Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
John Check <[EMAIL PROTECTED]> said: > On Wednesday 27 August 2003 7:54 pm, Norman Vine wrote: > > To all concerned > > > > May we please put this thread to rest and allow FGFS > > to return to "soaring above petty OS bigotry" > > > > Thanks > > > > Norman > > > > Amen to that Ah...blessed silence :-) ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
On Wednesday 27 August 2003 7:54 pm, Norman Vine wrote: > To all concerned > > May we please put this thread to rest and allow FGFS > to return to "soaring above petty OS bigotry" > > Thanks > > Norman > Amen to that > > ___ > Flightgear-devel mailing list > [EMAIL PROTECTED] > http://mail.flightgear.org/mailman/listinfo/flightgear-devel ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
On Wed, 2003-08-27 at 16:54, Norman Vine wrote: > To all concerned > > May we please put this thread to rest and allow FGFS > to return to "soaring above petty OS bigotry" > Yes! No one cares about which OS you're using (I really do not!). Or applications, please take David's contention based on what he just went through. Someone asked about how to start coding in FlightGear, anyone actually help him yet? > Thanks > Matt ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
To all concerned May we please put this thread to rest and allow FGFS to return to "soaring above petty OS bigotry" Thanks Norman ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Matt > I am all for warming up to Windows developers, or any from anywhere for > that matter, or any end user (in fact and ordinary end user with basic > experience can shed a lot of interesting light onto many applications). > But I have indeed asked many times why people run certain pieces of > software and I took Outlook Express as an example of what I have been > told first hand. > > Cannot see how this argument is actually *nix developers versus people > who develop on Windows, its not at all, or indeed anything to do with > taking swipes at end users. > > Do you still think that is the case? Yes. Let's go back to the email which started all this: QUOTE using Outlook to read e-mail is like licking public toilets; using Outlook with a virus checker is like taking antibiotics and then licking public toilets (it might work, but it's hardly optimal). Please, people, if you have a choice, don't read e-mail with Outlook, or at least, don't read the flightgear lists with that program. I know that some of you are forced to use Outlook at work, but there's no excuse for using it at home or school UNQUOTE The use of Outlook is compared to licking public toilets, and to avoid any possible doubt, it is made clear that it applies to people using Outlook to read flightgear lists. There is apparently "no excuse" for doing this . Regarding your own comment - Have you ever heard of stereotyping, a device typically used to reinforce prejudice? Yes I have walked people through changing defaults in Outloook Express and many other similar tasks, probably rather more than you might imagine, but that's no excuse for extending any presumptions from those experiences to an entire population of users. It appears that the arguments put up by those of us who have been belittled by the toilet-licking analogy have fallen on completely deaf ears. Even now, I haven't seen a single acknowledgement that Outlook Express can be set up and used safely, and other messages "defending" the use of Outlook have been similarly ignored. Presumably those of us who continue to infect the flightgear lists by our use of these dispicable tools do so with continued disapproval. I have made a positive decision over the years to use Windows over a Unix environment (even though I continue to maintain a working Linux system). It shouldn't be necessary for me to have to defend this choice, for any reason, let alone stereotyping and historically-(mis)informed prejudice. You can choose to ignore the negative impact of all this on the potential Windows developer base if you wish, but I personally feel it is not good for the future or image of FlightGear for it to continue. It gives the impresssion, intentional or otherwise, that FlightGear is a *nix dominated, anti-Windows clique. I've had an offlist reply to an earlier posting, presumably on the assumption that the discussion was not relevant to the list. I beg to differ - it *is* important that a project which claims to welcome cross-platform and multiplatform development demonstrates respect for whichever platform potential developers may choose, including the safe use of the tools associated with that platform assisted by the application of common sense (as with any platform). Mally PS. I'm getting bogged down with the amount of effort I'm having to put into dealing with this important issue, so I'm not intending to to make any further reply. Please do not assume that this implies acceptance of any points subsequently raised. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 20/08/03 ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
> > Gene, > I'm a little late to this conversation, but I just wanted to point out > that this advisory was released on March 3, 2003. This is not a new > exploit in sendmail. If you've been running an unpatched sendmail this > whole time, it may be too late. > -- Good grief. Well I'm sure that nobody has been at the system. All my telltales are still in place. Postfix is _still_ a better MTA than sendmail. :) g. ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
On Wed, 2003-08-27 at 11:23, Mally wrote: > Matt > > > The main swipes aren't so much at end users, as most just run what the > > computer came with, "I am running Outlook Express because thats what > > came with the computer", this is the most common scenario, oh and it > > doesn't matter how much MS advertises any fault or any setting that > > helps alleviate issues only a few will actually read that.Hence > > Microsoft will probably eventually do stealthy patches onto peoples > > computers (ack). > > If that isn't a swipe at end users, I don't know what is. > > Mally Then you don't know what is. Its just a reality, confirmed by my own experience that to a lot of people a computer is just another appliance. Have you ever walked people through changing defaults in Outlook Express? Have you ever had the experience of helping people fix their computers or learn how to use them? When you do you'd realise that this is not a swipe, but rather a reality. I am sure many car mechanics will wonder why I don't change car filters, oil coolant etc because its so easy to them. Most on this list are very technical, for instance going to Control Panel in Windows is easy for us, but for many even that is chore. Again, this is not a swipe, but comes from direct experience. I am all for warming up to Windows developers, or any from anywhere for that matter, or any end user (in fact and ordinary end user with basic experience can shed a lot of interesting light onto many applications). But I have indeed asked many times why people run certain pieces of software and I took Outlook Express as an example of what I have been told first hand. Cannot see how this argument is actually *nix developers versus people who develop on Windows, its not at all, or indeed anything to do with taking swipes at end users. Do you still think that is the case? Matt ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Matt > The main swipes aren't so much at end users, as most just run what the > computer came with, "I am running Outlook Express because thats what > came with the computer", this is the most common scenario, oh and it > doesn't matter how much MS advertises any fault or any setting that > helps alleviate issues only a few will actually read that.Hence > Microsoft will probably eventually do stealthy patches onto peoples > computers (ack). If that isn't a swipe at end users, I don't know what is. Mally --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/03 ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
* [EMAIL PROTECTED] (Gene Buckle) [2003.08.27 10:12]: > > Gene Buckle writes: > > > Thanks Norman. I wish they'd stop writing such crap. *sigh* > > > > > > g. > > > > > > On Mon, 25 Aug 2003, Norman Vine wrote: > > > > FYI > > > > http://www.cert.org/advisories/CA-2003-07.html > > It's just that I had far better things to do with my evening than upgrade > a machine to postfix. One that handles something like 6 mailing lists > too. Pissed off doesn't begin to describe my condition right now. *snarl* Gene, I'm a little late to this conversation, but I just wanted to point out that this advisory was released on March 3, 2003. This is not a new exploit in sendmail. If you've been running an unpatched sendmail this whole time, it may be too late. -- Cameron Moore [ Why is a carrot more orange than an orange? ] ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
On Tue, 2003-08-26 at 23:48, Mally wrote: > > Oh well, it's fun to pick on MS, and they do deserve most of it, if > > for no other reason to pressure them to do better. But you will have > > security problems and issues no matter what software and OS you run. > > It may be fun, but when it extends beyond Microsoft-bashing to implied > disrespect for Windows users, it's worth bearing in mind the negative impact on > the potential developer base. If the intention (stated or otherwise) is to keep > FlightGear firmly planted in the Unix arena, then so be it, but I think > Flightgear would possibly benefit from embracing Windows-based developers a > little more warmly. > > Mally People working/playing/whatever :) in the OS arena tend to be more in sync with the idea of choice and freedom, and that does include MS. An analogy to Microsoft is of course Ford, if Ford had somewhere around 90% of the consumer car market we'd all be driving at 40 miles an hour maximum in a car that is black and also guzzles fuel. The main swipes aren't so much at end users, as most just run what the computer came with, "I am running Outlook Express because thats what came with the computer", this is the most common scenario, oh and it doesn't matter how much MS advertises any fault or any setting that helps alleviate issues only a few will actually read that.Hence Microsoft will probably eventually do stealthy patches onto peoples computers (ack). If there is blame it belongs with the OEM's too like Dell that are a typical gutless non-innovating company. Until Microsoft sheds about 49% of its market we should expect issues like viruses and virus warnings to continue at the extent they are. I do not think any intention was made to disrespect people who develop on Windows, or indeed any platform. I am sure Curtis would be happy if someone got FlightGear to run well on a handheld device! Matt ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
On Tue, 2003-08-26 at 08:09, Curtis L. Olson wrote: > Ok, I hate to drag this off topic thread further off topic. But the > other poster was right. FlightGear isn't the best place for MS > bashing. These days it is almost as much fun to bash SCO: > > > http://armedndangerous.blogspot.com/2003_08_17_armedndangerous_archive.html#106157186387886957 > > But before Linux users get too smug, don't forget that a *huge* > component of the spam problem is due to people running open mail > relays. I would guess that many of these are Linux system > unfortunately. > > Your best defense (which is true if you run Linux, MS, FreeBSD, or any > other system) is to keep up on the latest security patches. *All* > systems have bugs and oversights in the design that are discovered and > (hopefully fixed) over time. If the end user doesn't keep up with > these they are risking a lot of trouble (whether they run an > open-source or closed-source OS.) > > It's unfortunate though that gaping wide open holes continue to be > exploited, and re-exploited, and re-exploited. This isn't entirely > MS's fault (although they make a nice fat easy tempting target.) > > Durk, to address your 747 recall point (which is an interesting one.) > What is the cost to Boeing if a 747 goes down? After all the lawsuits > it could be *very* significant ... maybe even more expensive than > recalling the entire fleet for an upgrade/fix. It's an apples and oranges comparison. There are few to no lives on the line with a PC vulnerability ... > > If an email virus floods the net, what is the cost to MS? Yeah they > get bashed on the public forums, but for every basher, there is > someone speaking up to defend them ... Historically, they whip up a > patch, make it available, and everyone just keeps going along. The > lawyers don't go into a feeding frenzy with lawsuits. I wonder what > would happen if they lawyers started holding companies accountable for > the software they write and the damage caused by bugs? What if > legislatures passed laws forcing companies to be accountable? (Or if > you live in a country with a dictator, he/she could just beat the crap > out of the developers everytime someone found a bug.) That is > probably what it would take to fix this problem. Then MS would have a > financial incentive to build secure systems and software (and keep > them secure.) Right now they don't. > > But wait a second ... this is a scary thought because *we* develop > software. Do we want to be held to those same standards as we might > propose for microsoft? If someone exploits a bug or oversight in > flightgear to do damage, do we want to be held liable? We could just > exempt ourselves from blame in our licensing terms as we do now, but > if we can do that, why can't microsoft. > > Anyway, the answer to all of this usually is to stay vigiliant and > keep all your systems fully up to date with all the latest patches and > fixes. > > Regards, > > Curt. > > > Durk Talsma writes: > > The problem is: Microsoft's notoriously bad track record _is_ still relevant > > today. Since this list is dedicated to Flight Simulation software, everybody > > will be familiar with Murphy's Law, which basically says that every design > > flaw, no matter how small it is, will make something go wrong, break, lead to > > disaster, or wreak havoc some way or the other. Think of it from a > > statistical point of view: A one percent chance of failure in some piece of > > equipment, multiplied by a hunderd copies of this piece, multiplied by a few > > thousand uses of it, will lead to an estimated few thousand disasters! So, > > there's just no room for error here. > > > > In the computer industry, it's exactly the same. On an inherently insecure > > system, even when it's operated by a savvy user, there is a very small, but > > real chance, that somebody gets in trouble. Accidents do happen. Now multiply > > this by the number of inherently insecure systems around, and when these > > systems are all connected, you have a scenario for disaster. For some strange > > reason, MS has been ignoring this basic design philosophy for years and the > > consequences are still around. Even though the latest version of MS products > > have fixed some security issues, they still have the inherently insecure > > options (which are enabled by default) and there are still millions of older > > computers systems out there, which are _not even nearly_ safe. What's more, > > these are the systems owned by people who are (although otherwise reasonably > > intelligent) not so computer savvy as we are. (BTW: I strongly suspect that > > somebody who's subscribed or has been subscribed to one of the fgfs lists is > > infected by the sobig virus. I've been getting at least three different email > > bounces from virus scanners that were addressed to other fgfs-devel members. > > Now, what's the connection between me and other fgfs-devel list
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
> Oh well, it's fun to pick on MS, and they do deserve most of it, if > for no other reason to pressure them to do better. But you will have > security problems and issues no matter what software and OS you run. It may be fun, but when it extends beyond Microsoft-bashing to implied disrespect for Windows users, it's worth bearing in mind the negative impact on the potential developer base. If the intention (stated or otherwise) is to keep FlightGear firmly planted in the Unix arena, then so be it, but I think Flightgear would possibly benefit from embracing Windows-based developers a little more warmly. Mally --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/03 ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Jim Wilson writes: > Tinky Winky mail? One of my bosses has a purple motorcycle he has knicknamed "tinky winky". He even had a two-tone custom seat cover made for it. :-) It looks real sharp. > Well, this isn't microsoft bashing, and it isn't based on things > that happened in the past. While some critrical defaults have been > changed, it is basically still true today. And it is a big problem > for MS with all the third party development that surrounds > Outlook/IE technology. It makes me cringe when a user calls and > says some third party software tech said they need to relax the > security settings to make something work. > > Microsoft can and will find a solution and I hope that it comes > quickly. Of course then maybe they'll get sued by the antivirus > people for unfair business practices...when they finally replace > outlook with an internet friendly email program! When ever this sort of subject comes up, I think back to a job interview I had soon after I finished college. One of the questions I was asked centered around what I thought about the future of computer security. I apparently got the answer completely wrong and was treated to a 10 minute lecture on how business wouldn't tolerate security flaws and how market pressures would force software companies to plug all their major holes within 6 months. Apparently this guy's views didn't take into consideration a few important things. :-) If only he would have been right ... :-( For years Microsoft ignored the internet. Then they tried to create their own network. Finally (fortunately?) they gave up on that and started getting on board with the internet. But I think in terms of security and especially design of secure software from the ground up, in many ways this is a company that is still struggling to catch up. Much of their software seems to assume a happy, safe, protected business intranet. But more and more businesses and individuals are connected to the global internet which can sometimes be a nasty place. You certainly can't put your head in the sand and hope it won't happen to you. Not these days. Running the FlightGear mail, web, ftp, cvs, etc. servers (linux) has been an interesting challenge. We haven't had any direct breakins (that I'm aware of), but we do get affected by various problems. For instance, monday I switched all email services over to our faster machine. The old machine used to handle the mail load just fine, but today with 1000's of spam coming in daily I was seeing sustained load averages of 5-10 over long periods of time. One day a happy spammer started forging <[EMAIL PROTECTED]> for his spam's return address. That just about killed our machine with all the bounces and hate mail we got back. I've tried to stay vigilant with patches and updates (debian linux) but often the fixes don't come out until after the hole is publicized, so you have to hope the crackers don't find you first. And there appears to be an agreement between major linux distributors that holes aren't publicized until all the distributions have had a reasonable chance to come up with a patch ... that's a little scary because it means that problems will float around for a while and be know by at least some people before an actual fix is available. A big part of internet security is to make yourself a more difficult target than the next guy ... most hackers are lazy and go for the easy stuff first and usually using publicized hacking tools and exploits. That said, if someone decided to pick our servers out of the crowd and make our lives miserable, we'd probably be toast. Denial of service attacks can be just as fun as writing a virus, or getting root on a machine ... and they are much harder to protect against. Oh well, it's fun to pick on MS, and they do deserve most of it, if for no other reason to pressure them to do better. But you will have security problems and issues no matter what software and OS you run. Regards, Curt. -- Curtis Olson HumanFIRST Program FlightGear Project Twin Citiescurt 'at' me.umn.edu curt 'at' flightgear.org Minnesota http://www.menet.umn.edu/~curt http://www.flightgear.org ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
"Curtis L. Olson" <[EMAIL PROTECTED]> said: > Outlook is a program that (doesn't have to) but seems happy to run > just about any program anyone on the internet wants to send it. I've > heard stories that in some cases, outlook will open/run the attachment > silently behind the scenes even if you just delete the message without > reading it. It's one of those pieces of software that was written to > be used in a happy place where everyone get's along and no one does > anything mean to each other ... like at ... I don't know ... tele > tubby land or something. Tinky Winky mail? Well, this isn't microsoft bashing, and it isn't based on things that happened in the past. While some critrical defaults have been changed, it is basically still true today. And it is a big problem for MS with all the third party development that surrounds Outlook/IE technology. It makes me cringe when a user calls and says some third party software tech said they need to relax the security settings to make something work. Microsoft can and will find a solution and I hope that it comes quickly. Of course then maybe they'll get sued by the antivirus people for unfair business practices...when they finally replace outlook with an internet friendly email program! Best, Jim ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Gene Buckle <[EMAIL PROTECTED]> wrote: >> Gene Buckle writes: >> > Thanks Norman. I wish they'd stop writing such crap. *sigh* >> > >> > g. >> > >> > >> > On Mon, 25 Aug 2003, Norman Vine wrote: >> > >> > > FYI >> > > http://www.cert.org/advisories/CA-2003-07.html >> >> On average for the last 10 years, Sendmail has probably been good for >> one of these alerts per week. :-) Most of them probably aren't as >> serious as they sound though. A lot of unix security alerts are for >> "theoretical" problems with no known implimentation of an exploit. >> > It's just that I had far better things to do with my evening than upgrade > a machine to postfix. Who forced you to do so ? I know, this is sort of a rhetorical question but I have severe doubts that you really have an answer that applies corretly. I started running Sendmail based systems on the net about 9 years ago and I never had a system compromised. It is sufficient to know what you're doing. Switching over to Postfix is not the solution for your specific problem, it's just the illusion of a fix. Good luck, Martin. -- Unix _IS_ user friendly - it's just selective about who its friends are ! -- ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Martin Spott wrote: I started running Sendmail based systems on the net about 9 years ago and I never had a system compromised. It is sufficient to know what you're doing. Switching over to Postfix is not the solution for your specific problem, it's just the illusion of a fix. Nope. Postfix as a better design. It's port listener is as small as possible (meaning it is much easier to make safe). If there is a flaw in the code further down the road it is *much* harder to exploit. Erik ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
> Gene Buckle <[EMAIL PROTECTED]> wrote: > >> Gene Buckle writes: > >> > Thanks Norman. I wish they'd stop writing such crap. *sigh* > >> > > >> > g. > >> > > >> > > >> > On Mon, 25 Aug 2003, Norman Vine wrote: > >> > > >> > > FYI > >> > > http://www.cert.org/advisories/CA-2003-07.html > >> > >> On average for the last 10 years, Sendmail has probably been good for > >> one of these alerts per week. :-) Most of them probably aren't as > >> serious as they sound though. A lot of unix security alerts are for > >> "theoretical" problems with no known implimentation of an exploit. > >> > > > It's just that I had far better things to do with my evening than upgrade > > a machine to postfix. > > Who forced you to do so ? I know, this is sort of a rhetorical question but > I have severe doubts that you really have an answer that applies corretly. > > I started running Sendmail based systems on the net about 9 years ago and I > never had a system compromised. It is sufficient to know what you're doing. > Switching over to Postfix is not the solution for your specific problem, > it's just the illusion of a fix. > I've been nailed twice. Once through an IRC exploit on a server I was running, and once under a BIND exploit. The first one I closed fairly quickly, the second one was a mess though. I came down with the flu the day before the Bugtraq announcement and they had the run of my main webserver for the better part of two weeks. They'd put so many back doors and trojans in there that I just wiped the box and started from scratch. I traced the little bastards all the way back to Romainia. They only reason they're both not parapalegics right now was my lack of available vacation time when the event occured. I've since cooled down considerably. :) g. ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Erik Hofman <[EMAIL PROTECTED]> wrote: > Martin Spott wrote: >> I started running Sendmail based systems on the net about 9 years ago and I >> never had a system compromised. It is sufficient to know what you're doing. >> Switching over to Postfix is not the solution for your specific problem, >> it's just the illusion of a fix. > Nope. Postfix as a better design. The design of Postfix doesn't buy me anything. As we all know _every_ software has bugs and _every_ software design is susceptible to flaws. The designers of Sendmail actually have learned their lesson over the years and if you follow the development around Sendmail you'd know that it is not a big deal to build a safe mail relay with Sendmail that draws level with . You don't have to figure the configuration details of a new MTA to achieve this. As I already said: It is sufficient to know what you're doing, Martin. -- Unix _IS_ user friendly - it's just selective about who its friends are ! -- ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
But wait a second ... this is a scary thought because *we* develop software. Do we want to be held to those same standards as we might propose for microsoft? If someone exploits a bug or oversight in flightgear to do damage, do we want to be held liable? We could just exempt ourselves from blame in our licensing terms as we do now, but if we can do that, why can't microsoft. You're missing one big point: Microsoft is a profit organization, selling their products. We develop for free. Now, if I found a bug in FG, that's ok, it isn't even final release yet, it is also free of cost, so what to expect anyway. If I found a bug in Win98 showing me blue screen and even shutting down my whole system because I ejected my CD accidentely (note how long the *nix systems need to shut down. Windows just whop, and the computer reboots by himself in a flash :)) I feel no mercy at all for blaming M$ for the system fault. I bought their system and I require perfection. That's why I payed for it (no matter how much or which version). Obviously, the product wasn't designed well or wasn't mature enough for the end-user usage or something. - Matevz ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Ok, I hate to drag this off topic thread further off topic. But the other poster was right. FlightGear isn't the best place for MS bashing. These days it is almost as much fun to bash SCO: http://armedndangerous.blogspot.com/2003_08_17_armedndangerous_archive.html#106157186387886957 But before Linux users get too smug, don't forget that a *huge* component of the spam problem is due to people running open mail relays. I would guess that many of these are Linux system unfortunately. Your best defense (which is true if you run Linux, MS, FreeBSD, or any other system) is to keep up on the latest security patches. *All* systems have bugs and oversights in the design that are discovered and (hopefully fixed) over time. If the end user doesn't keep up with these they are risking a lot of trouble (whether they run an open-source or closed-source OS.) It's unfortunate though that gaping wide open holes continue to be exploited, and re-exploited, and re-exploited. This isn't entirely MS's fault (although they make a nice fat easy tempting target.) Durk, to address your 747 recall point (which is an interesting one.) What is the cost to Boeing if a 747 goes down? After all the lawsuits it could be *very* significant ... maybe even more expensive than recalling the entire fleet for an upgrade/fix. If an email virus floods the net, what is the cost to MS? Yeah they get bashed on the public forums, but for every basher, there is someone speaking up to defend them ... Historically, they whip up a patch, make it available, and everyone just keeps going along. The lawyers don't go into a feeding frenzy with lawsuits. I wonder what would happen if they lawyers started holding companies accountable for the software they write and the damage caused by bugs? What if legislatures passed laws forcing companies to be accountable? (Or if you live in a country with a dictator, he/she could just beat the crap out of the developers everytime someone found a bug.) That is probably what it would take to fix this problem. Then MS would have a financial incentive to build secure systems and software (and keep them secure.) Right now they don't. But wait a second ... this is a scary thought because *we* develop software. Do we want to be held to those same standards as we might propose for microsoft? If someone exploits a bug or oversight in flightgear to do damage, do we want to be held liable? We could just exempt ourselves from blame in our licensing terms as we do now, but if we can do that, why can't microsoft. Anyway, the answer to all of this usually is to stay vigiliant and keep all your systems fully up to date with all the latest patches and fixes. Regards, Curt. Durk Talsma writes: > The problem is: Microsoft's notoriously bad track record _is_ still relevant > today. Since this list is dedicated to Flight Simulation software, everybody > will be familiar with Murphy's Law, which basically says that every design > flaw, no matter how small it is, will make something go wrong, break, lead to > disaster, or wreak havoc some way or the other. Think of it from a > statistical point of view: A one percent chance of failure in some piece of > equipment, multiplied by a hunderd copies of this piece, multiplied by a few > thousand uses of it, will lead to an estimated few thousand disasters! So, > there's just no room for error here. > > In the computer industry, it's exactly the same. On an inherently insecure > system, even when it's operated by a savvy user, there is a very small, but > real chance, that somebody gets in trouble. Accidents do happen. Now multiply > this by the number of inherently insecure systems around, and when these > systems are all connected, you have a scenario for disaster. For some strange > reason, MS has been ignoring this basic design philosophy for years and the > consequences are still around. Even though the latest version of MS products > have fixed some security issues, they still have the inherently insecure > options (which are enabled by default) and there are still millions of older > computers systems out there, which are _not even nearly_ safe. What's more, > these are the systems owned by people who are (although otherwise reasonably > intelligent) not so computer savvy as we are. (BTW: I strongly suspect that > somebody who's subscribed or has been subscribed to one of the fgfs lists is > infected by the sobig virus. I've been getting at least three different email > bounces from virus scanners that were addressed to other fgfs-devel members. > Now, what's the connection between me and other fgfs-devel list members... > :-)). > > To give a very sad example: My sister's father in law was in his early > seventies when he purchased his first computer, and was very proud that he > mastered the art of computing. Now, after a couple of weeks, his computer was > infected by a virus, which happily started sending me emails. Now, can
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
On Tuesday 26 August 2003 02:52 am, Mally wrote: > Curt > > > Outlook is a program that (doesn't have to) but seems happy to run > > just about any program anyone on the internet wants to send it. I've > > heard stories that in some cases, outlook will open/run the attachment > > silently behind the scenes even if you just delete the message without > > reading it. It's one of those pieces of software that was written to > > be used in a happy place where everyone get's along and no one does > > anything mean to each other ... like at ... I don't know ... tele > > tubby land or something. > > I don't want to spoil the party, but please bear in mind that people on the > flightgear lists (who by and large tend to know what they are doing) who > choose to use Outlook or Outlook Express are likely to feel alienated by > the perpetuation of anti-Microsoft arguments that may have been valid at > some point in history but which are no longer relevant. > The problem is: Microsoft's notoriously bad track record _is_ still relevant today. Since this list is dedicated to Flight Simulation software, everybody will be familiar with Murphy's Law, which basically says that every design flaw, no matter how small it is, will make something go wrong, break, lead to disaster, or wreak havoc some way or the other. Think of it from a statistical point of view: A one percent chance of failure in some piece of equipment, multiplied by a hunderd copies of this piece, multiplied by a few thousand uses of it, will lead to an estimated few thousand disasters! So, there's just no room for error here. In the computer industry, it's exactly the same. On an inherently insecure system, even when it's operated by a savvy user, there is a very small, but real chance, that somebody gets in trouble. Accidents do happen. Now multiply this by the number of inherently insecure systems around, and when these systems are all connected, you have a scenario for disaster. For some strange reason, MS has been ignoring this basic design philosophy for years and the consequences are still around. Even though the latest version of MS products have fixed some security issues, they still have the inherently insecure options (which are enabled by default) and there are still millions of older computers systems out there, which are _not even nearly_ safe. What's more, these are the systems owned by people who are (although otherwise reasonably intelligent) not so computer savvy as we are. (BTW: I strongly suspect that somebody who's subscribed or has been subscribed to one of the fgfs lists is infected by the sobig virus. I've been getting at least three different email bounces from virus scanners that were addressed to other fgfs-devel members. Now, what's the connection between me and other fgfs-devel list members... :-)). To give a very sad example: My sister's father in law was in his early seventies when he purchased his first computer, and was very proud that he mastered the art of computing. Now, after a couple of weeks, his computer was infected by a virus, which happily started sending me emails. Now, can we hold people like him responsible for this? I don't think so. What's more, it scares these people away from using computers at all. When you're new to computers, you expect them to work, and be able to safely use whatever tools are available in whatever configuration they are. If microsoft were a responsible company (which they are not), they would have recalled all those insecure systems back to their factory and upgraded these systems to something that is safe. Okay, there's the upgrade feature, but this is not good, because it puts the responsibility for upgrading where it doesn't belong, namely the user. To draw a parallel with the aviation industry: Boeing has recalled all their older 747s back after a design flaw was discovered that had resulted in mid-air engine loss (Erik: Remember the Bijlmerramp in 1991, near Amsterdam??). It cost the company millions, but at least flying the older 747's is safe again. Somebody commented that taking away the freedom to remotely run insecure code, as a tradeoff for enhanced security is a _bad_ thing. Well, other than this _feature_ of windows being completely useless (if MS really wanted to improved task automization they'd better develop a good scripting language). To draw another parrallel with the avaition industy, I would _very much_, like to have the freedom to board planes, or visit the cockpit during flight, without being treated as a terrorist suspect, and one could argue that just because of a few individuals who don't know their responsibilities and bring bombs aboard, we shouldn't have all these security people around? Mind you, a recent slashdot article showed that the sobig virus _is_ probably a lot scarier than most people think, and amongst others, installs open relay smtp servers (for spamming purposes) and password stealers o
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
> Gene Buckle writes: > > Thanks Norman. I wish they'd stop writing such crap. *sigh* > > > > g. > > > > > > On Mon, 25 Aug 2003, Norman Vine wrote: > > > > > FYI > > > http://www.cert.org/advisories/CA-2003-07.html > > On average for the last 10 years, Sendmail has probably been good for > one of these alerts per week. :-) Most of them probably aren't as > serious as they sound though. A lot of unix security alerts are for > "theoretical" problems with no known implimentation of an exploit. > It's just that I had far better things to do with my evening than upgrade a machine to postfix. One that handles something like 6 mailing lists too. Pissed off doesn't begin to describe my condition right now. *snarl* g. ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
On Tue, 26 Aug 2003 07:52:39 +0100, "Mally" <[EMAIL PROTECTED]> wrote in message <[EMAIL PROTECTED]>: > Curt > > > Outlook is a program that (doesn't have to) but seems happy to run > > just about any program anyone on the internet wants to send it. > > I've heard stories that in some cases, outlook will open/run the > > attachment silently behind the scenes even if you just delete the > > message without reading it. It's one of those pieces of software > > that was written to be used in a happy place where everyone get's > > along and no one does anything mean to each other ... like at ... I > > don't know ... tele tubby land or something. > > I don't want to spoil the party, but please bear in mind that people > on the flightgear lists (who by and large tend to know what they are > doing) who choose to use Outlook or Outlook Express are likely to feel > alienated by the perpetuation of anti-Microsoft arguments that may > have been valid at some point in history but which are no longer > relevant. > > I'm not an apologist for Microsoft, but there has to be room for > rational analysis of the current rather than historical situation, > i.e. that for anyone prepared to take sensible precautions as Jon and > myself (and no doubt others) have done, Outlook and Outlook Express > remain valid choices of email client. > > Undoubtedly many installations of these email clients, particularly in > the home environment, are unsafe, but used properly the software > itself is not. The most realistic prospect for a widespread > improvement in the global email-virus situation is for the relevant > options currently available in Outlook Express to be widely > publicised. The alternative, for everyone to change their browser, is > simply not going to happen, at least not in the short term, though > Microsoft themselves could well precipitate a move in this direction > if and when they stop developing Outlook Express. ..the way to deal with this problem, is advice the Wintendo users how to deal with its lack of security, on the why, simply check Microsoft's track record with every one elses and draw your own conclusions. ..the how may be harder, as a stop gap measure, get an old box and put ipcop-1.3 on it, http://ipcop.org/ is a firewall distro, it has a proxy server to minimize traffic when you hit that "Back"-button etc, and you control it from your web browser. 10 min setup time. ..no, it will not stop a virus, you still need anti-virus software, and, no, it will not stop your own viruses from harming other people, so you still need anti-virus software as long as you run Wintendo. ..next, you wanna use a non-Microsoft browser, a non-Microsoft news reader, a non-Microsoft mail client, a non-Microsoft ftp client, a non-Microsoft ssh "telnet" client, and these are preferably 5 different programs. Tech reason is a mail bug has no effect on a web browser, unless it is up-tightly "integrated" into some sorry excuse of whatever, another valid reason is avoid becoming a global celebrity on an email cock-up, like that London-based Aussie finance double-penetrator or whatever. ..a number of non-Microsoft virus checkers and Microsoft one too, I hear is adviceable, Microsoft _oughtta_ know what they ship, but then there's Teletubbyland. ;-) ..when your wintendo _is_ infected and deadlines etc _makes_ you do dumb things, there are alternatives: http://damnsmalllinux.org/ fits on and runs off a nice wee 50MB credit card size cd, it's yet another derivative of http://knoppix.com/ , a listing of sweet variants: http://knoppix.net/docs/index.php/KnoppixCustomizations , some of these helps you recover your data, and some are _fun_. ;-) -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Norman Vine wrote: FYI http://www.cert.org/advisories/CA-2003-07.html Again? Use Postfix instead. Erik ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Curt > Outlook is a program that (doesn't have to) but seems happy to run > just about any program anyone on the internet wants to send it. I've > heard stories that in some cases, outlook will open/run the attachment > silently behind the scenes even if you just delete the message without > reading it. It's one of those pieces of software that was written to > be used in a happy place where everyone get's along and no one does > anything mean to each other ... like at ... I don't know ... tele > tubby land or something. I don't want to spoil the party, but please bear in mind that people on the flightgear lists (who by and large tend to know what they are doing) who choose to use Outlook or Outlook Express are likely to feel alienated by the perpetuation of anti-Microsoft arguments that may have been valid at some point in history but which are no longer relevant. I'm not an apologist for Microsoft, but there has to be room for rational analysis of the current rather than historical situation, i.e. that for anyone prepared to take sensible precautions as Jon and myself (and no doubt others) have done, Outlook and Outlook Express remain valid choices of email client. Undoubtedly many installations of these email clients, particularly in the home environment, are unsafe, but used properly the software itself is not. The most realistic prospect for a widespread improvement in the global email-virus situation is for the relevant options currently available in Outlook Express to be widely publicised. The alternative, for everyone to change their browser, is simply not going to happen, at least not in the short term, though Microsoft themselves could well precipitate a move in this direction if and when they stop developing Outlook Express. Mally --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/03 ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
On Monday 25 August 2003 9:44 pm, Curtis L. Olson wrote: > Gene Buckle writes: > > Thanks Norman. I wish they'd stop writing such crap. *sigh* > > > > g. > > > > On Mon, 25 Aug 2003, Norman Vine wrote: > > > FYI > > > http://www.cert.org/advisories/CA-2003-07.html > > On average for the last 10 years, Sendmail has probably been good for > one of these alerts per week. :-) Most of them probably aren't as > serious as they sound though. A lot of unix security alerts are for > "theoretical" problems with no known implimentation of an exploit. > Not everybody runs sendmail either. It's the first thing I ditched. ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Gene Buckle writes: > Thanks Norman. I wish they'd stop writing such crap. *sigh* > > g. > > > On Mon, 25 Aug 2003, Norman Vine wrote: > > > FYI > > http://www.cert.org/advisories/CA-2003-07.html On average for the last 10 years, Sendmail has probably been good for one of these alerts per week. :-) Most of them probably aren't as serious as they sound though. A lot of unix security alerts are for "theoretical" problems with no known implimentation of an exploit. Part of the problem is that sendmail is a program that has to openly chatter with anyone on the internet that wants to talk. And it has to have a certain level of system priveledge since it often needs to deliver mail ... that's just asking for trouble. :-) Outlook is a program that (doesn't have to) but seems happy to run just about any program anyone on the internet wants to send it. I've heard stories that in some cases, outlook will open/run the attachment silently behind the scenes even if you just delete the message without reading it. It's one of those pieces of software that was written to be used in a happy place where everyone get's along and no one does anything mean to each other ... like at ... I don't know ... tele tubby land or something. Curt. -- Curtis Olson HumanFIRST Program FlightGear Project Twin Citiescurt 'at' me.umn.edu curt 'at' flightgear.org Minnesota http://www.menet.umn.edu/~curt http://www.flightgear.org ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Thanks Norman. I wish they'd stop writing such crap. *sigh* g. On Mon, 25 Aug 2003, Norman Vine wrote: > FYI > http://www.cert.org/advisories/CA-2003-07.html > > ___ > Flightgear-devel mailing list > [EMAIL PROTECTED] > http://mail.flightgear.org/mailman/listinfo/flightgear-devel > ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
FYI http://www.cert.org/advisories/CA-2003-07.html ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Mally wrote: Thanks. It looks as if they're not exactly ditching Outlook Express, just not doing any further development. I can't see users switching en masse to a paid version of Outlook as MS appear to hope. It's more likely that they'll switch to alternative (non-MS) email clients, which I'm sure many of you will reckon is no bad thing! It turns out Microsoft has already changed their mind about it ... Erik ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Mally wrote: Oh lord. And they are going to ditch Outlook Express in favor of Outlook. Will they ever learn? I wasn't aware of that. Is there an announcement somewhere? Mally A month ago or so MS announced that he will drop the development of IE branch. New versions will only be available in combination with new system/service pack. Seperate program upgrade is "too risky" in their opinion as it is built in the system and becomes a part of it. The same announcement MS expressed few weeks ago, telling that he will drop Outlook Express for the same reasons. BUT, not only that, Billy also said that there will *probably* be no Outlook Express by default in any new system. So, the user will be forced to use MS Office and normal Outlook in the future. Heh, I'm lucky I got rid of the Microsh*t system quite a while ago. (in other words, *nix rules! ;)). - Matevz ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Thanks. It looks as if they're not exactly ditching Outlook Express, just not doing any further development. I can't see users switching en masse to a paid version of Outlook as MS appear to hope. It's more likely that they'll switch to alternative (non-MS) email clients, which I'm sure many of you will reckon is no bad thing! Mally - Original Message - From: "Erik Hofman" <[EMAIL PROTECTED]> To: "FlightGear developers discussions" <[EMAIL PROTECTED]> Sent: Monday, August 25, 2003 11:58 AM Subject: Re: [Flightgear-devel] [OT] Angry rant: the end of [EMAIL PROTECTED] > Mally wrote: > >>Oh lord. And they are going to ditch Outlook Express in favor of > >>Outlook. Will they ever learn? > > > > > > I wasn't aware of that. Is there an announcement somewhere? > > > http://slashdot.org/article.pl?sid=03/08/13/238245&mode=thread&tid=109&tid=113&tid=126&tid=187&tid=95 > > Erik > > > ___ > Flightgear-devel mailing list > [EMAIL PROTECTED] > http://mail.flightgear.org/mailman/listinfo/flightgear-devel > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/03 ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Jim > The options shouldn't be there. The whole idea of a mime-type (or file > extension type) support in an email attachment, that comes to the user from > outside, containing executable code or script that has full access to the > system, which is either either launched automatically or clicked by the user, > is, in a word, _ridiculous_. Microsoft has been backpedaling on this for > years now, trying to fix the problem by various means. You're right about Microsoft backpedalling. After years of trying to make Outlook Express into a "richer environment" for the user by burdening it with all sorts of dangerous technologies, they've now made it so that all this can be completely disabled with just a few simple clicks in the Options dialogs. That's quite a climb-down. What else do you want? I've already said what I want - Microsoft to publicise the "safe" options, change the default installation options so that they are intrinsically safe, and possibly release a reconfiguration tool to automatically make existing set ups safe. Oh, and to add this functionality into Outlook 2003 if it's not already there. It would be nice to think that everyone in the world would switch to an alternative email client, but how realistic is that? Far better to work with what's out there, particularly as OE6 already has the capabilities to switch off the ridiculous behaviour you've described. Mally --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/03 ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Mally writes: > I'm very sorry to hear about your plague of false virus warnings. I > get a few of these myself, but nothing on the scale you're > seeing. The possibility/probability that it will force you to drop > megginson.com is very unwelcome news. Thanks. Fortunately, it's just the [EMAIL PROTECTED] e-mail address. My current ISP (unlike a couple of others I tried) is very understanding, and is simply blocking [EMAIL PROTECTED] at the SMTP server so that I can use the rest of my domain. > I don't know if you intentionally said "Outlook" rather than > "Outlook Express", but since a year ago or more, Outlook Express > has been capable of being set up to be a completely secure email > client, sending AND receiving in plain text only. The problem is > that Microsoft, having finally come to their senses in providing > this functionality, have failed to tell anyone about it or change > the default configuration to a safe configuration. That's interesting information -- the next time I talk to someone forced to use MS products, I'll pass the information on. All the best, David ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Jon Berndt writes: > Yeah, it's pretty bad. Microsoft ought to be completely > embarrassed. For those of you whose ISPs provide a filtering > service I'd advise taking it. I pay about $2 a month for this > service and it has caught ALL of the virii headed for my Inbox. I regularly filter both at my ISP and on my home computer. Unfortunately, once the volume gets that high, the ISP's whole system starts suffering. Note that the actual virus email (exe/bat/pif/scr attachments) is a small minority of the problem -- most of the mail is virus warnings or bounces from messages that infected computers sent, with my return address attached. > David: Is there a way you can simply disable the address for a week > or so until this clears up? That's what's happened, but I'm afraid that it's not going to clear up. I was getting hundreds (and sometimes over a thousand) such messages every day before the current outbreak. I see no way that things are going to slow down now -- the forged messages from me will keep finding their way to new Outlook installations. I will keep hoping, though. Thanks, David ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Mally <[EMAIL PROTECTED]> said: > Anyone using Outlook Express should ensure that they are using the latest > version, Outlook Express 6, and that they have the appropriate options set in > the Security, Send and Receive tabs of the Tools, Options... dialog. > > Outlook (a different program), remains insecure as far as I know - I no longer > need to use it for work, so I am out of touch with it's current status. > The options shouldn't be there. The whole idea of a mime-type (or file extension type) support in an email attachment, that comes to the user from outside, containing executable code or script that has full access to the system, which is either either launched automatically or clicked by the user, is, in a word, _ridiculous_. Microsoft has been backpedaling on this for years now, trying to fix the problem by various means. Best, Jim ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Outlook is actually a more capable version of Outlook Express (thus the name "Express"). I use Outlook. I haven't had any problems with it. I just don't open the wrong kinds of attachments. Problem solved. Also, I use the filtering service my ISP makes available. Jon > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Mally > Sent: Monday, August 25, 2003 4:03 AM > To: FlightGear developers discussions > Subject: Re: [Flightgear-devel] [OT] Angry rant: the end of > [EMAIL PROTECTED] > > > > Oh lord. And they are going to ditch Outlook Express in favor of > > Outlook. Will they ever learn? > > I wasn't aware of that. Is there an announcement somewhere? > > Mally > > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/03 > > ___ > Flightgear-devel mailing list > [EMAIL PROTECTED] > http://mail.flightgear.org/mailman/listinfo/flightgear-devel ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Mally wrote: Oh lord. And they are going to ditch Outlook Express in favor of Outlook. Will they ever learn? I wasn't aware of that. Is there an announcement somewhere? http://slashdot.org/article.pl?sid=03/08/13/238245&mode=thread&tid=109&tid=113&tid=126&tid=187&tid=95 Erik ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
> Oh lord. And they are going to ditch Outlook Express in favor of > Outlook. Will they ever learn? I wasn't aware of that. Is there an announcement somewhere? Mally --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/03 ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
Mally wrote: David I'm very sorry to hear about your plague of false virus warnings. I get a few of these myself, but nothing on the scale you're seeing. The possibility/probability that it will force you to drop megginson.com is very unwelcome news. I don't know if you intentionally said "Outlook" rather than "Outlook Express", but since a year ago or more, Outlook Express has been capable of being set up to be a completely secure email client, sending AND receiving in plain text only. The problem is that Microsoft, having finally come to their senses in providing this functionality, have failed to tell anyone about it or change the default configuration to a safe configuration. Anyone using Outlook Express should ensure that they are using the latest version, Outlook Express 6, and that they have the appropriate options set in the Security, Send and Receive tabs of the Tools, Options... dialog. Outlook (a different program), remains insecure as far as I know - I no longer need to use it for work, so I am out of touch with it's current status. Oh lord. And they are going to ditch Outlook Express in favor of Outlook. Will they ever learn? Erik ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
David I'm very sorry to hear about your plague of false virus warnings. I get a few of these myself, but nothing on the scale you're seeing. The possibility/probability that it will force you to drop megginson.com is very unwelcome news. I don't know if you intentionally said "Outlook" rather than "Outlook Express", but since a year ago or more, Outlook Express has been capable of being set up to be a completely secure email client, sending AND receiving in plain text only. The problem is that Microsoft, having finally come to their senses in providing this functionality, have failed to tell anyone about it or change the default configuration to a safe configuration. Anyone using Outlook Express should ensure that they are using the latest version, Outlook Express 6, and that they have the appropriate options set in the Security, Send and Receive tabs of the Tools, Options... dialog. Outlook (a different program), remains insecure as far as I know - I no longer need to use it for work, so I am out of touch with it's current status. Mally - Original Message - From: "David Megginson" <[EMAIL PROTECTED]> To: "FlightGear developers discussions" <[EMAIL PROTECTED]> Sent: Sunday, August 24, 2003 5:06 PM Subject: [Flightgear-devel] [OT] Angry rant: the end of [EMAIL PROTECTED] > I think that my long-held [EMAIL PROTECTED] address will have to be > euthanised. It has been getting many tens of thousands of messages a > day, nearly all false bounces or (ironically) warnings from > virus-checking software, and even just the CPU load for the procmail > filtering for those messages (I can catch over 90% of them) is more > than any ISP is willing to take on. I'm able to keep > [EMAIL PROTECTED] alive, fortunately, but I'll have to pick a new > [EMAIL PROTECTED] address for myself. > > Thus I, who do not use Outlook or Windows, have ended up a victim of > that software. I've lost my well-known e-mail address (published in > books, magazine and newspaper articles, and Web sites) and have > possibly missed out on consulting work and other opportunities, not to > mention a week's lost time dealing with the problem. > > Note that the people who use virus-checking software are doing me as > much damage than the people without it, because of all the false virus > warning messages being sent to me automatically. As I explained to > someone recently, using Outlook to read e-mail is like licking public > toilets; using Outlook with a virus checker is like taking antibiotics > and then licking public toilets (it might work, but it's hardly > optimal). > > Please, people, if you have a choice, don't read e-mail with Outlook, > or at least, don't read the flightgear lists with that program. I > know that some of you are forced to use Outlook at work, but there's > no excuse for using it at home or school. Just say no: there are many > decent alternatives even for Windows, such as Eudora and Mozilla mail. > > > All the best, > > > David > > -- > David Megginson, [EMAIL PROTECTED], http://www.megginson.com/ > > ___ > Flightgear-devel mailing list > [EMAIL PROTECTED] > http://mail.flightgear.org/mailman/listinfo/flightgear-devel > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/03 ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
David Megginson <[EMAIL PROTECTED]> said: > I think that my long-held [EMAIL PROTECTED] address will have to be > euthanised. It has been getting many tens of thousands of messages a > day, nearly all false bounces or (ironically) warnings from > virus-checking software, and even just the CPU load for the procmail > filtering for those messages (I can catch over 90% of them) is more > than any ISP is willing to take on. I'm able to keep > [EMAIL PROTECTED] alive, fortunately, but I'll have to pick a new > [EMAIL PROTECTED] address for myself. > That's too bad. Any chance you can hold off for a few days? My guess is this current outbreak should pass soon. I'm getting about 100 times the normal rate of these in my mailbox in recent days. Microsoft is facing some serious problems now...and it is (IMO) totally based in the basic design, than lack of security issues training and development skills within their programming staff. Both IE5/6 and Outlook have really headed into some dangerous territory. It can't be fixed, so the best solution really is to get something else. Now that toilet licking analogy...is well...ummm...kind of interesting :-) Best, Jim ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
On Sun, 24 Aug 2003 12:06:35 -0400, David Megginson <[EMAIL PROTECTED]> wrote in message <[EMAIL PROTECTED]>: > Please, people, if you have a choice, don't read e-mail with Outlook, > or at least, don't read the flightgear lists with that program. I > know that some of you are forced to use Outlook at work, but there's > no excuse for using it at home or school. Just say no: there are many > decent alternatives even for Windows, such as Eudora and Mozilla mail. .._not_ me, _no_ way! The _Only_ Reasonable Way[Tm] to deal with Bill Gates and his vira, is inside a 20' welded shut freight container with a buffer pallet of baseball bats in each corner, a feeder band for replacements and an auger screw for tooth pick removal. -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
RE: [Flightgear-devel] [OT] Angry rant: the end of david@megginson.com
> I think that my long-held [EMAIL PROTECTED] address will have to be > euthanised. It has been getting many tens of thousands of messages a Yeah, it's pretty bad. Microsoft ought to be completely embarrassed. For those of you whose ISPs provide a filtering service I'd advise taking it. I pay about $2 a month for this service and it has caught ALL of the virii headed for my Inbox. David: Is there a way you can simply disable the address for a week or so until this clears up? Jon ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel