating Windows Conficker for this honor. Yes, the number of Windows users are obviously larger, but in terms of infection risk and infectability of a platform, percentage of user base is the right measure.
Later versions of Flashback even did completely silent drive-by infection on OS-X, no user interaction or admin password needed, just visiting a web site was enough, something many Mac users still seem to think only happen on Windows. Even Apple has admitted that Unix-based OS-X need dedicated malware detection and cleaner tools.
There is a very sophisticated multi-billion dollar malware industry out there. Android is not immune to this threat. And its volume is making it an increasingly likely target. Especially since the far majority of the Android user base is on old vulnerable versions, with added vulnerabilities from handset makers and operators, long after Google has patched vulnerabilities and improved security.
Well, guns are pretty much banned in Chicago, New York City, etc. And yet, dozens of shootings every day....
This image has a nice take on it... apparently cold weather causes violence.
Interesting thing is that all the * exact* same arguments and dismissals was used before the Australian gun ban. After the gun ban actually lead to undeniable positive results did even the opponents admit that it was a good thing, and have now become supporters.
I just explained on the next paragraph, but I'll gladly do it again:
The public API, full featured in order to create a working app, is open to everyone who follow TOS. The one that google uses for Android and iOS (for their own app!!!) is googles private one Google doesn't have to give access, it's their own product! So yes, their private API has more features, that's not the same as saying the public API is broken (and that doesn't allow to follow TOS as MS is saying). So.... what is it that's so difficult to understand?
So, if Microsoft Office is using a different Windows API than is available to competitors (it is their own product!), that is ok? I know this has been claimed at various point, usually as a harsh accusation, I'm asking if you think it is ok?
In fairness, there is malware on Android however I expect the risk for most people of catching it is pretty minimal. The Play market is proactively scanned and acts reactively to threats up to and including a remote kill capability. And in many cases those that do get infected have their own lack of sense to thank - installing pirated APKs, or dubious apps from untrusted sources and reaping the rewards.
Apps are not the only way in though. Web and email coupled with vulnerability exploits are obvious vectors, Bluetooth and NFC exploits have been demonstrated. I'm using an Android phone myself, but I think we are doing ourselves the same disservice Mac users did (and ended up with the biggest malware epidemic in modern times in terms of percentage of user base affected with Flashback) if we discount the malware threat to be just AV vendor marketing and not a potential real threat. Especially since such a large portion of the Android user base is on old vulnerable versions long after Google has patched vulnerabilities and improved security.