* Posts by Peter da Silva

7 publicly visible posts • joined 31 May 2008

Apple macOS 15 Sequoia is officially UNIX. If anyone cares...

Peter da Silva

UNIX is any operating system based on the core system calls that made up v6 or v7 unix in the late '70s. That's the last time there was one UNIX. The tree of UNIX has spread since then, with grafts and new plantings and runners and seedlings and all the agricultural metaphors you could want. But that's where it starts. open close read write pipe fork exec stat ....

What the @#$%&!? Microsoft bans nudity, swearing in Skype, emails, Office 365 docs

Peter da Silva

Re: Linux Torvalds

Perkele!

Five lightweight Linux desktop worlds for extreme open-sourcers

Peter da Silva

WMX or Windowmaker

My favorite X11 window manager is Windowmaker, a very clean recreation of NeXTSTeP but without the annoying menu boxes.

My favorite lightweight window manager is WMX ( http://www.all-day-breakfast.com/wmx/ ).

Also, where's the "chuck" icon?

iPhones make calls without permission, researcher warns

Peter da Silva

This is a Microsoft design...

The model of using the same set of helper application bindings for trusted and untrusted sources was originally a Microsoft design, and until 2004 was limited to Windows.

Peter da Silva

It's not just iOS

I've been bitching about Apple's laissez-faire approach to helper applications since 2004. The fact that they're simply copying Microsoft's model is no excuse.

http://scarydevil.com/~peter/io/osx-security.html

Man buys $1,000 worth of iPhone pixels by accident

Peter da Silva

That's how I bought an iPod Shuffle

I wish Amazon would enforce their stupid "one click" patent*, because "one click" purchasing is a really bad idea. Now, in fairness, Apple does give you a grace period to back out and I decided that I really did want the shuffle after all... so I decided not to back out. But I turned off "one click" regardless.

A friend of mine didn't notice and bought himself a printer that way.

Where's the icon for Steve Jobs with horns, by the way? He needs equal time with Gates and Ballmer. :)

*Well, not really, but I do suspect that patenting really bad ideas to keep people from implementing them might be the only way to make lemonade from the US patent orifice's lemons.

Microsoft urges Windows users to shun 'carpet bombing' Safari

Peter da Silva
Thumb Down

Microsoft needs to get their own house in order

It's a minor issue compared to a number of others that ALL browsers on Windows have. If Microsoft is serious about security then they need to:

1. Immediately transition away from ActiveX, with as short a timeframe as possible.

2. Replace ShellExecute() with something similar to UNIX's exec(). They already HAVE the code, in the POSIX subsystem.

3. Eliminate "security zones" as a security model - there must be no circumstance in which the location of an object named in a web page automatically grants it privileges.

4. Provide an alternate API for browsers to use to find and run helper applications that is not based on the desktop helper application bindings.

All four of these are far bigger problems than having files downloaded without a prompt. Not only do they all provide paths to direct execution of untrusted code without user interaction, but they have all BEEN used for that purpose hundreds of times over the past decade.

I am not sure it's possible to implement a really secure browser on Windows without completely bypassing all of Microsoft's recommended APIs.