Slashdot Mirror

Boing boing has some background on one of the kids attackers. apparently he was dismissed from the real police force for shooting an unarmed homeless man he was recommended to be dismissed from the UCLA for previously choking a student. http://www.boingboing.net/2006/11/21/ulca_tasercop _has_a_.html

Unix invented filesystems, right?

You bet your momma's table-sized hard-disks. While there may be contentions of technical accuracy, I postulate that Bell Labs Unix provided the groundwork for just about all enterprise filesystems in use today. (also about the time I was born... so yes, I do remember)

There's a distinction to be made here... a PIF file is not a "link" in this context. It can however be called a "launcher"... since it specifically contains data relevant to the environment for an executable.

While it does have a way to "Find Target", (Win95+) it ultimately gets left behind (broken) unless updated by installer applications or the user. Read carefully and you'll see that it's even older than LNK files; all the way back to MS-DOS.

Linux also distinguishes between links and launchers, however the differences don't give much potential for abuse. (unlike LNK/PIF files) The only exception is the symlink race vulnerability, but is a marginal risk at best with current security measures.

I'm sure that nobody forgot the beloved PIF, but who really considers them to be "links" anyway?

Unix invented filesystems, right?

You bet your momma's table-sized hard-disks. While there may be contentions of technical accuracy, I postulate that Bell Labs Unix provided the groundwork for just about all enterprise filesystems in use today. (also about the time I was born... so yes, I do remember)

There's a distinction to be made here... a PIF file is not a "link" in this context. It can however be called a "launcher"... since it specifically contains data relevant to the environment for an executable.

While it does have a way to "Find Target", (Win95+) it ultimately gets left behind (broken) unless updated by installer applications or the user. Read carefully and you'll see that it's even older than LNK files; all the way back to MS-DOS.

Linux also distinguishes between links and launchers, however the differences don't give much potential for abuse. (unlike LNK/PIF files) The only exception is the symlink race vulnerability, but is a marginal risk at best with current security measures.

I'm sure that nobody forgot the beloved PIF, but who really considers them to be "links" anyway?

they just rip him off.

Singapore to tighten curbs on free speech

Some restrictions? You can't say anything negative about the government, and you especially can't say anything remotely critical of their "dear leader" Lee Kuan Yew. See the current brouhaha with the Far East Economic Review.

This has disaster written all over it.

I'm not worried about a P&P game based on EVE Online, as WW has already done P&P based on Everquest, and though no one plays it, I think they made money on it.

And looking at the new WoD lineup, it does look like they designed the games to be more MMORPG-friendly, with emphasis on every supernatural creature being based on five "races" and five "groups" each one having a "power" stat, each one having a limited choice of roughly the same number of powers (Mage, in particular, was severely "nerfed" in the name of play balance.)

But what I'm worried about is that White Wolf has had an absolutely horrible experience in massively-multiplayer gaming. They operated an online chat called "New Bremen" and it was resoundly hated - so much so that people compared other White Wolf mushes (and WW gamers were generally seen as having really bad games to begin with) unfavorably. This was mostly due to the horrible, horrible nature of the administration which functioned on a suck-up/catch-22 model. Those who sucked-up in the "in-crowd" were promoted, everyone else could have their characters deleted for any number of un-written, illogical and arbitrary "catch-22s."

This was including particularly hellish and outright abusive treatment from the moderators there which was encouraged by their administration, a White Wolf employee.

Keep in mind that White Wolf is also DRM-heavy and treats their fanbase like crap by asserting phony IP rights.

This has disaster written all over it.

I'm not worried about a P&P game based on EVE Online, as WW has already done P&P based on Everquest, and though no one plays it, I think they made money on it.

And looking at the new WoD lineup, it does look like they designed the games to be more MMORPG-friendly, with emphasis on every supernatural creature being based on five "races" and five "groups" each one having a "power" stat, each one having a limited choice of roughly the same number of powers (Mage, in particular, was severely "nerfed" in the name of play balance.)

But what I'm worried about is that White Wolf has had an absolutely horrible experience in massively-multiplayer gaming. They operated an online chat called "New Bremen" and it was resoundly hated - so much so that people compared other White Wolf mushes (and WW gamers were generally seen as having really bad games to begin with) unfavorably. This was mostly due to the horrible, horrible nature of the administration which functioned on a suck-up/catch-22 model. Those who sucked-up in the "in-crowd" were promoted, everyone else could have their characters deleted for any number of un-written, illogical and arbitrary "catch-22s."

This was including particularly hellish and outright abusive treatment from the moderators there which was encouraged by their administration, a White Wolf employee.

Keep in mind that White Wolf is also DRM-heavy and treats their fanbase like crap by asserting phony IP rights.

Good timing for this.. I actually just saw this on The Hour (last night's full show), but boingboing also covered it: Dell gets presidential product placement?. There's a youtube link there.

isn't that more than the liquid value of the world economy

Ah, now I see your angle. I don't know what all the settlement called for but I can see how it might be an issue.

What was the proverbial sound called? Sosumi?

http://www.boingboing.net/2005/03/24/early_apple_s ound_de.html

all the best,

drew
http://www.ourmedia.org/node/262954
'Sayings - Deterred Bahamian Novel'

...what's funny is the interactions he has with americans. ... To me at least, the talking about backwater Kazakhstan, it's amusing... but the real gold is when he talks about it to other people and they show their ignorance

The US-Mexico border isn't a truck that you can just dump people into. It's a series of tubes! http://www.boingboing.net/2006/01/26/trickedout_se cret_tu.html

If that quote can be confirmed, this entire thread is cast in a clearer light. Only other CEO I've seen talking so openly about their intentions was the Deiblod CEO http://www.boingboing.net/2004/11/03/quote_of_the_ day_die.html

Dammit!

You can try to laugh at this one instead. The hopes of this post seeing the light of day, are, well, um, hmmmmmmmmmmmm.

http://www.boingboing.net/2006/11/02/hilarious_pie chartvi.html

> Hmmm, you can mod my reply off-topic, but it's just too funny to let go:
> Composition of Pac-Man pie chart:
> http://www.boingboing.net/2006/11/02/hilarious_pie chartvi.html/

-1, Bad link.

Hmmm, you can mod my reply off-topic, but it's just too funny to let go:

Composition of Pac-Man pie chart:

http://www.boingboing.net/2006/11/02/hilarious_pie chartvi.html/

This story is shamelessly ripped from this morning's BoingBoing version, published at 5am.

Now, more so than ever, I hope that the PS3 fails! It sickens me to think of wide spread proliferation of this console in home all across the world draining all that power :( Consumer electronics are one of the first things that need to become more energy efficient if we are going to taclke this little problem that we're getting ourselves into...

...you forgot the infamous "Sony Rootkit."

http://www.boingboing.net/2005/11/14/sony_anticust omer_te.html
http://www.wired.com/news/privacy/0,1848,69601,00. html
http://www.sysinternals.com/blog/2005/10/sony-root kits-and-digital-rights.html
http://news.com.com/Microsoft+will+wipe+Sonys+root kit/2100-1002_3-5949041.html
http://en.wikipedia.org/wiki/2005_Sony_CD_copy_pro tection_controversy

No-one seems to mind that people copy recipes - they're not covered by copyright even. So now I'm imagining the chefs of the world getting mad that they're not getting a cut of people translating their recipes from books

They are using this site to influence the coming elections on Nov. 7. This place has changed from "news for nerds" to "political platform for us editors".

LOL, given that slashdot is generally hostile to the People in Power (if you think the anti-Republican stance now is bad, you should have seen this place back when Clinton was pushing Echelon), if they were really out to "influence the coming elections" they'd have pulled a Fox News and called the guy a Republican instead of a Democrat. Because we all know around here that Republicans are all about destroying our civil liberties.

The simple fact of the matter is that a representative of the government is calling for the arrest of a person for writing a piece of software. And yes, that does mean something.

That ad is the devil. I had no intention of buying a PS3 before I saw this .. now I am twice as adamant about not.

I have many electronic components in my home. The last thing I need is to pay money for a demonic one.

I'm personally very glad to hear Sony's profits are down 94%. I hope that's a result of people refusing to buy Sony products on principle.

...he's giving a lecture series at USC on this. Do a search on "cory usc" on http://boingboing.net/ and you'll get links to short posts on what he's been lecturing on.

When the Mach 3 came out years ago, an SNL or MadTV skit parodied this years with the "Mach 13". A Will Ferrell skit, I believe. "Just when you don't think you can get any closer, another blade comes along and takes the 1st layer of skin off!", or something like that... It was good stuff... Other prescient multi-blade humor via Google.

While this book is probably fairly interesting, this is yet another slashvertisement. Notice the similarity between the two URLs?

http://www.boingboing.net/2006/10/23/getting_out_y our_gui.html

http://www.amazon.com/exec/obidos/ASIN/0976082276/ >/

I just happened to see a post the other day about a guide to leaving America with stories and advice from expatriates around the world

It's always interesting to see how the Slashdot Editors modify story submissions. In this case they left out my link to a boing boing story that might be useful for those trying to get out of America. What's the matter guys? Do you think of boing boing as a rival?

-Grey

One recent example of Fox news being untruthful leaps to mind. They labelled Foley a Democrat in their coverage of the scandal. Here's a link on Boing Boing, but you can find many other perspectives with a simple google search.

Sun Tzu isn't copyrighted?

(If you don't get the reference, see the video from this BoingBoing post.

You obviously haven't done any sort of cryptography. (And yes, I have and do do cryptography and cryptoanalysis.)

I'll address the second and third paragraphs first of all since it's more on topic before refuting the first paragraph.

I never said that a closed source software has to be inherently less secure than open source software. Whether the source is open or not doesn't have any direct implications on the security of the software. I said or implied that closed alrogithms are inherently less trustworthy than closed algorithms. Peer revue is an old and very well tested notion that lays the foundation for modern cryptography, and it is more than "look at the source and find flaws". I'll quickly outline the reasons for it here.
On Corey Doctorow's excellent speech on DRM he slyly called this Schneider's Law: "any person can invent a security system so clever that she or he can't think of how to break it". In other words if you thought of it then you probably only see its benifits without seeing its flaws. For someone to see the flaws they have to be able to think differently; not necessarily be smarter than you, just be able to think differently from you. The chances of getting someone to be able to do this in a small organisation is slim. Even sending it out to technical officers only increases the chances of it being found slightly.

The next reason more specific to this situation comes when you look at the likely attackers of the system. When looking at the voting machine you tend to think of politicians to be the most likely to compromise security. You might also have major corporations with a political adgenda, foreign governments, even private citizens. In other words, everyone. Not many people actually realise that this includes the programmers themselves!

Do you trust every person in Diabold? I don't even know them - who the fuck are they to have control over my vote? (Luckily I'm not American so they don't have control over my vote) If the code is secret then they not only have the means but they also have the ability to do it without getting caught! If you personally don't have access to the code you are simply giving your vote to the programmers and trusting them to do the right thing. I'm not saying that they're necessarily bad people, but there's a lot of money in the US elections, and everyone has a price.

I haven't really gone through that thoroughly and I think I've missed more than a few things but I don't really have that much time free. I'll get onto the first paragraph now. Firstly, gathering an algorithm without source from a binary is pretty trivial and as I said before the people most likely to attack these machines will have access to the machines themselves and thus have access to the binaries. Even without this, perhaps not knowing the algorithm is a disadvantage to a cryptoanalysist but even then many algorithms have identifiers in their output giving clues as to which algorithm it is. It's definitely not infinitely more useful to know the algorithm when determining what the message says. Even so if you're relying on an algorithm's secrecy to ensure security in your communications then as soon as the algorithm is released (and it most often is in more serious situations) then your communications are compromised. Yes you said all things being equal but the thing is the algorithm isn't supposed to be the secret, the key is.

Now that was a long rant.

Does this mean no more bizarre Morning Musume videos?

Watch out Lynx users. In England, you can be busted for hacking using a text based browser.
http://www.boingboing.net/2005/01/27/jailed_for_us ing_a_n.html
A Londonder made a tsnuami-relief donation using lynx -- a text-based browser used by the blind, Unix-users and others -- on Sun's Solaris operating system. The site-operator decided that this "unusual" event in the system log indicated a hack-attempt, and the police broke down the donor's door and arrested him.

Personally I have seen enough examples to believe Democrats routinely steal enough votes to gain a 1 or 2 point advantage in any national election and substantially more in certain local races. But we Republicans simply spot em the handicap and go on to win elections.

You need to read more. There are plenty of cases of Republicans doing shifty things.

LAS VEGAS -- Elections officials have rebuffed an attempt by a former GOP operative to purge about 17,000 Democrats from the voter rolls in the battleground state of Nevada, where the two presidential candidates are in a dead heat. Dan Burdish, former head of the state Republican Party, filed a challenge last week claiming the Democrats should be removed from the rolls because they were inactive voters. When asked why he did it Burdish told the press, "I am looking to take Democrats off the voter rolls." http://www.foxnews.com/story/0,2933,135334,00.html

2004: The State of Florida compiled a list of 47,000+ felons to be barred from voting. Jeb Bush struggled to keep this list secret. After a lawsuit to make the list public, it was discovered that African American felons (who tend to vote Democrat) made-up 50% of the list, including a number of African-Americans who had regained the right to vote, while hispanics (who tend to vote Republican) made up only 61 of the 47,000 felons on the list. http://www.cnn.com/2004/ALLPOLITICS/07/01/florida. elections/ http://www.leanleft.com/archives/2004/07/27/3244/

Clint Curtis testifies under oath that Florida Representative Tom Feeney asked him to create a voting machine that could secretly switch the vote to whomever is pre-chosen to win an election. http://www.boingboing.net/2006/10/09/video_testimo ny_of_v.html

2002: In New Hampshire, Democrats setup a phone line where disabled or elderly voters can call to get a ride to the polls. On election day, they are mysteriously jammed with calls from people hanging up. Legitimate voters can't get through. After some investigation, they trace the calls back to "GOP Marketplace" in Virginia. Republicans are convicted and admit that they did it to stop Democrats from getting to the polls. James Tobin, New England regional director of the Republican National Committee is convicted. http://bigbrassballs.wordpress.com/tag/gop-scandal s/phone-jamming/ http://www.cnn.com/2006/WORLD/europe/05/17/wednesd ay/index.html?eref=sitesearch

http://www.boingboing.net/2006/01/04/drawing_inter face_fo.html Still cool, but it's flopped in the Flickr Community because it's not that good at actually finding the pictures. It's more colour based than shape based.

Yep, there's no demo. People have been screaming for a demo for years. And we nearly started working on a "dead demo" -- a fake representation of what would happen. We decided that our time would be better spent on building the real thing.

Moreover, I have been building this thing from the ground up to be viable as the foundation for an industry. This has required months and months of effort to build in capabilities that won't even show up for years. It's easy to slap together something that works once and can't be revised, but building something that many different people can mess with, that is extensible and malleable -- this takes a lot more work. That's why it has taken so much time to get the pieces together. But we already have a demo on our laptops -- it's not very good but it gets the basic idea across. Please see Cory Doctorow's observations on it a BoingBoing: http://www.boingboing.net/2006/10/15/storytron_int eractiv.html

We're now in the process of improving the demo. However, it will be some months before we can release a downloadable demo.

Lastly, a higher-level point: all that theoretical stuff may be difficult to digest, but ultimately it is the true basis of understanding. If you see a demo, you get just one glimpse of one manifestation of the possibilities. If you understand the theory, you can see all the possibilities. It takes a lot more effort to understand the theory, but it yields a correspondingly greater return.

http://www.boingboing.net/censorroute.html

...by malware.

http://www.boingboing.net/2006/09/18/onscreen_bank site_ke.html

"The novelty of this trojan lies in its capacity to generate a video clip that stores all the activity onscreen while the user is authenticating to access his electronic bank.

The video clip covers only a small portion of the screen, using as reference the cursor, but it is large enough so that the attacker can watch the legitimate user's movements and typing when using the virtual keyboard, so that he gets the username and password without going into further trouble."

Sure, last gen keyloggers wont capture passwords entered via this interface, but the current gen sure will.

Have you seen how Fox news is reporting on the Foley incident??? they're effectively claiming that he's a Democrat!!!

Foley may have thought his IMs were disappearing into the ether as soon as they cleared his computer screen

FYI there is an update to this posted on BoingBoing yesterday. They were able to raise enough cash to pay for at least the next 2 months rent. Check it out: http://www.boingboing.net/2006/10/03/robert_anton_ wilson_.html.

While one cannot be certain what exactly will happen, history has shown us that people usually react fairly strongly to anything that gets in the way of their freedom. And Americans have certainly proven this point.

When exactly in the last years?

There is a difference between rumours of elections being rigged versus actual evidence.

I'd say the evidence is there just nobody seems interested in picking it up. Might be because some KGB^H^H^H^H^H^H^H Federal institutions are actively persecuting people who have differing opinions?

Remember: Elections are not a sign of democracy. Hitler was democratically elected (besides, he won most of his wars and took personal responsibility after obviously loosing the last one). They are necessary, but they are not enough.

After a year in the making... researching, number crunching, layouts, stock gathering, and lots of procrastinating, i am proud to say it is finally done... Death and Taxes: A visual look at where your tax dollars go.

Appreciate your reply. I'll be uber careful and not allow any scripting at all. Perhaps I'll switch to Lynx. Of course I'll have to be carefull not to get jailed for using it!

Where else are we going to see blurbs like this on DVD covers?

After all, these machines were never seriously designed with security in mind...they were designed to be easily compromised.

That's bullshit, and you know it.

When these systems are vulnerable, it's just as easy for ANYONE to take advantage of that fact. Not one party or one political stripe.

As for ATM security:

Citibank ATM fiasco "worst ever"
ATM reprogrammed to give out 4 times more money
Diebold ATMs hit by Nachi worm

but it seems to me that here in the USA and most other similar countries (e.g. UK), anything that's out in a public place (outdoor sculptures, buildings, etc.) can be photographed as much as you like.

I'm not sure about the rest of the world, but this has definitely happened in Chicago

But time = money. If you have to fulfill a commitment (watching ads) to get the songs, they're not free. They're also not free in that it appears that the DRM on them will be particularly onerous. If reports hold true, you'll have to log into the service monthly (to watch more ads) to keep the WMA-crippled media playable.

Oh, and the name is stupid.

99 cents is too much to pay for a downloaded song. GIven that manufacturing costs are so low for a mp3 (once the initial recording/mastering/mixing of the album is complete. That's constant, so we can ignore it for comparison purposes.), and that distribution costs are so much lower since you're only pushing bits around, what's the justification other than "We think we can get some rube to pay this." (We can see this same mentality with the movie downloads. What do you mean these bytes cost twice as much for the first month? It's not like you're going to run out.)

$9.99 isn't too much to pay for for an album. I pay that all the time. Of course I'm buying a physical cd. I get a thing. I get liner notes. I get artwork. WRT to DRM, I don't have it. All this has, to put it in buisness terms, "value." I don't have any of this with a download. So you want me to pay the same price and get less? Why would I do that? (Hell, even the RIAA/MPAA (Let's be honest. They're one in the same.) should be able to figure that out. Afterall, it's just the reverse of the "If value, then right" theory (or as Cory Doctorow recalled an MPAA vice-president putting it, "Watching a show that's being received in one room while you're sitting in another room has value, and if it has value, we should be able to charge money for it.").

There's a word for that kind of thinking. It's "greed."

What's a decent price for a downloaded drm ladened song? I might pay a nickle.

Apple imposes their DRM even when musicians ask not to have it applied to their music

Apple imposes their DRM even when musicians ask not to have it applied to their music