Slashdot Mirror

The Canadian Broadcast Corporation (CBC) radio show 'This is That' did a piece a while ago about a group proposing an Innovation Hour as an alternative to Earth Hour... in short, "If it has a switch, click it!" They're asking people of the world to turn everything in their houses and businesses on, or "run it hot," for one hour to celebrate in ingenuity behind innovation.

Here's a link to the 'story': http://www.cbc.ca/thisisthat/news/2012/09/18/innovation-hour-calgarian-asks-canadians-to-run-it-hot-for-an-hour-each-year/

Bullshit. Wind power is a complete waste of money in Ontario. Massive subsidies paid to promote it, higher hydro bills because of it, and a very poor track record of estimated versus actual generation are just the tip of the iceberg in terms of why it's wrong. There have been times where we've had to pay our neighbours to take our surpluses, and days where we've had to import because the wind just isn't blowing at all. Until someone gets smart and starts attaching these wind farms to a method of storage (water pumped into a resevoir wouldn't be hard!), wind power is an expensive waste of time and money.

What of the much vaunted ability to track down copyright infringement, in order to empower 3 strikes laws? Are these operations really so hard to find and shut down?

No and no. The problem is that if your FCC is anything like Canada's CRTC, they just simply don't give a fuck. (Or in their words, they're powerless and can't even find who is making the calls)

Marketplace (CBC investigation/consumer rights TV program) had absolutely no problem tracking down and embedding a journalist in an offshore telemarketing scam company. They even took their findings to the head of the CRTC and asked "If we can find these people, why can't the police, or the CRTC?"

The response was basically stunned silence, followed by "We can only action on information we receive.". Even in the face of so many complaints and information given directly to them (including the name and address of the violating company, the CRTC just says "Oh, that's nice. We're pleased with the job the CRTC is doing. This should be a police matter." (16:50)

Or more accurately, when faced with the statement "Nobody has a solution", the CRTC's response is "That's right".

So I agree with you. It's sad that the full force of God can be brought down upon a teenager sharing some MP3, but when there is real, actual international fraud being committed on a grand and organized scale-- openly and brazenly-- the authorities who can stop it are nowhere to be seen. Actually worse-- they're right there, refusing to do anything while patting themselves on the back for a job well done.

CBC Marketplace episode, To Catch a Telemarketer: http://www.cbc.ca/marketplace/episodes/2013/01/to-catch-a-telemarketer.html

What of the much vaunted ability to track down copyright infringement, in order to empower 3 strikes laws? Are these operations really so hard to find and shut down?

No and no. The problem is that if your FCC is anything like Canada's CRTC, they just simply don't give a fuck. (Or in their words, they're powerless and can't even find who is making the calls)

Marketplace (CBC investigation/consumer rights TV program) had absolutely no problem tracking down and embedding a journalist in an offshore telemarketing scam company. They even took their findings to the head of the CRTC and asked "If we can find these people, why can't the police, or the CRTC?"

The response was basically stunned silence, followed by "We can only action on information we receive.". Even in the face of so many complaints and information given directly to them (including the name and address of the violating company, the CRTC just says "Oh, that's nice. We're pleased with the job the CRTC is doing. This should be a police matter." (16:50)

Or more accurately, when faced with the statement "Nobody has a solution", the CRTC's response is "That's right".

So I agree with you. It's sad that the full force of God can be brought down upon a teenager sharing some MP3, but when there is real, actual international fraud being committed on a grand and organized scale-- openly and brazenly-- the authorities who can stop it are nowhere to be seen. Actually worse-- they're right there, refusing to do anything while patting themselves on the back for a job well done.

CBC Marketplace episode, To Catch a Telemarketer: http://www.cbc.ca/marketplace/episodes/2013/01/to-catch-a-telemarketer.html

What of the much vaunted ability to track down copyright infringement, in order to empower 3 strikes laws? Are these operations really so hard to find and shut down?

No and no. The problem is that if your FCC is anything like Canada's CRTC, they just simply don't give a fuck. (Or in their words, they're powerless and can't even find who is making the calls)

Marketplace (CBC investigation/consumer rights TV program) had absolutely no problem tracking down and embedding a journalist in an offshore telemarketing scam company. They even took their findings to the head of the CRTC and asked "If we can find these people, why can't the police, or the CRTC?"

The response was basically stunned silence, followed by "We can only action on information we receive.". Even in the face of so many complaints and information given directly to them (including the name and address of the violating company, the CRTC just says "Oh, that's nice. We're pleased with the job the CRTC is doing. This should be a police matter." (16:50)

Or more accurately, when faced with the statement "Nobody has a solution", the CRTC's response is "That's right".

So I agree with you. It's sad that the full force of God can be brought down upon a teenager sharing some MP3, but when there is real, actual international fraud being committed on a grand and organized scale-- openly and brazenly-- the authorities who can stop it are nowhere to be seen. Actually worse-- they're right there, refusing to do anything while patting themselves on the back for a job well done.

CBC Marketplace episode, To Catch a Telemarketer: http://www.cbc.ca/marketplace/episodes/2013/01/to-catch-a-telemarketer.html

That will teach those Canadian ministers not to step over a voodoo doll of our president ;-)

That single "incident" really made the scale tip over.

http://www.ilxor.com/ILX/ThreadSelectedControllerServlet?boardid=40&threadid=35289

https://en.wikipedia.org/wiki/Carolyn_Parrish

http://www.cbc.ca/news/background/cdngovernment/parrish-carolyn.html

You know how it is... something becomes trendy or goes viral and then the hipsters are all like "that is so yesterday". Mosquitoes from Thailand started the "Ignore DEET, Just Say Phuket" meme after the press got all up in arms about how popular DEET has become with human partiers:

http://www.ttrweekly.com/site/2012/09/phi-phi-home-to-deadly-cocktails/

http://phuketwan.com/tourism/phi-phis-killer-cocktail-buckets-time-health-officials-explain-death-riddle-16598/

http://www.cbc.ca/news/health/story/2012/08/31/montreal-sisters-die-thailand-insecticide.html

http://www.phuketgazette.net/phuket_news/2012/DEET-in-lethal-party-cocktail-killed-Canadian-sisters-Autopsy-16811.html

http://www.cbc.ca/news/background/genetics_modification/percyschmeiser.html For seven years, Percy Schmeiser has argued that seeds from Monsanto's patented genetically-modified canola landed on his 1,400 acre farm near Bruno, east of Saskatoon, by accident. Monsanto has altered the plant's genes to make the canola resistant to Roundup, a Monsanto weed killer. Monsanto patented the gene and the process of inserting it into the seed.

Oh stop, you are such a partisan hack you wouldn't know wtf you're talking about.

http://www.cbc.ca/canadavotes2004/leadersparties/leaders/pdf/firewall.pdf

Personally, I wouldn't mind living near a wind farm; however, I've seen all the feedback from people who actually live near them, and it tends to be negative.

They really aren't much like windmills; partly because there are so m any turbines.

Here's some actual reports though:
http://www.huffingtonpost.ca/david-dodge/living-near-a-wind-farm_b_1910707.html
http://mywinddiary.blogspot.ca/
http://science.howstuffworks.com/environmental/green-science/wind-turbines-health.htm
http://www.cbc.ca/news/politics/story/2012/07/11/pol-cp-wind-turbines-health-canada-study.html

Or when they ruin somebody's life because he wouldn't pay a crooked taxman's bribes, conveniently losing all his documentation, and then refuse to pay back damages.

Seems he has actually been fired: http://www.cbc.ca/news/canada/story/2013/01/30/game-developer-draws-ire.html

Kinda like how in Canada the new mine just made speaking Mandarin part of the job requirement, and then hired all workers from China when they "couldn't find" local candidates that fit the requirement.

To repeat the quote from 3-4 posts up:
“The attack made the College portal extremely unresponsive for its thousands of users. Had it not been countered, it would have put the College portal out of order for the entire students and teachers population of Dawson...."

The "attack" referred to was Ahmed's attempt to test the website using Acutenix.

I really wish Slashdot would actually link to a piece that includes the company and college's side of the story. As is everyone just reads the summary, which quotes the kid, and automatically assumes he's the victim of an evil conspiracy. He's not. He did something really stupid (using Acutenix on a live website without permission from the site's owners). His action hurt the system he was testing. He was specifically told not to try anything like this.

He sounds like a good kid whose very curious and doesn't understand that some rules have to be taken seriously. This is also the description of pretty much every hacker ever sent to prison, hounded to suicide by Ortiz, etc. So if you actually want this kid to have a real life, and not be sent to Sing-Sing for 40 years for pulling this shit on Microsoft...

Looks like he is also a Trekkie.

Seriously. Check the exchange of tweets between Cmdr. Hadfield and... *the* William Shatner:

"@Cmdr_Hadfield Are you tweeting from space?"

"@WilliamShatner Yes, Standard Orbit, Captain. And we're detecting signs of life on the surface."

UPDATE: William Shatner opens hailing frequency to Chris Hadfield aboard ISS - Your Community

Priceless :-D

The CBC story has so many helpful details on this issue. It would be very nice if slashdot had chosen to quote it. As is everyone thinks "Oh he just made one unauthorized SQL request and the whole universe is freaking out, poor baby."

But it was a bit worse then that. Al Khabaz attempt to test the vulnerability was not harmless. It was basically a denial of service attack:
“The attack made the College portal extremely unresponsive for its thousands of users. Had it not been countered, it would have put the College portal out of order for the entire students and teachers population of Dawson. The attack was traced, and it turns out that it came from one of the students who participated, earlier that week, in the discovery of the security flaw. We therefore decided to be clement, and not to report the attack to the authorities.”

The College Portal is used by roughly a quarter million students, so this is kind of a big deal. He did this using Acutenix, which is not supposed to be used on a live system for precisely this reason.

Granted he meant well, and he's a kid, so prison was not justified. But, OTOH, he's just a kid so now is the time to teach him lessons. And the lesson here is don't fuck around with high-level testing tools on live sites ever. If you have to do that shit, make sure the people who can punish you for doing so are cool with it or you will be punished. Defintily do not do this if you have been repeatedly warned not to do so. Dawson's front-page claims Al Khabaz was warned not to poke into systems where he wasn't authorized.

Expulsion from a low-level school seems about right (CEGAPs like Dawson grant a degree that's similar to an Associates degree, but somewhat more prestigious because they are required for admission to a University), particularly since he's likely gonna be able to use the publicity to get into a better school.

Unfortunately for Ahmed his method of verifying that the problem had been fixed was de facto a DOS attack:
“The attack made the College portal extremely unresponsive for its thousands of users. Had it not been countered, it would have put the College portal out of order for the entire students and teachers population of Dawson. The attack was traced, and it turns out that it came from one of the students who participated, earlier that week, in the discovery of the security flaw. We therefore decided to be clement, and not to report the attack to the authorities.”

http://www.cbc.ca/news/canada/montreal/story/2013/01/21/montreal-dawson-college-hack-hamed-al-khabaz.html

...by the company who's software had the bug.

http://www.cbc.ca/news/canada/montreal/story/2013/01/21/montreal-dawson-college-hack-hamed-al-khabaz.html

Not an update - shool still behaving like spoiled children.

Well, it does look like Skytech is offering him something now

"We will offer him a scholarship so he can finish his diploma in the private sector," said Edouard Taza, the president of Skytech.

It's just kind of fishy how he discussed it with the Hamed, since Hamed seems to imply this is the first time he's hearing of this from Taza (or may be, I'm reading it wrong, I don't know).

Taza said he also reached out to Hamed Al-Khabaz, 20, and offered him a part-time job in information technology security. The student said he was surprised by the offer because he said Skytech had done nothing to help him since being expelled from Dawson College.

In any case, this Taza guy is a slippery character.

This Hamed kid made the mistake of meeting with Taza without a lawyer the first time. He better not make that same mistake again. And whatever Hamed does, he better do it fast. Once the TV/internet lights are turned away from this story, you can rest assured this offer will evaporate into thin air, or will get nullified somehow.

See http://www.cbc.ca/news/canada/montreal/story/2013/01/21/montreal-dawson-college-hack-hamed-al-khabaz.html to see what happened after this report.

School still pig-headed; IT supplier less so.

-- hendrik

It's the old hire the guy who hacked you scenario:

http://www.cbc.ca/news/story/2013/01/21/montreal-dawson-college-hack-hamed-al-khabaz.html

Unfortunately for him the way he tested the system screwed it up for thousands of other people:
“The attack made the College Portal extremely unresponsive for its thousands of users. Had it not been countered, it would have put the College Portal out of order for the entire students and teachers population of Dawson. The attack was traced, and it turns out that it came from one of the students who participated, earlier that week, in the discovery of the security flaw. We therefore decided to be clement, and not to report the attack to the authorities.”

http://www.cbc.ca/news/canada/montreal/story/2013/01/21/montreal-dawson-college-hack-hamed-al-khabaz.html

So he basically launched a DDOS attack accidentally. It's really hard to relate that to a property crime metaphorically, so I won't try.

It was not harmless.

The CBC story has a much more complete explanation of the problems his test caused:
“The attack made the College Portal extremely unresponsive for its thousands of users. Had it not been countered, it would have put the College Portal out of order for the entire students and teachers population of Dawson. The attack was traced, and it turns out that it came from one of the students who participated, earlier that week, in the discovery of the security flaw. We therefore decided to be clement, and not to report the attack to the authorities.”

http://www.cbc.ca/news/canada/montreal/story/2013/01/21/montreal-dawson-college-hack-hamed-al-khabaz.html

http://www.cbc.ca/news/canada/montreal/story/2013/01/21/montreal-dawson-college-hack-hamed-al-khabaz.html

Apparently his attempt to test Skytech's system really screwed things up:
“The attack made the College Portal extremely unresponsive for its thousands of users. Had it not been countered, it would have put the College Portal out of order for the entire students and teachers population of Dawson. The attack was traced, and it turns out that it came from one of the students who participated, earlier that week, in the discovery of the security flaw. We therefore decided to be clement, and not to report the attack to the authorities.”

Since the portal serves 250,000 students at numerous schools, this was kinda a big deal.

I can assure you that if it was an SQL injection attack, you would remember it VERY clearly, as it's a very distinct type of vulnerabilities.

It does appear that SQL injection attacks are what he was accused of. Slightly less one-sided story from CBS news

Everyone is pirating. Today's copyright laws can't be followed, even by people actively trying to follow them. Someone put a nice essay together to detail how incredibly absurd we are right now. If you walk around in public, singing along to your iPod, you are violating copyright. Current copyright law is so nebulous, that average person will violate it somehow, every day. The only good news is that no one cares about most peoples infractions.

The real problem with copyright law, and increasingly all IP law, is that it is impossible to avoid bankrupting lawsuits by following an obvious set of rules. This is evidenced by the fact the biggest copyright lawsuit in Canada was filed against the music labels. The university library copyright collection agency imploded. The copyright collection agencies have lost many lawsuits at the supreme court.

If the music industry can't follow copyright law, why should anyone else?

Well read this then, and other articles like it:

http://www.cbc.ca/news/politics/story/2012/10/18/pol-navigable-waters-protection-budget-bill.html

or:
http://o.canada.com/2012/10/29/after-federal-changes-to-waterways-rules-89-per-cent-of-protected-lakes-lap-on-conservative-shores/

The changes to the Navigable Waters Protection act (which is almost as old as Canada) have been changed in bill C-45, so that a huge majority of Canadian lakes and Rivers will no longer have environmental protection. Perhaps coincidently, 89% of those lakes and rivers that will STILL have protection under the new changes, are in Conservative Ridings.

"Bill C-45 would mean tens of thousands of lakes and rivers will no longer be covered by the NWPA, leaving protection for just 97 lakes, 62 rivers and the three oceans." http://www.lethbridgeherald.com/letters-to-the-editor/bill-c-45-will-do-away-with-protection-for-waterways-11313.html

Now who is spreading disinformation? Is it you for denying that anything is wrong?

Except you're not allowed to call it "Canada" any more. It's just "Harper" nowadays.

Nortel was subject to an organized, sustained industrial espionage effort conducted by Chinese companies. Huawei was specifically named by Brian Shields, Systems Security Advisor for Nortel at the time of the attacks (at the time Huawei supposedly were even copying Nortel's instruction manuals). Shields petitioned Royal Canadian Mounted Police in 2004, because even the CEO's computer had been compromised.

The rootkits employed on Nortel hardware were sophisticated enough to survive formatting. it wasn't until recently that Canadian Security and Intelligence Service became interested in the role Huawei had in Nortel's demise

I suggest the story of Nortel's demise has not been fully revealed. Nortel presented with a sudden, public exanguination and it has been a mystery in Canadian IT industry. This is not just another "golden parachutes" story.

Thank you for posting these links in one convenient location. I'm working my way through them and ... just ... "Wow".

I was vaguely aware of some of the allegations previously, but not the extent of them.

I've considered us to be engaged in a "cyber-war" for quite a while, but still there's more I have to do to lock down my systems.

Nortel was subject to an organized, sustained industrial espionage effort conducted by Chinese companies. Huawei was specifically named by Brian Shields, Systems Security Advisor for Nortel at the time of the attacks (at the time Huawei supposedly were even copying Nortel's instruction manuals). Shields petitioned Royal Canadian Mounted Police in 2004, because even the CEO's computer had been compromised.

The rootkits employed on Nortel hardware were sophisticated enough to survive formatting. it wasn't until recently that Canadian Security and Intelligence Service became interested in the role Huawei had in Nortel's demise

I suggest the story of Nortel's demise has not been fully revealed. Nortel presented with a sudden, public exanguination and it has been a mystery in Canadian IT industry. This is not just another "golden parachutes" story.

Thank you for posting these links in one convenient location. I'm working my way through them and ... just ... "Wow".

I was vaguely aware of some of the allegations previously, but not the extent of them.

I've considered us to be engaged in a "cyber-war" for quite a while, but still there's more I have to do to lock down my systems.

Nortel was subject to an organized, sustained industrial espionage effort conducted by Chinese companies. Huawei was specifically named by Brian Shields, Systems Security Advisor for Nortel at the time of the attacks (at the time Huawei supposedly were even copying Nortel's instruction manuals). Shields petitioned Royal Canadian Mounted Police in 2004, because even the CEO's computer had been compromised.

the rootkits employed on Nortel hardware were sophisticated enough to survive formatting. it wasn't until recently that Canadian Security and Intelligence Service became interested in the role Huawei had in Nortel's demise

I suggest the story of Nortel's demise has not been fully revealed. Nortel presented with a sudden, public exanguination and it has been a mystery in Canadian IT industry. This is not just another "golden parachutes" story.

Nortel was subject to an organized, sustained industrial espionage effort conducted by Chinese companies. Huawei was specifically named by Brian Shields, Systems Security Advisor for Nortel at the time of the attacks (at the time Huawei supposedly were even copying Nortel's instruction manuals). Shields petitioned Royal Canadian Mounted Police in 2004, because even the CEO's computer had been compromised.

the rootkits employed on Nortel hardware were sophisticated enough to survive formatting. it wasn't until recently that Canadian Security and Intelligence Service became interested in the role Huawei had in Nortel's demise

I suggest the story of Nortel's demise has not been fully revealed. Nortel presented with a sudden, public exanguination and it has been a mystery in Canadian IT industry. This is not just another "golden parachutes" story.

Three top Nortel Networks Corp. executives accused of defrauding the company and its investors were acquitted in a Toronto courtroom today, making them free men.

On the CBC's site.

Mod parent up (odd, I had a ton of points yesterday but none today).

Gerald Bull solved this problem 20-30 years ago. He even offered it to America, and we told him to kindly go fuck himself, so he did his work in Canada (actually right on the border, with his campus straddling both sides of the border).

Then the Jews decided he didn't deserve to continue living, so they sent a team of assassins to another sovereign country (without permission from that country) to kill him.

Hmm, violating national sovereignty to assassinate scientists... Where have I heard that before?. Oh, right... Looks like pretty standard operating procedure for our bestest buds in the world, killing geeks.

>Really? Taxi drivers have a more dangerous job than being a cop?

Taxi drivers are attacked, and killed, more often than cops. "Cab driving riskier than police work"

They basically spend all day, every day, picking up strange people, and letting them sit behind them. They get robbed and murdered a lot.

4. Refusing on religious grounds is the same as refusing on any other non-scientific moral grounds. I personally think vegans are full of it. Does that give me the right to force vegans to each meat to maintain their B12 levels?

Yes. Anytime that a person's health is endangered, they can absolutely be forced to accept treatment.

http://www.cbc.ca/news/technology/story/2011/11/04/mars-deep-space-simulation.html

Or just put a hot Canadian chick on the ship, and let the time just fly by. The fist fights alone would not only keep you in shape, but also entertained! Not to mention the unwanted sexual advances! The Drama! Of course it might be a bit awkward by day 2.

http://www.cbc.ca/player/News/Business/Lang+%26+O'Leary+Exchange/ID/2323383506/

Yeah, they cover a lot of important stuff that gets short shrift down here.

I can't imagine why they might have trouble getting panda to procreate (at least between Canada and China).

I don't believe they pay that much for wind, but they do for solar

http://www.cbc.ca/news/canada/toronto/story/2011/10/31/ontario-renewable-energy-premiums-review682.html

Lowering the price point just moves the class of thieves lower.
The real answer is change the value upon theft to zero. In Canada since the manufacturer would not assist, the carriers have.
They maintain, share and refuse service based upon the list.
http://www.cbc.ca/news/politics/story/2012/11/08/pol-cell-phone-theft.html

A columnist at the CBC has a good article on how many Canadians feel about the USA's attitude towards guns and these horrible tragedies.

That sensationalist article had exactly the type of tone that you'd expect to come out of a socialist state like Canada: The government will decide what rights you can be granted.

The thing is, do you really want someone telling you what gun is appropriate for you to own? If so, where do you draw the line? How much alcohol can you own? Can we decide what kind if car you have to buy? (No SUV's for you!) How about how much electricity or bandwidth you can use?

Mercury contamination (from burning coal for electricity), SUVs, and alcohol kill far more people every day than guns, yet most people don't think twice about utilizing those resources to excess.

A columnist at the CBC has a good article on how many Canadians feel about the USA's attitude towards guns and these horrible tragedies.

there was a school stabbing in china today too, 22 victims:

http://www.cbc.ca/news/world/story/2012/12/14/china-knife-attack-school.html

they will all live. because the tool matters. point and click and dead versus the hard work of running up to people and slashing them, with a much less effective kill rate

so we must tightly control the tool to make a difference

I live outside Chicago, which has always had some of the strictest gun control in the nation, nestled within a large county with pretty strict gun control, and is frequently named Murder Capital of the US. It's been like that so long that people now joke (unfunny though it sounds) that they ought to just move to sunny Juarez, or maybe Mogadishu. A year or two ago they were kicking around the idea of calling in the national guard to police the streets. I swear I'm not making this up.

Gun control laws just don't matter. It's a distraction. Violent crime generally comes with poverty in densely populated areas.

And yes, nutters like this horrible thing today are exceptions to that. You'll always have horrible stuff like the 22 children in the stabbing spree in China today, the 2011 Norway attacks, Unibomber types, etc.

'Nuff said, really.

Would you rather be tased (unpleasant, effects wear off shortly, no lasting damage)...

Right, because no one has ever been killed by a taser.

Would you rather be tased (unpleasant, effects wear off shortly, no lasting damage)...

Right, because no one has ever been killed by a taser.

Would you rather be tased (unpleasant, effects wear off shortly, no lasting damage)...

Right, because no one has ever been killed by a taser.

"This is spot on. No one would."

*Few* people would, but some do.

Your main point is still correct most of the time.