Linux-Advocacy Digest #450, Volume #26 Thu, 11 May 00 01:13:06 EDT
Contents:
Re: Why only Microsoft should be allowed to create software (Jim Richardson)
Re: How to properly process e-mail ("Christopher Smith")
Re: How to properly process e-mail ("Christopher Smith")
Re: This is Bullsh&^%T!!! ("Christopher Smith")
Re: This is Bullsh&^%T!!! (Leslie Mikesell)
Re: Why only Microsoft should be allowed to create software ("Christopher Smith")
Re: QB 4.5 in Win 2000 ("Tom Hanlin")
Re: How to properly process e-mail (Leslie Mikesell)
Re: How to properly process e-mail (Leslie Mikesell)
Re: Why Solaris is better than Linux ("Bobby D. Bryant")
Re: German Govt says Microsoft a security risk (Christopher Browne)
Re: Microsoft: STAY THE FUCK OFF THE NET!!! (Leslie Mikesell)
Re: German Govt says Microsoft a security risk (Salvador Peralta)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Crossposted-To:
comp.sys.mac.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.os2.advocacy
Subject: Re: Why only Microsoft should be allowed to create software
Reply-To: [EMAIL PROTECTED]
Date: Thu, 11 May 2000 04:01:55 GMT
On Wed, 10 May 2000 04:46:24 -0500,
Erik Funkenbusch, in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>John Poltorak <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> In <8fa7e0$490$[EMAIL PROTECTED]>, "Christopher Smith"
><[EMAIL PROTECTED]> writes:
>> >Since people run around chanting "show us Microsoft's innovation" but
>> >neglect to also chant "show us $SOMEOTHERCOMPANY's innovation".
>>
>> Here's a couple for starters:-
>>
>> IBM inventors of the IBM PC
>> IBM inventors of the Winchester disk drive
>
>Invention and innovation are two different things.
>
>Even so, the IBM PC was clearly an invention, but was it innovation? It
>used almost entirely off the shelf components.
ISTR that the IBM PC was the first machine with a non-hardwired expansion bus.
That is, it didn't care what slot you put the card in.
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: "Christopher Smith" <[EMAIL PROTECTED]>
Subject: Re: How to properly process e-mail
Date: Thu, 11 May 2000 14:09:34 +1000
"Mig Mig" <[EMAIL PROTECTED]> wrote in message
news:8fcgrc$kcb$[EMAIL PROTECTED]...
> > Try not to change the subject. Outlook doesn't auto-execute
> > attachments, so the statement to which I replied was an outright lie.
> > For some reason (gee, I wonder what that could be?), you Unix fanatics
> > keep repeating it as if doing so will make it come true.
>
> This is correct
>
> > As to your point, since Outlook always warns the user of potential
> > malice, any confusion on the user's part is the user's fault.
>
> This is not correct! Just today at work i received some spam mail that
when
> it appeared in the previewpane automaticly launched IE and went to some
> weird URL. This is potentially a security risk!
Do explain how.
It's an irritiation, but I don't see a security risk (unless your IE
security settings are too low).
------------------------------
From: "Christopher Smith" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: How to properly process e-mail
Date: Thu, 11 May 2000 14:11:32 +1000
"Jim Ross" <[EMAIL PROTECTED]> wrote in message
news:BBpS4.1190$[EMAIL PROTECTED]...
>
> > As to your point, since Outlook always warns the user of potential
> > malice, any confusion on the user's part is the user's fault.
>
> No I think some VBS viruses can set the warning back to the off state,
thus
> not asking first.
Please explain how a .vbs virus will do this without first being run.
> That shouldn't be optional really.
------------------------------
From: "Christopher Smith" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: This is Bullsh&^%T!!!
Date: Thu, 11 May 2000 14:13:58 +1000
"abraxas" <[EMAIL PROTECTED]> wrote in message
news:8fdaop$qkt$[EMAIL PROTECTED]...
> In comp.os.linux.advocacy Christopher Smith <[EMAIL PROTECTED]> wrote:
>
> >> I'm actually interested, because so far as I have heard, viruses on
> >> macs (at least powermacs) are nearly nonexistant.
>
> > Of course they are. What would be the point of writing a virus for a
Mac ?
> > Hardly anyone would either a) see it or b) be affected by it.
>
> Actually, I used to work with a guy who was challenged by a collegue to
> write a virus that would work under MacOS 7.6 or higher running on a PCI
> powermac...
You'd have to wonder how hard it would be to write a Mac program that
deleted a few random files from the hard disk.
Heck, AFAIK all you have to is change the type of the System folder and a
Mac won't boot.
> He was a seasoned windows/unix/mac programmer who had written viruses
> in the past, and he wasnt able to come up with one at *all*. Thats why
> im interested in anyone who HAS been able to, and what their methods
> were.
You could duplicate this ILOVEYOU thing in Applescript. I can't imagine it
would take any reasonable programmer longer than a day or two.
------------------------------
From: [EMAIL PROTECTED] (Leslie Mikesell)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: This is Bullsh&^%T!!!
Date: 10 May 2000 23:01:42 -0500
In article <8fd78v$n8q$[EMAIL PROTECTED]>,
Christopher Smith <[EMAIL PROTECTED]> wrote:
>
>> > > It isn't an OS issue - it is a mailer issue because it is the mailer
>> > > starting the program.
>> >
>> > No, it's not. It's the mailer passing the file to shell saying "the
>user
>> > wants to open this, go dow hatever the default action is".
>>
>> OK, then it is an OS issue. Fine, MS needs to fix it. It is a security
>> bug.
>
>The shell running a script is a security bug ? You _have_ to be kidding.
>
>Would you call "/bin/sh ./myscript.sh" running a script a security bug as
>well ?
Yes, if something called 'opening' a mail attachment caused it
to be fed directly to a shell I would most certainly call it
a security bug.
But, as a bit of ancient history, many years ago it was common to
build mailable multi-file archives called 'shar' files that would
self-extract, do any necessary binary conversions, and do an
integrity test all with just the then-limited programs that everyone
had in /usr/bin. Mailers didn't understand the concept of attachments,
so you just piped the message below a #-----cut here---- line to
the shell and it fed the parts to the appropriate handler by
executing the embedded commands. As the email world became less
and less a small circle of friends it was recognized that this was
an extremely dangerous thing to do and some parsers were written
to perform the same job but that would only process the set of
commands normally embedded in such documents instead of executing
anything as the shell would. Later the technique was replaced by
even more specific attachment handlers. So, by handing off to a
general shell, Outlook has just gone backwards about 15 or 20 years.
Personally, I think it is even worse because the user doesn't
even know when he is giving untrusted content to a general shell.
I guess some people refuse to learn from history.
Les Mikesell
[EMAIL PROTECTED]
------------------------------
From: "Christopher Smith" <[EMAIL PROTECTED]>
Crossposted-To:
comp.sys.mac.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.os2.advocacy
Subject: Re: Why only Microsoft should be allowed to create software
Date: Thu, 11 May 2000 14:18:11 +1000
"tinman" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> In article <39195c3d$20$obot$[EMAIL PROTECTED]>, Bob Germer
> <[EMAIL PROTECTED]> wrote:
>
> > On 05/09/2000 at 08:01 PM,
> > WickedDyno <[EMAIL PROTECTED]> said:
> >
> > > I think we made the fatal error of using Windows PCs and Macintoshes.
> > > OS/2 PCs are the only things that could save us, right Bob? Not to
> > > mention kicking out all those E-Ville homosexuals and L*b*r*l
> > > D*m*cr*ts.
> >
> > What a person does in private is not concern of mine. When a pervert
> > openly advocates an immoral lifestyle, he or she become anathema.
> >
>
> So Bob, what's the name of your country club?
I think I've found someone more pompus than George :).
*Way* more. In a whole different league, in fact.
------------------------------
From: "Tom Hanlin" <[EMAIL PROTECTED]>
Crossposted-To: alt.destroy.microsoft,alt.lang.basic
Subject: Re: QB 4.5 in Win 2000
Date: Thu, 11 May 2000 04:12:39 GMT
On 9-May-2000, "Bob May" <[EMAIL PROTECTED]> wrote:
> If Microsoft had just coded something from having seen the Stac
> software run, they would have been in the clear. Stac won the
> lawsuit because they could prove to the court that Microsoft
> had taken thier code and copied it's design.
You might take the time to understand the difference between copyright laws
and patent laws. As I understand it, the lawsuit was not founded on
copyright infringement (the idea that Microsoft had taken Stac's code and
copied its design) but on patent infringement, the idea that Microsoft did
something in a sufficiently similar way to Stac as to be infringing.
Copyright infringement is a blatant offense, like plagiarism, where there's
no reasonable doubt that the offender has outright stolen the work in
question. Patent infringement, particularly when software is involved, is
much more nebulous. A patent is supposedly based on a non-obvious idea that
no one has thought of before-- but Amazon.com, today, claims a patent right
to the idea that you can click on a button and have your order sent to you
without re-entering your address-- which may give you some idea of how loose
and random and stupid the software patent laws really are.
It's also important to note that Microsoft also won counterclaims against
Stac, although on the equally dubious grounds that Stac had to
reverse-engineer a small bit of obvious Microsoft code in order to integrate
its product into Windows the way that Microsoft integrated their similar
product.
Stac's technology was neither particularly innovative nor difficult to
duplicate to begin with, and the company was insane to base its entire
business on it. I'd probably be inclined to have Bill Gates spanked over the
issue anyway-- the Stac claim may or may not have had merit, but the
Microsoft counter-claim was complete vicious gibberish.
--
Thomas G. Hanlin III, Programmer At Large
home: http://www.tgh3.com - programming tools & libraries, games and things
work: http://www.powerbasic.com - DOS & Windows BASIC compilers & tools
------------------------------
From: [EMAIL PROTECTED] (Leslie Mikesell)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: How to properly process e-mail
Date: 10 May 2000 23:15:57 -0500
In article <8fdb95$9f$[EMAIL PROTECTED]>,
Christopher Smith <[EMAIL PROTECTED]> wrote:
>
>> >Hogwash. Outlook doesn't hand off anything unless the user (a) asks
>> >for it, then (b) actively issues a confirmation despite a clearly
>> >phrased warning. That's not "blindly", nor "automatically". Look the
>> >words up if you have to.
>>
>> If it isn't blind, what is the correct procedure for determining
>> the difference between a safe image and a dangerous script
>> before pushing the fatal 'open' button?
>
>One observes the attachments icon and extension to determine whether it is a
>.gif or a .vbs.
Is this the 'easy' part of the windows interface? What if you've
never seen a .vbs before. What should have prepared you to
expect something different to happen than with the .gifs you
get all the time?
Les Mikesell
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Leslie Mikesell)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: How to properly process e-mail
Date: 10 May 2000 23:18:30 -0500
In article <8fdb70$t4g$[EMAIL PROTECTED]>,
Christopher Smith <[EMAIL PROTECTED]> wrote:
>
>> >> I didn't, which is why I am still asking questions. Is the difference
>> >> between an image and a script obvious in preview mode or not? That
>> >> is, can you tell if 'open' is dangereous?
>> >
>> >Yes. Different icon, different file extension.
>>
>> So how does that tell you what is going to happen?
>
>If you "open" something that can execute code, it's very dangerous.
Obviously, and easy to say after the fact. How do you tell the
first time you see a new type?
Les Mikesell
[EMAIL PROTECTED]
------------------------------
From: "Bobby D. Bryant" <[EMAIL PROTECTED]>
Subject: Re: Why Solaris is better than Linux
Date: Wed, 10 May 2000 22:00:32 -0500
Lord Williams wrote:
> This is never
> linear, i.e., 8 processors won't give you twice the performance of 4, but for
> most operating systems, especially NT but now, anyway, still Linux, you get
> zero additional performance after 4 for NT and probably the same for Linux.
Did you ever pause to consider how lame you sound when you say that X is better
than Y because X behaves this way and Y "probably" behaves another way?
> There is some activity
> in products like this for Linux, but still nothing like what's available for
> Windows, not even 1%.
So. Solaris is better because, even thought *it* can't beat Linux, something else
can?
> This info is %100 right!
OK, I fell for another comic.
Bobby Bryant
Austin, Texas
------------------------------
From: [EMAIL PROTECTED] (Christopher Browne)
Crossposted-To: comp.os.linux.misc
Subject: Re: German Govt says Microsoft a security risk
Reply-To: [EMAIL PROTECTED]
Date: Thu, 11 May 2000 04:32:32 GMT
Centuries ago, Nostradamus foresaw a time when Salvador Peralta would say:
>What do you know about Scientology, Chris?
Nothing that particularly fits this newsgroup.
Do you represent Scientology in some manner? Your approach of subtly
implicating that the German government has no right to make any dictums,
based on their "intolerance," is a most _wonderful_ way of causing people
to associate the present government with that at the time of WWII without
ever actually mentioning any of the "key words" that would cause anyone
to forcibly conclude a "Godwinning" (or "Godlosing") of the thread.
You merely _implied_ some association between the present German
government and the Nazis, as opposed to coming out and saying that
anti-Scientology legislation indicates that they _are_ Nazis.
I'm happy to see the thread end, and don't care to "win" any argument
here, so I'll call a spade a spade; you did a _good_ job of implying
the current government to be just another fascist government without
actually coming out and saying it.
Point: Salvador Peralta.
>My PoV is that it world government, especially the German government,
>should be tolerant of diversity. What I know of Scientology deals less
>with religion and religiosity than it does with organizational
>principles.
>
>Government should never actively promote intolerance
Never?
Ah. So governments should not promote intolerance towards child
molestation? They should be tolerant towards wife beating?
I think not... It is quite clear that there _are_ things that governments
should be _quite_ intolerant about.
It seems reasonable for governments to be intolerant about those that
commit serious crimes. That's pretty much what "prosecution" is about,
namely an indication that the government won't tolerate the crime.
>Christopher Browne wrote:
>>
>> Centuries ago, Nostradamus foresaw a time when Salvador Peralta would say:
>> >Unfortunately, the article had nothing to do with m$ being a security
>> >risk from the software standpoint and everything to do with m$
>> >incorporating some of scientology's philosophies into their corporate
>> >model. The german government has already given us enough intolerance
>> >for the next 2 centuries, IMHO. Let's not applaud them for giving us
>> >more.
>>
>> Unfortunately, anything I can see of Scientology's behaviour seems to
>> me to be Rather Frightening.
>>
>> It is not at all obvious that being unwilling to tolerate Scientology
>> connections represents a move towards evil.
--
Rules of the Evil Overlord #155. "If I know of any heroes in the land,
I will not under any circumstance kill their mentors, teachers, and/or
best friends." <http://www.eviloverlord.com/>
[EMAIL PROTECTED] - - <http://www.hex.net/~cbbrowne/lsf.html>
------------------------------
From: [EMAIL PROTECTED] (Leslie Mikesell)
Crossposted-To:
comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,alt.fan.bill-gates
Subject: Re: Microsoft: STAY THE FUCK OFF THE NET!!!
Date: 10 May 2000 23:43:36 -0500
In article <[EMAIL PROTECTED]>,
Roger <roger@.> wrote:
>
>>>Well, since the situation under question does not involve the running
>>>of any random bit of code, but instead an active decision on the part
>>>of the user to run code instead of saving it as is the default, your
>>>point would be ... ?
>
>>The point is that the decision was ill-informed because the mailer
>>does not distinguish between viewing content and executing it.
>>How would it have been better to use the default 'save' and
>>then click on it later?
>
>I don't understand -- you prefer for the user not to have ability to
>run code at all?
Certainly not without knowing what program is going to run. The
result of that is 100% predictable. What basis could you possibly
use to determine that code received in email is safe? Three
copies of the virus in my mailbox came from the company treasurer
who wouldn't be expected to send anything damaging. And I
suspect that at least some of those were from his attempt
to save and then open the attachment as a file. So, how are
you supposed to figure out what it is when every time you
touch it, it executes?
Les Mikesell
[EMAIL PROTECTED]
------------------------------
From: Salvador Peralta <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: German Govt says Microsoft a security risk
Date: Wed, 10 May 2000 21:52:39 -0700
Reply-To: [EMAIL PROTECTED]
I don't represent Scientology. You called it frightening, and I am
asking what you know about it. As for German government, I believe that
they are promoting intolerance in this stance. Their position on M$ has
nothing to do with the product, and everything to do with paranoid
intolerance of an alternative world view. Given the history of the
country, that is one government that I do not like seeing actively
promoting intolerance.
Christopher Browne wrote:
>
> Centuries ago, Nostradamus foresaw a time when Salvador Peralta would say:
> >What do you know about Scientology, Chris?
>
> Nothing that particularly fits this newsgroup.
>
> Do you represent Scientology in some manner? Your approach of subtly
> implicating that the German government has no right to make any dictums,
> based on their "intolerance," is a most _wonderful_ way of causing people
> to associate the present government with that at the time of WWII without
> ever actually mentioning any of the "key words" that would cause anyone
> to forcibly conclude a "Godwinning" (or "Godlosing") of the thread.
>
> You merely _implied_ some association between the present German
> government and the Nazis, as opposed to coming out and saying that
> anti-Scientology legislation indicates that they _are_ Nazis.
>
> I'm happy to see the thread end, and don't care to "win" any argument
> here, so I'll call a spade a spade; you did a _good_ job of implying
> the current government to be just another fascist government without
> actually coming out and saying it.
>
> Point: Salvador Peralta.
>
> >My PoV is that it world government, especially the German government,
> >should be tolerant of diversity. What I know of Scientology deals less
> >with religion and religiosity than it does with organizational
> >principles.
> >
> >Government should never actively promote intolerance
>
> Never?
>
> Ah. So governments should not promote intolerance towards child
> molestation? They should be tolerant towards wife beating?
>
> I think not... It is quite clear that there _are_ things that governments
> should be _quite_ intolerant about.
>
> It seems reasonable for governments to be intolerant about those that
> commit serious crimes. That's pretty much what "prosecution" is about,
> namely an indication that the government won't tolerate the crime.
>
> >Christopher Browne wrote:
> >>
> >> Centuries ago, Nostradamus foresaw a time when Salvador Peralta would say:
> >> >Unfortunately, the article had nothing to do with m$ being a security
> >> >risk from the software standpoint and everything to do with m$
> >> >incorporating some of scientology's philosophies into their corporate
> >> >model. The german government has already given us enough intolerance
> >> >for the next 2 centuries, IMHO. Let's not applaud them for giving us
> >> >more.
> >>
> >> Unfortunately, anything I can see of Scientology's behaviour seems to
> >> me to be Rather Frightening.
> >>
> >> It is not at all obvious that being unwilling to tolerate Scientology
> >> connections represents a move towards evil.
> --
> Rules of the Evil Overlord #155. "If I know of any heroes in the land,
> I will not under any circumstance kill their mentors, teachers, and/or
> best friends." <http://www.eviloverlord.com/>
> [EMAIL PROTECTED] - - <http://www.hex.net/~cbbrowne/lsf.html>
--
Salvador Peralta
[EMAIL PROTECTED]
http://www.la-online.com
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.advocacy) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
