<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article10_01_18_1343250</id>
	<title>Microsoft Says Upgrade To IE8, Even Though It's Vulnerable</title>
	<author>CmdrTaco</author>
	<datestamp>1263825180000</datestamp>
	<htmltext>Barence writes <i>"Microsoft has issued a statement <a href="http://www.pcpro.co.uk/news/security/354868/microsoft-upgrade-to-ie8-even-though-its-vulnerable">urging people to upgrade their browser to IE8</a>, after the zero-day exploit that was used to attack companies such as Google went public. According to Microsoft's security advisory: 'the vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.' But, although IE6 has been the source of the attacks until now, Microsoft's advisory admits that both IE7 and IE8 are vulnerable to the same flaw, even on Windows 7."</i></htmltext>
<tokenext>Barence writes " Microsoft has issued a statement urging people to upgrade their browser to IE8 , after the zero-day exploit that was used to attack companies such as Google went public .
According to Microsoft 's security advisory : 'the vulnerability exists as an invalid pointer reference within Internet Explorer .
It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted .
In a specially-crafted attack , in attempting to access a freed object , Internet Explorer can be caused to allow remote code execution .
' But , although IE6 has been the source of the attacks until now , Microsoft 's advisory admits that both IE7 and IE8 are vulnerable to the same flaw , even on Windows 7 .
"</tokentext>
<sentencetext>Barence writes "Microsoft has issued a statement urging people to upgrade their browser to IE8, after the zero-day exploit that was used to attack companies such as Google went public.
According to Microsoft's security advisory: 'the vulnerability exists as an invalid pointer reference within Internet Explorer.
It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted.
In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.
' But, although IE6 has been the source of the attacks until now, Microsoft's advisory admits that both IE7 and IE8 are vulnerable to the same flaw, even on Windows 7.
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809058</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>UnknowingFool</author>
	<datestamp>1263836220000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>My memory of that if far different.  The tires were faulty but in a small percentage of tires.  There was a manufacturing defect that would cause tread separation.  The number of faulty tires was relatively small.</p><p>The real problem was that Ford Explorers were rolling over in accidents.  Ford wanted to blame it all on the tires when in reality that particular defect was a factor in only a small number of accidents.  The real cause of the issue was the instability of the Ford Explorer.  It is a simple matter of physics.  SUVs like the Ford Explorer have a high center of gravity.  Sudden motions (like those that occur in an emergency) would cause the vehicle to roll over.</p><p>An overview of the data showed that:
</p><ol>
<li>All accidents involved the Ford Explorer</li><li>Some accidents involved tire problems</li><li>Some of those accidents involved Firestone tires</li><li>Some of the Firestone accidents involved tread separation</li></ol><p>Logically one would conclude that the problem wasn't so much the Firestone tire but the vehicle based on the percentages.  But Ford had more money to spend on lobbyists and PR.  And most people want to believe that the real issue is a $100 tire that can be replaced instead of the $30,000 vehicle that cannot be easily replaced.</p><p>There was a Frontline <a href="http://www.pbs.org/wgbh/pages/frontline/shows/rollover/" title="pbs.org">report</a> [pbs.org] which uncovered that Ford knew their SUVs had roll over issues since the Bronco II which came out ten years earlier.</p></htmltext>
<tokenext>My memory of that if far different .
The tires were faulty but in a small percentage of tires .
There was a manufacturing defect that would cause tread separation .
The number of faulty tires was relatively small.The real problem was that Ford Explorers were rolling over in accidents .
Ford wanted to blame it all on the tires when in reality that particular defect was a factor in only a small number of accidents .
The real cause of the issue was the instability of the Ford Explorer .
It is a simple matter of physics .
SUVs like the Ford Explorer have a high center of gravity .
Sudden motions ( like those that occur in an emergency ) would cause the vehicle to roll over.An overview of the data showed that : All accidents involved the Ford ExplorerSome accidents involved tire problemsSome of those accidents involved Firestone tiresSome of the Firestone accidents involved tread separationLogically one would conclude that the problem was n't so much the Firestone tire but the vehicle based on the percentages .
But Ford had more money to spend on lobbyists and PR .
And most people want to believe that the real issue is a $ 100 tire that can be replaced instead of the $ 30,000 vehicle that can not be easily replaced.There was a Frontline report [ pbs.org ] which uncovered that Ford knew their SUVs had roll over issues since the Bronco II which came out ten years earlier .</tokentext>
<sentencetext>My memory of that if far different.
The tires were faulty but in a small percentage of tires.
There was a manufacturing defect that would cause tread separation.
The number of faulty tires was relatively small.The real problem was that Ford Explorers were rolling over in accidents.
Ford wanted to blame it all on the tires when in reality that particular defect was a factor in only a small number of accidents.
The real cause of the issue was the instability of the Ford Explorer.
It is a simple matter of physics.
SUVs like the Ford Explorer have a high center of gravity.
Sudden motions (like those that occur in an emergency) would cause the vehicle to roll over.An overview of the data showed that:

All accidents involved the Ford ExplorerSome accidents involved tire problemsSome of those accidents involved Firestone tiresSome of the Firestone accidents involved tread separationLogically one would conclude that the problem wasn't so much the Firestone tire but the vehicle based on the percentages.
But Ford had more money to spend on lobbyists and PR.
And most people want to believe that the real issue is a $100 tire that can be replaced instead of the $30,000 vehicle that cannot be easily replaced.There was a Frontline report [pbs.org] which uncovered that Ford knew their SUVs had roll over issues since the Bronco II which came out ten years earlier.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809288</id>
	<title>Re:When will we change programming practices?</title>
	<author>BasharTeg</author>
	<datestamp>1263837120000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Managed code is the future.  Doesn't matter if it's C#<nobr> <wbr></nobr>.NET, VB<nobr> <wbr></nobr>.NET, Java, Python, or something else.  The languages save as intermediate language or bytecode, but in the end they're cached as platform specific optimized native code.  The performance is very near that of the most optimal C.  As our hardware power increases thanks to crazy leaps in processor and memory performance (thank you Nehalem) the costs of managed code performance are being minimized.  And what is it that slows managed code anyway except for the checks that you should be hand coding in your C?  Those same checks that prevent these kinds of attacks on a managed application.</p><p>I was a C developer for years who focused on writing the highest performance code at every turn.  And for kernels, drivers, and maybe the highest performance demanding services, properly written C may be the right answer.  But for many services and almost all applications, there is absolutely no reason I can see why a managed language shouldn't be used.  There will still be security flaws but they will be much fewer and far between.</p></htmltext>
<tokenext>Managed code is the future .
Does n't matter if it 's C # .NET , VB .NET , Java , Python , or something else .
The languages save as intermediate language or bytecode , but in the end they 're cached as platform specific optimized native code .
The performance is very near that of the most optimal C. As our hardware power increases thanks to crazy leaps in processor and memory performance ( thank you Nehalem ) the costs of managed code performance are being minimized .
And what is it that slows managed code anyway except for the checks that you should be hand coding in your C ?
Those same checks that prevent these kinds of attacks on a managed application.I was a C developer for years who focused on writing the highest performance code at every turn .
And for kernels , drivers , and maybe the highest performance demanding services , properly written C may be the right answer .
But for many services and almost all applications , there is absolutely no reason I can see why a managed language should n't be used .
There will still be security flaws but they will be much fewer and far between .</tokentext>
<sentencetext>Managed code is the future.
Doesn't matter if it's C# .NET, VB .NET, Java, Python, or something else.
The languages save as intermediate language or bytecode, but in the end they're cached as platform specific optimized native code.
The performance is very near that of the most optimal C.  As our hardware power increases thanks to crazy leaps in processor and memory performance (thank you Nehalem) the costs of managed code performance are being minimized.
And what is it that slows managed code anyway except for the checks that you should be hand coding in your C?
Those same checks that prevent these kinds of attacks on a managed application.I was a C developer for years who focused on writing the highest performance code at every turn.
And for kernels, drivers, and maybe the highest performance demanding services, properly written C may be the right answer.
But for many services and almost all applications, there is absolutely no reason I can see why a managed language shouldn't be used.
There will still be security flaws but they will be much fewer and far between.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808336</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30813636</id>
	<title>Re:The right time to upgrade</title>
	<author>ThrowAwaySociety</author>
	<datestamp>1263814380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>....from what I hear, the people who keep thrusting IE6 on people like a poisoned dagger are IT departments, but aren't IT departments supposed to be staffed by, you know, <em>techies?</em> The kind of people who go to nerdy sites like<nobr> <wbr></nobr>/. and should know IE6 sucks rat balls?...</p></div><p>Unfortunately, most IT departments have no say in budgets. So if the IT department spent eleventy billion dollars in 1999 for the snazzy new ERP system in the midst of The Bubble and Y2K, and management is not willing to replace/upgrade/mainain it anymore....they're stuck supporting (and <i>mandating</i>) whatever will work with that system's broken HTML-JS output.</p><p>But yeah, there are a lot of clueless departments out there, too.</p></div>
	</htmltext>
<tokenext>....from what I hear , the people who keep thrusting IE6 on people like a poisoned dagger are IT departments , but are n't IT departments supposed to be staffed by , you know , techies ?
The kind of people who go to nerdy sites like / .
and should know IE6 sucks rat balls ? ...Unfortunately , most IT departments have no say in budgets .
So if the IT department spent eleventy billion dollars in 1999 for the snazzy new ERP system in the midst of The Bubble and Y2K , and management is not willing to replace/upgrade/mainain it anymore....they 're stuck supporting ( and mandating ) whatever will work with that system 's broken HTML-JS output.But yeah , there are a lot of clueless departments out there , too .</tokentext>
<sentencetext>....from what I hear, the people who keep thrusting IE6 on people like a poisoned dagger are IT departments, but aren't IT departments supposed to be staffed by, you know, techies?
The kind of people who go to nerdy sites like /.
and should know IE6 sucks rat balls?...Unfortunately, most IT departments have no say in budgets.
So if the IT department spent eleventy billion dollars in 1999 for the snazzy new ERP system in the midst of The Bubble and Y2K, and management is not willing to replace/upgrade/mainain it anymore....they're stuck supporting (and mandating) whatever will work with that system's broken HTML-JS output.But yeah, there are a lot of clueless departments out there, too.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808292</id>
	<title>Who cares?</title>
	<author>Anonymous</author>
	<datestamp>1263832140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I haven't used IE in any form for 5 years. Any web page that I can't see in Firefox doesn't want my business. The only way to start IE on my computer is to run the<nobr> <wbr></nobr>.exe file since there are no shortcuts or icons anywhere.</htmltext>
<tokenext>I have n't used IE in any form for 5 years .
Any web page that I ca n't see in Firefox does n't want my business .
The only way to start IE on my computer is to run the .exe file since there are no shortcuts or icons anywhere .</tokentext>
<sentencetext>I haven't used IE in any form for 5 years.
Any web page that I can't see in Firefox doesn't want my business.
The only way to start IE on my computer is to run the .exe file since there are no shortcuts or icons anywhere.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808756</id>
	<title>AWESOmE FP</title>
	<author>Anonymous</author>
	<datestamp>1263834900000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext>came as a complkete Software lawyers stagnant. As Linux rooting corpse</htmltext>
<tokenext>came as a complkete Software lawyers stagnant .
As Linux rooting corpse</tokentext>
<sentencetext>came as a complkete Software lawyers stagnant.
As Linux rooting corpse</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808700</id>
	<title>Good move</title>
	<author>Mopatop</author>
	<datestamp>1263834600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Seriously, while there's no security change by getting users to upgrade from IE6 to IE8 (with respect to this flaw), there's a massive net gain in getting another IE6 off the streets. Thank you Microsoft, for using every means possible to move users away from IE6.</p></htmltext>
<tokenext>Seriously , while there 's no security change by getting users to upgrade from IE6 to IE8 ( with respect to this flaw ) , there 's a massive net gain in getting another IE6 off the streets .
Thank you Microsoft , for using every means possible to move users away from IE6 .</tokentext>
<sentencetext>Seriously, while there's no security change by getting users to upgrade from IE6 to IE8 (with respect to this flaw), there's a massive net gain in getting another IE6 off the streets.
Thank you Microsoft, for using every means possible to move users away from IE6.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30812094</id>
	<title>Re:MOD PARENT DOWN (INFORMATIVE?)</title>
	<author>Goalie\_Ca</author>
	<datestamp>1263806880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>You might not be able to execute code from that location of memory but you are still able to read and write to it which does make it a security vulnerability or at the very least a rather large bug.</htmltext>
<tokenext>You might not be able to execute code from that location of memory but you are still able to read and write to it which does make it a security vulnerability or at the very least a rather large bug .</tokentext>
<sentencetext>You might not be able to execute code from that location of memory but you are still able to read and write to it which does make it a security vulnerability or at the very least a rather large bug.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809108</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807708</id>
	<title>Well it attacking google..</title>
	<author>Anonymous</author>
	<datestamp>1263828960000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><p>So ofcourse, microsoft whant more peoples to become drone that attack google.</p></htmltext>
<tokenext>So ofcourse , microsoft whant more peoples to become drone that attack google .</tokentext>
<sentencetext>So ofcourse, microsoft whant more peoples to become drone that attack google.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30811750</id>
	<title>Just how ridiculous...</title>
	<author>YankDownUnder</author>
	<datestamp>1263805440000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Excuse me, HOW MUCH is Microsoft worth nowadays? And for all that money, they can't STILL YET seem to fix a bloody software problem? They can't still seem to get just ONE PROGRAM RIGHT? Not one? Even a teeny-weeny little program? And they're worth HOW MUCH MONEY? Just a simple program? What? Nothing?</htmltext>
<tokenext>Excuse me , HOW MUCH is Microsoft worth nowadays ?
And for all that money , they ca n't STILL YET seem to fix a bloody software problem ?
They ca n't still seem to get just ONE PROGRAM RIGHT ?
Not one ?
Even a teeny-weeny little program ?
And they 're worth HOW MUCH MONEY ?
Just a simple program ?
What ? Nothing ?</tokentext>
<sentencetext>Excuse me, HOW MUCH is Microsoft worth nowadays?
And for all that money, they can't STILL YET seem to fix a bloody software problem?
They can't still seem to get just ONE PROGRAM RIGHT?
Not one?
Even a teeny-weeny little program?
And they're worth HOW MUCH MONEY?
Just a simple program?
What? Nothing?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30816304</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>MacWiz</author>
	<datestamp>1263839040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><i>I guess the "go fix your shit and don't come back until it's done" mentality is rather dead these days...</i></p><p>Internet Explorer has been vulnerable since the first version, but that's still what most people use. Microsoft says to "upgrade" anyway. And most people will -- whether Microsoft fixes their shit or not.</p><p>The productivity wasted as 80 percent of the country's computer users install patches every week or two has to be staggering. And you'll still be vulnerable. Not to worry, though. Another security patch will be on the way.</p></htmltext>
<tokenext>I guess the " go fix your shit and do n't come back until it 's done " mentality is rather dead these days...Internet Explorer has been vulnerable since the first version , but that 's still what most people use .
Microsoft says to " upgrade " anyway .
And most people will -- whether Microsoft fixes their shit or not.The productivity wasted as 80 percent of the country 's computer users install patches every week or two has to be staggering .
And you 'll still be vulnerable .
Not to worry , though .
Another security patch will be on the way .</tokentext>
<sentencetext>I guess the "go fix your shit and don't come back until it's done" mentality is rather dead these days...Internet Explorer has been vulnerable since the first version, but that's still what most people use.
Microsoft says to "upgrade" anyway.
And most people will -- whether Microsoft fixes their shit or not.The productivity wasted as 80 percent of the country's computer users install patches every week or two has to be staggering.
And you'll still be vulnerable.
Not to worry, though.
Another security patch will be on the way.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807678</id>
	<title>ahahahahah!</title>
	<author>Anonymous</author>
	<datestamp>1263828840000</datestamp>
	<modclass>None</modclass>
	<modscore>-1</modscore>
	<htmltext><p>nothing else to say.</p></htmltext>
<tokenext>nothing else to say .</tokentext>
<sentencetext>nothing else to say.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810286</id>
	<title>If their browsers are broken...</title>
	<author>postmortem</author>
	<datestamp>1263841560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Microsoft should have said to use Firefox or other browser in the meantime. That is real (at least temporary) solution and workaround for the problem.</p><p>Using IE6 problems to advertise IE8 is not.</p></htmltext>
<tokenext>Microsoft should have said to use Firefox or other browser in the meantime .
That is real ( at least temporary ) solution and workaround for the problem.Using IE6 problems to advertise IE8 is not .</tokentext>
<sentencetext>Microsoft should have said to use Firefox or other browser in the meantime.
That is real (at least temporary) solution and workaround for the problem.Using IE6 problems to advertise IE8 is not.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809108</id>
	<title>MOD PARENT DOWN (INFORMATIVE?)</title>
	<author>BasharTeg</author>
	<datestamp>1263836400000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>If you had any idea what OP was talking about, you're realize that this isn't "sandboxing and virtualization".  Thus, the attacker won't be taking control of the browser in a non-priv account or in a virtual space.  This is DEP, data execution prevention.  You may also know it as the NX bit.  It's disallowing the execution of code from non-code areas such as the stack/heap.  Thus it LITERALLY disallows the code from being run.  So while the vulnerability is academically "there" the reality is, it does not run code, at all.  Not in some restricted domain, not as some no-priv user.  It simply doesn't run.  Thus it cannot be used for malicious purposes.</p><p>Your entire post is anti-IE hate, and you have no idea what you're talking about.  Then you go on to drag in some ActiveX bashing.  Of course you've been modded up as "informative" even though your entire post is factually incorrect.  I mean this is Slashdot right?</p></htmltext>
<tokenext>If you had any idea what OP was talking about , you 're realize that this is n't " sandboxing and virtualization " .
Thus , the attacker wo n't be taking control of the browser in a non-priv account or in a virtual space .
This is DEP , data execution prevention .
You may also know it as the NX bit .
It 's disallowing the execution of code from non-code areas such as the stack/heap .
Thus it LITERALLY disallows the code from being run .
So while the vulnerability is academically " there " the reality is , it does not run code , at all .
Not in some restricted domain , not as some no-priv user .
It simply does n't run .
Thus it can not be used for malicious purposes.Your entire post is anti-IE hate , and you have no idea what you 're talking about .
Then you go on to drag in some ActiveX bashing .
Of course you 've been modded up as " informative " even though your entire post is factually incorrect .
I mean this is Slashdot right ?</tokentext>
<sentencetext>If you had any idea what OP was talking about, you're realize that this isn't "sandboxing and virtualization".
Thus, the attacker won't be taking control of the browser in a non-priv account or in a virtual space.
This is DEP, data execution prevention.
You may also know it as the NX bit.
It's disallowing the execution of code from non-code areas such as the stack/heap.
Thus it LITERALLY disallows the code from being run.
So while the vulnerability is academically "there" the reality is, it does not run code, at all.
Not in some restricted domain, not as some no-priv user.
It simply doesn't run.
Thus it cannot be used for malicious purposes.Your entire post is anti-IE hate, and you have no idea what you're talking about.
Then you go on to drag in some ActiveX bashing.
Of course you've been modded up as "informative" even though your entire post is factually incorrect.
I mean this is Slashdot right?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810006</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>Bert64</author>
	<datestamp>1263840240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Firefox is not sandboxed, but chrome is even in older versions of windows...</p><p>The current exploit doesn't work against IE8, but the vulnerability is there so another version could be written. DEP just make exploitation harder, as does the sandboxing.</p><p>The current exploit doesn't work against firefox, chrome or safari either... And all of these browsers will benefit from DEP (and the equivalents on other platforms) if the host has it enabled.</p><p>A lot of these companies are using IE because they are locked in to various intranet apps which don't work on any standards compliant browser, some of these apps don't work with IE8 (or 7 in some cases) and sometimes require you to turn features like sandboxing off in order to make them run. Microsoft's legacy of shoddily written apps designed to lock people in is still causing all kinds of damage.</p><p>Had MS not pursued this strategy, and made IE a standards compliant browser from the start, users would be free to upgrade to the latest version or switch to another browser...<br>If there was diversity and standards among corporate desktops, these attacks would have been a lot harder, the fact that 99\% of corporate targets run windows+ie+msoffice massively increases the value of an exploit for any of those, and makes it much easier to attack (no need for multiple exploits or multiple attack methods).</p></htmltext>
<tokenext>Firefox is not sandboxed , but chrome is even in older versions of windows...The current exploit does n't work against IE8 , but the vulnerability is there so another version could be written .
DEP just make exploitation harder , as does the sandboxing.The current exploit does n't work against firefox , chrome or safari either... And all of these browsers will benefit from DEP ( and the equivalents on other platforms ) if the host has it enabled.A lot of these companies are using IE because they are locked in to various intranet apps which do n't work on any standards compliant browser , some of these apps do n't work with IE8 ( or 7 in some cases ) and sometimes require you to turn features like sandboxing off in order to make them run .
Microsoft 's legacy of shoddily written apps designed to lock people in is still causing all kinds of damage.Had MS not pursued this strategy , and made IE a standards compliant browser from the start , users would be free to upgrade to the latest version or switch to another browser...If there was diversity and standards among corporate desktops , these attacks would have been a lot harder , the fact that 99 \ % of corporate targets run windows + ie + msoffice massively increases the value of an exploit for any of those , and makes it much easier to attack ( no need for multiple exploits or multiple attack methods ) .</tokentext>
<sentencetext>Firefox is not sandboxed, but chrome is even in older versions of windows...The current exploit doesn't work against IE8, but the vulnerability is there so another version could be written.
DEP just make exploitation harder, as does the sandboxing.The current exploit doesn't work against firefox, chrome or safari either... And all of these browsers will benefit from DEP (and the equivalents on other platforms) if the host has it enabled.A lot of these companies are using IE because they are locked in to various intranet apps which don't work on any standards compliant browser, some of these apps don't work with IE8 (or 7 in some cases) and sometimes require you to turn features like sandboxing off in order to make them run.
Microsoft's legacy of shoddily written apps designed to lock people in is still causing all kinds of damage.Had MS not pursued this strategy, and made IE a standards compliant browser from the start, users would be free to upgrade to the latest version or switch to another browser...If there was diversity and standards among corporate desktops, these attacks would have been a lot harder, the fact that 99\% of corporate targets run windows+ie+msoffice massively increases the value of an exploit for any of those, and makes it much easier to attack (no need for multiple exploits or multiple attack methods).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>Anonymous</author>
	<datestamp>1263831420000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext><p>Your memory fails you.  Firestone said the problem was that their tire wasn't rated to the standards which were required for a particular Ford model.  Ford installed them as OEM tires anyway.  When it came out, Ford said Firestone made a faulty tire, but Firestone responded that the tire wasn't designed to be used in the environment created by Fords one SUV model.</p><p>As usual, another analogy on<nobr> <wbr></nobr>/. fails...</p></htmltext>
<tokenext>Your memory fails you .
Firestone said the problem was that their tire was n't rated to the standards which were required for a particular Ford model .
Ford installed them as OEM tires anyway .
When it came out , Ford said Firestone made a faulty tire , but Firestone responded that the tire was n't designed to be used in the environment created by Fords one SUV model.As usual , another analogy on / .
fails.. .</tokentext>
<sentencetext>Your memory fails you.
Firestone said the problem was that their tire wasn't rated to the standards which were required for a particular Ford model.
Ford installed them as OEM tires anyway.
When it came out, Ford said Firestone made a faulty tire, but Firestone responded that the tire wasn't designed to be used in the environment created by Fords one SUV model.As usual, another analogy on /.
fails...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808452</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>Anonymous</author>
	<datestamp>1263832980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p> you should remember that these are criminals who spend all day trying to find any way into your computer and the only reason you don't hear a lot about firefox is because IE 6 and IE 8 have the largest marketshare when it comes to browsers<br>
&nbsp; i am by no way a soldier of microsoft but they are under constant attack by these  criminals<br>
&nbsp; after all why go after someone else who may only have 20\% of the market</p></htmltext>
<tokenext>you should remember that these are criminals who spend all day trying to find any way into your computer and the only reason you do n't hear a lot about firefox is because IE 6 and IE 8 have the largest marketshare when it comes to browsers   i am by no way a soldier of microsoft but they are under constant attack by these criminals   after all why go after someone else who may only have 20 \ % of the market</tokentext>
<sentencetext> you should remember that these are criminals who spend all day trying to find any way into your computer and the only reason you don't hear a lot about firefox is because IE 6 and IE 8 have the largest marketshare when it comes to browsers
  i am by no way a soldier of microsoft but they are under constant attack by these  criminals
  after all why go after someone else who may only have 20\% of the market</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807812</id>
	<title>Upgrade</title>
	<author>CxDoo</author>
	<datestamp>1263829500000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>This whole article should be marked redundant. Whoever could upgrade to 8 did it.<br>Some people just can not afford to do it; if it is a question IE6 or access to internet it will be IE6.</p></htmltext>
<tokenext>This whole article should be marked redundant .
Whoever could upgrade to 8 did it.Some people just can not afford to do it ; if it is a question IE6 or access to internet it will be IE6 .</tokentext>
<sentencetext>This whole article should be marked redundant.
Whoever could upgrade to 8 did it.Some people just can not afford to do it; if it is a question IE6 or access to internet it will be IE6.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810550</id>
	<title>Re:When will we change programming practices?</title>
	<author>shutdown -p now</author>
	<datestamp>1263842880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>It seems that all exploits that I've read about over the last decade all boil down to the same flaws - buffer overflows, invalid pointers, format strings, etc.<br>Yet, developers persist in using the same old programming languages &amp; libraries that are rife with weaknesses.<br>Why haven't they changed to something better?</p> </div><p>They did. A few examples for Microsoft in particular, listed in no specific order:</p><p>-<nobr> <wbr></nobr>.NET and C#/VB are memory-safe (though you can explicitly opt out in C# with "unsafe" code).<br>- <a href="http://msdn.microsoft.com/en-us/library/ms647466(VS.85).aspx" title="microsoft.com">StrSafe</a> [microsoft.com] - C<br>- <a href="http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1172.pdf" title="open-std.org">ISO C TR 24731</a> [open-std.org] aka <a href="http://msdn.microsoft.com/en-us/magazine/cc163794.aspx" title="microsoft.com">"Secure CRT"</a> [microsoft.com] - C<br>- <a href="http://msdn.microsoft.com/en-us/library/aa985965.aspx" title="microsoft.com">checked STL containers and iterators</a> [microsoft.com] (bounds checking, iterator invalidation etc) - C++</p><p>The problem is that any memory-unsafe language (which both C and C++ are) has ways to work around any such library, and writing everything in a high-level language/framework (such as C#/.NET) is unfeasible because of performance requirements, and the sheer volume of existing C/C++ code. That said, there clearly is a trend of using higher-level languages and frameworks for new developments: any<nobr> <wbr></nobr>.NET language on Windows, Python or Ruby on Linux, Java mostly for internal corporate applications on various Unix flavors, etc; with only the perf-critical code parts implemented in C/C++ and called via FFI of high-level language used.</p></div>
	</htmltext>
<tokenext>It seems that all exploits that I 've read about over the last decade all boil down to the same flaws - buffer overflows , invalid pointers , format strings , etc.Yet , developers persist in using the same old programming languages &amp; libraries that are rife with weaknesses.Why have n't they changed to something better ?
They did .
A few examples for Microsoft in particular , listed in no specific order : - .NET and C # /VB are memory-safe ( though you can explicitly opt out in C # with " unsafe " code ) .- StrSafe [ microsoft.com ] - C- ISO C TR 24731 [ open-std.org ] aka " Secure CRT " [ microsoft.com ] - C- checked STL containers and iterators [ microsoft.com ] ( bounds checking , iterator invalidation etc ) - C + + The problem is that any memory-unsafe language ( which both C and C + + are ) has ways to work around any such library , and writing everything in a high-level language/framework ( such as C # /.NET ) is unfeasible because of performance requirements , and the sheer volume of existing C/C + + code .
That said , there clearly is a trend of using higher-level languages and frameworks for new developments : any .NET language on Windows , Python or Ruby on Linux , Java mostly for internal corporate applications on various Unix flavors , etc ; with only the perf-critical code parts implemented in C/C + + and called via FFI of high-level language used .</tokentext>
<sentencetext>It seems that all exploits that I've read about over the last decade all boil down to the same flaws - buffer overflows, invalid pointers, format strings, etc.Yet, developers persist in using the same old programming languages &amp; libraries that are rife with weaknesses.Why haven't they changed to something better?
They did.
A few examples for Microsoft in particular, listed in no specific order:- .NET and C#/VB are memory-safe (though you can explicitly opt out in C# with "unsafe" code).- StrSafe [microsoft.com] - C- ISO C TR 24731 [open-std.org] aka "Secure CRT" [microsoft.com] - C- checked STL containers and iterators [microsoft.com] (bounds checking, iterator invalidation etc) - C++The problem is that any memory-unsafe language (which both C and C++ are) has ways to work around any such library, and writing everything in a high-level language/framework (such as C#/.NET) is unfeasible because of performance requirements, and the sheer volume of existing C/C++ code.
That said, there clearly is a trend of using higher-level languages and frameworks for new developments: any .NET language on Windows, Python or Ruby on Linux, Java mostly for internal corporate applications on various Unix flavors, etc; with only the perf-critical code parts implemented in C/C++ and called via FFI of high-level language used.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808336</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808978</id>
	<title>Re:When will we change programming practices?</title>
	<author>rrohbeck</author>
	<datestamp>1263835860000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Developers who know what they're doing had it drummed into their heads that they need to watch memory allocation, array boundaries, null pointers, unsafe library functions and the like.<br>The problem is if you hire hordes of less qualified programmers and let them loose on a project that requires low level programming.<br>Unfortunately, anything using C or C++ amounts to low level programming.</p></htmltext>
<tokenext>Developers who know what they 're doing had it drummed into their heads that they need to watch memory allocation , array boundaries , null pointers , unsafe library functions and the like.The problem is if you hire hordes of less qualified programmers and let them loose on a project that requires low level programming.Unfortunately , anything using C or C + + amounts to low level programming .</tokentext>
<sentencetext>Developers who know what they're doing had it drummed into their heads that they need to watch memory allocation, array boundaries, null pointers, unsafe library functions and the like.The problem is if you hire hordes of less qualified programmers and let them loose on a project that requires low level programming.Unfortunately, anything using C or C++ amounts to low level programming.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808336</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808290</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>Anonymous</author>
	<datestamp>1263832140000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>1</modscore>
	<htmltext><p>Incorrect... The fault was Ford stuck the tires on as OEM parts, and actually UNDER-INFLATED the tires. The issue that occurred with the Firestone tire would have happened with ANY P or UV tired that was also under-inflated on that vehicle at highway speeds. An under inflated tire causes major heat build up, and leads to tire failure.</p><p>As another posted said, a crap analogy.</p></htmltext>
<tokenext>Incorrect... The fault was Ford stuck the tires on as OEM parts , and actually UNDER-INFLATED the tires .
The issue that occurred with the Firestone tire would have happened with ANY P or UV tired that was also under-inflated on that vehicle at highway speeds .
An under inflated tire causes major heat build up , and leads to tire failure.As another posted said , a crap analogy .</tokentext>
<sentencetext>Incorrect... The fault was Ford stuck the tires on as OEM parts, and actually UNDER-INFLATED the tires.
The issue that occurred with the Firestone tire would have happened with ANY P or UV tired that was also under-inflated on that vehicle at highway speeds.
An under inflated tire causes major heat build up, and leads to tire failure.As another posted said, a crap analogy.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808268</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>jellomizer</author>
	<datestamp>1263831960000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Shhhh. Quite... We want to live in a world were every Microsoft bug will remain unfix and slowly become so problematic that we can life fat dumb and happy with the alternatives.</p></htmltext>
<tokenext>Shhhh .
Quite... We want to live in a world were every Microsoft bug will remain unfix and slowly become so problematic that we can life fat dumb and happy with the alternatives .</tokentext>
<sentencetext>Shhhh.
Quite... We want to live in a world were every Microsoft bug will remain unfix and slowly become so problematic that we can life fat dumb and happy with the alternatives.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807766</id>
	<title>What?!?!</title>
	<author>Anonymous</author>
	<datestamp>1263829260000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>the vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.</p></div><p>Is this an ActiveX thing? I mean how the hell do you get the pointer in the first place? And how do you keep the browser from page faulting? </p><p>I'm so confused!</p></div>
	</htmltext>
<tokenext>the vulnerability exists as an invalid pointer reference within Internet Explorer .
It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted .
In a specially-crafted attack , in attempting to access a freed object , Internet Explorer can be caused to allow remote code execution.Is this an ActiveX thing ?
I mean how the hell do you get the pointer in the first place ?
And how do you keep the browser from page faulting ?
I 'm so confused !</tokentext>
<sentencetext>the vulnerability exists as an invalid pointer reference within Internet Explorer.
It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted.
In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.Is this an ActiveX thing?
I mean how the hell do you get the pointer in the first place?
And how do you keep the browser from page faulting?
I'm so confused!
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809836</id>
	<title>Re:The right time to upgrade</title>
	<author>Anonymous</author>
	<datestamp>1263839520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>but aren't IT departments supposed to be staffed by, you know, techies? The kind of people who go to nerdy sites like<nobr> <wbr></nobr>/. and should know IE6 sucks rat balls?</p></div><p>No, they're usually staffed by professionals. The kind of people who avoid mindless MS-bashing sites like<nobr> <wbr></nobr>/. and instead read actual security advisories and learn how to lock systems down to mitigate risks.</p><p>Usually, if IE6 is in use in a corporate environment, it's due to some mission-critical application that requires it, and therefore steps have been taken to secure it as much as possible.</p></div>
	</htmltext>
<tokenext>but are n't IT departments supposed to be staffed by , you know , techies ?
The kind of people who go to nerdy sites like / .
and should know IE6 sucks rat balls ? No , they 're usually staffed by professionals .
The kind of people who avoid mindless MS-bashing sites like / .
and instead read actual security advisories and learn how to lock systems down to mitigate risks.Usually , if IE6 is in use in a corporate environment , it 's due to some mission-critical application that requires it , and therefore steps have been taken to secure it as much as possible .</tokentext>
<sentencetext>but aren't IT departments supposed to be staffed by, you know, techies?
The kind of people who go to nerdy sites like /.
and should know IE6 sucks rat balls?No, they're usually staffed by professionals.
The kind of people who avoid mindless MS-bashing sites like /.
and instead read actual security advisories and learn how to lock systems down to mitigate risks.Usually, if IE6 is in use in a corporate environment, it's due to some mission-critical application that requires it, and therefore steps have been taken to secure it as much as possible.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809276</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>Anonymous</author>
	<datestamp>1263837060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Like Open Source is the cure...  Firefix has more security problems than IE has.  Perhaps not as critical as this, but it's plenty buggy and insecure, it's also vert bloated.</p><p>A good example of Closed Source is Opera, it's fast (VERY fast), it's also well featured and has a very good track record for security.  It's also web standards compliant, and available on a HUGE amount of platforms, from PCs to consoles to mobile phones.</p></htmltext>
<tokenext>Like Open Source is the cure... Firefix has more security problems than IE has .
Perhaps not as critical as this , but it 's plenty buggy and insecure , it 's also vert bloated.A good example of Closed Source is Opera , it 's fast ( VERY fast ) , it 's also well featured and has a very good track record for security .
It 's also web standards compliant , and available on a HUGE amount of platforms , from PCs to consoles to mobile phones .</tokentext>
<sentencetext>Like Open Source is the cure...  Firefix has more security problems than IE has.
Perhaps not as critical as this, but it's plenty buggy and insecure, it's also vert bloated.A good example of Closed Source is Opera, it's fast (VERY fast), it's also well featured and has a very good track record for security.
It's also web standards compliant, and available on a HUGE amount of platforms, from PCs to consoles to mobile phones.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30813056</id>
	<title>Re:The right time to upgrade</title>
	<author>Anonymous</author>
	<datestamp>1263811680000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>The reason most IT depts avoid these upgrades is because it opens a can of worms with old shitty applications that break when a new version of IE is thrust upon it.  Rather than fix or upgrade the shitty applications, a lot of IT departments take the lazy half-assed way and mandate staying on IE6 either because the shitty application either can't be upgraded or because the business doesn't want to spend the money on upgrading it.  Believe me, we know some idiot sooner or later is going to infect themselves due to IE6 but our hands are tied.  If we forced these updates on everyone and it breaks their application, then we have to listen to them whine about it all the while the business is down because the shitty app is down.  See where I am going with this?  IT is not the problem, its the business that shoots themselves in the foot.</p></htmltext>
<tokenext>The reason most IT depts avoid these upgrades is because it opens a can of worms with old shitty applications that break when a new version of IE is thrust upon it .
Rather than fix or upgrade the shitty applications , a lot of IT departments take the lazy half-assed way and mandate staying on IE6 either because the shitty application either ca n't be upgraded or because the business does n't want to spend the money on upgrading it .
Believe me , we know some idiot sooner or later is going to infect themselves due to IE6 but our hands are tied .
If we forced these updates on everyone and it breaks their application , then we have to listen to them whine about it all the while the business is down because the shitty app is down .
See where I am going with this ?
IT is not the problem , its the business that shoots themselves in the foot .</tokentext>
<sentencetext>The reason most IT depts avoid these upgrades is because it opens a can of worms with old shitty applications that break when a new version of IE is thrust upon it.
Rather than fix or upgrade the shitty applications, a lot of IT departments take the lazy half-assed way and mandate staying on IE6 either because the shitty application either can't be upgraded or because the business doesn't want to spend the money on upgrading it.
Believe me, we know some idiot sooner or later is going to infect themselves due to IE6 but our hands are tied.
If we forced these updates on everyone and it breaks their application, then we have to listen to them whine about it all the while the business is down because the shitty app is down.
See where I am going with this?
IT is not the problem, its the business that shoots themselves in the foot.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808404</id>
	<title>DUH!</title>
	<author>Opportunist</author>
	<datestamp>1263832800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Really? Impossible! I fully expected them to say it would be better to use Firefox or Opera.</p><p>Seriously. What did you expect? Be honest.</p></htmltext>
<tokenext>Really ?
Impossible ! I fully expected them to say it would be better to use Firefox or Opera.Seriously .
What did you expect ?
Be honest .</tokentext>
<sentencetext>Really?
Impossible! I fully expected them to say it would be better to use Firefox or Opera.Seriously.
What did you expect?
Be honest.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808244</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>TheRealMindChild</author>
	<datestamp>1263831840000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>These would be the same people that turned on "Allow unsigned ActiveX controls" and had a pirated version of windows, so they never got their ActiveX killbits information installed.<br> <br>I'm not totally blaming the user, but most of the exploited folks are running unpatched, pirated windows versions with every option turned off just to make it "easier" to usw (say UAC)</htmltext>
<tokenext>These would be the same people that turned on " Allow unsigned ActiveX controls " and had a pirated version of windows , so they never got their ActiveX killbits information installed .
I 'm not totally blaming the user , but most of the exploited folks are running unpatched , pirated windows versions with every option turned off just to make it " easier " to usw ( say UAC )</tokentext>
<sentencetext>These would be the same people that turned on "Allow unsigned ActiveX controls" and had a pirated version of windows, so they never got their ActiveX killbits information installed.
I'm not totally blaming the user, but most of the exploited folks are running unpatched, pirated windows versions with every option turned off just to make it "easier" to usw (say UAC)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808048</id>
	<title>Fsck That!</title>
	<author>Old Sparky</author>
	<datestamp>1263830760000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Upgrade to Firefox!!!</p><p>Get rid of that Microsoft Virus masquerading as an operating system!</p></htmltext>
<tokenext>Upgrade to Firefox ! !
! Get rid of that Microsoft Virus masquerading as an operating system !</tokentext>
<sentencetext>Upgrade to Firefox!!
!Get rid of that Microsoft Virus masquerading as an operating system!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808656</id>
	<title>Microsoft's advisory admits that both IE7 and IE8</title>
	<author>benjymouse</author>
	<datestamp>1263834360000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext><p><div class="quote"><p>Microsoft's advisory admits that both IE7 and IE8 are vulnerable to the same flaw, even on Windows 7.</p></div><p>That is a misrepresentation, at best.

</p><p>The knowledge-base article: <a href="http://blogs.technet.com/srd/archive/2010/01/15/assessing-risk-of-ie-0day-vulnerability.aspx" title="technet.com">http://blogs.technet.com/srd/archive/2010/01/15/assessing-risk-of-ie-0day-vulnerability.aspx</a> [technet.com]

</p><p>It states pretty clearly that IE7 *may* be vulnerable to this attack. But it also states that IE8 - on all recent platforms (XPSP3, Vista, 7) - contains the <b>bug but due to DEP (and protected mode on Vista/7) it is not exploitable</b>. That seems to be a pretty good reason to upgrade.</p></div>
	</htmltext>
<tokenext>Microsoft 's advisory admits that both IE7 and IE8 are vulnerable to the same flaw , even on Windows 7.That is a misrepresentation , at best .
The knowledge-base article : http : //blogs.technet.com/srd/archive/2010/01/15/assessing-risk-of-ie-0day-vulnerability.aspx [ technet.com ] It states pretty clearly that IE7 * may * be vulnerable to this attack .
But it also states that IE8 - on all recent platforms ( XPSP3 , Vista , 7 ) - contains the bug but due to DEP ( and protected mode on Vista/7 ) it is not exploitable .
That seems to be a pretty good reason to upgrade .</tokentext>
<sentencetext>Microsoft's advisory admits that both IE7 and IE8 are vulnerable to the same flaw, even on Windows 7.That is a misrepresentation, at best.
The knowledge-base article: http://blogs.technet.com/srd/archive/2010/01/15/assessing-risk-of-ie-0day-vulnerability.aspx [technet.com]

It states pretty clearly that IE7 *may* be vulnerable to this attack.
But it also states that IE8 - on all recent platforms (XPSP3, Vista, 7) - contains the bug but due to DEP (and protected mode on Vista/7) it is not exploitable.
That seems to be a pretty good reason to upgrade.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808438</id>
	<title>Let's just fix one</title>
	<author>Midnight Thunder</author>
	<datestamp>1263832920000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>In many ways if you are going to stick to using Internet Explorer, then it might as well be the latest one. If there is a flaw that affects IE8 less than the other two, then it is still the lesser risk. Even if it doesn't and is still major, then Microsoft will most probably concentrate on providing a security fix for IE8, and not the others. Heck, beyond hyper-conservative company policy (aka "let's stick with 10 year old software, no matter what"), there is very little reason not to upgrade and plenty of reasons to upgrade. To name three: its free, its more standards compliant and it is probably more secure that the previous to versions.</p><p>If you are still using IE5, then I have nothing good to say.</p></htmltext>
<tokenext>In many ways if you are going to stick to using Internet Explorer , then it might as well be the latest one .
If there is a flaw that affects IE8 less than the other two , then it is still the lesser risk .
Even if it does n't and is still major , then Microsoft will most probably concentrate on providing a security fix for IE8 , and not the others .
Heck , beyond hyper-conservative company policy ( aka " let 's stick with 10 year old software , no matter what " ) , there is very little reason not to upgrade and plenty of reasons to upgrade .
To name three : its free , its more standards compliant and it is probably more secure that the previous to versions.If you are still using IE5 , then I have nothing good to say .</tokentext>
<sentencetext>In many ways if you are going to stick to using Internet Explorer, then it might as well be the latest one.
If there is a flaw that affects IE8 less than the other two, then it is still the lesser risk.
Even if it doesn't and is still major, then Microsoft will most probably concentrate on providing a security fix for IE8, and not the others.
Heck, beyond hyper-conservative company policy (aka "let's stick with 10 year old software, no matter what"), there is very little reason not to upgrade and plenty of reasons to upgrade.
To name three: its free, its more standards compliant and it is probably more secure that the previous to versions.If you are still using IE5, then I have nothing good to say.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30815322</id>
	<title>Re:The right time to upgrade</title>
	<author>Eil</author>
	<datestamp>1263826680000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>I find all this perplexing because from what I hear, the people who keep thrusting IE6 on people like a poisoned dagger are IT departments, but aren't IT departments supposed to be staffed by, you know, techies?</p></div></blockquote><p>This is a common misconception. Generally, the companies which have a policy of requiring IE on the desktop (to the exclusion of anything else) tend to be the same ones staffed by I.T. managers who sign their emails with a long string of certification acronyms after their names. The staff themselves are usually selected by the same criteria.</p></div>
	</htmltext>
<tokenext>I find all this perplexing because from what I hear , the people who keep thrusting IE6 on people like a poisoned dagger are IT departments , but are n't IT departments supposed to be staffed by , you know , techies ? This is a common misconception .
Generally , the companies which have a policy of requiring IE on the desktop ( to the exclusion of anything else ) tend to be the same ones staffed by I.T .
managers who sign their emails with a long string of certification acronyms after their names .
The staff themselves are usually selected by the same criteria .</tokentext>
<sentencetext>I find all this perplexing because from what I hear, the people who keep thrusting IE6 on people like a poisoned dagger are IT departments, but aren't IT departments supposed to be staffed by, you know, techies?This is a common misconception.
Generally, the companies which have a policy of requiring IE on the desktop (to the exclusion of anything else) tend to be the same ones staffed by I.T.
managers who sign their emails with a long string of certification acronyms after their names.
The staff themselves are usually selected by the same criteria.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809028</id>
	<title>Re:The right time to upgrade</title>
	<author>Anonymous</author>
	<datestamp>1263836040000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Talk to hosted EMR providers (I'm still looking at you AllScripts).  They finally updated for IE7, but it breaks a LOT of functionality, including dictation.  Doctors tend not to be happy people without dictation.</p></htmltext>
<tokenext>Talk to hosted EMR providers ( I 'm still looking at you AllScripts ) .
They finally updated for IE7 , but it breaks a LOT of functionality , including dictation .
Doctors tend not to be happy people without dictation .</tokentext>
<sentencetext>Talk to hosted EMR providers (I'm still looking at you AllScripts).
They finally updated for IE7, but it breaks a LOT of functionality, including dictation.
Doctors tend not to be happy people without dictation.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30813098</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>Pharmboy</author>
	<datestamp>1263811860000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>Yea, after reading the article (some of us do) I found that this summary is a piss poor one, more aimed at bashing MS than giving the real facts.  We don't need to make up imaginary reasons to hate MS, they already provide plenty of real reasons.</p></htmltext>
<tokenext>Yea , after reading the article ( some of us do ) I found that this summary is a piss poor one , more aimed at bashing MS than giving the real facts .
We do n't need to make up imaginary reasons to hate MS , they already provide plenty of real reasons .</tokentext>
<sentencetext>Yea, after reading the article (some of us do) I found that this summary is a piss poor one, more aimed at bashing MS than giving the real facts.
We don't need to make up imaginary reasons to hate MS, they already provide plenty of real reasons.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808940</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>edxwelch</author>
	<datestamp>1263835680000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>1</modscore>
	<htmltext><p>DEP is not exclusive to IE8. You can enable it system wide if you want. However, DEP is only good for this particular exploit. It's possible to write a exploit that circumvents both DEP and sandboxing</p></htmltext>
<tokenext>DEP is not exclusive to IE8 .
You can enable it system wide if you want .
However , DEP is only good for this particular exploit .
It 's possible to write a exploit that circumvents both DEP and sandboxing</tokentext>
<sentencetext>DEP is not exclusive to IE8.
You can enable it system wide if you want.
However, DEP is only good for this particular exploit.
It's possible to write a exploit that circumvents both DEP and sandboxing</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809018</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>amicusNYCL</author>
	<datestamp>1263836040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>I'm not totally blaming the user, but most of the exploited folks are running unpatched, pirated windows versions</p></div><p>Can you show the numbers from your survey where you asked everyone who got exploited if they're running a pirated version?  I'm interested to see just how much more than 50\% of them are pirated.</p><p><div class="quote"><p>"Everyone is the same. Quick to point the blame. All I know is that life is a struggle"</p></div><p>Hmm, indeed..</p></div>
	</htmltext>
<tokenext>I 'm not totally blaming the user , but most of the exploited folks are running unpatched , pirated windows versionsCan you show the numbers from your survey where you asked everyone who got exploited if they 're running a pirated version ?
I 'm interested to see just how much more than 50 \ % of them are pirated .
" Everyone is the same .
Quick to point the blame .
All I know is that life is a struggle " Hmm , indeed. .</tokentext>
<sentencetext>I'm not totally blaming the user, but most of the exploited folks are running unpatched, pirated windows versionsCan you show the numbers from your survey where you asked everyone who got exploited if they're running a pirated version?
I'm interested to see just how much more than 50\% of them are pirated.
"Everyone is the same.
Quick to point the blame.
All I know is that life is a struggle"Hmm, indeed..
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808244</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>Antiocheian</author>
	<datestamp>1263830220000</datestamp>
	<modclass>Troll</modclass>
	<modscore>0</modscore>
	<htmltext><p>Sandboxing &amp; virtualization of a sick browser is not a panacea. If the sandboxed application is compromised, it could still be controlled in its own domain and compromise cookies, passwords and anything else that it obtainable in its virtual space. It could still be used for malicious purposes, purposes that can could result in a knock on the door from the law.</p><p>A hale and open sourced browser is the only safe way to go. Screw IE, any version.</p><p>Was it not the browser that would install keyloggers and dialers through the press of the [Enter] key as it would default on installation of any "signed" ActiveX, not matter how fucked up it was? Yes! Did these people have any idea of what was happening on the Internet? Yes! Fuckit, the said, system-browser integration is not debatable; Microsoft had their fun killing Netscape, now we have our fun watching them trying to fix the mess. (They wont).</p></htmltext>
<tokenext>Sandboxing &amp; virtualization of a sick browser is not a panacea .
If the sandboxed application is compromised , it could still be controlled in its own domain and compromise cookies , passwords and anything else that it obtainable in its virtual space .
It could still be used for malicious purposes , purposes that can could result in a knock on the door from the law.A hale and open sourced browser is the only safe way to go .
Screw IE , any version.Was it not the browser that would install keyloggers and dialers through the press of the [ Enter ] key as it would default on installation of any " signed " ActiveX , not matter how fucked up it was ?
Yes ! Did these people have any idea of what was happening on the Internet ?
Yes ! Fuckit , the said , system-browser integration is not debatable ; Microsoft had their fun killing Netscape , now we have our fun watching them trying to fix the mess .
( They wont ) .</tokentext>
<sentencetext>Sandboxing &amp; virtualization of a sick browser is not a panacea.
If the sandboxed application is compromised, it could still be controlled in its own domain and compromise cookies, passwords and anything else that it obtainable in its virtual space.
It could still be used for malicious purposes, purposes that can could result in a knock on the door from the law.A hale and open sourced browser is the only safe way to go.
Screw IE, any version.Was it not the browser that would install keyloggers and dialers through the press of the [Enter] key as it would default on installation of any "signed" ActiveX, not matter how fucked up it was?
Yes! Did these people have any idea of what was happening on the Internet?
Yes! Fuckit, the said, system-browser integration is not debatable; Microsoft had their fun killing Netscape, now we have our fun watching them trying to fix the mess.
(They wont).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810540</id>
	<title>I need MSIE to apply for a job at Comcast</title>
	<author>walterbyrd</author>
	<datestamp>1263842820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Comcast will not accept an non-IE browser. So, I suppose it does make to stay with msie, at least it's accepted by more websites.</p></htmltext>
<tokenext>Comcast will not accept an non-IE browser .
So , I suppose it does make to stay with msie , at least it 's accepted by more websites .</tokentext>
<sentencetext>Comcast will not accept an non-IE browser.
So, I suppose it does make to stay with msie, at least it's accepted by more websites.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809230</id>
	<title>Re:The right time to upgrade</title>
	<author>John Hasler</author>
	<datestamp>1263836880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>&gt;<nobr> <wbr></nobr>...the web app developers should have their Geek status revoked...</p><p>Most Web developers don't qualify for geek status.</p></htmltext>
<tokenext>&gt; ...the web app developers should have their Geek status revoked...Most Web developers do n't qualify for geek status .</tokentext>
<sentencetext>&gt; ...the web app developers should have their Geek status revoked...Most Web developers don't qualify for geek status.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940</id>
	<title>Faulty Products.  A comparison.</title>
	<author>Anonymous</author>
	<datestamp>1263830220000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>1</modscore>
	<htmltext><p>You know what struck me as strange when I read this post?  I thought about the issue that Firestone went through a few years back with their faulty tires causing a few deadly accidents.  By comparison:</p><p>If Firestone were to beg people to buy their faulty product, even though it was dangerous, people would think that Firestone being rather twisted and greedy.</p><p>When Microsoft basically does the same thing with their faulty product, it's somehow "OK"?</p><p>I guess the "go fix your shit and don't come back until it's done" mentality is rather dead these days...</p></htmltext>
<tokenext>You know what struck me as strange when I read this post ?
I thought about the issue that Firestone went through a few years back with their faulty tires causing a few deadly accidents .
By comparison : If Firestone were to beg people to buy their faulty product , even though it was dangerous , people would think that Firestone being rather twisted and greedy.When Microsoft basically does the same thing with their faulty product , it 's somehow " OK " ? I guess the " go fix your shit and do n't come back until it 's done " mentality is rather dead these days.. .</tokentext>
<sentencetext>You know what struck me as strange when I read this post?
I thought about the issue that Firestone went through a few years back with their faulty tires causing a few deadly accidents.
By comparison:If Firestone were to beg people to buy their faulty product, even though it was dangerous, people would think that Firestone being rather twisted and greedy.When Microsoft basically does the same thing with their faulty product, it's somehow "OK"?I guess the "go fix your shit and don't come back until it's done" mentality is rather dead these days...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808046</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>Anonymous</author>
	<datestamp>1263830760000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>DEP relies on hardware support, i.e. the processor must be able to flag memory as non-executable. Support for this flag is not available in AMD Athlon processors (pre-Athlon64), some Intel Pentium 4 processors and a few others. Yes, those are old, but they're still out there.</p></htmltext>
<tokenext>DEP relies on hardware support , i.e .
the processor must be able to flag memory as non-executable .
Support for this flag is not available in AMD Athlon processors ( pre-Athlon64 ) , some Intel Pentium 4 processors and a few others .
Yes , those are old , but they 're still out there .</tokentext>
<sentencetext>DEP relies on hardware support, i.e.
the processor must be able to flag memory as non-executable.
Support for this flag is not available in AMD Athlon processors (pre-Athlon64), some Intel Pentium 4 processors and a few others.
Yes, those are old, but they're still out there.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30819734</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>praseodym</author>
	<datestamp>1263919140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>So what about when DEP is not even available? Many older computers don't have CPUs with NX-bit support. AMD has only had them since AMD64 and Intel since later Pentium 4 iterations. There are enough boxes with those CPUs still running fine.</htmltext>
<tokenext>So what about when DEP is not even available ?
Many older computers do n't have CPUs with NX-bit support .
AMD has only had them since AMD64 and Intel since later Pentium 4 iterations .
There are enough boxes with those CPUs still running fine .</tokentext>
<sentencetext>So what about when DEP is not even available?
Many older computers don't have CPUs with NX-bit support.
AMD has only had them since AMD64 and Intel since later Pentium 4 iterations.
There are enough boxes with those CPUs still running fine.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30816218</id>
	<title>Microsoft recommends XP users to upgrade</title>
	<author>William (Dthdealer)</author>
	<datestamp>1263837540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I was listening on the radio this morning and a supposed Microsoft statement was read out on ABC (Australia) AM.

As well as upgrading Internet Exploder they also reccomended 'users of Windows XP' upgrade to later versions of Windoze.
<br> <br>
Microsoft even exploits bad publicity for their upgrade cycle.</htmltext>
<tokenext>I was listening on the radio this morning and a supposed Microsoft statement was read out on ABC ( Australia ) AM .
As well as upgrading Internet Exploder they also reccomended 'users of Windows XP ' upgrade to later versions of Windoze .
Microsoft even exploits bad publicity for their upgrade cycle .</tokentext>
<sentencetext>I was listening on the radio this morning and a supposed Microsoft statement was read out on ABC (Australia) AM.
As well as upgrading Internet Exploder they also reccomended 'users of Windows XP' upgrade to later versions of Windoze.
Microsoft even exploits bad publicity for their upgrade cycle.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808314</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>Anonymous</author>
	<datestamp>1263832260000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Except that using a faulty browser isn't more likely to kill than people riding with faulty tires on something that moves really fast.</p></htmltext>
<tokenext>Except that using a faulty browser is n't more likely to kill than people riding with faulty tires on something that moves really fast .</tokentext>
<sentencetext>Except that using a faulty browser isn't more likely to kill than people riding with faulty tires on something that moves really fast.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810098</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>jhol13</author>
	<datestamp>1263840660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Oh boy<nobr> <wbr></nobr>... Neither DEP not NX guarantees anything, so it really <b>can</b> work.</p><p>Sure, NX &amp; DEP are very good tools in making the browser safer, but they are no silver bullet ("return to c-lib").</p><p>P.S. some OS's (hint, hint) have NX on (practically?) every program, as they do ASLR (address space randomization).</p></htmltext>
<tokenext>Oh boy ... Neither DEP not NX guarantees anything , so it really can work.Sure , NX &amp; DEP are very good tools in making the browser safer , but they are no silver bullet ( " return to c-lib " ) .P.S .
some OS 's ( hint , hint ) have NX on ( practically ?
) every program , as they do ASLR ( address space randomization ) .</tokentext>
<sentencetext>Oh boy ... Neither DEP not NX guarantees anything, so it really can work.Sure, NX &amp; DEP are very good tools in making the browser safer, but they are no silver bullet ("return to c-lib").P.S.
some OS's (hint, hint) have NX on (practically?
) every program, as they do ASLR (address space randomization).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807736</id>
	<title>Always Look on the Bright Side of Life</title>
	<author>sznupi</author>
	<datestamp>1263829080000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>...or Death</p><p>Security theater to keep people on their, similarly defective, latest product is the best thing MS could do for now, it seems. I'm waiting for comment from Bruce Schneier...</p></htmltext>
<tokenext>...or DeathSecurity theater to keep people on their , similarly defective , latest product is the best thing MS could do for now , it seems .
I 'm waiting for comment from Bruce Schneier.. .</tokentext>
<sentencetext>...or DeathSecurity theater to keep people on their, similarly defective, latest product is the best thing MS could do for now, it seems.
I'm waiting for comment from Bruce Schneier...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809414</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>Anonymous</author>
	<datestamp>1263837660000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>So MS should take a lesson from Firestone and make it clear to users that IE is still recommended for use, just not on web sites that could potentially contain harmful code.</htmltext>
<tokenext>So MS should take a lesson from Firestone and make it clear to users that IE is still recommended for use , just not on web sites that could potentially contain harmful code .</tokentext>
<sentencetext>So MS should take a lesson from Firestone and make it clear to users that IE is still recommended for use, just not on web sites that could potentially contain harmful code.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807712</id>
	<title>Upgrade to Firefox</title>
	<author>Anonymous</author>
	<datestamp>1263829020000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext>I an upgrade it's needed, let's upgrade to Firefox and trick recalcitrant IE users using a some theme/persona.</htmltext>
<tokenext>I an upgrade it 's needed , let 's upgrade to Firefox and trick recalcitrant IE users using a some theme/persona .</tokentext>
<sentencetext>I an upgrade it's needed, let's upgrade to Firefox and trick recalcitrant IE users using a some theme/persona.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808250</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>Anonymous</author>
	<datestamp>1263831900000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>A browser exploit doesn't put your life in danger.</htmltext>
<tokenext>A browser exploit does n't put your life in danger .</tokentext>
<sentencetext>A browser exploit doesn't put your life in danger.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808064</id>
	<title>Channeling BadAnalogyGuy</title>
	<author>NevarMore</author>
	<datestamp>1263830820000</datestamp>
	<modclass>Flamebait</modclass>
	<modscore>-1</modscore>
	<htmltext><p>Barence, the submitter, shouldn't bother eating more fruits and vegetables. It won't fix his FUDish writing so why bother?</p></htmltext>
<tokenext>Barence , the submitter , should n't bother eating more fruits and vegetables .
It wo n't fix his FUDish writing so why bother ?</tokentext>
<sentencetext>Barence, the submitter, shouldn't bother eating more fruits and vegetables.
It won't fix his FUDish writing so why bother?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</id>
	<title>IE8 has the flaw but is immune...</title>
	<author>vistapwns</author>
	<datestamp>1263829020000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext>Because DEP is enabled by default in IE8, unlike IE6 and IE7.  The exploit can not work against IE8. Also, IE in modern versions of Windows is sandboxed, unlike Firefox.  Sorry to rain on the parade...</htmltext>
<tokenext>Because DEP is enabled by default in IE8 , unlike IE6 and IE7 .
The exploit can not work against IE8 .
Also , IE in modern versions of Windows is sandboxed , unlike Firefox .
Sorry to rain on the parade.. .</tokentext>
<sentencetext>Because DEP is enabled by default in IE8, unlike IE6 and IE7.
The exploit can not work against IE8.
Also, IE in modern versions of Windows is sandboxed, unlike Firefox.
Sorry to rain on the parade...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808592</id>
	<title>FAKE</title>
	<author>Anonymous</author>
	<datestamp>1263833880000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>According to the actual advisory (http://www.microsoft.com/technet/security/advisory/979352.mspx), no upgrading is recommended at all...</p></htmltext>
<tokenext>According to the actual advisory ( http : //www.microsoft.com/technet/security/advisory/979352.mspx ) , no upgrading is recommended at all.. .</tokentext>
<sentencetext>According to the actual advisory (http://www.microsoft.com/technet/security/advisory/979352.mspx), no upgrading is recommended at all...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809912</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>Anonymous</author>
	<datestamp>1263839820000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>No, IE8 has the flaw but is immune <i>on certain hardware</i>.  DEP is pretty much useless when the processor/BIOS doesn't support it.</p><p>If IE8 is vulnerable on any hardware--which it is--then it's vulnerable and needs to be fixed.  As with any security advisory, the vendor needs to take all of their customers into account, and individual administrators need to carefully read the advisory considering their knowledge of their systems to assess their actual vulnerability to the issue.</p></htmltext>
<tokenext>No , IE8 has the flaw but is immune on certain hardware .
DEP is pretty much useless when the processor/BIOS does n't support it.If IE8 is vulnerable on any hardware--which it is--then it 's vulnerable and needs to be fixed .
As with any security advisory , the vendor needs to take all of their customers into account , and individual administrators need to carefully read the advisory considering their knowledge of their systems to assess their actual vulnerability to the issue .</tokentext>
<sentencetext>No, IE8 has the flaw but is immune on certain hardware.
DEP is pretty much useless when the processor/BIOS doesn't support it.If IE8 is vulnerable on any hardware--which it is--then it's vulnerable and needs to be fixed.
As with any security advisory, the vendor needs to take all of their customers into account, and individual administrators need to carefully read the advisory considering their knowledge of their systems to assess their actual vulnerability to the issue.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809048</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>Anonymous</author>
	<datestamp>1263836220000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Uhhh...<i>as usual</i>?</p><p>Can yiu give a few pointers to other failed analogies on Slashdot? My own recollection (and searching a few minutes ago) only found ones that were pretty relevant or, in fact, downright funny.</p></htmltext>
<tokenext>Uhhh...as usual ? Can yiu give a few pointers to other failed analogies on Slashdot ?
My own recollection ( and searching a few minutes ago ) only found ones that were pretty relevant or , in fact , downright funny .</tokentext>
<sentencetext>Uhhh...as usual?Can yiu give a few pointers to other failed analogies on Slashdot?
My own recollection (and searching a few minutes ago) only found ones that were pretty relevant or, in fact, downright funny.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808336</id>
	<title>When will we change programming practices?</title>
	<author>haruchai</author>
	<datestamp>1263832380000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>It seems that all exploits that I've read about over the last decade all boil down to the same flaws - buffer overflows, invalid pointers, format strings, etc.<br>Yet, developers persist in using the same old programming languages &amp; libraries that are rife with weaknesses.<br>Why haven't they changed to something better? From what I can see, better tools have been available for a long time and, quite frankly,<br>the old "we've always done things this way and it would be too expensive to change" is real crap.<br>What about the cost of NOT changing? Is that irrelevant because the cost ( and consequences ) are the burden of the end-user, not the vendor?</p><p>Isn't it past time that things changed?</p></htmltext>
<tokenext>It seems that all exploits that I 've read about over the last decade all boil down to the same flaws - buffer overflows , invalid pointers , format strings , etc.Yet , developers persist in using the same old programming languages &amp; libraries that are rife with weaknesses.Why have n't they changed to something better ?
From what I can see , better tools have been available for a long time and , quite frankly,the old " we 've always done things this way and it would be too expensive to change " is real crap.What about the cost of NOT changing ?
Is that irrelevant because the cost ( and consequences ) are the burden of the end-user , not the vendor ? Is n't it past time that things changed ?</tokentext>
<sentencetext>It seems that all exploits that I've read about over the last decade all boil down to the same flaws - buffer overflows, invalid pointers, format strings, etc.Yet, developers persist in using the same old programming languages &amp; libraries that are rife with weaknesses.Why haven't they changed to something better?
From what I can see, better tools have been available for a long time and, quite frankly,the old "we've always done things this way and it would be too expensive to change" is real crap.What about the cost of NOT changing?
Is that irrelevant because the cost ( and consequences ) are the burden of the end-user, not the vendor?Isn't it past time that things changed?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807804</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>UnknowingFool</author>
	<datestamp>1263829500000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext>If it has the flaw, then it's not immune but it's less vulnerable.  If DEP is disabled (which may be required to get some apps to work), then IE8 can become exploited too.</htmltext>
<tokenext>If it has the flaw , then it 's not immune but it 's less vulnerable .
If DEP is disabled ( which may be required to get some apps to work ) , then IE8 can become exploited too .</tokentext>
<sentencetext>If it has the flaw, then it's not immune but it's less vulnerable.
If DEP is disabled (which may be required to get some apps to work), then IE8 can become exploited too.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30811788</id>
	<title>So microsoft software is flawed and vulnerable?</title>
	<author>Anonymous</author>
	<datestamp>1263805620000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>So with the zero day exploit and blah blah, microsoft is claiming that its software is flawed and vulnerable, and was rushed out the door to meet marketing and sales demands, rather than having tested and checked the software to see if its really ready or not?  The hell you say!  I would not have thought such an upstanding organization blah blah could possibly blah blah.  Cue the fanbois!  Its an undocumented feature!  This zero day exploit ensures that if microsoft wanted to post patches to your computer, they could get in without asking, thus saving you the trouble of having to do the work yourself.  You also don't have to send in feedback as to how you are using your computer, as they can find out on their own.  The same with banking information.  They can just send you the latest software in the mail, and take the money out of your bank account instead of you having to buy it yourself.  Isn't that conveniient?  Similarly, if your kid has had medical issues, they can tailor software to meet your needs, and send it to you (no fussy bills to pay, they know your bank account number).  Upgrade people, upgrade.  Oh, and remember to thank the developers, developers, developers, developers.</p></htmltext>
<tokenext>So with the zero day exploit and blah blah , microsoft is claiming that its software is flawed and vulnerable , and was rushed out the door to meet marketing and sales demands , rather than having tested and checked the software to see if its really ready or not ?
The hell you say !
I would not have thought such an upstanding organization blah blah could possibly blah blah .
Cue the fanbois !
Its an undocumented feature !
This zero day exploit ensures that if microsoft wanted to post patches to your computer , they could get in without asking , thus saving you the trouble of having to do the work yourself .
You also do n't have to send in feedback as to how you are using your computer , as they can find out on their own .
The same with banking information .
They can just send you the latest software in the mail , and take the money out of your bank account instead of you having to buy it yourself .
Is n't that conveniient ?
Similarly , if your kid has had medical issues , they can tailor software to meet your needs , and send it to you ( no fussy bills to pay , they know your bank account number ) .
Upgrade people , upgrade .
Oh , and remember to thank the developers , developers , developers , developers .</tokentext>
<sentencetext>So with the zero day exploit and blah blah, microsoft is claiming that its software is flawed and vulnerable, and was rushed out the door to meet marketing and sales demands, rather than having tested and checked the software to see if its really ready or not?
The hell you say!
I would not have thought such an upstanding organization blah blah could possibly blah blah.
Cue the fanbois!
Its an undocumented feature!
This zero day exploit ensures that if microsoft wanted to post patches to your computer, they could get in without asking, thus saving you the trouble of having to do the work yourself.
You also don't have to send in feedback as to how you are using your computer, as they can find out on their own.
The same with banking information.
They can just send you the latest software in the mail, and take the money out of your bank account instead of you having to buy it yourself.
Isn't that conveniient?
Similarly, if your kid has had medical issues, they can tailor software to meet your needs, and send it to you (no fussy bills to pay, they know your bank account number).
Upgrade people, upgrade.
Oh, and remember to thank the developers, developers, developers, developers.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30814864</id>
	<title>Re:The right time to upgrade</title>
	<author>Techman83</author>
	<datestamp>1263822540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Sometimes these decisions are out of the hands of the "techies" you speak of. IE7 tends to turn our machines into slow running pieces of crap, IE8 does some weird things with some of the internal sites (even in "compatibility mode") and Firefox is scheduled to be considered for our next SOE (but that is no small task).<br> <br>There is no magic button to change overnight, because if there is some small reason that the Alternate browser doesn't work, isn't stable, doesn't present Manager X's favorite site correctly,  it will chip away at the products reputation. Now matter how good a product is, unless you get staff buy in and keep up it's reputation (proper testing, piloting, rollout strategy) it will ultimately get shunned by the masses and never be allowed back.<br> <br>Good "techies" aren't cow boys, whilst there may be a time and a place for quick hacks, replacing an application that is used by every staff member, every day, needs some damn careful planning.</htmltext>
<tokenext>Sometimes these decisions are out of the hands of the " techies " you speak of .
IE7 tends to turn our machines into slow running pieces of crap , IE8 does some weird things with some of the internal sites ( even in " compatibility mode " ) and Firefox is scheduled to be considered for our next SOE ( but that is no small task ) .
There is no magic button to change overnight , because if there is some small reason that the Alternate browser does n't work , is n't stable , does n't present Manager X 's favorite site correctly , it will chip away at the products reputation .
Now matter how good a product is , unless you get staff buy in and keep up it 's reputation ( proper testing , piloting , rollout strategy ) it will ultimately get shunned by the masses and never be allowed back .
Good " techies " are n't cow boys , whilst there may be a time and a place for quick hacks , replacing an application that is used by every staff member , every day , needs some damn careful planning .</tokentext>
<sentencetext>Sometimes these decisions are out of the hands of the "techies" you speak of.
IE7 tends to turn our machines into slow running pieces of crap, IE8 does some weird things with some of the internal sites (even in "compatibility mode") and Firefox is scheduled to be considered for our next SOE (but that is no small task).
There is no magic button to change overnight, because if there is some small reason that the Alternate browser doesn't work, isn't stable, doesn't present Manager X's favorite site correctly,  it will chip away at the products reputation.
Now matter how good a product is, unless you get staff buy in and keep up it's reputation (proper testing, piloting, rollout strategy) it will ultimately get shunned by the masses and never be allowed back.
Good "techies" aren't cow boys, whilst there may be a time and a place for quick hacks, replacing an application that is used by every staff member, every day, needs some damn careful planning.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808236</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>Anonymous</author>
	<datestamp>1263831780000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I agree 100\%, even though I use Iron myself.* That said, this particular bug was solved in 1995: in that year Visual Basic 4.0 came out, and in VB it's impossible to reference dead objects unless you're linking with C++ code. So this whole class of bugs could be entirely eliminated by using a programming language that has proper semantics for allocating and freeing objects. You could even extend C++ if you want to stick with that, but anyway the problem has been solved for at least 15 years. It's just that people aren't using the solution.<br>* I thus also think it's a disgrace that the German and French government are urging people to drop IE; it's undue market interference and it shows that the Microsoft bashing of the various European governmental bodies isn't fueled by consumer protection or upholding of justice, but by a general dislike of Microsoft. If you think that's a good thing, and there is nothing wrong with the fact that they're allowed to act like this, think again. What if they turn against you or some cause you're sympathetic with, there's nothing you can do because proper checks apparently aren't in place.</p></htmltext>
<tokenext>I agree 100 \ % , even though I use Iron myself .
* That said , this particular bug was solved in 1995 : in that year Visual Basic 4.0 came out , and in VB it 's impossible to reference dead objects unless you 're linking with C + + code .
So this whole class of bugs could be entirely eliminated by using a programming language that has proper semantics for allocating and freeing objects .
You could even extend C + + if you want to stick with that , but anyway the problem has been solved for at least 15 years .
It 's just that people are n't using the solution .
* I thus also think it 's a disgrace that the German and French government are urging people to drop IE ; it 's undue market interference and it shows that the Microsoft bashing of the various European governmental bodies is n't fueled by consumer protection or upholding of justice , but by a general dislike of Microsoft .
If you think that 's a good thing , and there is nothing wrong with the fact that they 're allowed to act like this , think again .
What if they turn against you or some cause you 're sympathetic with , there 's nothing you can do because proper checks apparently are n't in place .</tokentext>
<sentencetext>I agree 100\%, even though I use Iron myself.
* That said, this particular bug was solved in 1995: in that year Visual Basic 4.0 came out, and in VB it's impossible to reference dead objects unless you're linking with C++ code.
So this whole class of bugs could be entirely eliminated by using a programming language that has proper semantics for allocating and freeing objects.
You could even extend C++ if you want to stick with that, but anyway the problem has been solved for at least 15 years.
It's just that people aren't using the solution.
* I thus also think it's a disgrace that the German and French government are urging people to drop IE; it's undue market interference and it shows that the Microsoft bashing of the various European governmental bodies isn't fueled by consumer protection or upholding of justice, but by a general dislike of Microsoft.
If you think that's a good thing, and there is nothing wrong with the fact that they're allowed to act like this, think again.
What if they turn against you or some cause you're sympathetic with, there's nothing you can do because proper checks apparently aren't in place.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809458</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>JWSmythe</author>
	<datestamp>1263837900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>
&nbsp; &nbsp; I did some reading up on this.  I don't use Firestone tires, nor do I drive a Ford, so I didn't follow it too carefully.  Last I heard, there was talk of a defect in the Ford assembly line that compromised the tires at the factory.  That talk seems to have gone away though.</p><p>
&nbsp; &nbsp; What I did find is, after rollover problems were found in their pre-sales testing, they reduced the recommended tire pressure from 30psi to 26psi.  I guess it was a problem where the tires were too hard, so they softened them up a little to keep the truck from rolling over, possibly because of the high CG.  This minor reduction in pressure wouldn't lower the CG much (like 0.0090") The rated max tire pressure was 35psi, which would cause problems if driven at highway speeds for a long duration.   Depending on the tire, 30psi cold could easily become 35psi on a long trip.  26psi wouldn't be enough to make the tire overheat.</p><p>
&nbsp; &nbsp; Car &amp; Driver magazine did a test in the Explorers, inducing a blowout.  With professional drivers on a closed course, the blowouts did not cause a rollover.  It was likely a combination of a mechanical failure (blown tire) and poor emergency driving skills.</p></htmltext>
<tokenext>    I did some reading up on this .
I do n't use Firestone tires , nor do I drive a Ford , so I did n't follow it too carefully .
Last I heard , there was talk of a defect in the Ford assembly line that compromised the tires at the factory .
That talk seems to have gone away though .
    What I did find is , after rollover problems were found in their pre-sales testing , they reduced the recommended tire pressure from 30psi to 26psi .
I guess it was a problem where the tires were too hard , so they softened them up a little to keep the truck from rolling over , possibly because of the high CG .
This minor reduction in pressure would n't lower the CG much ( like 0.0090 " ) The rated max tire pressure was 35psi , which would cause problems if driven at highway speeds for a long duration .
Depending on the tire , 30psi cold could easily become 35psi on a long trip .
26psi would n't be enough to make the tire overheat .
    Car &amp; Driver magazine did a test in the Explorers , inducing a blowout .
With professional drivers on a closed course , the blowouts did not cause a rollover .
It was likely a combination of a mechanical failure ( blown tire ) and poor emergency driving skills .</tokentext>
<sentencetext>
    I did some reading up on this.
I don't use Firestone tires, nor do I drive a Ford, so I didn't follow it too carefully.
Last I heard, there was talk of a defect in the Ford assembly line that compromised the tires at the factory.
That talk seems to have gone away though.
    What I did find is, after rollover problems were found in their pre-sales testing, they reduced the recommended tire pressure from 30psi to 26psi.
I guess it was a problem where the tires were too hard, so they softened them up a little to keep the truck from rolling over, possibly because of the high CG.
This minor reduction in pressure wouldn't lower the CG much (like 0.0090") The rated max tire pressure was 35psi, which would cause problems if driven at highway speeds for a long duration.
Depending on the tire, 30psi cold could easily become 35psi on a long trip.
26psi wouldn't be enough to make the tire overheat.
    Car &amp; Driver magazine did a test in the Explorers, inducing a blowout.
With professional drivers on a closed course, the blowouts did not cause a rollover.
It was likely a combination of a mechanical failure (blown tire) and poor emergency driving skills.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808504</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30812634</id>
	<title>Re:Marketing must be pleased</title>
	<author>Hurricane78</author>
	<datestamp>1263809640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Well, why did the software engineer let the marketing shill drive the company in the first place? It&rsquo;s his own damn fault. Should have manned up and said &ldquo;NO&ldquo;.</p></htmltext>
<tokenext>Well , why did the software engineer let the marketing shill drive the company in the first place ?
It    s his own damn fault .
Should have manned up and said    NO    .</tokentext>
<sentencetext>Well, why did the software engineer let the marketing shill drive the company in the first place?
It’s his own damn fault.
Should have manned up and said “NO“.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807776</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808062</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>Infiniti2000</author>
	<datestamp>1263830820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>That's a bad analogy, because the TFA only suggests <i>customers</i> to upgrade to IE8 from a previous version.  It doesn't appear to be a money grab, i.e. (no pun intended) there's no recommendation to switch from say Firefox to IE8.</htmltext>
<tokenext>That 's a bad analogy , because the TFA only suggests customers to upgrade to IE8 from a previous version .
It does n't appear to be a money grab , i.e .
( no pun intended ) there 's no recommendation to switch from say Firefox to IE8 .</tokentext>
<sentencetext>That's a bad analogy, because the TFA only suggests customers to upgrade to IE8 from a previous version.
It doesn't appear to be a money grab, i.e.
(no pun intended) there's no recommendation to switch from say Firefox to IE8.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809168</id>
	<title>Re:Who cares?</title>
	<author>BasharTeg</author>
	<datestamp>1263836640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Yeah, because Firefox's exploit stats aren't worse than any other modern browser right?  Maybe you need to do a little research.</p></htmltext>
<tokenext>Yeah , because Firefox 's exploit stats are n't worse than any other modern browser right ?
Maybe you need to do a little research .</tokentext>
<sentencetext>Yeah, because Firefox's exploit stats aren't worse than any other modern browser right?
Maybe you need to do a little research.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808292</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262</id>
	<title>The right time to upgrade</title>
	<author>Random BedHead Ed</author>
	<datestamp>1263831960000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>The right time to stop using IE6 is not with this new exploit. It's circa 2003. I find all this perplexing because from what I hear, the people who keep thrusting IE6 on people like a poisoned dagger are IT departments, but aren't IT departments supposed to be staffed by, you know, <em>techies?</em> The kind of people who go to nerdy sites like<nobr> <wbr></nobr>/. and should know IE6 sucks rat balls?</p><p>I understand that other browsers like Firefox might have been hard to push out and manage back when the world first discovered that browsing can improve as long as you avoid Microsoft, but what about IE7? That came out over two years ago and it definitely sucks <em>slightly</em> less. Can we revoke Geek status from IT staff that are still pushing IE6? Ban them from this site? Cut off their Internets until they appologize?</p><p>(Special consideration would of course be extended to those techies who were unjustly forbidden from upgrading IE in their infrastructure because of web apps that only worked on IE6; the web app developers should have their Geek status revoked instead.)</p></htmltext>
<tokenext>The right time to stop using IE6 is not with this new exploit .
It 's circa 2003 .
I find all this perplexing because from what I hear , the people who keep thrusting IE6 on people like a poisoned dagger are IT departments , but are n't IT departments supposed to be staffed by , you know , techies ?
The kind of people who go to nerdy sites like / .
and should know IE6 sucks rat balls ? I understand that other browsers like Firefox might have been hard to push out and manage back when the world first discovered that browsing can improve as long as you avoid Microsoft , but what about IE7 ?
That came out over two years ago and it definitely sucks slightly less .
Can we revoke Geek status from IT staff that are still pushing IE6 ?
Ban them from this site ?
Cut off their Internets until they appologize ?
( Special consideration would of course be extended to those techies who were unjustly forbidden from upgrading IE in their infrastructure because of web apps that only worked on IE6 ; the web app developers should have their Geek status revoked instead .
)</tokentext>
<sentencetext>The right time to stop using IE6 is not with this new exploit.
It's circa 2003.
I find all this perplexing because from what I hear, the people who keep thrusting IE6 on people like a poisoned dagger are IT departments, but aren't IT departments supposed to be staffed by, you know, techies?
The kind of people who go to nerdy sites like /.
and should know IE6 sucks rat balls?I understand that other browsers like Firefox might have been hard to push out and manage back when the world first discovered that browsing can improve as long as you avoid Microsoft, but what about IE7?
That came out over two years ago and it definitely sucks slightly less.
Can we revoke Geek status from IT staff that are still pushing IE6?
Ban them from this site?
Cut off their Internets until they appologize?
(Special consideration would of course be extended to those techies who were unjustly forbidden from upgrading IE in their infrastructure because of web apps that only worked on IE6; the web app developers should have their Geek status revoked instead.
)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808016</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>Penguinisto</author>
	<datestamp>1263830580000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>True, DEP is enabled by default on the Win 7  / IE8 combo. OTOH, neither will run (very well, anyway) a horde of old enterprise services and suites that still linger about the industry, compatibility modes be damned.</p><p>There are fixes and workarounds, but they can get rather expensive (and usually involve an XP Mode server of sorts, or Terminal Services seat licenses, etc).</p><p>Long story short, there's either gonna be a lot of code that will get re-written, or a lot of businesses that will hang on to IE6 until then.</p></htmltext>
<tokenext>True , DEP is enabled by default on the Win 7 / IE8 combo .
OTOH , neither will run ( very well , anyway ) a horde of old enterprise services and suites that still linger about the industry , compatibility modes be damned.There are fixes and workarounds , but they can get rather expensive ( and usually involve an XP Mode server of sorts , or Terminal Services seat licenses , etc ) .Long story short , there 's either gon na be a lot of code that will get re-written , or a lot of businesses that will hang on to IE6 until then .</tokentext>
<sentencetext>True, DEP is enabled by default on the Win 7  / IE8 combo.
OTOH, neither will run (very well, anyway) a horde of old enterprise services and suites that still linger about the industry, compatibility modes be damned.There are fixes and workarounds, but they can get rather expensive (and usually involve an XP Mode server of sorts, or Terminal Services seat licenses, etc).Long story short, there's either gonna be a lot of code that will get re-written, or a lot of businesses that will hang on to IE6 until then.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808526</id>
	<title>Pentagon thinking</title>
	<author>Anonymous</author>
	<datestamp>1263833400000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>Are there a lot of ex-Pentagon bureaucrats at Microsoft? Both seem to have an incredibly self-destructive habit of doing anything but owning up to the problems they create, apparently oblivious to the fact that it's a lot better for all involved if they were to just say, "Hey, we fucked up, and we're going to fix it," and <i>then fixing it</i>. It's not like the competing browsers haven't had plenty of security holes, but the difference with -- to pick the one I'm most familiar with -- Firefox is that when a vulnerability is discovered, my first awareness of it is generally a new welcome screen in the morning announcing the fix. With IE, it's listening to users and admins bitch about unresolved issues in browsers that have been in the field for <i>for years</i>.</p><p>Oh well, it could be worse. At least aerial defoliants and depleted uranium munitions are not among Microsoft's current offerings.</p></htmltext>
<tokenext>Are there a lot of ex-Pentagon bureaucrats at Microsoft ?
Both seem to have an incredibly self-destructive habit of doing anything but owning up to the problems they create , apparently oblivious to the fact that it 's a lot better for all involved if they were to just say , " Hey , we fucked up , and we 're going to fix it , " and then fixing it .
It 's not like the competing browsers have n't had plenty of security holes , but the difference with -- to pick the one I 'm most familiar with -- Firefox is that when a vulnerability is discovered , my first awareness of it is generally a new welcome screen in the morning announcing the fix .
With IE , it 's listening to users and admins bitch about unresolved issues in browsers that have been in the field for for years.Oh well , it could be worse .
At least aerial defoliants and depleted uranium munitions are not among Microsoft 's current offerings .</tokentext>
<sentencetext>Are there a lot of ex-Pentagon bureaucrats at Microsoft?
Both seem to have an incredibly self-destructive habit of doing anything but owning up to the problems they create, apparently oblivious to the fact that it's a lot better for all involved if they were to just say, "Hey, we fucked up, and we're going to fix it," and then fixing it.
It's not like the competing browsers haven't had plenty of security holes, but the difference with -- to pick the one I'm most familiar with -- Firefox is that when a vulnerability is discovered, my first awareness of it is generally a new welcome screen in the morning announcing the fix.
With IE, it's listening to users and admins bitch about unresolved issues in browsers that have been in the field for for years.Oh well, it could be worse.
At least aerial defoliants and depleted uranium munitions are not among Microsoft's current offerings.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807680</id>
	<title>Not fixing it in IE6...</title>
	<author>Anonymous</author>
	<datestamp>1263828900000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>0</modscore>
	<htmltext><p>.. now *that* would be real fun.</p></htmltext>
<tokenext>.. now * that * would be real fun .</tokentext>
<sentencetext>.. now *that* would be real fun.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807776</id>
	<title>Marketing must be pleased</title>
	<author>Anonymous</author>
	<datestamp>1263829320000</datestamp>
	<modclass>Funny</modclass>
	<modscore>5</modscore>
	<htmltext><p> <b>Software Engineer:</b> "It's a complete mess... The vulnerability is present in IE6, 7, and 8 and it won't be an easy fix."</p><p> <b>Marketing Shill:</b> "Excellent! Now they've no reason not to upgrade to IE8. Get out a Security Advisory at once!"</p></htmltext>
<tokenext>Software Engineer : " It 's a complete mess... The vulnerability is present in IE6 , 7 , and 8 and it wo n't be an easy fix .
" Marketing Shill : " Excellent !
Now they 've no reason not to upgrade to IE8 .
Get out a Security Advisory at once !
"</tokentext>
<sentencetext> Software Engineer: "It's a complete mess... The vulnerability is present in IE6, 7, and 8 and it won't be an easy fix.
" Marketing Shill: "Excellent!
Now they've no reason not to upgrade to IE8.
Get out a Security Advisory at once!
"</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808456</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>Anonymous</author>
	<datestamp>1263832980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>As usual, another <b>car</b> analogy on<nobr> <wbr></nobr>/. fails...</p></div><p>There, fixed that for you.<nobr> <wbr></nobr>;-)</p></div>
	</htmltext>
<tokenext>As usual , another car analogy on / .
fails...There , fixed that for you .
; - )</tokentext>
<sentencetext>As usual, another car analogy on /.
fails...There, fixed that for you.
;-)
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30813556</id>
	<title>Really, we brought this on ourselves</title>
	<author>FlyingGuy</author>
	<datestamp>1263814020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I have been around long enough to remember when a browser was JUST a browser ( no I am not talking about Linx ) but early versions of NetScape.</p><p>The problem fundamentally one of overreaching..</p><p>It is all part of the "Hey look what I can make this thing do!!" syndrome.</p><p>And yes this is a syndrome and all of us, myself included, are suffering from it.  We want to impress our peers, we want to make the computer sit and beg, rollover and play dead whatever<nobr> <wbr></nobr>...</p><p> <b>NONE</b> of this yummy was ever thought all the way through and I mean since HTML version 0.01, CSS 0.01 and beyond.  We still have the checkbox control that is never returned by the browser <b>unless it's checked!</b> and how long have we all had to write stupid work around's for that stupidity.</p><p>We want the browser to be <b>everything</b> text rendering program, application container, remote control device you name it.  We <b>gave</b> it the ability to get to the OS ( upload files through your browser much? ), we started giving it hooks into <b>everything</b> without thinking about the consequences of our actions, "Hey lets make the browser a Word Processor, lets make it a spreadsheet!! Hey wow look at what I can do!", lets give it a scripting language, lets give it the ability to do XYZ and all of that has to hook into the OS at various levels.</p><p>In typical Microsoft style the had to one up everyone and do it badly, but we led them down this garden path, so really we have no one to blame but ourselves for the current mess of security problems that effect <b>all browsers</b> but more so Microsoft because they chose to allow the browser to go even deeper into the OS then anyone.</p></htmltext>
<tokenext>I have been around long enough to remember when a browser was JUST a browser ( no I am not talking about Linx ) but early versions of NetScape.The problem fundamentally one of overreaching..It is all part of the " Hey look what I can make this thing do ! !
" syndrome.And yes this is a syndrome and all of us , myself included , are suffering from it .
We want to impress our peers , we want to make the computer sit and beg , rollover and play dead whatever ... NONE of this yummy was ever thought all the way through and I mean since HTML version 0.01 , CSS 0.01 and beyond .
We still have the checkbox control that is never returned by the browser unless it 's checked !
and how long have we all had to write stupid work around 's for that stupidity.We want the browser to be everything text rendering program , application container , remote control device you name it .
We gave it the ability to get to the OS ( upload files through your browser much ?
) , we started giving it hooks into everything without thinking about the consequences of our actions , " Hey lets make the browser a Word Processor , lets make it a spreadsheet ! !
Hey wow look at what I can do !
" , lets give it a scripting language , lets give it the ability to do XYZ and all of that has to hook into the OS at various levels.In typical Microsoft style the had to one up everyone and do it badly , but we led them down this garden path , so really we have no one to blame but ourselves for the current mess of security problems that effect all browsers but more so Microsoft because they chose to allow the browser to go even deeper into the OS then anyone .</tokentext>
<sentencetext>I have been around long enough to remember when a browser was JUST a browser ( no I am not talking about Linx ) but early versions of NetScape.The problem fundamentally one of overreaching..It is all part of the "Hey look what I can make this thing do!!
" syndrome.And yes this is a syndrome and all of us, myself included, are suffering from it.
We want to impress our peers, we want to make the computer sit and beg, rollover and play dead whatever ... NONE of this yummy was ever thought all the way through and I mean since HTML version 0.01, CSS 0.01 and beyond.
We still have the checkbox control that is never returned by the browser unless it's checked!
and how long have we all had to write stupid work around's for that stupidity.We want the browser to be everything text rendering program, application container, remote control device you name it.
We gave it the ability to get to the OS ( upload files through your browser much?
), we started giving it hooks into everything without thinking about the consequences of our actions, "Hey lets make the browser a Word Processor, lets make it a spreadsheet!!
Hey wow look at what I can do!
", lets give it a scripting language, lets give it the ability to do XYZ and all of that has to hook into the OS at various levels.In typical Microsoft style the had to one up everyone and do it badly, but we led them down this garden path, so really we have no one to blame but ourselves for the current mess of security problems that effect all browsers but more so Microsoft because they chose to allow the browser to go even deeper into the OS then anyone.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30812852</id>
	<title>I did upgrade</title>
	<author>Anonymous</author>
	<datestamp>1263810600000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I did upgrade, a long time ago to Netscape, then Firefox and next to Ubuntu.</p></htmltext>
<tokenext>I did upgrade , a long time ago to Netscape , then Firefox and next to Ubuntu .</tokentext>
<sentencetext>I did upgrade, a long time ago to Netscape, then Firefox and next to Ubuntu.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808936</id>
	<title>DEP is controller per-task on Windows</title>
	<author>YesIAmAScript</author>
	<datestamp>1263835680000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It has been since it debuted in an XP service pack.</p><p>So if you "disable" DEP to make some apps work, it still isn't disabled for IE8, because IE8 opts-in for it.</p></htmltext>
<tokenext>It has been since it debuted in an XP service pack.So if you " disable " DEP to make some apps work , it still is n't disabled for IE8 , because IE8 opts-in for it .</tokentext>
<sentencetext>It has been since it debuted in an XP service pack.So if you "disable" DEP to make some apps work, it still isn't disabled for IE8, because IE8 opts-in for it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807804</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810134</id>
	<title>Good Luck With that....</title>
	<author>cervo</author>
	<datestamp>1263840840000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>The place I work is still running IE 6.  About 6 months ago they did a big effort to upgrade to IE 7, tested all their apps, and then decided that they weren't ready.  There is currently no time table to upgrade to IE7 let alone 8.<br> <br>
A company I interned at had IE 4.0 for the longest time, even after 5 came out, and the latest versions of netscape....<br> <br>
I think what our friends at Microsoft don't realize is that big companies (especially big regulated companies) are really slow to move on things.  Upgrade to IE 8 is not really a valid answer.  A large regulated company will spend months testing, and in many cases it will take years to go upgrade.  Now if IE didn't encourage people to violate web standards, then it wouldn't be that bad.  But unfortunately it does and people do.  So fixing things to work with IE7 or even IE8 after IE 6 is a pretty big deal.<br> <br>
So good luck with that.  I know my company is going to be running IE 6 for at least another year, maybe more.  They have to go slow because it is a financial company and they are subject to all sorts of SOX controls and regulations.  Also upgrading browsers does not immediately generate revenue so it is not a high priority.  They don't even use the right resources for testing so it drags out much longer than it should....<br> <br>
I worked at a Microsoft Fanboy company but even then it took a good 6 months to test all the apps with IE 7 and there the roll out wasn't company wide, just that division.  There was also a project in Parallel to fix the issues and move all development projects to Visual Studio 2005.  They properly staffed based on what they had, and it still took 6 months.  And they were Microsoft Fanboys.  I mean SQL SErver 2005 comes out, they need to upgrade within a year.  SQL Server 2008 comes out, they put on a project to upgrade within a year.  Windows Vista comes out, they need to upgrade....  And even there 6 months time is a lot of time to be exposed to a vulnerability.  And they are the exception not the rule.<br> <br>
For many companies a security issue or browser upgrade does not generate revenue and is super low priority....</htmltext>
<tokenext>The place I work is still running IE 6 .
About 6 months ago they did a big effort to upgrade to IE 7 , tested all their apps , and then decided that they were n't ready .
There is currently no time table to upgrade to IE7 let alone 8 .
A company I interned at had IE 4.0 for the longest time , even after 5 came out , and the latest versions of netscape... . I think what our friends at Microsoft do n't realize is that big companies ( especially big regulated companies ) are really slow to move on things .
Upgrade to IE 8 is not really a valid answer .
A large regulated company will spend months testing , and in many cases it will take years to go upgrade .
Now if IE did n't encourage people to violate web standards , then it would n't be that bad .
But unfortunately it does and people do .
So fixing things to work with IE7 or even IE8 after IE 6 is a pretty big deal .
So good luck with that .
I know my company is going to be running IE 6 for at least another year , maybe more .
They have to go slow because it is a financial company and they are subject to all sorts of SOX controls and regulations .
Also upgrading browsers does not immediately generate revenue so it is not a high priority .
They do n't even use the right resources for testing so it drags out much longer than it should... . I worked at a Microsoft Fanboy company but even then it took a good 6 months to test all the apps with IE 7 and there the roll out was n't company wide , just that division .
There was also a project in Parallel to fix the issues and move all development projects to Visual Studio 2005 .
They properly staffed based on what they had , and it still took 6 months .
And they were Microsoft Fanboys .
I mean SQL SErver 2005 comes out , they need to upgrade within a year .
SQL Server 2008 comes out , they put on a project to upgrade within a year .
Windows Vista comes out , they need to upgrade.... And even there 6 months time is a lot of time to be exposed to a vulnerability .
And they are the exception not the rule .
For many companies a security issue or browser upgrade does not generate revenue and is super low priority... .</tokentext>
<sentencetext>The place I work is still running IE 6.
About 6 months ago they did a big effort to upgrade to IE 7, tested all their apps, and then decided that they weren't ready.
There is currently no time table to upgrade to IE7 let alone 8.
A company I interned at had IE 4.0 for the longest time, even after 5 came out, and the latest versions of netscape.... 
I think what our friends at Microsoft don't realize is that big companies (especially big regulated companies) are really slow to move on things.
Upgrade to IE 8 is not really a valid answer.
A large regulated company will spend months testing, and in many cases it will take years to go upgrade.
Now if IE didn't encourage people to violate web standards, then it wouldn't be that bad.
But unfortunately it does and people do.
So fixing things to work with IE7 or even IE8 after IE 6 is a pretty big deal.
So good luck with that.
I know my company is going to be running IE 6 for at least another year, maybe more.
They have to go slow because it is a financial company and they are subject to all sorts of SOX controls and regulations.
Also upgrading browsers does not immediately generate revenue so it is not a high priority.
They don't even use the right resources for testing so it drags out much longer than it should.... 
I worked at a Microsoft Fanboy company but even then it took a good 6 months to test all the apps with IE 7 and there the roll out wasn't company wide, just that division.
There was also a project in Parallel to fix the issues and move all development projects to Visual Studio 2005.
They properly staffed based on what they had, and it still took 6 months.
And they were Microsoft Fanboys.
I mean SQL SErver 2005 comes out, they need to upgrade within a year.
SQL Server 2008 comes out, they put on a project to upgrade within a year.
Windows Vista comes out, they need to upgrade....  And even there 6 months time is a lot of time to be exposed to a vulnerability.
And they are the exception not the rule.
For many companies a security issue or browser upgrade does not generate revenue and is super low priority....</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808748</id>
	<title>Re:When will we change programming practices?</title>
	<author>tokul</author>
	<datestamp>1263834900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>Why haven't they changed to something better? From what I can see, better tools have been available for a long time and, quite frankly,
the old "we've always done things this way and it would be too expensive to change" is real crap.</p></div>
</blockquote><ol> <li>"better tools are available" means nothing if you don't name those tools.</li><li>Complete rewrite does not make thing secure. It adds new problems and can reintroduce old ones. older stuff works and needs few patches. New stuff would require a lot more patching and more coding hours. You won't call old stuff crap, if you know how it works and you are the one who has to redo same thing on new stuff.</li></ol></div>
	</htmltext>
<tokenext>Why have n't they changed to something better ?
From what I can see , better tools have been available for a long time and , quite frankly , the old " we 've always done things this way and it would be too expensive to change " is real crap .
" better tools are available " means nothing if you do n't name those tools.Complete rewrite does not make thing secure .
It adds new problems and can reintroduce old ones .
older stuff works and needs few patches .
New stuff would require a lot more patching and more coding hours .
You wo n't call old stuff crap , if you know how it works and you are the one who has to redo same thing on new stuff .</tokentext>
<sentencetext>Why haven't they changed to something better?
From what I can see, better tools have been available for a long time and, quite frankly,
the old "we've always done things this way and it would be too expensive to change" is real crap.
"better tools are available" means nothing if you don't name those tools.Complete rewrite does not make thing secure.
It adds new problems and can reintroduce old ones.
older stuff works and needs few patches.
New stuff would require a lot more patching and more coding hours.
You won't call old stuff crap, if you know how it works and you are the one who has to redo same thing on new stuff.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808336</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808608</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>jim\_v2000</author>
	<datestamp>1263833940000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Browser security is great in theory, but the last two infections I cleaned up at work were from people downloading Flash\_Update.exe and running it so they could watch some video from "Santa" that they got in their email.</htmltext>
<tokenext>Browser security is great in theory , but the last two infections I cleaned up at work were from people downloading Flash \ _Update.exe and running it so they could watch some video from " Santa " that they got in their email .</tokentext>
<sentencetext>Browser security is great in theory, but the last two infections I cleaned up at work were from people downloading Flash\_Update.exe and running it so they could watch some video from "Santa" that they got in their email.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808770</id>
	<title>IE5 rules supreme</title>
	<author>Anonymous</author>
	<datestamp>1263834960000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>Actually, IE5 is the only version not effected. You should be downgrading not upgrading.</p><p><a href="http://www.theregister.co.uk/2010/01/14/cyber\_assault\_followup/" title="theregister.co.uk" rel="nofollow">http://www.theregister.co.uk/2010/01/14/cyber\_assault\_followup/</a> [theregister.co.uk]</p><p>"But Kurtz warned the vulnerability exists in all versions of IE except for IE 5.01, service pack 4, and that it would be possible for attackers to work around the protection."</p></htmltext>
<tokenext>Actually , IE5 is the only version not effected .
You should be downgrading not upgrading.http : //www.theregister.co.uk/2010/01/14/cyber \ _assault \ _followup/ [ theregister.co.uk ] " But Kurtz warned the vulnerability exists in all versions of IE except for IE 5.01 , service pack 4 , and that it would be possible for attackers to work around the protection .
"</tokentext>
<sentencetext>Actually, IE5 is the only version not effected.
You should be downgrading not upgrading.http://www.theregister.co.uk/2010/01/14/cyber\_assault\_followup/ [theregister.co.uk]"But Kurtz warned the vulnerability exists in all versions of IE except for IE 5.01, service pack 4, and that it would be possible for attackers to work around the protection.
"</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807858</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>KnownIssues</author>
	<datestamp>1263829800000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext>Then why would Microsoft state that IE8 is vulnerable to this flaw? They don't seem to be known for exaggerating the vulnerability of their software. I'm sure I'm missing something here, I'm just sincerely not seeing why Microsoft would claim it would affect IE8 if they could make the opposite claim with any accuracy.</htmltext>
<tokenext>Then why would Microsoft state that IE8 is vulnerable to this flaw ?
They do n't seem to be known for exaggerating the vulnerability of their software .
I 'm sure I 'm missing something here , I 'm just sincerely not seeing why Microsoft would claim it would affect IE8 if they could make the opposite claim with any accuracy .</tokentext>
<sentencetext>Then why would Microsoft state that IE8 is vulnerable to this flaw?
They don't seem to be known for exaggerating the vulnerability of their software.
I'm sure I'm missing something here, I'm just sincerely not seeing why Microsoft would claim it would affect IE8 if they could make the opposite claim with any accuracy.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808342</id>
	<title>mod /do3n</title>
	<author>Anonymous</author>
	<datestamp>1263832440000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><A HREF="http://goat.cx/" title="goat.cx" rel="nofollow">driven out by the Lite is straining election to the both believed that of FreeBSD Usenet the most. LLok at reaper Nor do the</a> [goat.cx]</htmltext>
<tokenext>driven out by the Lite is straining election to the both believed that of FreeBSD Usenet the most .
LLok at reaper Nor do the [ goat.cx ]</tokentext>
<sentencetext>driven out by the Lite is straining election to the both believed that of FreeBSD Usenet the most.
LLok at reaper Nor do the [goat.cx]</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809142</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>Anonymous</author>
	<datestamp>1263836520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I can't upgrade IE6 on windows 2000 to IE7 or IE8. Nope, I don't plan to move to newer windows OS'. To much money for those OS'. So MSOFT I'll upgrade IE6 if you provide IE8 on windows 2000.</p></htmltext>
<tokenext>I ca n't upgrade IE6 on windows 2000 to IE7 or IE8 .
Nope , I do n't plan to move to newer windows OS' .
To much money for those OS' .
So MSOFT I 'll upgrade IE6 if you provide IE8 on windows 2000 .</tokentext>
<sentencetext>I can't upgrade IE6 on windows 2000 to IE7 or IE8.
Nope, I don't plan to move to newer windows OS'.
To much money for those OS'.
So MSOFT I'll upgrade IE6 if you provide IE8 on windows 2000.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808538</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>JerryLove</author>
	<datestamp>1263833460000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Sandboxing &amp; virtualization of a sick browser is not a panacea.</p></div><p> No, but it's better than not sandboxed.</p><p>I notice you don't mention that IE8 is not actually vunerable unless you reconfigure it that way because DEP is on.</p><p><div class="quote"><p>A hale and open sourced browser is the only safe way to go. Screw IE, any version.</p></div><p> Because those have no bugs?</p></div>
	</htmltext>
<tokenext>Sandboxing &amp; virtualization of a sick browser is not a panacea .
No , but it 's better than not sandboxed.I notice you do n't mention that IE8 is not actually vunerable unless you reconfigure it that way because DEP is on.A hale and open sourced browser is the only safe way to go .
Screw IE , any version .
Because those have no bugs ?</tokentext>
<sentencetext>Sandboxing &amp; virtualization of a sick browser is not a panacea.
No, but it's better than not sandboxed.I notice you don't mention that IE8 is not actually vunerable unless you reconfigure it that way because DEP is on.A hale and open sourced browser is the only safe way to go.
Screw IE, any version.
Because those have no bugs?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808356</id>
	<title>Re:IE8 has the flaw but is immune...</title>
	<author>lseltzer</author>
	<datestamp>1263832500000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>If the user is on Vista or Win7 they'll have to disable protected mode as well in order for the exploit to be able to do anything meaningful.</p><p>So if a user running IE6 on XP, who doesn't enable DEP gets exploited, who is really to blame? This is an ancient configuration and Microsoft has, for a long time, provided products and technologies to address the problems in it.</p></htmltext>
<tokenext>If the user is on Vista or Win7 they 'll have to disable protected mode as well in order for the exploit to be able to do anything meaningful.So if a user running IE6 on XP , who does n't enable DEP gets exploited , who is really to blame ?
This is an ancient configuration and Microsoft has , for a long time , provided products and technologies to address the problems in it .</tokentext>
<sentencetext>If the user is on Vista or Win7 they'll have to disable protected mode as well in order for the exploit to be able to do anything meaningful.So if a user running IE6 on XP, who doesn't enable DEP gets exploited, who is really to blame?
This is an ancient configuration and Microsoft has, for a long time, provided products and technologies to address the problems in it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807804</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30812000</id>
	<title>Good for Web Developers...</title>
	<author>ouimetch</author>
	<datestamp>1263806580000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>As a web developer I am elated that this might help drop IE 6/7's market share.  If in the near future I only needed to make fixes for IE 8 my life would be a lot easier.</htmltext>
<tokenext>As a web developer I am elated that this might help drop IE 6/7 's market share .
If in the near future I only needed to make fixes for IE 8 my life would be a lot easier .</tokentext>
<sentencetext>As a web developer I am elated that this might help drop IE 6/7's market share.
If in the near future I only needed to make fixes for IE 8 my life would be a lot easier.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808504</id>
	<title>Re:Faulty Products. A comparison.</title>
	<author>Anonymous</author>
	<datestamp>1263833280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It wasn't even that "exotic" of a problem. Ford recommended a low tire pressure for a softer ride - trying to make a truck not ride like a truck. Low tire pressure generates excess heat, which ultimately causes the tire failure. And because the other tires on the vehicle are also under-inflated, the changes in the vehicle's handling are magnified and everything goes to hell.</p><p>People who ran the tires at (for example) 35PSI instead of 30PSI didn't have problems.</p></htmltext>
<tokenext>It was n't even that " exotic " of a problem .
Ford recommended a low tire pressure for a softer ride - trying to make a truck not ride like a truck .
Low tire pressure generates excess heat , which ultimately causes the tire failure .
And because the other tires on the vehicle are also under-inflated , the changes in the vehicle 's handling are magnified and everything goes to hell.People who ran the tires at ( for example ) 35PSI instead of 30PSI did n't have problems .</tokentext>
<sentencetext>It wasn't even that "exotic" of a problem.
Ford recommended a low tire pressure for a softer ride - trying to make a truck not ride like a truck.
Low tire pressure generates excess heat, which ultimately causes the tire failure.
And because the other tires on the vehicle are also under-inflated, the changes in the vehicle's handling are magnified and everything goes to hell.People who ran the tires at (for example) 35PSI instead of 30PSI didn't have problems.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30816484</id>
	<title>Re:MOD PARENT DOWN (INFORMATIVE?)</title>
	<author>Anonymous</author>
	<datestamp>1263841920000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>&gt; Thus it cannot be used for malicious purposes.</p><p>Not strictly true. Return-into-libc style exploits continue to function (amongst others). It is just more challenging to inject the shellcode.</p></htmltext>
<tokenext>&gt; Thus it can not be used for malicious purposes.Not strictly true .
Return-into-libc style exploits continue to function ( amongst others ) .
It is just more challenging to inject the shellcode .</tokentext>
<sentencetext>&gt; Thus it cannot be used for malicious purposes.Not strictly true.
Return-into-libc style exploits continue to function (amongst others).
It is just more challenging to inject the shellcode.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809108</parent>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810006
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809058
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809458
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808504
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30813056
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_38</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809048
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808748
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808336
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_43</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30813098
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30814864
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809414
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808538
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_33</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808250
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809168
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808292
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_40</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808268
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30816484
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809108
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809028
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_41</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30815322
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_32</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808452
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808978
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808336
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808940
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810098
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807858
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808236
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_37</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809142
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808608
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30816304
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809288
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808336
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809230
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30812634
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807776
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810550
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808336
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_36</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808062
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808456
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_35</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809912
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808314
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809276
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_42</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808046
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30813636
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30812094
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809108
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30819734
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_34</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809018
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808244
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808016
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808356
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807804
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808290
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_39</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808936
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807804
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_18_1343250_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809836
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808336
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809288
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810550
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808748
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808978
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807726
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808016
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808046
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810006
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30813098
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808268
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807938
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808538
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809108
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30816484
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30812094
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809276
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808244
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809018
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810098
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807858
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807804
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808936
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808356
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808236
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808608
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809142
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808940
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809912
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30819734
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808292
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809168
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807712
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807766
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30810540
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807708
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808262
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809028
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30814864
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809836
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30815322
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30813636
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809230
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30813056
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808656
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808048
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808526
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807678
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808064
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807776
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30812634
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808770
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807680
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807812
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_18_1343250.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30807940
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808314
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808290
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808452
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808062
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30816304
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808250
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808166
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809414
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808504
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809458
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809048
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30809058
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_18_1343250.30808456
</commentlist>
</conversation>
