Posts by And Clover 14 publicly visible posts • joined 19 Dec 2007
How about some alternatives for those of us who prefer not to buy in to Apple's closed and expensive MP3 player ecosystem?
For example, can the Sony device play audio from SD/MS as well as video, and can it do it on a wake-up timer?
This device works well as an MP3-playing alarm clock for me (from USB memory stick): http://www.amazon.co.uk/Naf-Clock-MP3-Stereo-Radio/dp/B0028YGY1K
> Can anyone tell me which applications: can run on Windows XP; cannot run on Windows 7
Apart from all the old, dodgy and bespoke apps that don't get on with 7 (or which mess up with UAC in general), there's one big one for enterprises: the dreaded IE6.
Many poorly-coded intranet apps *still* don't work on any other browser, and because IE is welded into the OS, you can't (in an easy/supportable-for-IT way) run IE6 on Win7 or Vista. This lamentable technical decision, originally made to ensure MS's dominant position in the browser market, is now costing them sales. Whoops.
XP Mode would be the fix for this, except for the issues with Intel turning off VT on lower-end chips as an artificial product line differentiator, and rubbish OEMs like Sony turning it off because they're miserable idiots. Hopefully this will now stop.
[It remains unclear why the new version of VirtualPC, on which XP Mode is built, requires hardware virtualisation; the old versions didn't. VirtualBox's hardware virtualisation support is better now, and needed for running 64-bit guests, but for normal 32-bit XP there's no need for it.]
McColo have been housing the blackest of blackhats from the Russian-language AWM/malware scene for years. Really, really nasty stuff, the spam isn't the half of it.
I'm not sure what's happened to wake the upstreams up after years of ignoring security researchers' findings on companies like Atrivo and McColo, but it's very welcome.
Yes, of course the abuse will move to other providers in other countries, but the increased expense of moving hosting around and being kept out of US datacentres should hopefully cut down the plague of low-end affiliate players - the kind of guys we'd call script kiddies except that they do $millions of damage.
The net-abuse routing out of Atrivo was not just spam (both mail and web form spam), it was all sorts of malware, exploits, illegal porn, botnets and banking fraud.
This is not a free speech issue - this is simple crime.
Atrivo are not themselves the black-hats; the blame lies with a few of their resellers - primarily Esthost - which take up a majority of their netspace. I'm sure Atrivo will be back, but hopefully they will get the message that continuing to stick up for the criminals at Esthost is no longer acceptable.
Meanwhile Esthost are already moving resources to other netblocks they have which are routed by other shady upstreams. So on the one hand it's good to finally have something done about the biggest source of malware on the web after years of abuse, but on the other those of us blackholing them on a local level will probably get some new IP ranges to block...
I don't always agree with the aggressiveness of spamhaus's decisions, but in the grand scheme of things they have done a lot of good.
Which of these support the USB Mass Storage Device standard (and so can have music added and removed using the normal file manager of any OS)?
Having to use cruddy software like iTunes or the above-mentioned (and indeed just awful) SonicStage is an absolute deal-breaker for me. I can't understand why any manufacturer would make a device without USB-MSD, it's not exactly a difficult feature.
combatwombat: it's no use looking at any of the whois information in these cases. The addresses given are invariably either:
a. completely made up
b. just copied from some other entity's address
c. mailboxes/forwarding companies
The people behind these fake anti-virus apps are Russian hackers coming from the AWM scene (and others in the Russian satellites). The registrar Estdomains (aka Esthost, Inhoster, UkrTelegroup, Cernel, Rove Digital and a multitude of other aliases) are themselves blackhats, directly in on the porn->exploit/fake-codec->trojan/fake-AV-install game. So they're not too fussy about correct whois details.
You could complain to ICANN and get the domain revoked in, what, six months. But these guys constantly change their names and register hundreds of new domains, so it's kind of pointless.
Flash is full of obnoxious features ripe for abuse by malvertisements. If it's not the clipboard access, or cookies you can't block with the normal browser controls, it's the mundane irritation of pop-ups, surprise LOUD auto-playing sound and CPU-killing animations.
The Firefox Flashblock extension - or some similar means of disabling such plug-ins by default in other browsers - is the only sensible response.
Sometimes even those dreaded evil corporations are right! Many of the ES4 and JS2 criticisms are very much valid; sure there's politics, but the argument is also technical.
Personally I don't really want to see more and more complexity added to JavaScript at a language level, it is troublesome enough as it is. The E4X extensions in Mozilla are already a syntax and security disaster that would have been better off in a library file. No further "cool" stuff like that please.
Agree with the above comments, this is a pointless bodge - and an incredibly ugly-skinned one, judging by that screenshot.
ReadyBoost hasn't increased speeds much, and no-one wants the extra management overhead of having to assign applications to a separate drive manually. If I wanted to do that I'd just copy the program files over myself.
Flash-cached HDs are more of the same. These features are an exercise in overcomplication, from engineers who have nothing better to do with their time and desperately need to give their product 'features' even if they're of questionable usefulness.
In the long run, the entire system disc of a typical PC is going to be an SSD anyway.
Whilst Real Alternative and QT Lite are massively preferable to RealPlayer/QuickTime, they still contain the same security holes as the originals. Which have demonstated their authors' security uselessness again and again.
Best to install the Alternatives with the 'browser plug-in' option turned off so that these vulnerabilities are not exposed to every web site you visit. Or even better, if you don't need DirectShow Real/QT support, don't install them at all and let VLC handle it.
(This does mean that embedded media players won't work, obviously. The inconvenience of this can, however, be reduced using the Firefox Download Embedded Plugin, which lets you grab media from embedded players easily, so you can then play using a proper, non-postage-stamp-sized media player of your choice.)
Will Blake> Just for accuracy this is actually "iframedollars"
Presumably that's what they're trying to refer to. (I can find no record of 'infradollars' ever having existed.)
However, although CWS.IframeDollars were a big DR installer (they were affiliate 1030), the exploit group associated most strongly with DollarRevenue was CWS.VladZone. They went as far as hosting their worse installs at VladZone servers under the DR name.
Alan Donaly> I don't recall meeting this one
You would have met the things it then went on to install. Whilst DR did have their own spyware, their primary tactic was installing other people's for cash.
> On the other hand trojans you never really get rid of you have to reinstall.
And DR have bundled exactly those kinds of trojans (rootkits etc.).
In any case, unless you're a security expert (and sometimes even then) you're not going to be able to detect the stealthier malware, so you must assume the machine is still compromised and re-install.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
