Slashdot Mirror
Slashback: Taxes, Fraudulence, Woodland Creatures
After francokleptomania, restoring GNOME dignity. Bob Smith writes: "KDE beta was anounced but GNOME beta wasn't." Well, GNOME's latest freeze stage on the way to 1.2 was announced back in January, and Miguel answered questions about the state of GNOME in March, but point taken. With all the developments in GNOME, neither Miguel or his programs are likely to hurt for Slashdot coverage. You can grab the beta Bob mentions here.
Now, gentlemen, is there a way to perhaps merely maim this Golden Goose? Misch writes to point out this item on "ABCNews [which]reports that the House of Representatives has passed an extension of the Internet Tax Moratorium. Looks like it's tax free time on the Internet (depending on where you shop)."
Barely enough for a coven ... nullstar writes: "The NTIA has posted its report to Congress concerning the comments it received in regard to section 1201(g) of the DMCA, which deals with exceptions to the prohibition on circumventing encryption techniques intended to protect access to copyrighted materials. They basically claim, 'it's too soon to tell what effects the restriction will have on encryption research, etc., as the exception doesn't go into effect until October, so we're not yet recommending changes in the wording of the law.' Only 13 people submitted comments. "
Conflict of interest is an interesting term here ... full_tide writes "2600 has posted some news about how the MPAA is trying to get Martin Garbus (2600's hot-shot defense attorney) disqualified for a conflict of interest. Cryptome has posted a very long, but equally interesting, reply brief Mr. Garbus has writting in response to the injunction (damn, he's good). Also, the MPAA's web site is back up after a DDOS attack a few weeks back, and much downtime since. They appear to have added some fresh, juicy propaganda concerning the case."
Yessir, the gen-yoo-ine article, you betcha, mate. Jai From Insane Hardware writes: "Well, you may have heard all the rumours and whatnot about the Australian Fake Athlon deal and I confirm that it is true. But we have more info on the subject like on how they came about arriving in Oz and how they leaked thru the channel. This issue is very "close to home" for me so it's worthwhile reading for all the Aussies that go to your site. We also have exactly how the chips were modded. link " Meanwhile, Netsnipe wrote to point out that "Lucien Wells has updated his Web site Techwatch's coverage of the AMD Athlon tampering scandal. "Techwatch has now received press releases from two distributors involved, DMA and RTV Computers which claim that 'Neither RTV Computers Pty Ltd nor DMA (Direct Memory Access Pty Ltd) whom have their stickers on the CPU's knowingly at fault in this situation. At present legal action is underway to find the source of this problem.' At this stage AMD has not yet responded to Techwatch's requests for more information, says Lucien."
Hmm, seeing that there is apparently no factual report about why /. has been so unstable this week, I guess it's time to take a conspiracy theory poll...
Poll: Slashdot is very unstable this week because ...
Poll Mastah
"If you don't have anything good to say, keep your mouth shut."
"I do not agree with a word you say, but I will defend to the death your right to say it." --Voltaire
Free speech is dirty and nasty, that's what makes it so fun. Remember, the only thing you know about a poster (usually) is what they write, not thier age, country of origin, race, mental state, motivations, or experiences. Parse it accordinly, and you might want to check this out too.
--
+&x
I'd like to point out an astonishing amount of hostility recently. In the last few weeks I have noticed it especially, when someone chooses to make a statement they don't just make the statement, they litter it with insults, formulating an angry comment dripping with either sarcasm or invective, for no reasonable purpose that I can see. Just the 18 or so comments in this article so far alone contain more hostility than I see in an entire week in any other medium.
This in itself is a concern, it displays a marked lack of respect towards the others the comment is aimed at. On this very same page you can find a comment querying the lack of information on the recent problems with slashdot. Was the use of the word "Pathetic" really necessary? Was the implied accusation that Slashdot is no longer "open" included for any other purpose than vitrol? A single feather does not a bird make, and a single action by the editors should not be held up, against an astounding amount of evidence to the contrary, as an example of how it has become "closed" or "less responsive".
I single out this post only because, being in the same article, it is easy to point to, make no mistake it is merely the tip of the iceberg as far as posts containing unnecessary attacks go.
Please keep in mind that the editors of slashdot, the users who make comments here, the employees of the organisations that are referred to (yes, even those of Microsoft), and all the other people who are somehow brought to our attention in this forum are, in fact, just that. People. And too often I see them judged, instantly, upon such a scrap of information as wouldn't feed a shrimp. Indeed all too often one reads an article only to discover that people are being abused on the basis of nothing more than rumour.
They are people, they deserve respect by default, the respect given to those who are human, who may make mistakes, but who have lived years of their lives, making hard decisions and taking responsibility for their actions.
Some calm yes? some thought before writing, and perhaps a little dose of old saying.
"If you don't have anything good to say, keep your mouth shut."
Flames will be read, considered, and appreciated. Thankyou for your time.
You can't win a fight.
Scientific American recently had an accurate article on the MPAA v. DeCSS situation. As for regular TV, um, those guys can't tie their shoes anyway.
If you need text styles to communicate then you don't have a message.
Maybe they're still hunting the culprit; maybe they don't want to give the little bastard the attention he wants; maybe server downtime is something that speaks for itself; maybe you could just phone Andover.net and ask them? It's not as if anything they don't announce is automatically a conspiracy of silence (or is it? maybe Bill Gates' minions got into their underpants this morning...).
Matthew @ Bytemark Hosting
--
-- Slashdot sucks.
CSS is akin to the lock on your house.
. .
DeCSS is akin to a tool that breaks the lock on your house.
. .
Have the defendants actually used DeCSS to make illegal copies?
It is irrelevant whether or not the defendants were personally engaged in
making illegal copies. They are clearly "providing the keys to the castle," which
is in violation of the anti-circumvention provisions of the federal copyright law.
Too bad they didn't extend their analogy, then I think the last paragraph would have read something like this:
It is irrelevant whether or not the defendants used to lock picks to rob your house. They are clearly providing the lock picks.
AFAIK providing lock picks isn't illegal. Providing lock picks to criminals *might* be, but that makes the question quite relevant.
no comment
It's not fear. It's refusal and disgust. There's a difference.
--------
"I already have all the latest software."
I moved to the United States from a country with oppressive laws, because I saw the U.S. as emphasizing individual freedoms (sometimes at great cost to the society, e.g. gun ownership rights.) But the U.S. now seems to be moving from being a country which emphasizes the freedom of the individual, to one which emphasizes the freedom of corporations to exploit the individual.
I do hold out some hope that in the long run, bad laws like the DMCA and the incipient UCITA will be overturned or weakened, just as the CDA was. In the meantime, millions of people will have been turned into lawbreakers. When a law is bad, in some cases our moral duty is to break it. If we go along with it, we become collaborators in a greater crime, and are as much at fault for the situation as those who lobbied for the laws in the first place.
In this case, fair use is one of the issues, but full-blown piracy (selling or giving away copyrighted content to others) goes way beyond fair use. I'm not sure that this sends the right message - it may only lead to more of an arms race, as corporations try harder to protect their content. Wide-scale piracy will only bolster their case within the legal system, and may encourage stricter laws.
That said, I don't know what the answer is, other than supporting people and organizations that are against these laws, supporting software which allows fair use of content (open source and otherwise), educating people on the subject, and so on.
Actually, it was written for windows because windows was the platform they started reverse engineering it on.. due to the availability of licensed players. I thought it was the file system that was unsupported on Linux at the time. Further lies: they say region coding exists so that they can do staggered theatrical releases. So why the f--- are movies that are long gone from the theatres anywhere region-coded?
Beome a locksmith's apprentice, or go to a school. There are a number of vocational schools, not to mention the really cheesy mail-order schools that are about as good as a mail-order computer school.
BTW, in California at least it is illegal to sell picks to anybody without a valid California locksmith license. IIRC all the license requires is a background check.
I still think the DeCSS/lock picks is a lousy analogy.
My house is physical, the movie is not, it's information which wants to be free.
'nuff said. I can take apart my copyrighted whatchamacalit and rebuild another,
as long as I basically attribute the source (derived work), but IP laws
(and MPAA lawyer whores) think that this is just as illegal as copying something I bought,
when in reality, putting protection there in here first place is the illegal thing (in my mind).
ICQ#2584116
-- d'arcy poirot
Please consider logging in to get that automatic
+1 so your future posts will be more visible.
1000 SlashDot sigs
There's still something that bothers me about having to feel like a criminal for trying to find out how something works, or making a backup copy in case my DVD player breaks down. This hurts the public more than it helps the artists. Of course, it helps the big record companies most of all.
But then, it's not like this hasn't been said before 10^6 times on /.
They couldn't fine me that much because I don't have that much, so I'd probably wind up doing hard time. Hmmm... selling one pirated copy of "The Lion King" == 300lb tatooed live-in "girlfriend" for 10 years.
Aw, f**k it. OK, I love Big Brother. :0(
The obvious problem with this scheme is that demand for some goods and services is much less elastic than for others: for example, your food costs about the same (within a factor of ten or so), whether you're Joe Shmoe or Bill G.
So the "Fair Tax" would take the same amount from the rich and the poor on these things, but it might be 20% of Joe's income and 0.000...01% of Bill's income. Isn't DoubleSpeak wonderful?
Or is this all a troll anyway?
"I will take the Ring," he said, "though I do not know the way."
Net connectivity is not always predictable. Often, network problems can cause inaccessibility to some sites but not others. There are many points between two computers where a problem could happen, and many involved systems. For example, DNS or routing problems could easily make only certain sites inaccessible. If that makes your brain hurt, then take a shower (with soap), learn about "social skills", and use them to ask someone familiar with computers to explain it to you.
But Slashdot is just a geeks' nest. I get the feeling the Feds aren't going to care, especially if it turns out that M$ is behind this.
--
So many "first post" idjits...so few moderator points... | Delenda est Windoze
--
Ooh, moderator points! Five more idjits go to Minus One Hell!
Delenda est Windoze
Ooh, moderator points! Five more idjits go to Minus One Hell!
Delendae sunt RIAA, MPAA et Windoze
1. No can do. /. reps explaining everything. /. was down.
2. #slashdot on openprojects.net and slashnet.org had quite a few
3. Particular to #1. They had to use wired cuz
4. Comprendes?
The message on the other side of this sig is false.
Don't attempt 'striyen unless you are a native speaker. For those who don't know what I am typing about, we have bushflies to keep out of our mouths down here. (-;
-- open source? sounds like the real book --
There are no legal software packages available for decrypting DVDs.
Hmmm... I wonder what a DVD player does according to the MPAA...
Remember that moderators are chosen randomly from the population (mod a few tweaks like eliminating those who abused it) and only get a handful of moderation points each time they're chosen.
So you no doubt had different moderators than he did.
Also: The earlier you post, the more people with moderator points will see your post, and the more chances you have to get a point, plus or minus. Three reasons for this:
- It's up longer.
- It's higer in the thread tree, so fewer people will have gotten bored and moved on to another article.
- It's higher in the thread tree, so fewer moderators will have responded to another posting, after which they can't moderate anything in that article.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
The slashdot stats on the front page seem to say that the site hasn't been down in the past days:
Slashdot Stats
date: 12:34pm
uptime: 30 days, 2:33, 4 users
-skip
----------------
Now that the cat is out of the bag, I believe the best way to move forward on this is to release a new spec. Read on...
c at-kerberos-revisions-05.txt c at-kerberos-pk-init-11.txt
n t,extra_sids,
MS W2K Kerbos V5 Authorization Fields
1.0 PREAMBLE - READ THIS NOW
This document is a compilation of information posted publicly on the
internet. The author has not entered into any agreement with Microsoft
regarding non-disclosure of this specification, nor bypassed any copyright
protections, nor reverse-engineered the protocol.
1.1 INTENT
The author intends for this document to assist in the reverse-engineering
of the protocol by describing the fields necessary to interoperate between
UNIX and W2K server implementations of the Kerbos V5 specification. The
author will not maintain this document, therefore it is requested that the
relevent interested parties host, maintain, and correct this document as
reference for future work, without being tainted by the MS EULA.
1.2 LICENSE
This document is licensed under the GNU Public License. See www.gnu.org
for details.
1.3 FURTHER READING
http://www.ietf.org/internet-drafts/draft-ietf-
http://www.ietf.org/internet-drafts/draft-ietf-
1.4 REPRESENTATION
All symbolic names have been changed. The data representation has been
changed. Any derived work will not violate MS copyright in this regard.
1.5 PREREQUISTES
Reader should have knowledge of MS API, particularly FILETIME, UNICODE,
and SIDs. Reader should be familiar with NDR encoding and the Kerbos V5
specification.
2.0 SPECIFICATION
Microsoft has produced an extension to the Kerbos spec called PAC
(Privilege Attribute Certificate) which includes proprietary information
in the ticket authorization field, specifically the IF-RELEVANT field
with a sub-identifier of 128.
2.0.1 FORMAT
All data is in low endian format. Most data is in NDR format, a stream-
based serialization of structures and arrays. Sometimes this data is
encrypted. There are not many keys to deal with so some experimentation
should yield good results.
2.1 PAC STRUCTURE
DWORD toc_count ; number of items in the TOC (table of
; contents)
DWORD pac_version ; version number for this specification,
; currently 0
TOCITEM toc_items[toc_count] ; array of TOC items
BYTE raw_data[...] ; raw data corresponding to items in TOC,
; all items are aligned to 8 bytes
2.1.1 TOCITEM
DWORD item_type ; the type of the item in the data portion
DWORD item_length ; the number of bytes in the item
QWORD item_offset ; 64bit offset from the beginning of the PAC
; structure to the raw data corresponding to
; this item. least significant three bits
; MUST BE ZERO. isn't this a bit large for
; network traffic?
item_type may be one the following values:
item_login = 1 ; item contains client credentials (2.2)
item_supplemental = 2 ; item contains supplemental credentials (2.3)
item_server_sig = 6 ; item contains server signature (2.4)
item_kdc_sig = 7 ; item contains kdc signature (2.4)
item_user_name = 10 ; item contains the username (2.5)
2.2 LOGIN information (NDR encoded)
TIMESTAMP login_time ; last login time
TIMESTAMP expire_time ; session expiration time or TIME_NA if n/a
TIMESTAMP forced_time ; forced session expiration time or TIME_NA
; if n/a
TIMESTAMP passwd_mtime ; last password modification time or 0 if not
; set
TIMESTAMP passwd_min_time; time afterwhich password may be changed
TIMESTAMP passwd_max_time; time afterwhich password must be changed or
; TIME_NA
USTRING username ; (optional) the W2K user name
USTRING userdesc ; (optional) the W2K descriptive user name
USTRING script_path ; (optional) the user login script path
USTRING profile_path ; (optional) the user profile path
USTRING homedir_path ; (optional) the user home directory
USTRING homedir_drv ; (optional) the user home directory drive
; mapping in the event of a UNC home directory
WORD session_cnt ; (ignore) the number of sessions the user
; currently maintains
WORD badpasswd_cnt ; number of bad authentication attempts since
; last successful authentication
DWORD uid ; relative user id
DWORD gid ; relative primary group id
DWORD gid_cnt ; number of additional groups
GIDATTRIB moregids[gid_cnt] ; array of relative gids and attributes
DWORD flags ; determines the validity of the following
; fields: 0x0020= extra_sid* info is present,
; 0x0200= resgrp* info is present
DWORD ignore1[4] ; (ignore)
USTRING nb_server ; netbios name for KDC that requested AS
USTRING nb_domain ; netbios name for user's domain
SID sid_domain ; sid for user's domain, base for relative ids
DWORD ignore2[2] ; (ignore)
DWORD userflags ; tons of flags (see uf_* below)
DWORD ignore3[7] ; (ignore)
DWORD extra_sid_cnt ; number of sids to follow, see flags
SIDATTRIB extra_sids[extra_sid_cnt] ; more sids, see flags
SID resgrp_sid_domain ; sid for resource domain, base for relative
; ids below
DWORD resgrp_gid_cnt ; number of groups to follow, see flags
GIDATTRIB resgrp_gids[resgrp_sid_cnt] ; more relative gids and
; attributes, see flags
2.2.1 TIMESTAMP
QWORD time ; 64 bit value of 100nsec increments from
; 1601-01-01 GMT epoch
TIME_NA = 0x7FFFFFFFFFFFFFFF
2.2.2 USTRING
WORD size ; number of bytes in the unicode string,
; length is size/2
WORD max ; number of bytes in the buffer
WORD buf[max/2] ; array of unicode characters
2.2.3 GIDATTRIB
DWORD id ; relative id
DWORD attrib ; attributes (0x1=required,
; 0x2=enabled_by_default, 0x4=enabled)
2.2.4 SID
BYTE version ; version number
BYTE agent_cnt ; number of authorizing agents, max 15
SIDPREFIX prefix ; the sid prefix
DWORD agent[agent_cnt] ; array of authorizing agents
2.2.5 SIDPREFIX
BYTE b[6] ; array of six bytes, presumably
; S-5-a-b-c-d SID prefix
BTW, NT authority's SID is 0,0,0,0,0,5; note the unusual byte order
2.2.6 SIDATTRIB
SID sid ; sid
DWORD attrib ; attributes (0x1=required,
; 0x2=enabled_by_default, 0x4=enabled)
2.2.7 userflag VALUES
uf_disabled = 0x00001 ; account disabled
uf_directory = 0x00002 ; home directory is required
uf_nopasswd = 0x00004 ; password not necessary
uf_tmpdup = 0x00008 ; account is a temporary duplicate
uf_normal = 0x00010 ; normal account
uf_mnslogin = 0x00020 ; mns login account
uf_domaintrust = 0x00040 ; domain-wide trust account
uf_hosttrust = 0x00080 ; host-wide trust account
uf_servertrust = 0x00100 ; server-wide trust account
uf_noexpire = 0x00200 ; password does not expire
uf_autolock = 0x00400 ; account is autolocked
uf_encrypt = 0x00800 ; encrypted password is valid
uf_smartcard = 0x01000 ; smartcard is required
uf_delegate = 0x02000 ; delegate trust account
uf_notdelegated = 0x04000 ; not currently delegated
uf_desonly = 0x08000 ; only des key is valid
uf_nopreauth = 0x10000 ; do not require pre-authentication
2.2.8 NT TOKEN - is apparently generated from the following fields
uid,gid_cnt,moregids,flags,sid_domain,extra_sid_c
resgrp_gid_cnt,resgrp_sid_domain,resgrp_gids
2.3 SUPPLEMENTAL - additional information may be sent by the KDC
depending on the security package, but this only pertains to PKINIT
packets. I good deal of encryption goes on here as well. The data
itself is encrypted with the client key, but also appears to be NDR
encoded and encrypted with the KDC->client key as well. Some
experimentation should resolve this once and for all. Be wary that
multiple levels of NDR encoding may be present.
2.3.1 SUPPLEMENTAL HEADER (NDR encoded and encrypted with KDC->client
key)
DWORD crypt_ver ; version number of key if encrypted,
; 0 otherwise
DWORD crypt_type ; type of cryptography (see Kerbos types)
BYTE raw[...] ; the raw data is an NDR encoded CREDARRAY
; below (size in TOC entry)
2.3.2 CREDARRAY (NDR encoded)
DWORD cnt ; number of credentials
CREDS creds[cnt] ; credentials (NDR encoded again)
2.3.3 CREDS (NDR encoded)
USTRING pckg_name ; name of package
DWORD size ; number of bytes in opaque data
BYTE opaque[size] ; array of bytes comprising opaque data
2.4 SIGNATURES
DWORD sig_type ; type of signature (keyed checksum only)
BYTE sig[...] ; raw signature data (size in TOC entry)
FYI: signing of PAC is performed as follows:
1. PAC is generated with both signatures zeroed out
2. Signature is run on PAC with server key and stored in server
entry
3. Signature is run on PAC with KDC key and stored in KDC entry
2.5 USER NAME - helps resolve that the PAC applies to the correct user
TIMESTAMP timestamp ; ticket AuthTime field in timestamp format
WORD size ; size of username in bytes, length is size/2
WORD name[size] ; array of unicode characters comprising
; username delimited with / and @, NOT
; TERMINATED
2.6 REQUEST PREAUTH DATA - PACS occur in conjuction with AS and
TGS requests, but they can be requested on demand or suppressed
with a PAC-REQUEST. The format is a mere BOOLEAN value. If the
PAC is not present and the value is true, it is included. If the
PAC is present and the value is false, it is omitted. The ID for
this request is called KRB5_PADATA_PAC_REQUEST and has a value of
128.
If that is the case (and it certainly could be, though I doubt it- even the old servers could have handled that type of load) then wouldn't it be really, really easy for Rob and Co. to just jump out and say it? Heck, even a simple "BTW, we weren't DDOS'd- it was just a server failure" would have been sufficient for most of us, I suspect. Of course, if I were a conspiracy theorist, I'd note that such an admission might depress the Andover stock price, which would make it a big problem to post at all... but that'd be crazy, wouldn't it.
~luge(not a conspiracist! I swear!)
IAAL,BIANLY
That's exactly what the DMCA changed. Fair use doesn't matter if you circumvented copy protection to get at the copyrighted material. That's what makes DMCA so dangerous: it renders the concept of fair use legally insignificant.
I'm so fed up with the power of the mass-media conglomerates, I'm considering taking up full time piracy as a form of civil disobedience. Has anyone else had this thought cross their mind, or am I insane? (not XOR).
I love how the MPAA compares DeCSS to picking a lock on a house. They act like the DVD that I bought is their house!
The last time I checked, I can break into my house as often as I want, even if I bought my house from someone who might not approve of it.
Also, how many people here would care if someone got the blueprints to your house and made an exact duplicate without your permission?
What's really sad is that Microsoft has been able to produce a more convincing propaganda-FAQ page than the MPAA did. I've also seen some considerably more convincing anti-DeCSS pages.
--------
"I already have all the latest software."
I prefer to consider this as one aspect of the flow-of-control diagram of the government. Of course I'm not an expert in multi-processor systems, but it sounds like you are properly describing a part of the model, drastically simplified, of course.
Politics? I'm really not an expert there. I tend to consider that a subset (subclass?) of rhetoric.
I know that programmer-speak is sometimes awkward, but we have ways to check whether or not our ideas work out in practice. So I trust the program analysis of an application as being a valid analysis (or at least potentially checkable). Political talk is generally explicitly designed to NOT be checkable. So I would prefer to avoid it as much as possible. And for this argument it isn't needed! (But you've left out many assumptions, that need to be explicit if one were to validate the argument).
I think we've pushed this "anyone can grow up to be president" thing too far.
DeCSS is akin to a tool that breaks the lock on your house.
Since when does the MPAA have a right to put a lock on my house?!?!
However, there are a few interesting things about the DDOS attack on Slashdot, which -could- offer some possibilities.
First, the attack came about not long after the Microsoft demand story was posted.
Secondly, no Microsoft-owned news service is covering the story, despite other mainstream news services covering it.
(Microsoft NEVER misses an opportunity to ridicule opponents in the media. This time, they're keeping their mouths firmly zipped.)
Thirdly, Microsoft employees are not above extreme demonstrations of loyalty, authorized OR unauthorized.
Lastly, most widespread DDOS tools run on Microsoft OS'. In itself, this wouldn't mean much. But placed in context, it becomes a little more significant.
It is therefore my theory that a Microsoft insider (probably -without- explicit permission) carried out the DDOS attack, and that any investigation will run into innumerable political obstacles, above and beyond any technical problems of tracing it.
If this theory is correct, the only chance anyone has of knowing the truth is if that insider "defects" and talks. Very, very unlikely.
To be honest, though, nobody else really has any motive or incentive, never mind the sheer bulk of machines needed to jam up a site designed by internationally-recognised experts in ultra-high volume web distribution. You are NOT talking about a server that'll fall over the moment anything more sophisticated than a goldfish logs on.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Because local representatives (on municipal to state levels) are responsible for everything from your trash collection to schooling to policing to property taxes, that's why.
When my property taxes rise because of Internet based sales taking eating away at the local tax base, those decisions, ultimately, are made by my local town government, NOT Leahy, Jeffords or Sanders (who happen to be my Congressmen).
Not many local reps (governor, state reps, municipal, etc.) criticize local Congressman X. It just doesn't happen too often because someday, somehow Congressman X will bring home the pork and the local rep won't be invited to the ribbon cutting ceremony for whatever battleship is being built in the district.
Also, many Congressmen try to cultivate the "elder statesman--working for America" image and rarely, if ever, get involved in local politics. Note the importance of committee assignments/chairmanships and investigations like Waco, Chinese spying, etc.
This is another view of the world.
1) We all know that at peak times /. struggles under the load. /. had to post to this story. Further, instead of just refreshing an article a couple of times, this story was so interesting that we all refreshed many, many times just to get the latest comments. /. even when it was refusing any new connections (hence an effective DDoS of syn's), failing that, they pinged or tracerouted /. to test if the problem was fixed yet (hence an effective DDoS of icmp packets). /.'s readership. /. servers were not keeping up with traffic, I had established tcp streams to /. returning with source IP of 10.1.48.4 (and port 80) instead of one of (64.28.67.64, 64.28.67.63, 64.28.67.62, 64.28.67.61) indicating either an unhealthy router or NAT. /. traffic 10x or higher. What server wouldn't fold under similar circumstances?
2) This story was so inflamatory that everyone who normally just reads
3) From what I observed, the blackouts coincided with peak times in the US and the Australia.
4) Those that couldn't get on, were so emotionaly bound up in this, that no matter what, they had to reach slashdot and read the latest or post their comment. Consequently, they continually tried to connect to
5) Widespread media attention multiplied
6) As "proof" that
7) Finally, I would not be in the least suprised if this story multiplied
It may be obvious to you at Slashdot, but it's far less obvious to everyone else. We're not there.
I have a fast but flaky Net connection. For all I know, when I can't reach Slashdot, there's something screwed up with the network I'm on, or a problem at MAE West, or something else. Yes, network problems sometimes prevent access to certain sites and not others. With testing/proxies/etc. I can formulate a better guess of what's going on, but why not just give us the answer if you have it? You may not realize it, but you're keeping us in the dark.
Please communicate with us. Having network problems is nothing to be ashamed of, but it's much better handling to keep people informed. If you were a network admin at a company, wouldn't you let staff know when the file server has crashed? Even utility companies tell the public when there are outages, so everyone knows it's not a problem in their individual homes. A simple memo from Slashdot would go a long way, doesn't need to be fancy.
> they are making *broad* taxation decisions for the *GOOD* of the nation
But they aren't elected by the nation at large. They're elected by those local shopkeepers and consumers. The same people that elected those State reps also elected the Congressmen.
If voters feel that the tax cut outweighs the local impact when they vote for Congress, why do they feel differently when they vote local representatives?
Frankly, I think all sales taxes are bad because they are simply the most regressive tax. But that's another thread entirely...
-- Don't Tase me, bro!
My own connection is flaky. For all I know, when I can't reach Slashdot, my local network is screwed up, or any number of other problems between me and slashdot.org. I'll keep trying to fix it until I know it's out of my hands.
Being attacked is nothing to be ashamed of, but keeping it hidden from friendly parties is the wrong way to deal with it. I would think it's easier to post a short note once than deal with hundreds of emails asking what's going on. You're sitting there at Andover, but the rest of us are in the dark.
Anyway, good luck in fixing it. Afterwards, please tell us what happened so we can a) offer insight on how to avoid it in the future, and b) guard against it on our own sites. You know, the old open-source approach.
Another obvious problem with your plan is that with income tax, people are motivated to make more money, while with an expense tax they would motivated to buy less. Doesn't sound very productive.
Time is what keeps everything from happening all at once.
So far, we have seen DOS attacks and router deaths... these are not /.'s fault. They are Exodus's fault. Not surprising, in my experience they have proven pretty clueless, and I was surprised Andover was going with them, of all people. Nevertheless they do host a lot of big sites... just very poorly.
At the risk of karma-whoring, I'd say it's more like this: Microsoft, looking for a fight, draws a line in the sand and says, "I dare you to cross this line." Slashdot crosses it and says, "What are you gonna do about it?" I think both Slashdot and Microsoft knew (or at least hoped) that something like this would happen when the spec was posted -- I certainly did; as tests for the DMCA go, this one is as rigged in our favor as they get.
On the other hand, MS is a corporation; they're used to hitting things with a hammer, and they're quite good at it. As someone else pointed out, they get somewhat confused when they encounter Jello -- which Andover is not. I expect this to go to court, and I wish the best of luck to Andover.
> When my property taxes rise because of Internet based sales taking eating away at the local tax base
Well, this was my point about the regressive nature of sales taxes in general. Since you're local gov't isn't getting its sales tax, they have to tax something else. And since the sales taxes effect the poor disproportionate to the rich, you'll find the rich start lobbying to save their money.
-- Don't Tase me, bro!
How goes this whole Microsoft thing? I'd like to see an update on that story. -JeremyT Tughouse http://tughouse.tuginternet.com
Shameless TUGHouse Plug
As a result of a very widely distributed attack, people can't visit my website. Hundreds of thousands of people have conspired to create web sites more interesting than mine, and so no-one's heard of it, and so no-one can find it.
/.
I'd like to see those DDoS dorkuses try that strategy against
Okay, you got me, tim. Which one is the thought provoker? What is up with this format anyway?
Sorry, guys, but it is really pathetic that there has been no news here about the problems you've been suffering. There have been tons of people reporting SQL problems today, we all know the site has been shut down repeatedly over the last couple of days, and wired reported that you had a router die. I hate to make a "in the old days /. was better" but it isn't that hard to look through the archives and find CT saying "oops... our server died/crashed/whatever." That kind of honesty and straightforwardness is what made /. a community first and a news site second. It's sort of sad that this kind of openness (which is much more important than source) is apparently no longer a priority.
~luge
IAAL,BIANLY
Pirates of copyrighted works often claim "civil disobedience" as a justification. "We just want to protest Evil Corporations Who Exploit Artists And Customers Alike."
But, without judging you in particular -- think about the following before you actually take up this occupation:
"How can you claim that you are anti-crack, while still writing a window manager?" — Metacity README
There's a landslide of attempts to remove freedom that we have all come to cherish. People are testy about it, tempers are short, politeness has, by necessity, gone out the window. When corporate america stops trying to fuck with us, we can get back to the level of civility we usually operate at.
That should make it stop, right? This isn't because of bad servers or something. This is because a single person (or several) is acting maliciously. And crowing on the front page about their actions every day, just would give that person more power.
From the MPAA page: DeCSS is akin to a tool that breaks the lock on your house. Uh, I prefer to think of it as a tool that lets ME break locks on my own possessions. Ugh. I don't know what to think about the fact that they called the creators "hackers". Guess we can't argue with it. :)
grep -ri 'should work'
I'm not claiming it as a justification, because I have no desire to actually pirate anything. I'm not rationalizing my own greed and cowardice. I actually just want to hurt the cause of corporate power.
If I want music, I'll make it myself or with my friends or go to a concert. I don't really NEED pre-packaged, mass-produced, mass-marketed glop. So the only reason I would pirate would be to make a statement.
Would you pirate if it weren't so anonymous?
You don't see me hiding behind an AC, do you? But I suppose that's not what you meant. You mean like the anti-mafia judges in Sicily who virtually knew they would be killed and yet continued their campaign against the 'cosa nostra'.
Yes, I would send out press releases to the media that I was pirating CD's and explain why I thought it was an act of civil disobedience. I would probably arrange to have the money donated to a charity (though I don't know if charities accept proceeds from a crime) or perhaps I'd just give the stuff away to prove that I'm not doing it just for my own gain.
if you're not willing to reap the consequences of breaking the law you disagree with, any sanctimonious claims of "civil disobedience" ring pretty hollow.
Don't tempt me. I'm not the kind to sit idly by.
I noticed with some amusement and disgust that the MPAA propaganda page states that copying a DVD for your own personal use is illegal. Since when? What a load of #%@$%$%!
./? How's the Micro$oft thing going?
I agree with the other posts, what is the status on the DDOS attacks on
Don't throw your computer out the window, throw the Windows out of your computer!
Also, the bill in the House is not taking away PRESENTLY collected taxes in only a few (something around--if I remember correctly-- a few states and two cities, Washington DC being one of them). This present taxing system works like catalog sales--if you have a presence in a state, state residents have to pay local sales tax.
Local politicians are angry because 1) the moratorium wasn't set to expire until 2001 (and it is an election year THIS YEAR) and 2)the moratorium is set for 5 years, which is hobbling at best for those interests.
This is another view of the world.
I asked this in a post yesterday, but I was moderated down as offtopic; yet you get +3 Insightful ... hmm, moderators are fickle (as if we didn't know that already!) Mind you, I suppose this story is a little more general so more posts will slip through.
/.' where we can post about how much it sucks and how to improve it and so on.
/. is usually the first to report this sort of thing. Tell us what's going on please!
/., coming so soon after the legal threat. I admit that that will be quite painful, but I'd still rather see the discussion.
What we need is a weekly (or whatever) story on the 'state of
Err, anyway, regarding the DDOS... it seems strange trying to get news on it from other sites when
Perhaps Taco can't bear the thought of all those posts discussing conspiracy theories about M$ slashdotting
BRIEF SUBMITTED BY MEDIA DEFENDANT 2600 ENTERPRISES, INC. AND ERIC CORLEY a/k/a
= -=-=-=-=-=-=-
"EMMANUEL GOLDSTEIN" IN OPPOSITION TO PLAINTIFFS' MOTION TO MODIFY THE PRELIMINARY INJUNCTION AND IN SUPPORT OF DEFENDANTS' CROSS-MOTION TO VACATE THE PRELIMINARY INJUNCTION MEMORANDUM OF LAW IN OPPOSITION TO PLAINTIFFS' MOTION TO MODIFY THE PRELIMINARY INJUNCTION AND IN SUPPORT OF EFENDANTS' CROSS-MOTION TO VACATE THE PRELIMINARY INJUNCTION
Huh??? And companies wonder why consumers are so opposed to reading EULA click-thru licenses...
- JoeShmoe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
The whole way in which M$ posted the Kerberos specification, with the embedded EULA, was a setup right from the get-go that we -- of course ;-) -- fell for hook-line-and-sinker.
Their lawyer-whores said: "Hey! Let's set up a *real* trojan horse for those /.-hippies and nail their asses! We can design this whole disclosure so it'll work as a righteous open-source-geek-trap and when they fall for it -- which they *will* -- we've got /. and andover.net all in one swoop!"
So what they were doing had nothing to do with disclosure or openess or any of that touchy-feely bullshit!
It was a trap, right from the start!
Whoa! Acute conspiracy theory poisoning! My head hurts! Induce mental vomitting!
t_t_b
--
I'm on PJ's "enemies" list! Are you?
"Err, anyway, regarding the DDOS... it seems strange trying to get news on it from other sites when /. is usually the first to report this sort of thing. Tell us what's going on please!"
;) [heh. I'll bet you already got some, huh?]
I never go to Wired.com anymore -- but found myself there recently reading a story about Slashdot. Weird.
Rob, Jeff, I understand that you might not want to discuss the DDoS in order to avoid 'encouraging' that sort of thing, but if you're gonna talk about it to Wired, talk to us too!
You needn't reveal technically sensitive details, but, please, tell us what you can.
Don't make us start submitting news stories about the Wired article!
Geeky modern art T-shirts
From the section regarding region coding:
"It is simply impossible with present technologies to supply film prints of a movie to all of the theaters around the world at the same time. Motion pictures released by the major studios are generally released first in the Untied States and subsequently overseas."
Is that whats wrong? The States are Untied when they ought to be united..
-
air and light and time and space
I just noticed on one the Technocrat's Slashdot problems-related forums a response from Micheal Sims (michael@slashdot.org), in which he confirms that "Slashdot has been under DDOS attack for the last 24 hours or so."
Why isn't this information being posted on Slashdot itself?
To the fool, he who speaks wisdom will sound foolish. ---Euripides
Check out http://www.fairtax.org -- they're pushing for a sales tax on all new goods, and services (used goods won't be taxed). They'd eliminate the income tax, capital gains tax, inheritance tax, and gift tax.
The benefits to most of the people reading this are huge. First of all, it's shifting the burden of taxation from income to expense. This is great -- if you waste less, you're "punished" less. Thus we have a system which rewards efficiency, and so recycling would be rewarded, not just something "we should do." (People rarely do something unless it's in their immediate best interest.)
In addition, many of us work for high-tech startups with stock options. Eliminating capital gains taxes gives you effectively 30% more of your millions, since most stock grants from startups prior to IPO are ridiculously low (i.e., buy it for $1 and sell it for $100, and you're taxed on 99% of your proceeds under today's system).
By eliminating capital gains, inheritance, and gift taxes, you can ensure that the wealth that you build throughout the trials and tribulations of your life is preserved for you and yours, not wasted on pork barrel projects in some other city or state that don't affect you at all (so why should you have to pay for it?).
I'm not affiliated with them in any way other than as a sponsor; I urge everyone who's already financially independent to donate (it's tax-deductible). If we can get this passed, then the return on your "investment" (in FairTax) will definitely be worth it.
An example: let's say you've got $100,000 in stock from employee options. If you sell it you'll pay something like $30,000. So donate $1,000 to FairTax, and when it passes you'll get an additional $29,000 when you sell! That's a 2900% return on your money.
ESR, CmdrTaco, Hemos: you've all got millions. You can have even more millions by helping this get passed.
Thanks for listening,
Thing 1
--
I feel fantastic, and I'm still alive.
In your FAQ, there are several problems: The FAQ claims that a Linux DVD player is available. I have seen many other press releases where the MPAA states that there are many available licensed Linux DVD players. I am a user of Linux and Windows 2000 and am in pursuit of such software, I would like to purchase it immediately if possible.
However, these players do not seem to exist. The FAQ says that Sigma and Intervideo had announced Linux players, but on their pages there is no indication of this (by the way your sigma link is broken, it is missing the ".com" in the href). I have not read about any assertion that Linux players exist or will ever be developed except by the MPAA. The mainstream press does not have any story on it, the press releases on these sites do not contain any such announcement. In fact, as you may see from the following links, they announce the opposite:
== From Sigma Designs (hollywood plus page): Supports Windows 95, 98, NT 4.0 and Windows 2000 ==
From the Intervideo FAQ: == WinDVD currently supports Windows 95, Windows 98 (original and Second Edition versions), Windows NT4 and the upcoming Windows 2000. For further details on how to install WinDVD into the operating system of your choice, and Operating System specific issues follow the below links: Windows 95 Windows 98 Windows NT 4 Windows 2000 There have been many requests for a Mac, Linux, and Windows CE version of WinDVD. While none of these can be ruled out in the future, we currently do not support any of these alternative OSs. ==
I should also point out thatyour FAQ claims that the infamous DeCSS program is only used for piracy, and that the CSS encryption algorithm prevents copies from being made. However the CSS encryption algorithm never prevented copies from being made, it only prevents viewing the content. As your site admits, piracy would not require circumventing the CSS algorithm. In fact there is far more value to pirates in circumventing regional encoding. A pirated DVD MUST RETAIN the CSS encryption if it were to retain its value, since the DVD players would expect that.
The only value in circumventing CSS stems from the ability to create players. DeCSS was only created after the basic refusal to create Linux players by manufacturers of current DVD players, and the refusal of the MPAA to allow Linux coders the licensing/information they needed to do so themselves. The fact that DeCSS is for windows is a non-issue. DeCSS was developed in windows because the players the authors reverse-engineered ONLY RUN ON WINDOWS. To say this is a proof of its nefariousness is at best a circular argument.
The authors released the code so that people could quickly port this to Linux should they fail to do so. And as a result of their incarceration, they have failed to do so, the MPAA being responsible for said incarceration and the ensuing lawsuit which has scared Linux developers off from creating any players based on this code.
It goes without saying that Linux users would pay for a program that allowed them to play DVD's. However that brings up another sore point. Even the players available for Windows are incredibly clunky and buggy, and incredibly sensitive to corruption. It is clear that limiting the number fo developers who are allowed to make this software is not a good thing.
I imagine that this letter will be ignored, as will the facts, as they have been for some time. nevertheless I feel it is my duty to inform you in good faith that you are mistaken, and hope that the situation will be rectified in a civil manner, rather than becoming mired in all this inflammatory rhetoric and sabre-rattling, which is doing no one any good. For the first time in 70 years, America is taking a second look at the MPAA, and its value. This scrutiny cannot be doing your organization or the interests it represents any good. The opportunity yet exists for the MPAA to make this right.
> You wanna know the real deal on why the tax moratorium is getting a push in Congress?
Wait 'til November. Right now every politician and his dog is promising election year tax cuts. What better way to recoup their losses than to slap a tax on the internet the day after elections?
--
Sheesh, evil *and* a jerk. -- Jade
(i) Permissible acts of encryption research. Section 1201(g)(2) creates an exception to section 1201(a)(1)(A) to permit an individual to circumvent a technological measure in the course of an act of good faith encryption research provided four elements are satisfied:
(A) the person lawfully obtained the encrypted copy, phonorecord, performance, or display of the published work;
(B) such act is necessary to conduct such encryption research;
(C) the person made a good faith effort to obtain authorization before the circumvention; and
(D) such act does not constitute infringement under this title or a violation of applicable law other than this section, including section 1030 of title 18 and those provisions of title 18 amended by the Computer Fraud and Abuse Act of 1986.(17)
As a practical matter, this exception is not yet in force as it is a defense to a violation of the prohibition on acts of circumvention - a prohibition that will not go into force until October 28, 2000.
DeCSS should fit all areas of this clause. The system that the information was gathered from was legaly purchased, this was nessacery to do this research, there had been multiple atemps by the community to get this information to create a DVD player, and this definatly is not computer fraud. Seems like this is already needed to be in effect. their is already one case that needs it for it's defence.
The FairTax has a provision for the poor and for essentials. No DoubleSpeak involved. See their site for the details.
The point being, those who want to purchase a luxury car can -- and those who want to be frugal and purchase a Honda Civic will get to keep more of their earnings. So it rewards efficiency, and puts the system in line with reality -- rather than the current system which rewards lying (and hoping you don't get audited).
I don't know about the rest of you, but I certainly prefer the carrot to the stick.
I'm not trolling, I'm putting my mouth where my money is -- I've already donated heavily to them in the hopes of keeping more of my IPO stock options.
--
I feel fantastic, and I'm still alive.
It does seem weird that i read about DDOS attacks amined at slashdot on news.com, and other news sites (news.com article covering slashdot recieving the laywer letter from MS), and not on slashdot it self .. .. What better place to talk about DDOS's, and let others in on solving & learning from the problem.
I thought the slashdot community was composed of many smart network engineers, laywers, snoopers, coders, and other forms of computer educated people
Isnt that what build this community? If we silence our own experiances, we might as well silence others (scinical reference to MS letter)
-- Chris Chabot
"I dont suffer from insanity, i enjoy every minute of it!"
(This was most likely a troll but I'll reply anyway.)
The ideas of capitalism and inheritance are not mutually exclusive. Or are you saying that people get to build their empire however they like while they're here, but when they die they have to give it all up?
What incentive would they then have to provide for their children, and their children's children? I'm not anti-freedom; I think you should have the freedom to do whatever you like with your own money, including giving it to your family, before or after you die.
I didn't say anything about monarchy, knights, or titles. All I said was let's make the system more efficient and reward recycling and reuse.
You can get the details at their site.
--
I feel fantastic, and I'm still alive.
At least, according to a wired story. Thing is, I'd rather get my news from /. than Wired.
How are sales taxes the most regressive taxes?
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
He says to wired:
"About 400 readers weighed in over the first 30 minutes. Then we got hit by a DDOS," wrote Slashdot founder Rob Malda in email to Wired News.
How nice of Rob to tell wired, but ignore us.
Can I call it or can I call it?
~luge
IAAL,BIANLY
Apology accepted on behalf of myself, and I hope, others.
:)
Have a nice day
You can't win a fight.
Actually, it was written for windows because windows was the platform they started reverse engineering it on.. due to the availability of licensed players. And as true hackers.. they aren't afraid to code in windows..
Well, I really would like people to be happy with the aggregate of slashdot content -- but it is very hard to please everyone of course!
:)
...
... I think I've used up my subject line now;)
IMHO, the following are both true:
KDE is great.
Gnome is great.
On the other hand, software announcements are tricky in general -- we try to confine ourselves to really major version upgrades or software that people may otherwise have not heard about, or whose release is otherwise somehow more significant than a minor version upgrade. (If Netscape releases 4.73.9.3.01.a, do you really want to read about it here?!) What 'major' means depends on a) the project and b) how much you care about it!
That's not because the 8th release of the pre-2.4 kernel (and other stuff) isn't important, only that slashdot could easily be nothing but that kind of announcment. It would be something it's not. Frankly, it would be freshmeat.
However, even given the "slashdot is not freshmeat" rule, as another poster said, a lot of it still and truly comes down to the personal preferences / opinions of the authors
KDE is about to become "KDE 2.0"; GNOME is about to become "GNOME 1.2" -- and we all know that version numbers are all there is in life, right?;)
Naturally, version numbers for free software come from a number of different motivations (after all, they're free to choose a numbering scheme that suits their philosophy, intent, calander, conceptions of "proper" version numbers, etc), so 2.0 and 1.2 are only numbers here. Both KDE and GNOME are robust and mature -- I've used KDE more, but really, hard to complain about either except in a speculative "wish it would" way. There's lots that I wish for from an end-user perspective, but overall, my hat is off to both teams.
Someone mentioned the debian fetish of the slashteam in general (I'm experimenting with debian on another box, but mostly use Mandrake. What a horrible person I am), but I don't see any dearth of coverage of particular WMs, Desktops, or Distros.
So, anyhow
timothy
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
The rule is only a moratorium on new federal taxes. Local governments are still permitted to collect existing or new taxes. It just makes them look more evil to the voters, as Congress has gone public with an opposing view.
It seems at least as correct as it would be to use OS/2, DR-DOS, PC-DOS, Free-DOS, etc.
"The legitimate powers of government extend only to such acts as are injurious to others." Thomas Jefferson.
> How are sales taxes the most regressive taxes?
Poor people spend most of their income and save less. If you look at the ratio of their income to the money they spend on sales tax, you'll see that they are paying a larger ratio than those who save or invest.
Income taxes, on the other hand, are generally designed to be progressive. The more you make, the higher percent you pay (unless it's a flat tax).
Property taxes, by their very nature, or going to be larger for the rich, whose property tends to be more valuable (except in places like CA where Prop 13 applies, but that's a whole other story).
-- Don't Tase me, bro!
So what happens to all those DVDs when their copyright expires and they go into the public domain? Is it then legal to bypass the acess controls? Or is the plan to keep extending copyright indefinitely? I guess when the framers mentioned "... for a limited time...." they were speaking of time relative to the age of the universe, then?
I'm amazed that got through the new lameness filter (the caps, not the content)...
"It's tough to be bilingual when you get hit in the head."
You wanna know the real deal on why the tax moratorium is getting a push in Congress? Because the taxes that are not getting collected are LOCAL taxes (as in state and municipality taxes--those taxes that fund local education and infrastructure needs) and not FEDERAL taxes.
As stated in the article the opponents of the bill are state legistlators and local merchants. Passing this bill DOES NOT AFFECT YOUR LOCAL CONGRESSPERSON politically and it makes them look "pro-business" and "pro-tech" at the same time. Notice that the Republicans are the majority in Congress, too.
This is another view of the world.