Posts by KarlTh

Easy way to mitigate this one...

...as always.

"An attacker who successfully exploited this vulnerability could gain the same user rights as the local user,"

So don't run with unnecessary rights, just like you wouldn't on any other OS.

@Tom 13

Blame the cretin who agreed to buy shite software that requires Admin privs to run. Hammer the provider until the provide a fix. That's what I do. Final sanction is "tough. Our policy says you can't run as admin. End of."

Having said that, it's usually a case of sorting out the permissions on a few registry keys and system files.

Second rule of forums (after Godwin's Law)...

...if you criticise anyone's education, grammar or spelling, you will make a howler yourself:

"Say's it all really..."

Complete FAIL - apostrophe abuse.

@AC

No, the actions of the private company in this case are indicative of a moron being wrongly in a position of responsibility.

@KH

Rather juvenile - as soon as anyone posts anything vaguely non-anti-microsoft, the shill accusations start.

This OS wars shite is no more meangingful or sensible than arguing over the relative merits of Star Wars and Star Trek, and I'd be willing to bet a considerable sum that there's a considerable overlap between the overgrown little boys who fight the one war and the overgrown little boys who fight the other one.

@Bob

You'd be amazed. Most people don't know how to configure their system and indeed run as administrator. Even in corporate environments where one of two things happen:

1) Lazy admin find it easier that way

2) Pompous management insists they have admin rights, and the culture of demanding it flows down to everyone on a higher grade than the underpaid and underavalued administrators who have to kowtow.

The real joke is all the people who thought they were so clever in turning UAC off on Vista and then running as Admin because UAC was "a pain". A number of chickens are coming home to roost now on that one. This latest IE flaw is a case in point.

Me too

Really noticed this lately. I have the CPU/Memory gauges on the Sidebar for information, and it's amazing how once you hit a flash animation the CPU runs up to around 30% (dual core 2.4GHz or so) and after a couple of seconds the aircraft take-off noises start. How is that Media Centre can show me full screen telly using less CPU (far, far less, only around 4-5%) than a small animation making a stupid smiley jump up and down? At least when Thing 1 is playing Flash games on the BBC website it's achieving something. Keeping him out of my hair.

Come on...

UAC asks you once, and once only. It is so much like the way Ubuntu works that I was taken aback when I stuck said distro on a laptop, and yet no-one whines about how "intrusive" being required to re-enter your password to use sudo to do any admin is.

Backward compatibility is tricky. Lots of things don't work on Vista because they used the insecurity of previous versions of Windows - assuming the user had write access to parts of the registry and file system that they shouldn't that there is a balancing act between backward compatibility and improving security.

I thought...

...they probably were - once you've got your own code running in the kernel you can make the OS hide anything. But "hidden directory" has a specific meaning within a Windowsbox, so it's a tad misleading. Just wanted to clarify.

What if you slave the drive off another system? Will the unrootkitted OS see it? I'm trying to get an angle on what's being done here.

@skelband

So there's a word you've not heard. Meh.

@Chris Crosgrove

WfW 3.11 _stable_?

If only!

The intervening years must have faded the memories of the regular GPFs. The most stable OSes I currently find are Vista (yes, really), XP and W2K3. I find various Linux distros slightly less so. Interestingly enough, the Linux guru down the way finds Linux more stable than any of the Windows offerings. Rather than come to any bizarre conclusions I put this down to him being damned good at administering LInux and me being damned good at administering Windows.

And sod the juvenile OS wars once and for all.

But I digress.

@Mark

The bylaw thing is irrelevant. Bicycles on pavements are illegal under English Law. Bicycles are, in law, carriages (as a consequence of the Taylor v Goodwin judgment in 1879) and should be on the highway not footpaths.

Is this

just a complicated way of saying "people without much money are more likely to buy cheap tat"?

In which case I suppose it's "bears shit in woods, pope catholic, more news at 11"

@Ken Smith

If the things were hidden and unannounced that driver would probably be alive today, because either he'd have been flashed so many times he'd have been banned, or he'd have sobered up and started driving legally.

It's not the cameras that are the problem, but the requirement to make them bright yellow.

@most of the above

Jokes are a lot funnier when they've not been done to death and aren't as predictable as a very predictable thing happening on National Predictable Day exactly how it always does.

Except that

No-one's knickers are in a knot, nor am I a "windoze fanboi". It's just getting a little predictable - any story about Windows, someone posts a totally unrealistic "just migrate to Linux your problems will be over" or similar bit of geeky mental masturbation.

@AC - don't forget Flame 4x: "That May Have Been True In The Past But Recent Linux Distributions Aren't Like That", which frankly I now rank along with the frequent Creationist claims that evolutionary theory is about to be disproven any day now.

Oh dear. Compare Linux fanbois to creationists. Now the flames really will come in. Tee hee.

@AC

"you can on a variety of server systems reset a user's password to enable the techie to login with their credentials. However, it's a lot easier if the techie simply asks for the user's password then logs in without changing it."

But any IT manager tolerating or encouraging their techies to work this way should be shot. It undermines the message to users: "You Do Not Give Your Password To Anyone, Not IT, Not Your Line Manager, And Not Julie In Accounts Who's Forgotten Hers Again And Doesn't Want To Wait For IT To Reset It".

@Mark Honman

"So, in this modern day and age, is it still not possible to configure a Windows server to reliably fulfil more than one task? I ask this because we are happily running a linux box as a combined file/email/intranet server and we all know that proprietary software is supposed to be better."

Perfectly possible; I've got several. It's only vitualisation which leads one to consider one app per machine.

"akin to a pair of desktop speakers."

i.e. the cheap passive ones costing around a fiver and sounding bleedin' awful. Fair enough for the job in question, I suppose, but another nail in the coffin of audio quality delivered curtesy of the portable digital music player.

You know...

When this story first hit the Reg, I commented that Reiss was not in fact saying anything controversial, and simply was being misquoted by the "teach creationism" headlines - what he was actually saying was "teach why creationism is a load of dingos' kidneys".

And I recall the regular Reg commentors baying for his blood.

And I said "nothing to see here". And there wasn't. Royal Society professor says "teach why creationism is bullshit". Bears shit in woods. Pope still Catholic. More news at 11.

Except that because of the misreporting, and the reaction of many like the Reg commentors, the poor bloke's position in the Royal Society is history.

Too many people acting like Daily Wail readers and reading the headlines instead of the actual story. Too many people thinking with their spleen instead of their brain.

@AC

"The Royal Society told the Times that Reiss’ position reflected that of the society, on the basis that “teachers need to be in a position to be able to discuss science theories and explain why evolution is a sound scientific theory and why creationism isn’t”."

Or, to put it your way, teachers should teach that: "Creationism is a pile of mince. This is *why* it's a pile of mince".

Nothing to see here. Move along.

@JonB

How does one move to London when the price of one's house anywhere else would buy a cardboard box in Peckham?

Hmmm....

Dictionary definition of Linux documentation in general:

Recursion: See "Recursion".

@Mark Lockwood

Verbing evolves language whether it's surly or cheerful.

But wouldn't it be easy enough

To have the following code:

[PseudoCode]

if CurrentBill > 10 * LargestPreviousBill then call MarkForManualCheck(CurrentCustomer,CurrentBill,LargestPreviousBill)

[/PseudoCode]

In the computers? Surely this would get rid of all these million pound gas bills and half million pount mobile phone bills in one stroke. Sure, you'd have to tweak the multiplier which triggers the check, but how hard would it be?

@AC

I think the theoretical difference is that unlike CD-R, you've got more than a whelk's chance in a supernova of reading it after five years.

@bobbles31

1. It wasn't a joke, it was a dig, and a fairly standard dig.

2. Who said I was moderating anything? I merely commented on an observation I'd made.

3. If this were the place, I could point to significant differences between King Arthur and Jesus, but it's not.

@Rob Luscombe

Not an avid reader of the sits vac section of New Scientist, are you? But then since science is not important anyway, you wouldn't be.

Worldpay?

I wonder if this is why their server was timing out last night when She Who Must Be Obeyed (yes, some Reg readers can manage relationships with the opposite sex) was trying to buy some fabric.

Customer Service stinks

Yup. I had a CD player go wrong from Currys. The manager insisted I had to accept a credit note. Eventually had to threaten their head office with trading standards before I got a cash refund, after an incredibly stupid conversation by Email with their Customer Stiffing Centre.

@Alistair

A true Tolkien geek should be able to spell the names right.

I think the Silmarillion would make an excellent TV series. I'm concerned about the possibility of appalling 21st century dialogue in the "original story" one.

@AC

For God's sake, don't discredit Christianity by linking it with that insane Creationism. The world is 4.6 billion years old, and biodiversity arose by evolution by natural selection. Link your faith with creationist nonsense and you are looking to make a shipwreck of it, because sooner or later you'll realise that the Creationists are taking you for a ride.

Turning to the other side - amazing. In the name of speaking out against religious bigotry, it's been stated that:

(a) religious believers are by definition stupid

(b) religious believers are by definition insane, and:

(c) they shouldn't be allowed to hold office

which is, frankly, an amazing show of bigotry.

I don't know who's worse. The fundamentalist religious mob or the fundamentalist atheist mob. Two sides of the same coin if you ask me: "Agree with me or you're a worthless shit".

Thank God

Most of the posters here aren't on the jury. Do you routinely assume SUSPECTS are guilty?

Which is irrelevant to the story, which is about how anyone can try to sue anyone. Whether they win is another matter.

Surreal

Just surreal. It's like a bizarre comedy universe. You couldn't make it up.

Why the invented material

When the entire Silmarillion is crying out to be made into a series of films for years to come?

Something is odd

On the one hand, people are complaining about poor performance on 2GB RAM machines, and yet I'm having no performance issues on 1GB RAM. Discounting all the "I've never used it but I know it's crap" sheeple, and the "it must be crap because it's not Linux" bunch, that leaves a core of people who've found it runs slow on more powerful hardware than mine, which was budget a year ago.

MS need to actually find out what the issue is. My suspicion is drivers.

What am I doing wrong?

I must be doing [i]something[/i] wrong. My Vista box runs fine in 1GB of RAM, yet I keep being told it needs 2GB "just to run".

Still waiting for the Linux lot to tell me what the Linux equivalents of AD GPOs and SMS are so that I can begin to see how I could manage an enterprise full of Linux desktops, without simply buying SLED and replacing one paid for solution for another.

Yeah, MS stinks but it does things I need doing.