Saw this at the bookstore today, isn't this THE cardinal sin of passwords?

boomerang42 · 1 month

You may be surprised to read this.

wsitu · 1 month

I like "TTM" - tragic teenager mustache.

bridgedsuspense · 1 month

These are the worst. I grew up as a military brat. I attended 13 schools between 1st grade and graduation. I lived in too many places to pick one as "the city I grew up in". Who was my favorite teacher? I have no clue. I much prefer to write my own questions. Then, they make sense to me and are opaque to anyone else.

bubfranks · 1 month

That's because the message was presented by NotifyOSD which is non-interactive. I haven't looked through the Mixologist code yet, but I assume that the "Do you want to fix this?" line is intended to be a link of some sort. Since you can't interact with NotifyOSD messages, you cannot open the associated help file to learn more.

ianoxley · 2 months

I can't speak for the full range of behavior- only that files which had once been whitelisted, and who's computed hash had subsequently changed, would end up moved into the root directory and named "Program.exe". The regular antivirus engine may have continued to operate as normal. I just know what it did in this specific scenario.

ianoxley · 2 months

This reminds me of a story.

In 2005, I was working at a large internet MMO gaming company (not that one, another one). We used a one program to patch and launch all of our different game executables. This was terrifically handy- one 780kb executable could download the entire assets for every single game, scan them for completeness, replace bad or missing files, and launch the game itself after you signed in. This was the Launcher, and it was bad ass.

This executable could also patch itself. Updates to this executable were fairly rare, but had to be made whenever a new title launched (but not for expansions) and when security holes were uncovered. In late 2005, a title was added to our lineup. To support it, we patched the launcher as usual. it connected to the central update servers, downloaded and applied a patch to itself, and restarted. So far, so good. For many people, this worked perfectly fine. The patch was tiny, the delay was only a few seconds, and they were up and running without missing a beat.

...but then we started getting calls. A lot of calls. For almost a week after this patch, we were inundated with support calls about the launcher opening whenever users tried to start any program. We were accused of hacking their system. Of installing spyware. Of trying to force them to play more often. I took one call from a man who was convinced his computer wanted to play with him- that it had become sentient and was acting like a dog bringing a chew toy to his owner.

As a senior tech at the time, I took it upon myself to try to figure this mess out. I got detailed process lists from people- what programs were launched at startup, what applications had been recently installed, what kind of firewall was being used, what kind of antivirus was installed, and so on. In the mean time, we had many angry users who were unable to play their games. Many just wiped their Windows installations and started from scratch. Some canceled their accounts. But some just wanted this damn launcher to get out of the way.

As I pored over the collected information from these users, one program was always there. There was one common thread among all of these affected users. McAfee antivirus. So I started looking into recent changes McAfee had made to their antivirus system. Then I found it. I struck gold- a perfect confluence of OS design flaw, vendor ignorance, and best practices gone awry. You see, McAfee had introduced a new "feature" with their combination Antivirus/Firewall program. One of the most insidious and short-sighted changes ever made.

When you installed McAfee with the Firewall protection, you had to create a whitelist of applications that could connect to the Internet. This was annoying at first, but you only had to allow a program through once. McAfee would make a hash of that executable file, and would allow it's communications to pass through the firewall every time thereafter. And you could turn this feature "off", though with McAfee, "off" is relative.

Users who had this antivirus solution installed had, at one time, allowed the launcher through their firewall. The first time they connected to us after the launcher patch was released, their executable would download it's patch, apply it to itself, and restart. But then the executable hash didn't match any more. And rather than asking users if they wanted to allow the program to connect to the internet, McAfee would rename the executable and move it- after all, it was changed after connecting to the internet, it was probably malware!

What did they name the file? Program.exe. Unless that was already taken, then they would name it Progra~1.exe or Progra~2.exe and so forth. And where did they place this file? Well, in the root directory of C of course!

Those of you unfamiliar with how arguments are passed to Windows programs won't understand the true horror of this decision. You see, back in the very old days (pre-1994) Windows did not support long file names. It wasn't until Windows NT 3.5.1 (and then Windows 95 later) that long file names were supported in Windows. Prior to this, there were a lot of limitations on what characters could be part of a filename or directory. And prior to the introduction, a space in a command written out in the shell indicated that what was to follow would be an argument. This made sense at the time. You would have a command, like this:

C:\DOOM\doom.exe -episode 3

And this would start the game "doom" with at episode 3. Simple- you have the path, you have the argument. Now, when Microsoft switched to Long File Names, it still had to support this type of invocation. So, the way the windows cmd.exe shell works is simple. You pass it a string like this:

C:\Program Files\id Software\Doom\Doom.exe -nomusic

And it will try to execute "C:\Program" as a file, passing it "Files\id Software\Doom\Doom.exe -nomusic" as argument to that executable. Of course, this program doesn't exist, so it will then try to execute "C:\Program Files\id", passing it "Software\Doom\Doom.exe -nomusic" as argument. If this doesn't exist, it will try to execute "C:\Program Files\id Software\Doom\Doom.exe" passing in "-nomusic" as an argument. It would continue this way until a program existed and started, or until the path was depleted and no program was to be found.

An additional wrinkle that I should mention. Desktop shortcuts on Windows are mostly just invocations of the shell, with the actual location of the executable you want to start- the path- stored in text inside the shortcut. When you click it, it reads this path, and passes it to the shell to start up the program. And this is why McAfee's process of moving files to the root directory was the worst decision they could have made. Most of the programs installed in Windows at this time were installed to the "Program Files" directory by default. This was a folder in the root (C:) directory. So when you wanted to launch, for instance, Microsoft Word, the shortcut on your Desktop pointed to "C:\Program Files\Microsoft\Office\Word.exe". or Firefox, which was in "C:\Program Files\Mozilla\Firefox\". Again, these are default paths- most of the time you have the option of installing someplace else.

Our users were trying to launch their application- applications which resided in the Program Files directory on their C:\ drive, but were getting the launcher instead. I was stupefied when I figured this out. Literally struck dumb. I had just uncovered what had to be the worst confluence of shortsighted decisions ever in my support career. I explained the problem to my boss, but he didn't know what to do with the information. I spent weeks trying to get in contact with McAfee about the issue. I wrote up instructions to help people delete the "Program.exe" files, disable their McAfee firewall, and how to reinstall the launcher.

Eventually, McAfee did respond to the issue. By this time, the work-arounds had resolved most of our customer's issues. I don't know how McAfee handles the detection of modified executables, but I hope they learned a little bit about Windows program invocation from this problem, and won't repeat the same mistake int he future.

postnick · 2 months

PornView is an image-viewing application with an suggestive name. It does not, itself, contain any pornography. That said, the feature set is geared towards hand-free or single-handed operation.

KerrickLong · 3 months

Your post brought to mind this story I remember reading a few years ago.

Not that it's anything we think the New York Times Company should do, but we thought it was worth pointing out that it costs the Times about twice as much money to print and deliver the newspaper over a year as it would cost to send each of its subscribers a brand new Amazon Kindle instead.

h0de · 4 months

This is really neat. I love open data, and I've been looking for a project to work on. This could be fun.

radioshaq115 · 5 months

I remember reading an article about the possibility of Zimbabwe having some of the early lost episodes. Only a few months after that article was published, the ban on the BBC within Zimbabwe was lifted. It doesn't seem to have resulted in the recovery of those episodes, though.

tarsir · 5 months

Instead of cycling through pids, you can give your session a human-readable (and rememberable!) name:

screen -S someName

This creates a screen session with the name "someName". The you can always reattach to it with:

screen -r someName

The -r switch accepts the name parameter, as does -d, so if you left it running remotely and forgot to log out, you can force-detach the screen with the name "someName" and attach to it with:

screen -d -r someName

If you want to force-logout the logged-in account under which the still-attached screen session is currently running, and then attach to the screen session locally, use the -D switch:

screen -D -r someName

And finally, if you don't remember wether you had a running screen session, but you know that even if you didn't you want to create one, then you can:

screen -D -R someName

This will power-detach the existing session (if any) and attach you to it (if it exists) or create it for you (if it doesn't exist).

bob301 · 5 months

Unfortunately, there is no release for Oneiric (11.10) in this PPA. If you are using 11.10, you will see 404 errors when running apt-get update.

hypotamoose · 5 months

"SWAK" is "Sealed with a kiss" (alternately, "Sent with a kiss"), but I don't know what you would substitute "kiss" with in that sentence. "Sealed with an aardvark"? "Sent with an abbot"? There are so many possibilities!

punture · 5 months

Streaming news from NKTV

aritali · 5 months

I have 2 wide-screen monitors, rotated 90 degrees. This allows me to see a lot of code at once. The resolution is high enough that most web pages display just perfectly in this orientation.

phillymatt · 5 months

I usually have to replace mine between 6 and 10 days of use. I haven't found a convenient method of reviving them. They start to give off less vapor, and the draw gets harder after 4 or 5 days.

ianisrlycool · 6 months

No, you misunderstand. The words are both there- "colon braille". It's a new system for blind reading, developed by a blind proctologist who wanted to be able to read on the job.

It's a great system, though you can only hold about 3/4 of a standard paperback in the colon at a time, and most of the patients aren't huge fans.

beason · 6 months

You should cross-post this to /r/bench

failed_the_rorschach · 6 months

I had this same problem- I was running transmission as a daemon on my file server. I restarted the daemon, and everything worked properly.

ic3burg · 6 months

A bit of advice:

Live every week like it's shark week.

rapor · 7 months

Surprisingly, this is less a question about the cuttlefish's abilities, and more about your own willpower. Cuttlefish respond directly to force of mind. It's easily modeled on the mathematical formula F=ma, where F is the force, m is the mass of the specific cuttlefish, and a is the acceleration of your thoughts toward the cuttlefish.

To increase F, you can get a bigger cuttlefish (size is indirectly proportional to it's ability to resist instructions), or you can think harder (increasing the speed at which your thoughts fly toward the cuttlefish).

If F is greater than 1.5 kilogramfeet per second^2, the cuttlefish will easily perform any tasks you telepathically tell it to. However, if F is less than or equal to .75 kilogramfeet per second^2, you have a nearly 80% chance of suffering a fatal brain emobilsm from the recoil of the F bouncing off the cuttlefish and returning to it's source.

tisitoj · 7 months

The extra hour comes from the past. Ever notice how time used to fly, but recently every day is dragging on forever? That's because we borrow time from the past. We used to take it from the early 90's (just a couple of hours here and there). Then we raided the 80's and took all of 1983. We took half of 1977, 1973, a third of 1969, and 3/5ths of 1961 through 1963. Finally, America unilaterally took all of 1938 until the beginning of 1941 from itself, which is why we seem to have joined WWII later than most of the rest of the participating countries.

When it became apparent that we needed a lot more time (obviously- there's 7 billion people on this planet and they all need more time) we just started pulling it wholesale from the Paleozoic and Mesozoic eras. This is why we see so many fossils from these periods, but you never see a fossil of (for instance) a modern duck. It's because dinosaurs died and were fossilized in a matter of hours, instead of the usual millions of years the process used to take.

We're beginning to run out of hours we can pull from these eras though. It's called Peak Time, and scientists believe we will have reached it in the next 20 years or so. We'll than have to find a way to extract time from the Precambrian, which as everyone knows is very difficult, even though there is a lot of time locked up there.

It's hoped that one day Alternative Time sources can completely replace or dependence of Fossil Time sources, and there are a lot of promising technologies out there already. Just to mention a few:

Sidereal days (mining time from the sides of cereal boxes).
Light years (extracting time directly from the sun, light bulbs, and fire)
Planck time (a renewable way to harvest time from plants)

Unfortunately there are powerful corporations behind the scenes who hold a great deal of sway over both the legislative system and popular opinion, who are reliant on the current, outmoded and devastating practice of deep-time drilling. Hopefully, we will be able to overcome these entrenched oligarchies and completely move our time-harvesting system to these alternative sources before we reach Peak Time. Otherwise, it will be too late.

BlankVerse · 7 months

Am I an idiot, or was there actually not a single link for Amazon.com or the trade-in program from that news article?

That irritates me. Links are free, and only increase the usefulness of the article.

jesushx · 7 months

If you don't know the answer, you can just say so. Don't just start making up words and stringing them together.

xerodeth · 7 months

Sir Isaac Newton has been considered (by some people) the greatest scientist of all time. It's possible he was entirely asexual, that he had a single romantic relationship with the daughter of his landlord while in school, or that he had a romantic relationship with Nicolas Fatio de Duillier.

Consequently, he may have masturbated to thoughts of his first romance, to thoughts of a fellow (male) scientist, or he may not have masturbated at all.

Four-Year Club	Secret Santa 2010
Summer Santa 2010	Charter Member
Verified Email

bob301

TROPHY CASE

you'll need to login or register to do that

create a new account

login