munkery
May 2, 04:56 PM
Again, look, if you're not interested in the mechanics, that's fine. Stop replying to me.
My post is inquiring about the mechanics. For the past hour, I've been trying to find how this thing ticks by searching around for in-depth articles (none to find, everyone just points to Intego's brief overview that is seriously lacking in details) or for the archive itself.
If you don't want to take this discussion to the technical level I am trying to take it, just don't participate.
The Javascript exploit injected code into the Safari process to cause the download of a payload. That payload was the installer. (EDIT: the Javascript code did not exploit a vulnerability in Safari).
The installer is marked as safe to auto-execute if "open safe files after downloading" is turned on.
An installer is used to trick users to authenticate because the malware does not include privilege escalation via exploitation.
If you had any technical knowledge you could have figured that out yourself via the Intego article.
I don't know of any other Web browser (this is not a OS problem, it's a Safari problem) that automatically assumes executables are safe and thus should be auto-executed.
Installers being marked as safe really doesn't increase the likelihood of user level access as any client-side exploit provides user level access. I don't understand why you are hung up on this installer being able to auto-execute; it really makes no difference in terms of user level access. The attacker could have deleted your files with just an exploit that provides user level access.
What does Webkit2 have anything to do with running an installer on the OS after downloading it ? That happens outside the rendering engine's sandbox. You're not quite understanding what this sandbox does if you think this protects you against these types of attacks.
Webkit2 will prevent user level access via an exploit. Preventing these types of attacks is the intended purpose of sandboxing.
My post is inquiring about the mechanics. For the past hour, I've been trying to find how this thing ticks by searching around for in-depth articles (none to find, everyone just points to Intego's brief overview that is seriously lacking in details) or for the archive itself.
If you don't want to take this discussion to the technical level I am trying to take it, just don't participate.
The Javascript exploit injected code into the Safari process to cause the download of a payload. That payload was the installer. (EDIT: the Javascript code did not exploit a vulnerability in Safari).
The installer is marked as safe to auto-execute if "open safe files after downloading" is turned on.
An installer is used to trick users to authenticate because the malware does not include privilege escalation via exploitation.
If you had any technical knowledge you could have figured that out yourself via the Intego article.
I don't know of any other Web browser (this is not a OS problem, it's a Safari problem) that automatically assumes executables are safe and thus should be auto-executed.
Installers being marked as safe really doesn't increase the likelihood of user level access as any client-side exploit provides user level access. I don't understand why you are hung up on this installer being able to auto-execute; it really makes no difference in terms of user level access. The attacker could have deleted your files with just an exploit that provides user level access.
What does Webkit2 have anything to do with running an installer on the OS after downloading it ? That happens outside the rendering engine's sandbox. You're not quite understanding what this sandbox does if you think this protects you against these types of attacks.
Webkit2 will prevent user level access via an exploit. Preventing these types of attacks is the intended purpose of sandboxing.
Max on Macs
Jul 12, 03:08 AM
I personally believe that in an effort to cut noise and heat on these higher priced machines, two problems that have always plagued them, the Pentium 66 and 75 will be in use in these systems.
Bill McEnaney
Mar 27, 07:20 PM
Homosexuals have a right to live the same lifestyle as anybody else, under the Constitution and under the UN Declaration.
Maybe with better furnishings, though...
So skunk is talking about legal rights.
Maybe with better furnishings, though...
So skunk is talking about legal rights.
myamid
Sep 12, 07:17 PM
Here's another pic from the event today, taken by the Gizmodo guys...
http://cache.gizmodo.com/assets/resources/2006/09/IMG_3701.JPG
http://www.gizmodo.com/assets/resources/2006/09/IMG_3701-thumb.JPG
Looks like a squished Mini :p
http://cache.gizmodo.com/assets/resources/2006/09/IMG_3701.JPG
http://www.gizmodo.com/assets/resources/2006/09/IMG_3701-thumb.JPG
Looks like a squished Mini :p
einmusiker
Mar 18, 09:46 AM
Option 3; STOP trying to cheat the system, and START using your iDevice the way the manufacturer designed it and the way your carrier supports it. (Is it unfair? YES! Are all of us iPhone users getting hosed, even though there's now two carriers? YES)
And while you're at it, knock off the piracy with the napster/limewire/torrent crap.
(Yeah, I said it! SOMEBODY had to!)
Thanks for the insight Debbie downer
And while you're at it, knock off the piracy with the napster/limewire/torrent crap.
(Yeah, I said it! SOMEBODY had to!)
Thanks for the insight Debbie downer
fishmoose
Apr 20, 05:33 PM
Good to hear Jobs isn't planning to retire. The question about Android being like Windows was to the Mac to iOS was probably the dumbest question of the call.
organerito
Apr 29, 08:41 AM
My wife is a teacher. She personally taught lots of them. Schools are now using Windows machines. After that my wife switched to Windows. I've been using Macs for 18 years. But I'm getting so sick of waiting for Apple to make a mid sized mid range Mac without a built in screen I'm close to switching to Windows too.
My former music teacher could get a Macbook Pro fro free. He got a Dell compueter. he started with a Mac and he changed. His wife just got rid of his Macbook to get an HP.
I really like the iPhone, but I am crazy about any Mac computer. I can afford any of them. Only narrow-minded people believe that all the people who don't have a Mac is beacuse thay can't afford it. Some of us, actually, don't want a Mac, but we might like the iPhone.
My former music teacher could get a Macbook Pro fro free. He got a Dell compueter. he started with a Mac and he changed. His wife just got rid of his Macbook to get an HP.
I really like the iPhone, but I am crazy about any Mac computer. I can afford any of them. Only narrow-minded people believe that all the people who don't have a Mac is beacuse thay can't afford it. Some of us, actually, don't want a Mac, but we might like the iPhone.
liketom
Sep 20, 02:09 AM
to make this work better and for apple to take the number 1 slot of internet download movies - they need an TV ad like the mac/pc ones
movie trailer then apple text - jack Sparrow+ Apple - download from $12.99 - iTunes store. simple infact i just made one as a looksy
Apple might also do well in selling the DVD + download for $19.99 - 24.99 as an option.
they have proved this concept works with the 125k downloads in 1 week now they need to feed people with movies for there iTV device
http://www.youtube.com/watch?v=bFwhVsSDr_4
movie trailer then apple text - jack Sparrow+ Apple - download from $12.99 - iTunes store. simple infact i just made one as a looksy
Apple might also do well in selling the DVD + download for $19.99 - 24.99 as an option.
they have proved this concept works with the 125k downloads in 1 week now they need to feed people with movies for there iTV device
http://www.youtube.com/watch?v=bFwhVsSDr_4
tigress666
Apr 9, 11:43 AM
Wait? There's no need to wait. You are doing yourself a disservice. Do yourself a favor. Go to one of your friends houses, one with a PS3 or Xbox and at least a 37 inch TV. Play Assassin's Creed or Prince of Persia. Come back and tell us what's the difference.
Yeah, of course there is a difference on a console. I thought we were comparing hand helds. And I'm not claiming the iphone is the best experience for a lot of games (notice that I've pretty much said that PoP and Assassin's Creed would do better with buttons but for my purposes it's still fun on touchscreen).
I'm not claiming I'm some sort of hard core gamer.
But what I am claiming, is that there are *good* games on the iphone that are more than just "timewasters" (Well, honestly, any game is a "timewaster" if you think about it. Do you really think you do anything productive when you game? No. You do it for fun in your free time). But there are games that you can get into and play for more than five minutes (stuff that isn't the Angry Birds type game). Games that have me put down my computer and actually focus on them for long periods of time. I'm really happy to see that happen more on the iphone. I love that Square has started putting games on (if you can't tell, they're one of my favorite game makers ;). But Gameloft has started getting my love too).
That's what I'm saying.
Let me watch you play those on the subway. This is all about portable gaming.
Pretty much. It's kinda stupid to compare the iphone to a PS3 or Xbox. That's apples and oranges. No handheld is going to compare to something like that, if nothing else for having a large screen and a controller that really is designed to be a controller (and not a controller and a screen in one. No handheld can be as easy to use as a controller as a dedicated controller, which btw, I totally prefer the Playstation's/Playstation 2 controller. That was the most ergonomic controller I've experienced but I haven't had a console since the PS2. It's about as much difference in experience as a touch screen vs. buttons really. I always find handheld games are more awkward to control and have my hands cramp up. But the point of them is portability so you do make compromises).
True, some iPad/iPhone games are "casual time wasters" but there are also some FANTASTIC games. Dead Space iOS is fantastic and guess what, ITS WAS 10 DOLLARS. True, its not as good as the console versions, but those sold for 60 DOLLARS.
And this is exactly what I'm trying to say :).
angelina jolie wanted
angelina jolie tattoo. Wanted
Angelina Jolie Tattoo Wanted
angelina jolie tattoos wanted
like Angelina Jolie,
Angelina Jolie is sporting a
Angelina Jolie Wanted Film
Angelina Jolie Tattoo
new Angelina Jolie
angelina jolie tattoos wanted.
Yeah, of course there is a difference on a console. I thought we were comparing hand helds. And I'm not claiming the iphone is the best experience for a lot of games (notice that I've pretty much said that PoP and Assassin's Creed would do better with buttons but for my purposes it's still fun on touchscreen).
I'm not claiming I'm some sort of hard core gamer.
But what I am claiming, is that there are *good* games on the iphone that are more than just "timewasters" (Well, honestly, any game is a "timewaster" if you think about it. Do you really think you do anything productive when you game? No. You do it for fun in your free time). But there are games that you can get into and play for more than five minutes (stuff that isn't the Angry Birds type game). Games that have me put down my computer and actually focus on them for long periods of time. I'm really happy to see that happen more on the iphone. I love that Square has started putting games on (if you can't tell, they're one of my favorite game makers ;). But Gameloft has started getting my love too).
That's what I'm saying.
Let me watch you play those on the subway. This is all about portable gaming.
Pretty much. It's kinda stupid to compare the iphone to a PS3 or Xbox. That's apples and oranges. No handheld is going to compare to something like that, if nothing else for having a large screen and a controller that really is designed to be a controller (and not a controller and a screen in one. No handheld can be as easy to use as a controller as a dedicated controller, which btw, I totally prefer the Playstation's/Playstation 2 controller. That was the most ergonomic controller I've experienced but I haven't had a console since the PS2. It's about as much difference in experience as a touch screen vs. buttons really. I always find handheld games are more awkward to control and have my hands cramp up. But the point of them is portability so you do make compromises).
True, some iPad/iPhone games are "casual time wasters" but there are also some FANTASTIC games. Dead Space iOS is fantastic and guess what, ITS WAS 10 DOLLARS. True, its not as good as the console versions, but those sold for 60 DOLLARS.
And this is exactly what I'm trying to say :).
danielwsmithee
Sep 12, 04:10 PM
Seems to me this could be done without Apple having to open up Front Row. If Elgato added some sort of "export recording to iTunes Video Library" option (that also deletes the original file after export completes), you could have your stuff recording on your mac and ready to stream to iTV. I'd imagine you could also set up some sort of Smart Playlist in iTunes to show unwatched recordings that carries over to the iTV interface.It's already there they call it export to iPod.
twoodcc
Oct 10, 10:32 AM
it's too early to tell yet. this is all just speculation at this point. wait until more android phones and android 1.5 is out first
Slurpy2k8
Apr 9, 03:52 AM
Wait? There's no need to wait. You are doing yourself a disservice. Do yourself a favor. Go to one of your friends houses, one with a PS3 or Xbox and at least a 37 inch TV. Play Assassin's Creed or Prince of Persia. Come back and tell us what's the difference.
Some us have lifestyles in which we are more than content with the entertainment selection on iOS devices-myself included. I don't have time, not desire to invest in playing games over long periods of time in a sedentary fashion. I play a game when want to clear my mind a bit, or kill time. I don't go invest huge amount of money and make that a goal, because frankly Id rather spend my time in a myriad of other ways. The vast majority of the population share my mindset. iOS devices not being 'HARDCORZ' enough is not going to hurt Apple. That market is shrinking, not expanding.
Some us have lifestyles in which we are more than content with the entertainment selection on iOS devices-myself included. I don't have time, not desire to invest in playing games over long periods of time in a sedentary fashion. I play a game when want to clear my mind a bit, or kill time. I don't go invest huge amount of money and make that a goal, because frankly Id rather spend my time in a myriad of other ways. The vast majority of the population share my mindset. iOS devices not being 'HARDCORZ' enough is not going to hurt Apple. That market is shrinking, not expanding.
AppleDroid
Apr 13, 01:09 PM
As a new After Effects user this is good news! I prefer Final Cut to Premiere but I never liked Motion so to be able to get it for cheap (as a stand alone) would be a wonderful option.
takao
Mar 13, 04:04 PM
All we can decide is whether we build them ourselves. We have a very real fuel crisis that manifests itself in war and terrorism, and will only get worse.
really ?
i live in a country which isn't at war .. and hasn't since quite a few years.. and by years i mean decades
and the nuclear power plant we built was stopped before getting turned on by a popular vote (since then we have a constitutional law forbidding to build nuclear power plants...)
wow look at how i am suffering from the terrible consequences
really ?
i live in a country which isn't at war .. and hasn't since quite a few years.. and by years i mean decades
and the nuclear power plant we built was stopped before getting turned on by a popular vote (since then we have a constitutional law forbidding to build nuclear power plants...)
wow look at how i am suffering from the terrible consequences
matticus008
Mar 19, 06:00 PM
He just wants to play his music on Linux, is there something wrong with that? Are you saying that Linux is bad, and Apple is good? Do you think that Apple is doing the right thing by not preventing these issues in the first place (by failing to open up technology standards or port multimedia software to other operating systems)? I really don't think that it would be terribly difficult to port iTunes or Quicktime to Linux.
Yes, there is something wrong with that. You agreed when you created your account that you would use iTunes. You as a citizen, agree not to break the laws. Using iTunes songs in Linux breaks both of those agreements. Linux is great (I'm a Linux sysadmin, as a matter of fact), but you know going into a purchase agreement that iTunes does not support Linux. Apple should make iTunes for Linux, sure. But violating the TOS and breaking laws left and right isn't really going to convince them to do it.
If you have Linux, then iTunes really isn't a legal option for you. Get your music elsewhere and write a letter to Apple, or use another computer for iTunes and use CDs or one of the thousands of network audio streaming packages available for Linux. You do not have the right to break DRM or to use something other than iTunes to get music from iTMS, period. It's that simple.
Yes, there is something wrong with that. You agreed when you created your account that you would use iTunes. You as a citizen, agree not to break the laws. Using iTunes songs in Linux breaks both of those agreements. Linux is great (I'm a Linux sysadmin, as a matter of fact), but you know going into a purchase agreement that iTunes does not support Linux. Apple should make iTunes for Linux, sure. But violating the TOS and breaking laws left and right isn't really going to convince them to do it.
If you have Linux, then iTunes really isn't a legal option for you. Get your music elsewhere and write a letter to Apple, or use another computer for iTunes and use CDs or one of the thousands of network audio streaming packages available for Linux. You do not have the right to break DRM or to use something other than iTunes to get music from iTMS, period. It's that simple.
kresh
Oct 26, 02:39 AM
Now we see what Apple saw - why the Mac Pro is strickly BTO.
Just add two more processor options for the X5355 and E5345, and this upgrade is done.
Wow, simply amazing. Kudos Apple!
Just add two more processor options for the X5355 and E5345, and this upgrade is done.
Wow, simply amazing. Kudos Apple!
alexf
Aug 29, 11:45 AM
Who the hell listens to GreenPeace anymore.
Seriously.
A lot of people (and companies, such as Apple).
Seriously.
Seriously.
A lot of people (and companies, such as Apple).
Seriously.
Multimedia
Jul 12, 04:51 PM
Yes Mulitmedia these are the same morons with too much money and too little sense , These are the same people who are saying ..ohhh why can't Conroe go into an iMac , but i want a Woodcrest , hey I don't care if Merom is Pin compatible can't they go with Conroe for it's better perfromance ..lol
What a bunch of whiny daddy's boys , no sense at all they just obey the all mighty Stevie Jobs when he lies about how the new MacPro is THE FASTEST PEECEE IN THE WORRRRLD:pCareful. You can get banned for calling anyone here a naughty name. They will go whining to the moderators and a moderator who might not like you in the first place will lock you out of the process. So I don't disrespect anyone in writing here any more. Everyone here is beautiful and fun to be with. :)
What a bunch of whiny daddy's boys , no sense at all they just obey the all mighty Stevie Jobs when he lies about how the new MacPro is THE FASTEST PEECEE IN THE WORRRRLD:pCareful. You can get banned for calling anyone here a naughty name. They will go whining to the moderators and a moderator who might not like you in the first place will lock you out of the process. So I don't disrespect anyone in writing here any more. Everyone here is beautiful and fun to be with. :)
d.perel
Mar 19, 07:15 PM
the software would probably go over better if it did not contain the 1st syllable of 'Pirate' or 'Pirating' right before the word music..... :rolleyes:
milo
Jul 13, 10:19 AM
well they will all have the same mobo, so conroe on the low end and woodcrest on the high ends isnt an option
Why do they all have to have the same mobo?
Which is why I believe that macPro's will be all dual-duals. single Woodcrest makes no sense, and splitting MacPro-lineup between Woodcrest and Conroes doesn't make much sense either. Remember: MacPro's are hi-end workstations. so dual-dual makes sense there.
Why doesn't splitting the lineup make sense? If they don't split the lineup, they're looking at bumping the price of the base model by hundreds of dollars with no benefit. Complete waste of money.
the majority of Mac desktop professional users are people who rely on Adobe for everyday work.
Do you have anything to back that up? That totally sounds like speculation.
So Dell has a system with dirt-cheap CPU and that vaunted Dell-"designed" case for under $1000. And you are now expecting to get an Apple-system with kick-ass case and considerably more expensive CPU with just $200 extra?
I wish apple would stop wasting money on the "kick ass case", especially since it's not that great a case aside from looking pretty. I'd love to see a budget model that was simple - why not make one more similar to a dell and keep the price more competitive? I buy it for the OS and apps, not because the plastic is shinier.
the price difference between a 2.33/2.4 conroe is going to be like 20 bucks in the volume apple is getting, maybe less, memory has about a 60 buck difference for a pair of 512 sticks so it runs up to about 30 bucks in bulk and the motherboard is going to cost about 50 more to apple, thats a total of 100 bucks which will probably be made back by saveings in overhead and support costs.
Are you comparing to woodcrest? I call BS. If you want to make that claim for real, do it with real numbers, not with ones you guesstimated.
Why do they all have to have the same mobo?
Which is why I believe that macPro's will be all dual-duals. single Woodcrest makes no sense, and splitting MacPro-lineup between Woodcrest and Conroes doesn't make much sense either. Remember: MacPro's are hi-end workstations. so dual-dual makes sense there.
Why doesn't splitting the lineup make sense? If they don't split the lineup, they're looking at bumping the price of the base model by hundreds of dollars with no benefit. Complete waste of money.
the majority of Mac desktop professional users are people who rely on Adobe for everyday work.
Do you have anything to back that up? That totally sounds like speculation.
So Dell has a system with dirt-cheap CPU and that vaunted Dell-"designed" case for under $1000. And you are now expecting to get an Apple-system with kick-ass case and considerably more expensive CPU with just $200 extra?
I wish apple would stop wasting money on the "kick ass case", especially since it's not that great a case aside from looking pretty. I'd love to see a budget model that was simple - why not make one more similar to a dell and keep the price more competitive? I buy it for the OS and apps, not because the plastic is shinier.
the price difference between a 2.33/2.4 conroe is going to be like 20 bucks in the volume apple is getting, maybe less, memory has about a 60 buck difference for a pair of 512 sticks so it runs up to about 30 bucks in bulk and the motherboard is going to cost about 50 more to apple, thats a total of 100 bucks which will probably be made back by saveings in overhead and support costs.
Are you comparing to woodcrest? I call BS. If you want to make that claim for real, do it with real numbers, not with ones you guesstimated.
eawmp1
Apr 22, 08:28 PM
Because the concept of earth and life just happening to explode into existence from nothing comes from logic and reason?
Interesting...
You referring to the big bang, or those reported six days?
Interesting...
You referring to the big bang, or those reported six days?
Kalmia
Sep 20, 01:06 AM
TV show recording would be REALLY nice, but it's probably wishful thinking, considering it could potentially cut into profits from iTunes. Still, one can dream...
In addition, I would really love a movie rental option, though that's probably even more farfetched. It would save us a TON of money on late fees, though.
My main concern is how big of a hole this is going to leave in my wallet. I guess it's still pretty early to be speculating, given that we don't know much about it. So I should probably try not to get my hopes up in the meantime. :p
~Kalmia
In addition, I would really love a movie rental option, though that's probably even more farfetched. It would save us a TON of money on late fees, though.
My main concern is how big of a hole this is going to leave in my wallet. I guess it's still pretty early to be speculating, given that we don't know much about it. So I should probably try not to get my hopes up in the meantime. :p
~Kalmia
awmazz
Mar 12, 04:42 AM
Nuclear experts are speculating that the explosion was caused by hydrogen gas released from water that's come into contact with the overheating fuel rods.
BBC live update (http://www.bbc.co.uk/news/world-middle-east-12307698)
Thanks Olly, I was wondering how the hydrogen could explode. Edited.
They're saying the pressure/exploding hydrogen blew/collapsed the ceiling on the reactor. So that indicates the now destroyed building is where the overeating reactor core is. But don't worry, it's safe. There's not enough information to assume the situation is actually bad... :cool:
BBC live update (http://www.bbc.co.uk/news/world-middle-east-12307698)
Thanks Olly, I was wondering how the hydrogen could explode. Edited.
They're saying the pressure/exploding hydrogen blew/collapsed the ceiling on the reactor. So that indicates the now destroyed building is where the overeating reactor core is. But don't worry, it's safe. There's not enough information to assume the situation is actually bad... :cool:
TheRealTVGuy
Mar 18, 01:47 AM
Poor thing... he doesn't realize napster and limewire are history. Also, once the data hits my device, it's mine to do with as I please. Thank you very much.
>laughing_girls.jpg.tiff.
Yeah, because ever since the iTunes store opened, I haven't had the need...
Unless it's Metallica, then I'm all for ripping those guys off, just to mess with them!
>laughing_girls.jpg.tiff.
Yeah, because ever since the iTunes store opened, I haven't had the need...
Unless it's Metallica, then I'm all for ripping those guys off, just to mess with them!
No comments:
Post a Comment