Forgot your password?
typodupeerror

Comment: Re:how do we check for all remotely loaded DLL loa (Score 1) 158

by parkrrrr (#33308602) Attached to: 40 Windows Apps Said To Contain Critical Bug

People do run applications from network shares. But if you want to keep people on your machine from running executables from remote locations, I think you can set up a software restriction policy with an appropriate path rule and with the global settings set to check DLLs too.

I would guess that the problem isn't that reading a data file causes a DLL to be automatically "sucked in" from that location, but that the application sets the current working directory to that location, causing subsequent DLL loads to potentially happen from that location.

XP SP2, Vista, and above have a somewhat safer search path by default, checking system directories before the working directory. Earlier versions checked the working directory second, after the application directory. Windows 2000 SP4 and XP prior to SP2 can also be set to use the safer search path. But if the application attempts to load a DLL that doesn't exist elsewhere, or one that only exists somewhere else in the user's PATH, it can still be tricked into loading one from the working directory.

Applications that change the current working directory based on user input should be calling SetDllDirectory, on Windows versions that support it, to remove the current working directory from the search path. I'm not surprised that there are many applications that do not.

Comment: Re:So little detail... (Score 1) 158

by parkrrrr (#33308378) Attached to: 40 Windows Apps Said To Contain Critical Bug

Verizon doesn't block SMB on residential connections anyway? I know Comcast does. As far as disabling WebDAV, the article links to a Microsoft security bulletin that - among other things - contains instructions for doing that.

The sad truth is that most people won't even know the security problems exist, even after there are fixes available for them. People who actually care about these things are already a rarefied group among Windows users.

Comment: Re:AT&T's other phones (Score 1) 189

by parkrrrr (#31034262) Attached to: Symbian Completes Transition To Open Source

Where were you when I was trying to decide between the 6350 and 6650 a week ago?

Seriously, most people in the US have never heard of Symbian or even Android. The only words they know are "iPhone", "Droid", and "Blackberry."

And, honestly, it's not like you're going to find the information that S40 and S60 aren't actually related anywhere obvious on Nokia's website. Even finding out which are S40 and which are S60 is a matter of clicking several links, even on Nokia's site. AT&T doesn't generally put that information in their "technical" specs.

Still, the original poster's point holds: AT&T has at least one other Symbian phone, the 6650. (The Mural is another S40 phone.)

Slowly and surely the unix crept up on the Nintendo user ...

Working...