 |
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> Buying something isn't the same as stealing it.
>
> So, when Microsoft buys a license for PC-DOS or Spyglass, it's stealing,
> but when Oracle does, it isn't stealing?
When you buy a licence for something and then use it in a way that the
licence prohibits, that's stealing. Same way that if I buy a copy of
Excel and put it on one PC, that's buying, but if I put that same copy
onto 2,000 PCs, that's stealing.
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Orchid XP v8 wrote:
>
> What Exchange does is store your mailbox in a central database rather
> than locally on your PC. That's pretty trivial.
>
> OTOH, I'll grant that it's not very "shiny", so that's probably why
> nobody else has done it...
Every IMAP server does that. Lotus Domino does that. It's a bunch of
other features in Exchange that just IMAP servers won't do. I haven't
actually used Exchange so I can't know what it does compared to Lotus
Domino, but I'd guess that Domino is the most realistic choice for Exchange.
>> Windows logins. ASP.NET. Remote administration. A whole different
>> processing module method. Interesting deployment options where you
>> don't have to roll your own. Etc. Go read up on it.
>
> None of that made any sense to me, but hey...
It does for a bunch of people. I personally don't really agree on Apache
not having remote administration, but I can be mislead what Darren
really means (I haven't used IIS in years) - I assume he means that one
can run the administration console from another Windows-PC.
-Aero
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
"Invisible" <voi### [at] dev null> wrote in message
news:4a572297$1@news.povray.org...
> scott wrote:
> > Of course you can if your product is more attractive for customers to
> > want to pay for it.
> It's difficult to see how you could make a web browser more attractive
> to the casual user than IE already is
Besides complimenting IE, what's your point?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Orchid XP v8 wrote:
> What Exchange does is store your mailbox in a central database rather
> than locally on your PC. That's pretty trivial.
It does a lot more than that. It has the calendering, reserving of
conference rooms, meeting scheduling, to-do lists, all the permissions of
getting heirarchical groups of people looking at calendars and to-do lists,
revocable email, one message shared between lots of poeple, offline
synchronization of all that stuff, etc etc.
It does *tons* of stuff. You just don't use it.
>>> So what does IIS do that Apache doesn't then?
>>
>> Windows logins. ASP.NET. Remote administration. A whole different
>> processing module method. Interesting deployment options where you
>> don't have to roll your own. Etc. Go read up on it.
>
> None of that made any sense to me, but hey...
You often seem to argue from a position of ignorance. Rather than argue "X
doesn't do anything more useful than Y", you should probably ask "What does
X do that's more useful than Y" when you don't know the answer.
How can you be IT support for a windows-based company and not understand the
terms "windows logins" and "remote administration"?
>>> (Aside from giving root access to anybody who types their URLs with
>>> backslashes instead of forward slashes...)
>>
>> Cite?
>
> I *think* this is the correct one:
>
>
https://services.netscreen.com/restricted/sigupdates/nsm-updates/HTML/HTTP:IIS:ASP-DOT-NET-BACKSLASH.html
And where does it say anything about root access there?
>
>
--
Darren New, San Diego CA, USA (PST)
"We'd like you to back-port all the changes in 2.0
back to version 1.0."
"We've done that already. We call it 2.0."
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Orchid XP v8 wrote:
>> Don't complain that everyone has to follow the exact same standards
>> and render everything pixel-perfect identical, and then complain it's
>> difficult to differentiate your product enough to sell it.
>
> There are plenty of things a browser can do differently - it's just that
> the casual user isn't going to *care* about such things.
Well, yes, that's my point. Everything the users actually care about have
been standardized, and it's a big selling point that the browser actually
follows the standards.
--
Darren New, San Diego CA, USA (PST)
"We'd like you to back-port all the changes in 2.0
back to version 1.0."
"We've done that already. We call it 2.0."
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Eero Ahonen wrote:
> It does for a bunch of people. I personally don't really agree on Apache
> not having remote administration,
Apache doesn't have remote administration, as far as I know. Linux has
remote stuff in general, but you actually have to log into the machine
running Apache to restart it, and you have to look at the files that Apache
instance is reading to change the configuration.
There's no tool for Apache, as far as I know, that lets you change the
configuration on 300 distributed web servers and then sequence a restart of
them in such a way that you're not killing anyone's page-serve as the
servers restart. You have to roll your own using scp (or shared directories
holding the configuration), ssh, etc. You can't turn off an Apache server
without logging into the machine where it's running, and you cant change the
configuration without logging into whatever machine is holding the
configuration files.
--
Darren New, San Diego CA, USA (PST)
"We'd like you to back-port all the changes in 2.0
back to version 1.0."
"We've done that already. We call it 2.0."
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Orchid XP v8 wrote:
> If I'm not mistaken, HTML was a standard long before M$ started adding
> nonportable attributes and entities.
Err, no. Remember <blink>?
--
Darren New, San Diego CA, USA (PST)
"We'd like you to back-port all the changes in 2.0
back to version 1.0."
"We've done that already. We call it 2.0."
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Orchid XP v8 wrote:
>>> Buying something isn't the same as stealing it.
>>
>> So, when Microsoft buys a license for PC-DOS or Spyglass, it's
>> stealing, but when Oracle does, it isn't stealing?
>
> When you buy a licence for something and then use it in a way that the
> licence prohibits, that's stealing.
Good thing Microsoft didn't do that! Did you not even read the article?
--
Darren New, San Diego CA, USA (PST)
"We'd like you to back-port all the changes in 2.0
back to version 1.0."
"We've done that already. We call it 2.0."
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> What Exchange does is store your mailbox in a central database rather
>> than locally on your PC. That's pretty trivial.
>
> It does a lot more than that. It has the calendering, reserving of
> conference rooms, meeting scheduling, to-do lists, all the permissions
> of getting heirarchical groups of people looking at calendars and to-do
> lists, revocable email, one message shared between lots of poeple,
> offline synchronization of all that stuff, etc etc.
In other words, it stores more than email messages in a central
database. Still conceptually the same deal, just with a few minor
details on top.
Now the offline synchronisation... *That* is at least nontrivial to do
right.
> You often seem to argue from a position of ignorance. Rather than argue
> "X doesn't do anything more useful than Y", you should probably ask
> "What does X do that's more useful than Y" when you don't know the answer.
Well, when somebody says that two identical things are not, in fact,
identical, I ask what they think is different...
> How can you be IT support for a windows-based company and not understand
> the terms "windows logins" and "remote administration"?
I don't see what "windows logins" have to do with a generic web server,
that's all.
>>>> (Aside from giving root access to anybody who types their URLs with
>>>> backslashes instead of forward slashes...)
>>>
>>> Cite?
>>
>> I *think* this is the correct one:
>>
>>
https://services.netscreen.com/restricted/sigupdates/nsm-updates/HTML/HTTP:IIS:ASP-DOT-NET-BACKSLASH.html
>
> And where does it say anything about root access there?
It says that you can "bypass all security controls". How is that
different from root access?
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Orchid XP v8 wrote:
> In other words, it stores more than email messages in a central
> database. Still conceptually the same deal, just with a few minor
> details on top.
No, not really. Shared stuff like calendars is not conceptually the same as
a central email store. What exchange does is inherently hard to get right
because (in part) of the administration/configuration problem and in part
because of the shared part.
A centralized email server isn't sharing anything between users, nor
updating things already in the database.
> Well, when somebody says that two identical things are not, in fact,
> identical, I ask what they think is different...
No. You say "Apache is notable for doing the same thing as IIS", not "What
does IIS do that Apache doesn't?"
>> How can you be IT support for a windows-based company and not
>> understand the terms "windows logins" and "remote administration"?
>
> I don't see what "windows logins" have to do with a generic web server,
> that's all.
Have you ever used an intranet application where you had to log in to the
web page? It means it uses the Active Directory kerberos password stuff to
let you log into web pages.
MS SQL server allows this too.
>>>>> (Aside from giving root access to anybody who types their URLs with
>>>>> backslashes instead of forward slashes...)
>>>>
>>>> Cite?
>>>
>>> I *think* this is the correct one:
>>>
>>>
https://services.netscreen.com/restricted/sigupdates/nsm-updates/HTML/HTTP:IIS:ASP-DOT-NET-BACKSLASH.html
>>
>>
>> And where does it say anything about root access there?
>
> It says that you can "bypass all security controls". How is that
> different from root access?
Where do you see it say "bypass all security controls"? I see it say "bypass
ASP.NET authentication capabilities". I see "bypass authentication required
to access files in secured directories."
What this bug is, in practice, is a way to go
"http://blah.com/yadda\..\..\hello.txt"
and get out of the DocumentRoot defined by the web server. For example, they
could use
"http://blah.com/yadda\..\..\cgi\script.php"
to see the source of your PHP CGI script.
Still not root access.
--
Darren New, San Diego CA, USA (PST)
"We'd like you to back-port all the changes in 2.0
back to version 1.0."
"We've done that already. We call it 2.0."
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
|
|
