Don’t think, just repeat it loudly
I find Paul Thurrott’s Internet Nexus a continual source of perplexity (perplexment? whatever). First annoyance: doesn’t have comments turned on, so one can’t balance the dafter things he repeats or says. Second thing: repeats daft things. Here’s his repeat of an NT Bugtraq warning which fails to pick up on a rather key element of this “vulnerability in the wild”:
“Obviously this is only of interest if an attacker has root (or physical) access to a machine, however…
However, if someone has root (translation: they are God, locally) you’ve already got big enough problems, because they could change your password, and they can access anything you’ve encrypted with Apple’s FileVault. (I’d use PGP anyway.) If they’ve got physical access and a CD - OK, that could be a problem if you haven’t enabled Open Firmware Password, which can disallow someone from starting from anything other than the normal startup disk.
I haven’t looked at this exploit: I expect, based on what’s said, that it’s looking at the swapfiles for longname. (Update: I have, It is.) I saw this reported on an O’Reilly blog a week ago. Read the comments: people tried it and had different results - which suggests to me it’s actually something to do with Appletalk not securing passwords. Many people use the same password all over.
So it’s a vulnerability “in the wild” to the extent that there are hackers prowling around exploiting root vulnerabilities (how many of those are there on OSX, please?) and bearing installer CDs. Except in the latter case, they still have to log into Terminal and then enter a “sudo” (admininstrator) password. Which they’ll get from where, exactly?
This is a classic case of speed-of-light journalism: everyone wants to be first with this story, and to put it on their site first. Nobody brings any expertise to it, however. Result: readers vaguely worried, but not informed.
Meanwhile I had another phishing email (effortlessly spam-trapped by Post Armor) insisting it was “Important Information from Lloyds Bank”. I’d almost feel interested, except I don’t bank with Lloyds. I bet the site it leads you to works perfectly on IE6….
- These posts might be related (the database thinks..):
- No, honestly: you don't have to pay Barclaycard's "late payment charge" (6 September 2005; score: 29.15%)
- Sudding Sudoku! How long can it go on? (answer: a few billion years more) (14 May 2005; score: 26.82%)
- A fact you don't know about Morrissey and the Eurovision Song Contest (10 January 2007; score: 22.8%)
![[Valid RSS]](wp-includes/images/valid-rss.png "Validate my RSS feed"){kind=small}
July 9th, 2004 at 5:14 pm
Thurrot’s blog is interesting in a meta sense.
His anti apple bias is so strong, and he posts about them so much, you almost feel sorry for his apple/jobs obsession.
He consistently pastes stories from other pseudo Journalists that slam apple for some thing or another, As those same stories are being cririqued and corrected elsewhere for their failing logic, no facts ,etc.
It seems he does this to other platforms as well.
July 9th, 2004 at 6:16 pm
I agree about the meta-interest. And to be fair I think he called it right about the iPod Mini never being supplied in sufficient numbers. OTOH, he’s never acknowledged that he got it completely wrong when he said the hPod (HP’s resold iPod) would play WMA. (It won’t.) There’s a relentlessness more recently about the postings that you have to form a meta-view of, because there’s no real discussion. As I said, perplexing.
July 9th, 2004 at 9:42 pm
It is astonishing how he’s so often quoted or called for a quote from other “journalists.” He is pretty much stuck in the nexus of 1995 and clearly has very little idea of what’s going on today and how it’s vastly differently than the pre-internet-nearly-all-digital world. He was probably once one of the most knowledgeable PC guys in the business but he hasn’t bothered to learn anything new or he’s incapable of looking around to really see the changes. So the only way he gets attention now is to make bold proclamations either based on a rumor or based on his now-meager knowledge base. Some people also suspect that his “viewpoints” are based on who’s writing the latest check - hey, we all have to make a living but we also can also ALL stop listening to him.
July 10th, 2004 at 7:23 am
Actually, what irritates me more is his pretense to be users of other companies’ OSs and technologies and he pretended to like them with a big ‘but…’ afterward. E.g. he pretended to like Macs but Apple computers are so expensive, insecure, has no apps, and has a lot of weakness compared to XP (let alone Longhorn) *chuckle*. Another one is his pretense to buy iPod only to dump it for (get this) a much superior Dell DJ. His continual denials about problems with Microsoft technologies such as WMA and IE show who wrote the check.
Look, just be honest for a change. Be a Microsoft pundit and never talk about other companies if he can’t be objective about it. He gets more respect that way instead of whoring around.
July 10th, 2004 at 8:20 pm
Totally, 100% off-topic, bearing no resemblance to the content of discussion, more an egotistical barb than anything really useful…
Are you still reading? Okay, here goes. I think the letter-spacing is making the main text very hard to read, at least in Mozilla 1.7 in Panther. I know it’s presumptuous, but might I suggest:
.storycontent {
letter-spacing: 0.1em;
}
or something? Sorry if I come across as arrogant, I’m really honestly just offering an (admittedly limited) visual critique (can you tell I struggle with these issues myself?)
Back on topic, not much to say about Thurrott except that it seems to me that he intentionally takes a devil’s advocate point of view.
Perhaps this is to better insulate himself from disappointment in one of the few companies that continually shows great potential to make the computing world a better place, yet seems to exist on the very edge of irrelevance when compared to the dominant Redmond leviathan.
If Apple disappears next month (it sure feels possible), it was all a pipe dream, but those who kept their feet on the ground will be able to smugly say they never fell for the fairy-tale hope that the underdog really stood a chance.
won
July 10th, 2004 at 10:06 pm
Won, your comments on CSS are really welcome - I’m a real CSS newbie, and am mostly using the Wordpress default. Two things though: (1) you didn’t say if it’s hard to read by being too spaced or too tight (2) there isn’t a .storycontent css element - though I could certainly introduce one.
Charles
July 13th, 2004 at 2:38 am
Well I just used the “Make Font Size Larger” button on my browser until I was happy. I find that nearly any modern browser offers such functionality and it works reasonably well with most sites. If a site’s design doesn’t seem that readable to me, I just hit the button until I can see it clearly.
On the Thurrott situation: He is obviously either a shill or an idiot. Possibly both. I try to ignore him and hope he goes away. I haven’t the foggiest idea why various publications call him for a quote. They’d do better to call the Amish and ask them about high-tech products. At least they’d admit not knowing, rather than make something up that (nearly invariably) later turns out to be wrong.
July 14th, 2004 at 5:02 pm
Sorry for the late response, forgot to check back after forgetting to leave my email address.
Right! I got the
storycontentbit from viewing the source of the page as displayed. More contextually, this is what I saw:<div class="storycontent">
<p>I find Paul Thurrott…
So I jumped to the conclusion that that was the culprit. It turns out though, from downloading the page, that the file referenced at the top of your page by the;
<style type="text/css" media="screen">
@import url( http://www.charlesarthur.com/blog/wp-layout.css );
</style>
contains the following rule:
p, li, .feedback {
font: 90%/175% ‘Lucida Grande’, ‘Lucida Sans Unicode’, Verdana, sans-serif;
letter-spacing: -1px;
}
IMHO,
letter-spacing: -1px;is too tight for easy reading. Setting it toletter-spacing: 0.05em;appears to do a world of good.Thanks for not hurting me :-)
won