Prev: CArray of stdext::hash_map<int,int> not possible ( access violation ) ?
Next: Runtime Error does not specify program???
From: Giovanni Dicanio on 12 Mar 2010 07:49
Seems like there is a new MSDN VC++ Forum dedicated to MFC and ATL now:

http://social.msdn.microsoft.com/Forums/en-US/vcmfcatl/threads

Giovanni

From: Hector Santos on 13 Mar 2010 14:00
Giovanni Dicanio wrote:

> Seems like there is a new MSDN VC++ Forum dedicated to MFC and ATL now:
>
> http://social.msdn.microsoft.com/Forums/en-US/vcmfcatl/threads
>
> Giovanni

It breaks down if javascript is disabled. :)

--
HLS
From: Joseph M. Newcomer on 13 Mar 2010 22:34
This is because Microsoft makes a lot of noise about being concerned about "computer
security" but essentially believe that if YOU care about it, well, screw you, JavaVIrus
is essential for making Web sites *cool*, and nobody should make their machines secure by
disabling this primary malware vector (I recently attended a conference on computer
security, and what I learned about JavaVirus makes my most rabid rants about it look
understated compared to the deadly reality! Sort of like my saying "death can be a
seirous invonvenience in your life" or "end-stage rabies is really uncomfortable")
joe


On Sat, 13 Mar 2010 14:00:05 -0500, Hector Santos <sant9442(a)nospam.gmail.com> wrote:

>Giovanni Dicanio wrote:
>
>> Seems like there is a new MSDN VC++ Forum dedicated to MFC and ATL now:
>>
>> http://social.msdn.microsoft.com/Forums/en-US/vcmfcatl/threads
>>
>> Giovanni
>
>It breaks down if javascript is disabled. :)
Joseph M. Newcomer [MVP]
email: newcomer(a)flounder.com
Web: http://www.flounder.com
MVP Tips: http://www.flounder.com/mvp_tips.htm
From: Hector Santos on 13 Mar 2010 23:37
Its really quite fasinating how the mindset has evolved regarding
zero-day discoveries:

- OLD RULE: Turn off javascript
- NEW RULE: Read tons of documents

The point, watch how they now handle IE exploits found. No longer
will you see anything in their notes that says:

Turn off ActiveX
Turn off Javascript

and at best I can tell, the reason is because turning it off BREAKS
all kinds of other stuff, including 3rd party or their own.

I was amaze at the China/Google zero-day IE security bug where in NO
WHERE in the Microsoft security announcements did it says "Turn off
Javascript" and now the Chinese will not be able to exploit you.

Look, no browser vendors what you to turn off javascript. In fact,
GOOGLE CHROME was the first browser not to offer the user the option
to even turn it off. This is the beginning for others to follow.

Now web sites are taking the approach - NO JAVASCRIPT? GO AWAY!

It took us nearly 7 years before we began to require Javascript for
our web server client templates. Our templates were WEB 1.0 mostly
because early browser didn't support JS and because of security, many
users turned it off. So WEB 1.0 was necessary.

But as the industry grew, WEB 2.0 was the next stage. We began to add
more of it to our templates. Not 100% but as options to operators to
use special HTML clients, i.e. HTTP AUTHentication (BASIC/DIGEST) vs
Form-based COOKIE login.

A few years ago, we added jQuery support, which MS now directly
supports as part of ASP. jQuery is distributed with our software and
we use it popup Message Previews. Our Chuck E Cheese customer who use
our web server for store support who still have low bandwidth told us
the popup message previews help speed things up.

But now WEB 3.0 is upon is, and his a recycle of the client/server
framework where more of the client-ware is off-loaded. Flash,
SilverLight, Flex, etc, and now HTML5.

Joe, the problem isn't really Javascript, the problem is well, good
engineering with the browser and an growing attitude that clients
should be doing more work and have access to the user's PC. So
original the client was sandboxed and the scripting did not an API to
access PC data. That's changing and there is no stopping this
unfortunately.

--
HLS

Joseph M. Newcomer wrote:

> This is because Microsoft makes a lot of noise about being concerned about "computer
> security" but essentially believe that if YOU care about it, well, screw you, JavaVIrus
> is essential for making Web sites *cool*, and nobody should make their machines secure by
> disabling this primary malware vector (I recently attended a conference on computer
> security, and what I learned about JavaVirus makes my most rabid rants about it look
> understated compared to the deadly reality! Sort of like my saying "death can be a
> seirous invonvenience in your life" or "end-stage rabies is really uncomfortable")
> joe
>
>
> On Sat, 13 Mar 2010 14:00:05 -0500, Hector Santos <sant9442(a)nospam.gmail.com> wrote:
>
>> Giovanni Dicanio wrote:
>>
>>> Seems like there is a new MSDN VC++ Forum dedicated to MFC and ATL now:
>>>
>>> http://social.msdn.microsoft.com/Forums/en-US/vcmfcatl/threads
>>>
>>> Giovanni
>> It breaks down if javascript is disabled. :)
> Joseph M. Newcomer [MVP]
> email: newcomer(a)flounder.com
> Web: http://www.flounder.com
> MVP Tips: http://www.flounder.com/mvp_tips.htm



--
HLS
From: Bo Persson on 14 Mar 2010 07:10
Hector Santos wrote:
>
> Joe, the problem isn't really Javascript, the problem is well, good
> engineering with the browser and an growing attitude that clients
> should be doing more work and have access to the user's PC. So
> original the client was sandboxed and the scripting did not an API
> to access PC data. That's changing and there is no stopping this
> unfortunately.
>

So 10 years ago we had a fat client for a local server app. That was
supposed to be replaced by a thin client.

Now we have a browser based fat client, which can be accessed from all
over the internet.

Love it! :-(


Bo Persson


 |  Next  |  Last
Pages: 1 2 3 4 5 6 7
Prev: CArray of stdext::hash_map<int,int> not possible ( access violation ) ?
Next: Runtime Error does not specify program???