Slashdot Mirror
Slashback: Imagination, Evasion, Watermarks
Frankly, this would have been just too silly. steveha writes: "Microsoft just changed their 're-imaging' payment policy. Companies buying computers that come with Windows installed can once again re-image the system hard disk without Microsoft demanding an extra license payment. Here is the official Microsoft document. Computer Reseller News had the story."
Burn baby burn. rpeppe writes: "briefly, you can download Inferno here, for free.
you might remember from a month or so back that the UK firm Vita Nuova obtained rights to Inferno, a next-generation virtual/embedded OS created by the likes of Rob Pike, Ken Thompson and Dennis Ritchie. Inferno uses many of the ideas from Plan9 but, unlike Plan 9, there are no restrictive hardware requirements - it runs as a "virtual OS" under Linux, Windows, Plan 9 and others, mapping the resources provided by the host OS into a standard form for programs running within Inferno, which will run without change on any platform running it (including on bare hardware, such as SA1100 or MIPS)
we've just made free downloads available (for any use) for Linux, Windows and Plan 9. the actual kernel is not open source, but the download includes open source for all the user-level code in the system (applications, libraries, etc), plus unix-style documentation so there's plenty to tinker with.
this is a system that is genuinely trying to address the problems that are "too deep for unix to fix" and includes all sorts of interesting takes on some of the original unix philosophy (after all, it represents 30 years of evolution from the unix original). plus it's a really nice environment in which to write genuinely (and elegantly) portable programs."
Taking the meat from the jaws of Carnivore. An unnamed correspondent writes "Found a nice article on the circumvention of Carnivore which details steps one can take to avoid big brother. Article is nicely written which has a strange reference to the NSA's Verona project of World War II."
Nothing here may be all that new or surprizing to those already interested in online privacy or cryptography in general, but if you ever need ammunition in an argument about the nice government versus slithering heroin-dealing kiddie-porn terrorists, it'd be nice to point out how accessable these methods are to all involved.
OK, who has what up their sleeves, and why? Fervent writes "Interesting twist in the SDMI boycott -- Don Marti's backing down a bit. Apparently he and Leonardo Chiariglione, executive director of the SDMI, talked and found ways to get along about secure music. The article is here."
I'll be impressed if the music industry or anyone else can come up with a high-quality music format which can't be effectively copied with a modicum of hassle. "Anything that can be read," etc. Thta's not about to stop them from trying on both technological and legal fronts. Of the two, I'll take technological any day.
-- Douglas Adams, So Long, And Thanks for All The Fish
Top 10 Ways to Hack SDMI
------------------------
10. Write a device driver that emulates a soundcard. Dump output to disk. Optional - sending to the real soundcard. Bonus points if you use DirectSound.
9. Attach leads to the DAC of the soundcard, design daughterboard to resequence for raw wave output. Optional: 64MB stick of RAM and a memory overlay for copying back out to the system. Estimated cost to hire an EE to do this: $25k
8. SoftICE, a pack of mountain dew, and an SDMI decoder.
7. 15 minutes alone with developers of SDMI and a backpack full of bricks.
6. 45 minutes alone with legislators who signed DMCA into law, backpack full of bricks (note: bricks may be damaged by contact with thick heads of legislators - Aim lower)
5. Audio cable connected between INPUT and OUTPUT of soundcard.
4. Hold press conference. Compare SDMI to DivX. Drop plenty of rumors so retail outlets won't carry it without large cash advances.
3. Hold shareholder conference. Compare SDMI to DivX. Using the rumors created in #4, draw on their fears that SDMI will collapse into a dense black hole, taking their profits with them.
2. Use genetic algorithms (GA) to predict prime numbers without using brute force. Optional - for speed, do it using an analog computer. Send result to spook@nsa.gov, move to antarctica, dig hole in ground, call up UUNet, ask for net feed under an alias.
1. Go to local high school, offer the kid with thick glasses in the computer lab $20 to crack SDMI. Return after lunch to pick up detailed documentation of program, and the program itself which was ported to 8 platforms and has bilingual support. Thank kid.
| Permission is granted to distribute this document |
| in any medium, provided this notice is attached. |
| Copyleft, 2000 Signal 11 |
--
Frankly, I was quite underwhelmed with the suggestions. They all basically add up to cheap, low-tech encryption or security by obscurity methods.
Some were flat-out wrong. Going through an email proxy doesn't help if they're sniffing your connection by IP address. I'm not convinced that Carnovore doesn't do this (nor am I convinced that it does. But I wouldn't base my security strategy on the weaker assumption). Likewise, forging an email address is not going to trick the system. The FBI isn't stupid.
Obviously, strong encryption is the best solution. Although there is a precedent for having passwords *not* protected as free speech under the 5th amendment, it does give you your best shot at keeping communications secure.
Steganography's also probably a reasonable choice. Get a good digital camera, and send out a lot of pictures to your friends. Some may have messages. Most don't.
Chaffing models might be good, but might not.
Also, techniques like the old "saturate Echelon" approach, where you *always* tag on keywords like semtex, Nidal, West Bank, UN, ammo, NSA, NRO, ZOG, etc. to your messages. If everyone did it, and varied the list, it'd clog their system eventually...
-
bukra fil mish mish
-
Monitor the Web, or Track your site!
Eloi, Eloi, lema sabachtani?
www.fogbound.net
This means that if Joe MCSE decides to re-image some OEM boxes, and re-images them in a manner both different from the OEM boxes and the rest of the network boxes, either Joe's company is in license violation, or someone needs to cough up the moola.
This is one case where it's difficult to enforce a license. You have an X seat license for X users. You hire more workers and buy OEM boxes w/Win2K.
You want to give them a newer better configuration with the original software? Too bad. This looks as though the license change is publicised as a customer relations thing, but is actually an enforcibility thing. Show the license, show the number of new OEM boxes, you're fine, as long as they all have the same installation. I work in an academic situation where we reimage all the time. This license appears to remove one major financial pain, and exchanges it for a finicking pain.