jbgh
Mar 18, 09:07 AM
Forcibly changing my plan with zero evidence of anything is illegal and they will pay for it. Tme to start blasting them on Facebook, twitter, everywhere possible.
yeah that'll get them...
yeah that'll get them...
faroZ06
May 2, 06:26 PM
Switching off or turning down UAC in Windows also equally impacts the strength of MIC (Windows sandboxing mechanism) because it functions based on inherited permissions. Unix DAC in Mac OS X functions via inherited permissions but MAC (mandatory access controls -> OS X sandbox) does not. Windows does not have a sandbox like OS X.
UAC, by default, does not use a unique identifier (password) so it is more susceptible to attacks the rely on spoofing prompts that appear to be unrelated to UAC to steal authentication. If a password is attached to authentication, these spoofed prompts fail to work.
Having a password associated with permissions has other benefits as well.
If "Open safe files after downloading" is turned on, it will both unarchive the zip file and launch the installer. Installers are marked as safe to launch because require authentication to complete installation.
No harm can be done from just launching the installer. But, you are correct in that code is being executed in user space.
Code run in user space is used to achieve privilege escalation via exploitation or social engineering (trick user to authenticate -> as in this malware). There is very little that can be done beyond prank style attacks with only user level access. System level access is required for usefully dangerous malware install, such as keyloggers that can log protected passwords. This is why there is little malware for Mac OS X. Achieving system level access to Windows via exploitation is much easier.
Webkit2 will further reduce the possibility of even achieving user level access.
The article suggested that the installer completed itself without authentication. I don't see how that is possible unless you are using the root account or something. It would give sudo access, but even still you'd get SOME dialog box :confused:
UAC, by default, does not use a unique identifier (password) so it is more susceptible to attacks the rely on spoofing prompts that appear to be unrelated to UAC to steal authentication. If a password is attached to authentication, these spoofed prompts fail to work.
Having a password associated with permissions has other benefits as well.
If "Open safe files after downloading" is turned on, it will both unarchive the zip file and launch the installer. Installers are marked as safe to launch because require authentication to complete installation.
No harm can be done from just launching the installer. But, you are correct in that code is being executed in user space.
Code run in user space is used to achieve privilege escalation via exploitation or social engineering (trick user to authenticate -> as in this malware). There is very little that can be done beyond prank style attacks with only user level access. System level access is required for usefully dangerous malware install, such as keyloggers that can log protected passwords. This is why there is little malware for Mac OS X. Achieving system level access to Windows via exploitation is much easier.
Webkit2 will further reduce the possibility of even achieving user level access.
The article suggested that the installer completed itself without authentication. I don't see how that is possible unless you are using the root account or something. It would give sudo access, but even still you'd get SOME dialog box :confused:
eawmp1
Apr 15, 09:13 AM
However, they should be careful. Moves like this have the potential to alienate customers.
Or perhaps enlighten them.
Good on ya, Apple!
Or perhaps enlighten them.
Good on ya, Apple!
adamfilip
Sep 20, 11:54 AM
The hard drive is just to store files while it outputs them to the tv
much easier to cache on the hard drive then play. rather then stream constantly. it also makes it more reliable and less prone to interference
Since there are no inputs on this thing it wont be a PVR
much easier to cache on the hard drive then play. rather then stream constantly. it also makes it more reliable and less prone to interference
Since there are no inputs on this thing it wont be a PVR
firestarter
Apr 23, 05:49 PM
You're quite right, and I agree that people are free to believe whatever they want. However, if they just believe something because "it's always been that way" or some other arbitrary reason then I don't have to respect them or take their beliefs seriously.
I've found the response of some of the devout atheist posters in this thread very interesting, some of the others are of the "God doesn't exist, meh" camp, who I just ignore.
Someone who has never been challenged in their atheist 'beliefs' (or more accurately, lack of belief) would be unlikely to engage in argument anyway. Being an atheist here in the UK isn't a particularly controversial position, and the topic of religion rarely comes up in polite conversation. In an ideal world, a 'live and let live' attitude would exist between theists and atheists, and each would just get on with their lives.
However, this isn't an ideal world - and there does appear to be a perceptible shift in the stridency of religious thought both in the East and West. Here in the UK, believers have been seen as an interesting electoral demographic, and targeted with promises of religious schooling, grants etc. In the US, it seems to be extremely difficult to enter higher political life as an atheist.
It's against this backdrop that atheists themselves have started to become more vocal, critical and radical. What someone else believes holds little interest to me, until that starts to impinge upon my own freedoms. At that point, the gloves come off...
I've found the response of some of the devout atheist posters in this thread very interesting, some of the others are of the "God doesn't exist, meh" camp, who I just ignore.
Someone who has never been challenged in their atheist 'beliefs' (or more accurately, lack of belief) would be unlikely to engage in argument anyway. Being an atheist here in the UK isn't a particularly controversial position, and the topic of religion rarely comes up in polite conversation. In an ideal world, a 'live and let live' attitude would exist between theists and atheists, and each would just get on with their lives.
However, this isn't an ideal world - and there does appear to be a perceptible shift in the stridency of religious thought both in the East and West. Here in the UK, believers have been seen as an interesting electoral demographic, and targeted with promises of religious schooling, grants etc. In the US, it seems to be extremely difficult to enter higher political life as an atheist.
It's against this backdrop that atheists themselves have started to become more vocal, critical and radical. What someone else believes holds little interest to me, until that starts to impinge upon my own freedoms. At that point, the gloves come off...
bpaluzzi
Apr 28, 08:49 AM
I meant "installed base" more than shipments.
Ahh. Any proof, or just making up stuff?
Ahh. Any proof, or just making up stuff?
latergator116
Mar 19, 05:27 PM
Your CD does not have DRM built in that you agreed to when purchasing the CD. Thus burning your CD is not a violation of the DMCA. Furthermore, the iTunes Music Store terms of service don't govern the usage of your CD collection.
Burning or ripping a CD does not bypass copy protection (unless it's one of those ridiculous anti-copy CDs which is a separate argument altogether), does not break encryption, and does not violate any laws as long as you are not redistributing the files. Breaking DRM on a digital file DOES break a law--specifically, that DRM protection cannot be bypassed or broken. Using PyMusique software DOES violate the iTMS terms of service, specifically that the iTMS is ONLY authorized through iTunes itself. Songs from iTunes have DRM and users are bound to the TOS. Those are the terms of the purchase, and doing anything to change that is a violation of international copyright laws.
Your analogy is invalid.
I could really care less about breaking some DRM law or "international copyright law". I would love to see them try to enforce it.
Burning or ripping a CD does not bypass copy protection (unless it's one of those ridiculous anti-copy CDs which is a separate argument altogether), does not break encryption, and does not violate any laws as long as you are not redistributing the files. Breaking DRM on a digital file DOES break a law--specifically, that DRM protection cannot be bypassed or broken. Using PyMusique software DOES violate the iTMS terms of service, specifically that the iTMS is ONLY authorized through iTunes itself. Songs from iTunes have DRM and users are bound to the TOS. Those are the terms of the purchase, and doing anything to change that is a violation of international copyright laws.
Your analogy is invalid.
I could really care less about breaking some DRM law or "international copyright law". I would love to see them try to enforce it.
AppliedVisual
Oct 29, 12:29 PM
In theory you're correct, Multimedia.
In practice, it is possible that a multi-threaded program might have synchronization or logic bugs that don't show up with 4 CPUs, but do show up with 8 CPUs. For example:
Thread_ID tid[4];
for (i=0; i<System.CPU_count(); i++)
{
Pamela Anderson Tattoo
Mike, Everlasting Tattoo
Twitter Nicole Anderson Team
Forget about Nicole Anderson
Nicole Gale Anderson Gallery
Posted in: girls tattoos
as nicole reportedly has a
Nicole Anderson - 4 -
In fact new celebrity tattoos
co-star Nicole Anderson.
Nicole Anderson
In practice, it is possible that a multi-threaded program might have synchronization or logic bugs that don't show up with 4 CPUs, but do show up with 8 CPUs. For example:
Thread_ID tid[4];
for (i=0; i<System.CPU_count(); i++)
{
sammachin
Mar 18, 05:00 AM
Actually the way they are most likely doing this and the way most carriers do it is using some deep packet inspection kit or maybe even a transparent proxy.
They can look for browsing traffic on port 80 then simply pick out any users where the user agent string is that of a computer OS so Windows|Mac|Linux.
2 options to get around it are: either change your browsers UA to that of the iPhone although this will often give you mobile sites or better still send everything down a VPN, that way its encrypted and they can;t see what your doing just how many bytes :-) High VPN usage shouldn't be odd either as the iPhone has a VPN client so you could feasibly be using that.
(Used to work in a carrier designing these systems so I should know!)
They can look for browsing traffic on port 80 then simply pick out any users where the user agent string is that of a computer OS so Windows|Mac|Linux.
2 options to get around it are: either change your browsers UA to that of the iPhone although this will often give you mobile sites or better still send everything down a VPN, that way its encrypted and they can;t see what your doing just how many bytes :-) High VPN usage shouldn't be odd either as the iPhone has a VPN client so you could feasibly be using that.
(Used to work in a carrier designing these systems so I should know!)
handsome pete
Apr 12, 10:54 PM
Hard to take anyone seriously as a professional who uses Adobe. Avid, sure, but the industry has moved to Final Cut Pro, at least the part of the industry I interface with.
You calling this Final Cut a "toy" after it was just presented to a room full of professionals who loved it seems odd. Why the need to diminish it when it is clear that if you werent' there, there's much we don't yet know?
Your quick denigration of Adobe shows how much you don't know about the industry. And as a whole, Final Cut still plays second fiddle to Avid.
As a Final Cut editor the prospects of this new version are very promising, but I'm still withholding judgment until some more info comes out and I can get my hands on it.
You calling this Final Cut a "toy" after it was just presented to a room full of professionals who loved it seems odd. Why the need to diminish it when it is clear that if you werent' there, there's much we don't yet know?
Your quick denigration of Adobe shows how much you don't know about the industry. And as a whole, Final Cut still plays second fiddle to Avid.
As a Final Cut editor the prospects of this new version are very promising, but I'm still withholding judgment until some more info comes out and I can get my hands on it.
steve_hill4
Jul 12, 06:08 AM
just wondering, have you not seen my posts on the dell workstation? that has dual woodcrests, and, be still my heart 16X PCI EXPRESS! :) That's how it has the quadro FX 4500 video card. And you can even get a version that has a riser for a 2nd PCI-Express 16X slot so you can have 2x the Quadro 4500!
Also, According to the articles on the appleinsider site, apple has had INTEL doing the logic board.
Exactly, the logic board will not be available off the shelf, so we don't know what will be on it yet.
Oh and if I'm not mistaken, isn't this a motherboard for Woodcrest that supports PCI express 16x?
http://www.iwill.net/product_2.asp?p_id=109
Also, According to the articles on the appleinsider site, apple has had INTEL doing the logic board.
Exactly, the logic board will not be available off the shelf, so we don't know what will be on it yet.
Oh and if I'm not mistaken, isn't this a motherboard for Woodcrest that supports PCI express 16x?
http://www.iwill.net/product_2.asp?p_id=109
manhattanboy
May 5, 05:30 PM
I have had ATT for almost three years now - and I haven't had one dropped call.
and obviously have either never made any calls or do not live in a major metropolitan city like NY.
and obviously have either never made any calls or do not live in a major metropolitan city like NY.
puma1552
Mar 12, 05:11 AM
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8B117 Safari/6531.22.7)
Not once have I said anything is safe. Not once have I said there is nothing to worry about; just the opposite--it's a serious situation and could get worse.
All I've said is we don't have enough information to make much of an assessment and to not panic.
With all due respect, somebody who doesn't even realize hydrogen is explosive isn't really in a position to tell someone holding two degrees in the field and speaking a good amount of the local language that he's de facto right and I'm de facto wrong.
Not once have I said anything is safe. Not once have I said there is nothing to worry about; just the opposite--it's a serious situation and could get worse.
All I've said is we don't have enough information to make much of an assessment and to not panic.
With all due respect, somebody who doesn't even realize hydrogen is explosive isn't really in a position to tell someone holding two degrees in the field and speaking a good amount of the local language that he's de facto right and I'm de facto wrong.
bingo1234
Sep 21, 03:26 AM
airport express and airtunes allowed streaming content to a stereo. this just adds video function. that's it. if there is a hd it's for buffer and basic OS/ navigation.
still a very cool solution to sending content
still a very cool solution to sending content
techwarrior
Nov 12, 12:14 PM
Add me to the happy list. I have had all iPhones since 3G, and rarely lose a call, one or two places I typically go have poor service so I let others know I will call back if I drop in these spots. MCell has done wonders for the poor service at my home.
ATT is the only service I can get at work. Due to my office being an R&D facility for a company that makes phone systems they block all external wireless signals and then put ATT repeaters in the building.
So, for me, it would take a lot to push me over the edge to move to another provider. I do like how others are pushing ATT to adopt with more competitive plan options and think competition from TMo, Sprint/Nextel and Vz can only be good for those of us who can stay with ATT.
ATT is the only service I can get at work. Due to my office being an R&D facility for a company that makes phone systems they block all external wireless signals and then put ATT repeaters in the building.
So, for me, it would take a lot to push me over the edge to move to another provider. I do like how others are pushing ATT to adopt with more competitive plan options and think competition from TMo, Sprint/Nextel and Vz can only be good for those of us who can stay with ATT.
100Teraflops
Apr 21, 05:09 PM
CMD+Q does the same thing, either from within the app, or when it's highlighted when using CMD+TAB to cycle between open apps.
Thanks for the shorthand! :cool:
Thanks for the shorthand! :cool:
ct2k7
Apr 24, 03:33 PM
People from Pakistan and Bangladesh blame a lot of "bad habits" on cultural influence from India (I., B. and P. used to be one country). However, I have never heard of Indians behaving like that in Western countries. How come it seems so easy for Indians to integrate in Western societies, yet so hard for Pakistanis/Bangladeshis? It used to be one country, so there must be something other than just "culture"... care to tell me what it is? I already have an idea and you know very well what it is, so I'm asking you now. What is the big difference here?
To the contrary, having spoken to many Pakistani and Bangladeshi people, most of those I spoke to felt that the counties had taken a literal and poignant view of the framework provided. The same view is not supported by the majority of the population.
One thing that is apparent is that there has been a lot of innovation somewhere in the mix, which has spread towards Pakistan and Bangladesh.
India is much more diversified than Pakistan and Bangladesh, such that the population of Muslims is much less. However, that does not mean that honour killings don't happen in India - they certainly do. e.g. Punjab. I can tell you know as a fact that the majority of honour killings there are not within Muslim families.
To the contrary, having spoken to many Pakistani and Bangladeshi people, most of those I spoke to felt that the counties had taken a literal and poignant view of the framework provided. The same view is not supported by the majority of the population.
One thing that is apparent is that there has been a lot of innovation somewhere in the mix, which has spread towards Pakistan and Bangladesh.
India is much more diversified than Pakistan and Bangladesh, such that the population of Muslims is much less. However, that does not mean that honour killings don't happen in India - they certainly do. e.g. Punjab. I can tell you know as a fact that the majority of honour killings there are not within Muslim families.
dante@sisna.com
Sep 12, 06:56 PM
It's not certain, but It's a damn good bet that it won't record as it doesn't look like it'll have any storage... I wouldn't bet a dime on recording ability...
You guys all miss the point. The Desktop is the Media Center! All recording gets done there. It is then served to ANY TV, iPOD, Stereo in the house.
Same way Windows Media and xBox 360 do it, only with a High Def slant.
You guys all miss the point. The Desktop is the Media Center! All recording gets done there. It is then served to ANY TV, iPOD, Stereo in the house.
Same way Windows Media and xBox 360 do it, only with a High Def slant.
TennisandMusic
May 2, 11:43 AM
I'm well aware of UAC. UAC also just happens to be "that annoying popup thing" that has become extremely popular for users to disable entirely since the debut of Vista.
Uh huh. And OSX doesn't ask you to manually enter a password every time you install or change something? Windows only asks you to authorize...which is technically more "annoying"?
I actually don't know anyone who has ever disabled UAC.
Huge difference in my experience. The Windows UAC will pop up for seemingly mundane things like opening some files or opening applications for the first time, where as the OS X popup only happens during install of an app - in OS X, there is an actual logical reason apparent to the user. It is still up to the user to ensure the software they are installing is from a trusted source, but the reason for the password is readily apparent.
I've never seen the UAC when "opening some files" and of course you get it when opening some apps for the first time, since those times are often akin to installing...you know, like when you install an OSX app and it requests your password?
So now the argument is that the OSX's password requests are logical and thereby the UAC is illogical? Yeesh. :rolleyes:
These are just computers people. Not magic. They are here to help us get work done. Quit trying to prove your platform of choice is superior to someone else's platform of choice, it's really not worth it. ;)
Uh huh. And OSX doesn't ask you to manually enter a password every time you install or change something? Windows only asks you to authorize...which is technically more "annoying"?
I actually don't know anyone who has ever disabled UAC.
Huge difference in my experience. The Windows UAC will pop up for seemingly mundane things like opening some files or opening applications for the first time, where as the OS X popup only happens during install of an app - in OS X, there is an actual logical reason apparent to the user. It is still up to the user to ensure the software they are installing is from a trusted source, but the reason for the password is readily apparent.
I've never seen the UAC when "opening some files" and of course you get it when opening some apps for the first time, since those times are often akin to installing...you know, like when you install an OSX app and it requests your password?
So now the argument is that the OSX's password requests are logical and thereby the UAC is illogical? Yeesh. :rolleyes:
These are just computers people. Not magic. They are here to help us get work done. Quit trying to prove your platform of choice is superior to someone else's platform of choice, it's really not worth it. ;)
EricNau
Mar 13, 09:23 PM
MODERATOR NOTE
Please, this is not the place to debate the advantages and disadvantageous of nuclear power, nor any other politically-charged issue. From the Forum Rules:
Threads and posts on controversial political, religious, and social issues are to be limited to the Politics, Religion, Social Issues forum, and made only by those eligible for that forum.
If you wish to discuss this issue, please start a thread in PRSI (http://forums.macrumors.com/forumdisplay.php?f=47) if you qualify. Thanks
Meanwhile, my sincerest condolences to all who were affected by this disaster. Hang in there, and stay safe.
Please, this is not the place to debate the advantages and disadvantageous of nuclear power, nor any other politically-charged issue. From the Forum Rules:
Threads and posts on controversial political, religious, and social issues are to be limited to the Politics, Religion, Social Issues forum, and made only by those eligible for that forum.
If you wish to discuss this issue, please start a thread in PRSI (http://forums.macrumors.com/forumdisplay.php?f=47) if you qualify. Thanks
Meanwhile, my sincerest condolences to all who were affected by this disaster. Hang in there, and stay safe.
dextertangocci
Sep 12, 04:14 PM
What is up with that price???:confused: :eek:
Is it a mistake?!?!?
It is SO cheap!
Is it a mistake?!?!?
It is SO cheap!
ricgnzlzcr
Oct 25, 11:08 PM
Right. According to Apple's current pricing, the 2.33GHz Dual Clovertown would be +$800 IF they offer it. However, Apple may only offer the 2.66GHz Dual Clovertown for + $1100 and keep the rest of the offerings priced as they are now.
That way they keep the top 8-core more expensive than any of the less expensive and way less powerful 4-core models. From a marketing point of view this makes a lot more sense to me - since I plan on buying the Dual 2.66GHz Clovertown for +$1100, total $3599 BASE or more if they insist. This is one time when I don't care how much it costs - I need it NOW.
I would understand how your Quad G5 is getting a tad on the slow side;) . I feel pretty intense with my single 1 ghz G4.
Unlike me though, you actually require that processor power. Can't wait till you post your impressions of your OctoMac within an hour of getting it!!
That way they keep the top 8-core more expensive than any of the less expensive and way less powerful 4-core models. From a marketing point of view this makes a lot more sense to me - since I plan on buying the Dual 2.66GHz Clovertown for +$1100, total $3599 BASE or more if they insist. This is one time when I don't care how much it costs - I need it NOW.
I would understand how your Quad G5 is getting a tad on the slow side;) . I feel pretty intense with my single 1 ghz G4.
Unlike me though, you actually require that processor power. Can't wait till you post your impressions of your OctoMac within an hour of getting it!!
NT1440
Mar 16, 01:46 PM
Let the free market determine which technologies win. Stop wasting our money on advancing idiotic technologies which haven't been able to prove themselves after 20+ years of subsidies. If there's wealth to be earned by developing such a technology, it will be developed.
Lets just ignore that technologies such as solar have advanced in leaps and bounds in the last decade and move on to the important stuff:
If you want to go free market, I suggest we stop subsidizing the oil industry in this country (how do they need it when posting historical profits year after year?) and let gas prices rise from the ridiculous artificial ones they're at now. America has amazingly cheap gas compared to most of the rest of the world, and its not because of a free market at all.
Lets just ignore that technologies such as solar have advanced in leaps and bounds in the last decade and move on to the important stuff:
If you want to go free market, I suggest we stop subsidizing the oil industry in this country (how do they need it when posting historical profits year after year?) and let gas prices rise from the ridiculous artificial ones they're at now. America has amazingly cheap gas compared to most of the rest of the world, and its not because of a free market at all.
Intuit
Apr 21, 06:09 AM
I got to back chrono up I know tons of ways viruses can hide in windows. Here's a few.
Setting visibility to hidden.
Using file names that look like legitimate software.
editing the registry to disable 'show hidden folders'.
Registering the virus as a service.
Software level root kit using api hooks to modify the result of system calls.
Hardware level root kit changing the system itself.
.dll injection to force another process to run your code.
The entire window messaging system is insecure you can delete everything displayed in the process list of Task manager for example.
some of these techniques will make a virus completely invisible so don't bash
Reacent Post
Setting visibility to hidden.
Using file names that look like legitimate software.
editing the registry to disable 'show hidden folders'.
Registering the virus as a service.
Software level root kit using api hooks to modify the result of system calls.
Hardware level root kit changing the system itself.
.dll injection to force another process to run your code.
The entire window messaging system is insecure you can delete everything displayed in the process list of Task manager for example.
some of these techniques will make a virus completely invisible so don't bash
0 comments:
Post a Comment