Slashdot Mirror

gsx1400 writes " Auntie Beeb is reporting on the 11 year, 5,000+ mile journey by a container load of rubber ducks, The article doesn't go into specifics, but a more detailed analysis of this and other long-distance flotsam is here. This has nasty connotations for the Cargo of the SS Mulheim, which ran aground earlier this year in Cornwall, and has been left to break up. It's estimated that up to 10,000 containers are washed off ships each year, and many of them do not sink, but drift around our oceans, causing pollution and shipping hazards."

"Something old, something new, something borrowed, something blue." No, that's for a wedding. For Slashback, try something more like "Something about Intel, something about Mattel, something about TiVO,something about England." Much less romantic, but quite a bit more fun to read.

Alright mister, I'll see your accusatory bluster and raise you a page of cogent explanation. Our own Jamie McCarthy points out: "[Matthew Scala, one] of the authors of cphack has written a very extensive FAQ about the program and his settlement with Cyber Patrol/Mattel." Here's the link to the Cyber Patrol break FAQ.

This just in from Georgetown: Pat Ramsey, omniscient Mac-support guru at Southwestern University (The original University of Texas) participated in the recent ResNet 2000 conference, and wrote with some clarification about the recent Slashdot story on Simson Garfinkle's recommendations on ftp, telnet and other common protocols.

I submitted a blurb on Sunday about Simson Garfinkle keynoting the Resnet 2000 Symposium in Philadelphia. Being there at the conference, I can say that Rob's take on the Chronicle article is a little off. Garfinkle gave a presentation intended to raise awareness of how insecure most campuses are.Telnet and ftp protocols are just two examples of services that use clear-text passwords. He believes that that practice should be banned. Clear-text passwords are too easily sniffed.

But telnet and ftp were just two examples of things that campuses should look at. Even bigger, and the article didn't convey this with it's somewhat sensational headline, is the lack of policies that say in writing what is done with data that is inconspicuously gathered. Search engine queries, cookies, packet sniffs, Cisco Netflow logs, tcpdumps, etc.

This seemed to be of more importance then eliminating telnet and ftp.

Especially good for anyone who didn't read the full text of the article linked to; ftp and telnet may be great protocols, but Garfinkel is arguing they're less suitable than their more secure counterparts. Thanks, Pat!

14 hours ought to be enough for -- oh, nevermind. undef24 writes: "A followup to a slashdot story posted earlier this week. They've published a way to upgrade a 14-hour Tivo to 52 hours on the AVS Forum." The directions are thorough, but these guys make no bones about what TiVO will think of your mucking about in the guts of your previously-sealed machine. And it raises the inevitable, recurrent question: how close is an off-the-shelf Linux hobbyist version that has the same function?

For once, technical information is slightly flashier than the product name. Maro Shim writes "What's Up With Willamette? (Part 1, Part2), a two-part article, is a good one for understanding Willamette, (i.e. Pentium 4) architecture, which is the next generation x86 processor design from Intel. It includes a description of the development roots of Willamette and the basics of how its organization and operation differs from earlier P6 generation processors. In Part 2, he examines the new technology and features of Willamette in more detail and speculate on its implementation, operational characteristics, and performance. This is a must read for CPU enthusiast."

Flashes of Doh from the other side of the pond. Builder writes "Hi. A while back I used the stand.org.uk service to fax my MP. Today I got a reply back. Some things scare me about the reply. It is almost as if my MP refuses to believe the things we and other large groups of people (ISP's, Consumer groups, etc.) have been saying. ... I've posted the letter, as well as a quick disection about why this whole thing (The bill, my reply and the attitude in general) scares me so much. It can be found at http://www.penguinpowered.org.uk/stand/index.html

If you haven't got involved yet, please do so now! Lobby your MP. Make a noise! Remember, the squeaky wheel gets the grease..."

Tell me this wasn't inevitable. nutty writes pointing out that the Connectix lawsuit dropped by Sony has been refiled. Legal maneuvering? War of attrition against those who dare oppose the marketing might of the PlayStation behemoth? Sony!? I wish this one were tougher to believe.

We just ran a story on Friday about Mattel, which makes the Web-censoring software product Cyber Patrol, and their attempted suppression of an essay and utility to decrypt CP's list of banned sites. Since then, things have gotten even uglier. Mattel's attorneys have been mass-mailing the mirrors of Eddy Jansson's site, demanding that ISPs remove them -- the original site and some of the mirrors have been taken down already. Just to make sure though, Mattel is updating the Cyber Patrol blacklists for all of their customers to include the homepages of the authors and all of the mirrors, blocked under every blocking category the product has. (more ...)

This means, for example, that if you have Cyber Patrol set to block "Full Nudity", you might think you're blocking pictures of nude human beings, but you're actually banning criticism of Mattel and the homepages of people Mattel is suing even if the decryption utility and essay aren't hosted there, such as Matthew Skala's homepage. Feel free to download the demo version of Cyber Patrol, update the filter list to the newest one, and check this out -- or just type it into their search engine, though that won't tell you it's banned under every category. Does Skala's page contain full nudity? No? Then you're seeing an example of a company purposefully and deliberately lying about the content of a page in order to serve their own agenda.

Same thing if you chose Violence/Profanity, or Partial Nudity, or Sexual Acts, Gross Depictions, Intolerance, or Satanic/Cult, or Drugs/Drug Culture, Militant/Extremist, or Sex Education, or Gambling, or Alcohol and Tobacco -- guess what? "All categories" also include "or criticism of our company or product."

Welcome to America in the new millennium, where a corporation just made the decision to ban several documents from the World Wide Web. They did it unilaterally, without court review, without any notice to the public whatsoever, yet their decisions are now being carried out (the Cyber Patrol product automatically updates its list of banned sites on a daily or weekly basis) in public schools and libraries and companies across the country, for children and adults. (Cyber Patrol uses the same list for the "corporate firewall" versions of its products.)

A list of mirrors is still available. Get it while you can. Declan McCullagh, a journalist for Wired, has started an archive of case-related documents; -- he too has received the legal threats, despite never hosting the banned essay. (The .uni files are actually TIFF images of the documents.)

And just as I was finishing up this story, I've received an e-mail in my capacity as censorware.org webmaster. A woman wrote:

The link to the essay you mentioned on your page [our homepage] date 3/16/00 must not be correct. Could you e-mail me the essay? I am a high school librarian and am trying to find out more about what Cyber Patrol filters. Thank you.

I wrote back, among other things:

In fact the link was correct, but Mattel (the maker of Cyber Patrol) has filed suit against the authors of that essay and made legal threats to that ISP which caused them to delete the page. So, the page existed on Friday, but does not today.

I certainly understand your desire to find out what Cyber Patrol blocks, but they are going to great lengths to stop you from finding out.

In the wake of recent announcements by Peacefire that they'd decrypted the secret block lists employed by two brands of censoring software, the "encryption" used by another major brand of software, Cyber Patrol, (produced by a company repugnant enough to advertise the increase in sales after Australia passed national censorship legislation), has also been broken. Matthew Skala and Eddy L O Jansson report in an in-depth essay about the practical difficulties encountered when undertaking this task. Their announcement follows.

Their announcement:

"March 11, 2000 - ANNOUNCEMENT

Cyber Patrol(R) 4, a "censorware" product intended to prevent users from accessing undesirable Internet content, has been reverse engineered by youth rights activists Eddy L O Jansson and Matthew Skala. A detailed report of their findings, titled "The Breaking of Cyber Patrol(R) 4", with commentary on the reverse engineering process and cryptographic attacks against the product's authentication system, has been posted on the World Wide Web at this address:

http://hem.passagen.se/eddy1/reveng/cp4/cp4break.html

The abstract of the report:

Several attacks are presented on the "sophisticated anti-hacker security" features of Cyber Patrol(R) 4, a "censorware" product intended to prevent users from accessing Internet content considered harmful. Motivations, tools, and methods are discussed for reverse engineering in general and reverse engineering of censorware in particular. The encryption of the configuration and data files is reversed, as are the password hash functions. File formats are documented, with commentary. Excerpts from the list of blocked sites are presented and commented upon. A package of source code and binaries implementing the attacks is included.

Eddy L O Jansson
srm_dfr@hotmail.com
http://hem.passagen.se/eddy1/index.html

Matthew Skala
mskala@ansuz.sooke.bc.ca
http://www.islandnet.com/~mskala/"

I've been so busy on the code frenzy that I've been behind on the quickies! Tragic! First lets get the serious quickies out of the way: chris sent us the Atlanta Linux Showcase Tutorial and Conference program for the 3rd Annual ALS, comming up October 12-16, 1999, in Atlanta Georgia. Registration is open. Bl0w0ff noted that The dockapp warehouse has been upgraded and redesigned. k-rist sent us SimShatner. Here is a site selling a video history of Atari with interviews with the guys that did Pac-Man and all that early stuff. Someone sent us a link to another place you don't want to see a BSOD. Want some Blair Witch Parodies? irishmikev sent is a Southpark Parody and stairs sent The Blair Family Circus Project. How about a pair of strange places to put a server? Gareth Walwyn sent us one in a potted plant and GFD noted thatLinux Today has a story about a box that runs in a real Pizza Hut Box. If strange Linux boxes ain't your bag, someone submitted Apple Fritter which contains strange cases for Apples (Legos, Radios, and more) Jade wrote in with how to apply for the position of Sith Apprentice. and rjh pointed us to the iMaul (seems like a lot of stuff is coming in pairs today) Evan Vetere noticed that despair.com has new de-motivators. Matthew McCabe sent us tuxtiles which is taking votes on designs for "Linux Blankets". Since we're mentioning merchandise, I gotta plug Think Geek which is the first place I've seen with good stuff. They mailed us a box of freebies, but I actually woulda bought most of the stuff they sent me (mugs with #include <beer.h> and some sweet perl shirts and other cool stuff). Most of the "Geek" sites just sell crap but most of this was actually clever. We probably should also note that Copyleft finally has the new Slashdot shirts from our contest winners, they look great. ralphb was the first to say that Time Digital has an article on Slashdot.