Slashback: Gaping, Wristwear, Screenies

Slashback with ever more on ... the massive bust of illegal software producers reported on last week, the gaping security hole moaned at by those confined to the Microsoft asylum, another review of the new Linux+Java Zaurus from Sharp, and how to get the binary watch you've always wanted. Enjoy!

Too bad there isn't a lot of good Free software. aka-ed writes: "A small update on the "Drink Or Die" busts: Apparently, the feds' move has borne preventative fruit. According to this post from one of the major commercial Usnet services, binaries traffic on Usenet has taken a noticeable hit since the bust, for reasons speculated upon in the post itself."

Open wide, and say "mmmmghrfgghfgr." atreus42 writes: "Microsoft has released a patch to fix the Gaping Security Hole(TM) in Internet Explorer 5.5 and 6.0. This security bulletin details the file extension/content header spoofing bug that would allow bad people to disguise a downloadable executable file as text. The internet isn't doomed after all..."

How to make my Visor look slow and lowly. Sindre Lia writes "Sharp's new Zaurus SL5500 is the first PDA device from a major manufacturer in a long time that uses a new operating system and a new user interface.

According to preliminary reports from infoSync staffers Larry Garfield and Janice Karin that attended the launch of the SL-5500 and got hands-on experience with the new device, the GUI still needs polishing and to some degree also the hardware, but the device has according to them a lot of potential if some first-generation problems can be fixed.

See all the pictures of the new OS here!"

At least this letter is not in binary ... Dog and Pony writes with a lengthy letter (informative, if you have odd taste in watches). "Slashdot recently ran a story about a pretty silly binary watch. Well, anyways, being a silly person, I thought one would be cool to have, even though I normally don't wear watches.

Problem was, they only shipped inside Norway... so I sent them a polite mail, asking them to notify me if they would start shipping internationally. And today I got an answer.

Too bad it seems a really cumbersome process to get that watch... have these guys never heard of PayPal? And offering payment via the www in 2003? 'Course, you gotta have goals...

Here is a copy of the mail:

> Dear Customer

> Please note the binary watch is released World-Wide Sale

> To be able to expedite your orders please follow instructions below

> 1.0
> Order Your watch by using or online home page:rsi-digital.com

> 2.0
> US$ 35 must be transfer from your local bank to

> ATT
> NORDEA BANK NORWAY
> Middelthuns Gt 17
> Postboks 1166.Centrum
> 0107 OSLO

> ACCOUNT NUMBER: 6527 05 04641
> Research & Supplier International A/S
> Postboks 236
> 4201 Sauda
> Norway

> 3.0
> Original receipt must be faxed to +47 52 78 88 01 or send scanned and send by mail to arramsta@online.no

> 4.0
> Your order will than be expedite from our sales office

> Delivery time is estimated to be 10 to 14 days after received confirmed payment by fax or mail as stated above

> 5.0
> Note: RSI will from 2003 offer payment by using WWW.

> 6.0
> Payment 35USD cover cost of watch 28 USD handling and postage 7 USD
> Total:
> =35 USD

> Best Regards

> Tone Yven
> Sales engineer

I am still thinking that black one....

On a side note, to us non-native English speakers, that has spent too much time in Dilbert-land, "Sales engineer" really sounds like an oxymoron."

That M$ Patch...

[Kris_J]

...Is only available to IE 5.5SP1 and 6. I have 5.5 and a 56k modem. It will take me about 5 hours and a version upgrade to fix a small security hole. I've already tried once and inital crapplet that is required to start the download of IE5.5SP1 failed to complete its 400k-ish download. I'm seriously considering swapping to another browser.

Re:That M$ Patch...

[joebp]

I'm seriously considering swapping to another

May I be the first to suggest Opera 6.

A quick rundown of the pros and cons of moving:

Good:

• Not Microsoft -- doesn't have stupid holes, and the ones it does have are fixed quickly.
• Not Microsoft -- they're a nice bunch of intelligent people who go about their business, selling their software through information rather than disinformation.
• The browsing experience is absolutely delectable! For example, I wasn't sure whether 'delectable' was the right word just then... In IE I'd have to open a new window, go to dictionary.com or similar, type in delectable, click submit, read results... In Opera I double click on the word, and click 'Dictionary' from the dropdown menu.
• Customize until you drop dead.
• Built in Pop-up control.
• Standards compliant
• Use (BeOS|Linux/Solaris|Mac|OS/2|QNX|Symbian OS|Windows)? Then learn to use Opera for (BeOS|Linux/Solaris|Mac|OS/2|QNX|Symbian OS|Windows). Then you can switch to (BeOS|Linux/Solaris|Mac|OS/2|QNX|Symbian OS|Windows) and retain your browser UI.

Bad:

• Not free -- but you get what you pay for afterall, and if you don't want to pay, you can use an advert-ed version (not as painful as you might think).
• Not open-source -- but neither is IE.
• Not as forgiving as IE on bad coding -- but this is really not an issue with Opera at all, just people who don't understand HTML.

Re:That M$ Patch...

[Kris_J]

Choose between downloading the free ad-supported version with all features and functionality included, or download and purchase your copy of Opera for 39 USD.

Uhh, no thanks. Choosing between ads and A$80 is not my idea of a good time, at least not until I'm working again.

Ultimately, I think I use too many services that won't work on anything but the Big 2 (I have to bypass my proxy for things like Netbank, eBay, Blogger, etc). What I really need is a way of fixing this file type attachment hole without having to download a patch. Has anyone worked out a custom filter for Proxomitron that detects malformed MIME type stuff...?

Re:That M$ Patch...

[TaxSlave]

Uhh, no thanks. Choosing between ads and A$80 is not my idea of a good time, at least not until I'm working again.

I used to think the same way. When Netscape on my Linux box died temporarily, I decided to live with the ads until I could fix Netscape. It was the best browser move I ever made.

All the positive statements above are true. Opera is truly an improvement on the web experience offered by Netscape and IE. Tabbed windows (also in Galeon) are my favorite feature. Speed is a close second (I have 40 meg of memory on a Pentium 200mhz).

What feature do I wish I had in Opera? (or any other browser, for that matter) Fool web pages into thinking I'm running Windows, and let me load them. What's with all the unloadable websites? Some sites, I can't load in ANY browser, but can load on a windows machine quickly.

Re:That M$ Patch...

[Kris_J]

Just so you all know, I downloaded IE6 (about 9MB), then I downloaded the Uber-patch (2-3MB). It took about 4 hours total including download and reboot time (2 reboots, plus a lot of system updates). And when I'd finished all that there's a note on Dshield of another stupid Java or Javascript security hole in IE. I have since downloaded Mozilla and so far so good. If I need IE for something I care about then I'll power it up, otherwise it's Mozilla unless something goes badly wrong.

resources

[4mn0t1337]

Well, if the feds would just dedicate as much manpower to dealing with spammers as they do to pirates, it would make all our lives easier.

Drop in usenet traffic? Howzabout a drop in mail traffic?

And wasn't the microsoft "gaping security hole" patch covered a few days ago?

Northern Europeans and six-bit words

[GlobalEcho]

On a side note, to us non-native English speakers, that has spent too much time in Dilbert-land, "Sales engineer" really sounds like an oxymoron."

Leave it to a Nordic to apologize for their English, and then use a word that 1/2 the high school students in the USA couldn't define, all in the same sentence.

Re:Northern Europeans and six-bit words

[sharkey]

Pimple-free teenager.

Re:Northern Europeans and six-bit words

[JWhitlock]

On a side note, to us non-native English speakers, that has spent too much time in Dilbert-land, "Sales engineer" really sounds like an oxymoron."

Leave it to a Nordic to apologize for their English, and then use a word that 1/2 the high school students in the USA couldn't define, all in the same sentence.

I've found that many high school students learn the definition of oxymoron, if the English teacher teaches it. For some reason, oxymoron burns a hole in a high school kid's head...

Disappointing link

[victim]

When I see a link on the internet for massive bust I don't usually expect to get a page of text...

Why don't you order the CD?

[SlashChick]

You're going to have just as many problems downloading another browser as you are downloading the patch. Instead, why don't you order the IE6 CD? It costs $10. There's also another one that includes Windows Media Player for $10.

Also, I believe that the free 30-day trial CDs of Earthlink and such have the latest IE on them. You should be able to get this from an office supply store or computer store.

Finally, if you have a friend with broadband, or you have a fast work connection, you can use the advanced option in IE's install to save the files to a disk instead of just installing it directly. Burn to a CD and you're all set.

Re:Why don't you order the CD?

[Kris_J]

Okay, I'm in Australia, not working and don't have any friends with broadband. Perth barely has broadband at all.

What I thought I might do is find a secure older browser on a magazine cover CD and install it. Does anyone know which versions of Netscape are "safe" (no bugs, no holes, no need to upgrade)

All I want is a browser, I have a separate email package (Eudora) and a separate news reader (Free Agent). I already kill a lot of Javascript with Proxomitron (which can also alter user-agent) and I don't have flash or shockwave installed, so I won't miss them -- perhaps someone could suggest a simple, fast, small, stable, secure browser other than the Big 2.

Re:Why don't you order the CD?

[arkanes]

The Opera download (especially without the JVM) is teensy compared to an IE or mozilla download. Also, consider using GetRight or Download Accelerator, or practically anything that allows you to resume downloads - saved me from MUCH aggravation in my modem days (about a month ago :P)

Re:Why don't you order the CD?

[daniel_isaacs]

Does anyone know which versions of Netscape are "safe" (no bugs, no holes, no need to upgrade)

You have to be kidding me. :)

Re:Why don't you order the CD?

[CrimsonWraith]

Yeah, because we all know that M$ instantly threw away all the IE CDs without the fix, and ran a new batch that don't have the issue, and will gladly send you one of those. Dream on. He is going to pay for a version where he will have to d/l the patch anyway.

infared watch

[gr3g]

what do you think that infared watch is? It'll be interesting to see what they mean by sending "virus" to each other. Is that actually virus in the sense of computers and M$ and all that, or is it just a game? ooh the suspense.

MSIE Patch is Ineffective

[Jeremiah+Cornelius]

She and her beta team forgot about *the* most important Content-Type: The MSIE 'Patch' does little but obscure the problem - which was accurately described in the original Slashdot Rant as a natural consequence of Windows treating the browser as a shell extension.

There is a thread on BugTraq which explores this issue in depth:

http-equiv@excite.com is quoted:
Clearly what this so-called "patch" does is convert all embedded file types in MHTML documents viewed in patched Internet Explorer 6 into *.TMP files. Previously all file types and file names were retained and if accepted would run.

Re:MSIE Patch is Ineffective

[SilentChris]

About your sig: I thought ASCII art wasn't allowed.

MS patch and unsupported OS

[LauraLolly]

I run Win 95 and IE 5.5. The patch doesn't work. It hangs. Apparently, it was created for Win 98 up, but I can't find any documentation to that effect.

Aaaarrrrrgh! Senior moments are nothing to Microsoft Moments.

Guess I'll be using Netscape exclusively from now on.

Re:MS patch and unsupported OS

[Daytona955i]

I remember reading somewhere a little while ago that M$ is no longer supporting Win95 or older systems so any new software they put out (Like IE and Office) will only be available for Win98 and up. Also in the same article they said that Win98 is being scheduled to be phased out in 2002. Solution: Install Linux.

What about a UNIX watch?

[MadCow42]

Would YOU have been thrilled to see your watch roll over with the UNIX clock a few months back?

"What time is it?"

"Hmmm.... it says 1008722379... I'm not sure if that's AM or PM though."

MadCow

Re:What about a UNIX watch?

[rebug]

people who can't convert a timestamp to gmt in their heads shouldn't have such a watch.

Paying for the Binary Watch online..

[evel+aka+matt]

Actually, about 3 days after that letter went out, they sent one saying that you would be able to use a credit card online within 10 days, and also gave simplified payment instructions.

resources used and deployed

[teambpsi]

I would venture to guess that the amount of money lost to the resources used and stolen by spammers is probably close to or soon will top revenue lost to pirated software

Its not just pipe, cpu, and diskspace, but think about all the productivity lost

especially when people spend an extra five minutes around the water cooler bitching about the spam they get ;)

Re:resources used and deployed

[4mn0t1337]

the amount of money lost to the resources used and stolen by spammers

Yup. That was my point. But the thing is, M$, Adobe, Etc all have budgets for lobbiest. We don't. Who do you think they (law makers and law enforcement) are going to listen to?

US$500M dollars lost to 1 company is a big deal.
US$50 dollars lost to 10M people ain't no thing.

Now, if congress could "feel our pain" (as an expression common to the time put it) things might change.
To that end, I suggest that everytime you get a mail with a bogus "unsubscribe notice" at the bottom, I suggest you change the reply to the eddress of your elected reps.
See how long they (Okay, thier staff and interns) think Spam *isn't* a problem...

(oh, nice PJ quote.)

Re:resources used and deployed

[Fat+Casper]

Spam's cost topped piracy's cost a long time ago. Spam costs real money in all the ways you mentioned. Piracy's cost is imaginary. Multiplying the retail price by the total number of copies found anywhere is a ludicrous way to calculate lost sales.

Intellectual dishonesty from Washington? FUD from Redmond? What is this world coming to?

Re:resources used and deployed

[tdye]

Sigh

Who convinced you that you don't have power?

Answer the following questions to see whether you have more power than a political lobbyist:

Where does the official get the power to vote for something?

What happens to all his perks if he loses an election?

Vote, silly. Get everyone you know to do it, too. Your Rep. voting the party line and not what you think? Fire his ass.

Lobbyists have money, but YOU have his career.

try Opera

[bstadil]

I'm seriously considering swapping to another browser.
Give Opera a try. Well worth it and it is nice you can switch between Linux and Windows (plus a ton other incl way cool QNX) and still have the same interface.

As unwilling as ever to accept blame.

[Derek+Pomery]

File Name Spoofing Vulnerability:

* The determination on choosing to accept a file download from an Internet site should always be based on the trustworthiness of the source and not on the file type. File downloads should never be accepted from an untrusted source, no matter how harmless the type may appear to be.

No, it was a stupid design that allowed quiet execution due to the combination of content-type and file extension checking. When I download a PDF, I should be confident that unless I try running it in some fashion, it should be perfectly safe to download it to my machine.
Or just to make an extreme case, if I download an HTML usenet post, I don't want the browser trying to automatically convert the BASE64 to an executable and running that.
Some common sense on MS' part would've been appreciated.

Now you know what it feels like...

[nzgeek]

...to try to buy anything if you don't live in the US!
Perhaps 25% of sites that offer online purchasing are so USA-centric it's crazy. I guess that's part of living in New Zealand, but come on US$35 to ship a paper back book!? I can send one to my sister in NYC for NZ$12 (US$5 ish)

Re:Now you know what it feels like...

[KewlPC]

The cost depends on how it is shipped. AFAIK most US-based online purchasing shipment is done via UPS. Depending on what is shipped and how it is shipped (UPS ground, Next Day Air, 2nd Day Air, etc.) it can cost more or less than what it would cost to ship the same item via the US Post Office or Fedex.

Many places only offer shipment to the continental US because dealing with UPS for international/overseas shipping is a huge pain in the ass in my experience, and AFAIK you need special authorization (so that customs doesn't have to open every box and see what's inside).

Re:Sharp Zarus

[jockm]

The Zarus that was demoed at JavaOne was running Embeddix+AmigaDE. Somewhere along the line they dropped AmigaDE, now it is running Embeddix+QT+Jeode. Still very cool though...

More Slashback that wasn't posted (re: Uplink)

[Mr.+Sketch]

Not really OT.

After /. posted the Uplink article, the introversion server went down. But now the server came back up yesterday (Monday), so you may now place your orders.

Re:Pictures of the OS

[3seas]

Mentioning Amiga on Slashdot is dangerious.
But here's the scoop.

Linux is of course GPL but running on top of that is the tao-group "intent" Java engine which is proprietary and where the AmigaDE exist upon.

This is not the AmigaOS (as those who have had amigas know) but rather a new product of Amiga Inc. (a two year old start up that bought the name and all other Intellectual and stock property from Gateway - except for the patents which gateway still owns).

I understand that Tao-group makes a linux version of "intent" w/o the Amiga stuff but I don't know where one may obtain it.

The deal is one of Amiga acting something like a talent agent for programmers, complete with providing programmers application distribution and financial/royality cuts, etc.

I really don't know what development Amiga is doing with the AmigaDE (Amiga Digital Environment) as although I bought the SDK, I found I had been mislead in being told it was not encrypted, where in fact it is and requires a registration process that does not apeal to me. Additionally additional libraries for sound and I think video have yet to be made available as promised somewhere around a year ago (in a month or so).

Amiga is actiing as a content provider to the consumer while acting as a talent agent for the programmers.

Opera is one alternative [karma is low; plz rate!]

[mccormick]

One quality alternative to Netscape and IE is Opera . It is on the larger side, as it is trying to compete with IE, but it is fast and secure. The gestures are especially useful; they make me feel like I'm a kid again painting with my hands. Opera is also available for a number of platforms, including your favourite forms of free Unix (i.e. Linux) and Windows. Could help to make your workspaces consistent, if you work on multiple platforms.

Apart from the well known ones, the only other types of alternatives I can think of are the stripped down Gecko systems (Gecko being the HTML renderer built out of the Mozilla project.) They repackage the core technology, without the rest of the stuff would typically gives Mozilla its reputation for being slow, bloated or inefficient. Gecko, by itself, is a very small, fast and efficient core, comparable to the IE renderer. Most of the ones I've seen are for Linux-type systems, though, like Galeon . And don't forget that Gecko, Mozilla, Netscape 4.7 and Netscape 6 are differnet beasts, but all closely related.

Note! If a moderator would care to help me along in the karma department... I don't know what I did (I don't post often), but every time I post I get can automatic -1. Please see the value of my comments for whatever they are worth! Thank you!

Text Entry on the Zaurus?

[sterno]

The one thing that has kept me loyal to the Palm derivatives is Grafitti. It is a really excellent way to enter text quickly and accurately (for the most part). What are people's opinions of the Zaurus keyboard. It looks too small to be useful, so I was curious to know what people who have tried one think.

Re:Text Entry on the Zaurus?

[Royster]

I thought that my huge thumbs would make typing on the Zaurus keyboard hard, but I find that I can type accurately and pretty quickly. It's very much like a blackberry keyboard.

In addition to the keyboard, there's handwriting recognition (with a scrolling list of possible completion words) and a typewriter pick tool. I like that there are seperate entry areas for Uppercase, lowercase and numbers on the handwriting recognition tool.

Re:Text Entry on the Zaurus?

[Bill+Kendrick]

I use the keyboard 99% of the time when I use my
Zaurus. For me, it's far more efficient than
anything else I've used (Grafitti on PalmOS,
Xscribble and Xmerlin recognition engines on
the Agenda, and even the really nice, trainable
handwriting recognition on the Zaurus itself).

If you really think your thumbs are too big for
the keyboard, the handwriting is up to par, in my
opinion. I haven't done any clinical studies :)
but I'm guessing I can write about as quickly on
the Palm, the Zaurus and the Agenda (running
Xmerlin).

Re:Text Entry on the Zaurus?

[Bill+Kendrick]

Yeah, the auto-word completion is pretty nice.
And the pickboard is really cool (imagine using
a phone to type in words... as you press
[ABC], [DEF], [GHI], etc., it displays all known
words that can be made of those combinations
(it's pretty much just regexp'ing for the letter
combos)).

Of course, I never use the on-screen stuff unless
my Zaurus happens to be in its cradle
(unfortunately, you can't slide open the keyboard
in that situation).

I'm hoping to see a plain USB->Sharp-I/O-port
cable, so that I can have a connection to the
desktop, but not be constrained to on-screen text
entry, and trying to tap/write on the screen while
it's sitting upright in the cradle.

(This is one thing Agenda did really smart: the
cradle has no cord coming out of it... you simply
plug the serial cord into the back of the cradle
if you want to use it... otherwise, you can just
plug it into the bottom of the PDA itself).

Of course, at this point, us SL-5000D owners can't
even get a spare charger or cradle (that I know
of), so I'm not too concerned. These kind of
niceity peripherals will come soon enough :)

Re:illegal software producers?

[Chris+Burke]

Considering that "illegal software producers" is a clear and accurate description of what they do, it is not, in fact, a euphamism. Pirate is actually far less accurate a term, though more commonly used. Not that I'm complaining, I call them pirates too. Just pointing this out.

Re:Gaping security holes

http://www.attrition.org/mirror/attrition/os.html

From the latest month available (May 2001):
Linux: 9.89% of total defacements
Win NT/2000: 81.79%

Now do you really believe that Windows is installed on 8 times as many webservers as Linux is? Take a look at netcraft.com. So it would appear that Windows based webservers are far more likely to be defaced than Linux.

All software has bugs, and some bugs are exploitable. Linux and Unix just have fewer.

A bit on the MIT bust...

[neoptik]

Turns out it was a sys-admin in the economics department here. He was a student at another Boston area university, working for the MIT department of Economics, and he also happened to be second in command of a rather large warez ring.

Anyway, the details. He had around 10 machines just sitting underneath a table in the server room, with a combined storage of 2 terabytes. Apparantly, he was eating up 8-20 megabits of MIT's bandwidth a day. Needless to say, he is no longer employed by the institute...

Re:A bit on the MIT bust...

[Cirvam]

I belive he ment 8-20 Mbit/sec a day, as in the average bandwidth useage of him was 8-20Mbit/sec. Although it could use some clarifcation.

Re:A bit on the MIT bust...

[Ratbert42]

So why didn't a network admin at MIT notice this? I guess they suck just as much at MIT as they did at my school. They're probably too busy playing MUDs and downloading porn.

On a more enterprising front, sysadmins at my school started their own ISP by stealing bandwidth from the school.

Re:A bit on the MIT bust...

[mindstrm]

I think they meant '8 to 20 mbps' every day. All day.

Re:Gaping security holes

[chris_mahan]

I just thought of something... if there was a gunmaker that made a gun with a bug, and the bug was that if the gun is shot straight up in the air (not often but it happens), the bullet would actually come out of the back of the gun and kill the shooter.
Now, imagine the same gunmaker telling people that there's nothign wrong with their guns, that the fault is with the people telling the shooters to shoot straight up in the air...

True, these people would be malicious, and EVIL in the Bush sense, but they are utilizing a flaw in the gun that shouldn't be there to begin with.

I would bet that only the incompetent and ignorant would buy that sort of gun (not that incompetent and ignorant people should be buying guns, mind you) and then shoot straight up in the air when the l33t says to.

This is to say that both the virus writer and the software writer are to blame (in criminal court with fines and jail time), one for exploiting a flaw, the other for providing the means to.

There should be a government mandated warning on all microsoft software, and all computers with microsoft software preistalled that reads, in 72 point red letters "Consumer Warning: This software can be used by criminals to steal and destroy your personal information. Exercise caution."

That way, people who got a virus would blame microsoft ALONG with the virus writer.

==

The reality is that nothing like that will ever happen. (sig-in-training)

Re:illegal software producers?

[splante]

Well, no, it's not an accurate description of what they do. The software is produced by the people who write the code. These "pirates" could more clearly and accurately be described as "illegal software reproducers" or "illegal software copiers."

Re:8-20 MB?

[neoptik]

20 megabits of bandwidth. I.E., like, 7 t-1s worth of bandwidth. Lots of money.

They're going after the real terrorists!

[Wesley+Everest]

Now that it is clear that the mailed anthrax originated in the U.S. and is probably from a neo-Nazi or someone who has an interest in creating hysteria to build support for increased police powers, it's good to see that the FBI has turned their attention to the real terrorists!

We don't really want to catch the guys that started the anthrax scare, but those warez kidz, now, they are a top priority. I understand Osama Bin Laden himself was able to plan the Sept 11th attacks using cracked software.

It's time to crack down. Let's jam bamboo under their fingernails and put electrodes on their testicles and make them scream so that we can all feel safe again.

Binary

[Syberghost]

At least this letter is not in binary ...

Well, since it was emailed, technically it WAS in binary...

Is it my imagination...

[IIOIOOIOO]

or does that watch deal sound incredibly fraudulent. I love the concept!

"Hey Svenn! The foolish Americans want to buy that watch we photoshopped!"

"Jah Olie? They're perfectly welcome to send as much money as they want to my account! International prosecutions for petty crimes are delightfully hard to pursue..."

Re:agreed

[Dyolf+Knip]

Indeed, I switched to Opera from IE on a /. suggestion a few days ago and there's no way I'll ever go back. The only real problem I've seen is that it tends to crash a bit on this machine, but then it has no problem starting up right where I left it. I swear, being able to save the window setup is friggin fantastic.

Re:Gaping security holes

[Osty]

Of course, web site defacements are pretty trivial compared to other things. How many linux boxes do you think are sitting out there on cable modems, with a default "install everything" redhat install, running BIND? Where do you think all the DDoS kiddies get their bandwidth? Hacked linux boxes on broadband connections. Personally, I'd much rather have a defaced web site, because even though I'd still have to do a reinstall to make sure the system was clean, at least I'd know about it. If instead my box was rooted and used in a DDoS, my only inclination something is wrong would be when I can't check my e-mail or my web browsing was going much slower than usual. Hell, the box could be rooted for months, or even years, and I'd never know. (note: "I" here is the "collective I", not me in particular.) Linux, or any unix for that matter, is much more dangerous when compromised than any Windows box.

Re:illegal software producers?

[Kalabajoui]

Your comment reminds me of something I read in "The Gentle Art of Verbal Self Defense for Business Success" by Suzette Haden Elgin, Ph.D. Whew, better catch my breath! It's been a while since I read it, so I don't remember word for word how she covered the topic. The gist of it is this: People and organizations will attempt to hijack both the denotative and conotative meanings of words for personal, political, or organizational gain. Content producers labeling copyright infringement (which is a rather technical and non-emotionaly loaded term) as piracy (a word that has readily identifiable conotations and denotions) is a prime example of this type of vocabulary manipulation.

Everytime I hear the word 'piracy', I am
reminded of the example Dr. Elgin sites in her Gental Art book, with the Army Press Corps use of Sweep and Clear to replace Search and Destroy. This example was also used in a scene in the Vietnam War movie Full Metal Jacket. Rather than arguing or debating the merits of their ideas, those who change keywords and concepts are attempting to exchange the opinions and ideas you already have with those they desire you to have, pro or con. If people are ignorant of the original or more apt description or word for an idea, ('copyright infringement' vs 'piracy')then all the better for the manipulator seeking to affect public opinion and sentiment. This is commonly refered to as 'spin' and it is a supremely effective tactic.

(in truth it was hard not to feel at least some affection for something capable of providing such unexpected pleasures as "bacon" and "murder"), --Mr Gray; Stephen King, Dreamcatcher

Re:Opera is one alternative [karma is low; plz rat

[aozilla]

(And, it is truly Free!)

NPL != Free

more on zarus & how to put it on your ipaq

[Spiral+Man]

hmm, it seems a lot of people are talking about the sharp running some java/amiga thing or something. what it actually appears to be running is qtopia (formerly qpe).

you can find more screenshots here

and more info here here

this runs on top of the familiar linux distribution. and works on a compaq ipaq as well (although, not the 3800 series).

Re:Opera is one alternative [karma is low; plz rat

[Mr.+Slippery]

NPL != Free

NPL'd software is free software. There are many free software licenses besides the GPL.

From a list of free software licenses at the GNU website:

The Netscape Public License (NPL)

This is a free software license, not a strong copyleft, and incompatible with the GNU GPL. It consists of the Mozilla Public License with an added clause that permits Netscape to use your added code even in their proprietary versions of the program. Of course, they do not give you permission to use their code in the analogous way. We urge you not to use the NPL.

Re:Make up your mind...

[os2fan]

Free software is better coded than commercial code, and is getting better all the time. Linux is out of the hobbyist area and is now a serious threat to the system.

But this does not reflect onto the user interface, and it is here that the lingering impression of "Bad Software" is created.

You see, while you may be able to say this is good or bad, you may not know exactly what makes it good or bad.

The reality is that a good UI should present the user with a series of controls, and each control should do what it appears to do. If it is part of a larger environment, then it should conform to this.

This holds as much for command line utilities as it does for GUI apps. For example, you would get annoyed with a terminal program whose output you could not redirect or work with, or was unable to take redirected input.

Writing documentation and UI is about second-guessing the great variety of user tastes and needs. Things like the CUA simplifies some of this.

Apart from having buttons, the program must communicate what it does. For example, most cd burnig programs allow you to make an image of the file as a separate item in the menu. NERO does not do that. Instead, you select burn to a virtual burner, and do it like that. I spent three days fiddling around with this, until someone enlightened me.

The point is, that when there is more than one step involved, the order can be confusing and yield incorrect results. [Think of incorrect order in a pipe].

What we need is some sort of effort done similar to what Knuth did with TeX. Some sort of arbitary language of UI that one can put this interface or that, a la LaTeX style. There is already enough different interfaces around to be able to do it. What one needs to do is be able to is to be able to construct enough of the UI functionality to define it for programmers to implement.

The problem with free software is not that the code is poor, but there seems no way of making a good communication style, and this is, what UI means.

I can?t believe that now one has mentioned this

[mE123]

What about K-Meleon? This is IMHO one of the best *browsers* (i.e. no mail client, no news client, no blot) out there. It uses the gecko (i.e. Mozilla's) rendering engine. It's open source (GPLed). It's almost completely bug less (and the bugs are all UI, not the "I can delete your hard drive" variety). It's multi-lingual. It's secure. It's easy. And to your question it's small (3.89 mb). It kicks butt.


----------
SLEEP IS FOR THE WEAK.
WHEN YOU SLEEP THEY EAT YOUR TOES.

Um... What the FBI Did was Illegal I think

[beefstu01]

This is in reference to the link off of the message- the DoJ press release

No, it really doesn't make sense, but I guess this is the only way to have charges dropped from the Warez rings.

Remember the last moments of the Clinton Presidency? When he made a slew of laws? Well one of these was called the McDade Act(s), which specifically states that no agent undercover may lie. That was one of the dumbest laws passed, considering that it could have prevented 9-11, but it applies to this case. The DoJ prides itself on it's "year-long" undercover investigation, but they should have known that its a big no-no to lie. I'd bet that some of these people "undercover" were asked "are you w/ the feds" in which their answer would obviously be "NO." Thats a lie, and goes against whath the (retarded) McDade act states. Boom, thats it- they were found illegally.

Please don't flame this, because all I'm doing is bringing to light something that most people didn't know. This is like the old police searching a random student at a HS dance, then arresting him for Marijuana possession. THe kid gets off totally free afterwards because the police had no warrant (etc...). I guess that the McDade act is the only trump card that the Warez rings have. I personally believe that McDade is totally stupid, and it will be really sad if they are used to throw out the case.

Re:Um... What the FBI Did was Illegal I think

[geekoid]

Actually, I can see how the feds can use McDade to HELP them.
create some bots, send them to the suspected sites, and IRC channells. thats say Hi! my name is Investigator Smith, I am with the FBI.
BAM, channel goes empty. do this intelligently in enough channels, they'll never know whos the bot and whos real.

yes there are some technicall details, but they cn easily be worked out.

This is like the uproar about radar detectors.
Don't out law them, just build box that peridically trigger them, that way the drivers would never know if its really safe to speed or not.

better watch for europeans

[20011207]

hi,
there's a much better watch for europeans (i own one myself (since more than 5 years)) and it's really cool!
i admit: in the beginning it's difficult, but due to the design (using diagonal slashes instead of 0s and 1s) you find patterns quite rapidly and then the watch is great.
link: museumsmarket.de

Re:Binary Watch credit card

[Talinom]

They sent me an email saying that they'll be accepting credit card payments on the binary watch in "ten days". that was about four days ago. I hope it's true. I want one so bad.

Four days ago they said that they would be accepting credit cards in 10 days? Binary? Look again, they have probably started accepting credit card orders two days ago. You waited twice as long as necessary.

Re:Opera is one alternative [karma is low; plz rat

[benjj]

Errr... Evolution uses GtkHTML which is extremely small and light. If you're having problems using GtkHTML maybe there is something wrong with your machine?

Galeon sometimes feels slow on my K6 333, but flies on my work machine (a dual PII 550MHZ).

Evolution never gives me speed problems with HTML rendering though.

The difficulty of paying remotely in Europe...

[Dimwit]

I don't know about the binary watch, but I know here in Luxembourg it is next to impossible (and, sometimes, quite illegal) to pay remotely. If I want to pay my doctor, I have to go to my bank and sign a paper transferring money from one person to another.

I could do web banking, but there are two problems: One, it's Windows only (and not due to a limitation in the browser - you get a smart-card reader that only works with Windows. It is *really* secure, though), and two: it's *really* expensive.

So, it's not that odd that they don't take credit cards...

Re:The difficulty of paying remotely in Europe...

[slim]

Hrm, in the UK, as long as you know the payee's branch number and sort code, it's easy to make payments either through online banking or by phoning your bank, and has been for years.

This is why it was so frustrating when I made my first eBay purchase from an American, before PayPal went international: for a while I had a policy of not bidding unless the seller took Visa.

I'm surprised... I thought our system was Europe-wide, maybe I'm wrong.

Re:Opera is one alternative [karma is low; plz rat

[Emil+Brink]

and Galeon is the lightest Gecko based browser that I can find.
Well, seems like you need to find SkipStone, then. It's the Gecko engine packaged up using only GTK+ widgets, no GNOME. It's pretty nice.

Corollary:

[Fat+Casper]

Gun manufacturers can legally be sued over the actions of criminals who happen to use their products. Using the new definition of terrorism, we should be able to lock up Bill & Co. and throw away the key.

Of course, that also goes for the Linux distros that default install with everything enabled. All those helpless, rooted lusers would be giving the "I was cleaning it and didn't know it was loaded" line.

"The idea that an arbitrary naive human should be able to properly use a given tool without training or understanding is even more wrong for computing than it is for other tools (e.g. automobiles, airplanes, guns, power saws)." -- Doug Gwyn

It's ethier time or it isn't?

[Zero__Kelvin]

"how to get the binary watch you've always wanted"

Hey Jed ... what time is it? One or zero?

OT Evolution Default Browser

[xrayspx]

If you run the Gnome Control Center (gnomecc), under Document Handlers -> URL Handlers, you can set the browser to whatever you like. I have http set to 'konqueror "%s"', since I use KDE and like my anti-aliased browser fonts.

Now, if only I could get Evolution to show IMAP folders in the Mail Summary on the Summary page, and some sort of visual indicator when new mail is received (a-la a little envelope in my tray) ... I've tried all the mailcheckers I can find, and they only seem to do IMAP-Inbox, not any subfolders beneath Inbox, which does me no good.

Hope that helps.

I see one maggot, it all gets thrown away -- My Fiancee

Re:My Favorite Oxymoron...

[Tackhead]

> "Military intelligence"

"You are receiving this email because you are on our opt-in list".

(P.S. Your time is running out, Mr. Ralsky. Fscking with Intel was a big mistake.)

And here I thought this was illegal:

[Legion303]

Operation Bandwidth:

On December 11, 2001, the longest-running of the undercover operations culminated with the execution of over 30 search warrants across the United States and Canada. This undercover operation, code-named 'Bandwidth,' was a two-year covert investigation established as a joint investigative effort to gather evidence to support identification and prosecution of entities and individuals involved with illegal access to computer systems and the piracy of proprietary software utilizing 'warez' storage sites on the Internet.

Bandwidth, through the joint efforts of the Defense Criminal Investigative Service (DCIS), the Environmental Protection Agency Office of Inspector General (EPA-OIG), and the Federal Bureau of Investigation (FBI), supervised by the U.S. Attorney's Office for the District of Nevada, created a 'warez' site, controlled and monitored by the undercover operation, as a means of attracting predicated targets involved with the distribution of pirated software. The undercover 'warez' site has been accessed to transfer over 100,000 files, including over 12,000 separate software programs, movies and games.

If it looks like entrapment, walks like entrapment, and quacks like entrapment....

Any lawyers want to comment?

-Legion

Re:And here I thought this was illegal:

[Legion303]

You think they had the permission of every software vendor whose programs passed through these sites?? not to mention the permission of the artists whose music was disseminated.

Maybe it's because they figure the copyright owners aren't being deprived of actual merchandise, since the programs were copies and not actual physical disks and box sets.

Shhh, don't tell the guys who were busted.

-Legion

Re:illegal software producers?

[geekoid]

Its called "double-speak". clearly she's read "1984".

Re:Zaurus interface

[Bill+Kendrick]

It is a little more difficult to use the Zaurus interface with your finger than it is on a Palm. Then again, the resolution is so much higher, while the screen's physical size is the same.

I don't have too much of a problem, though.

What I really wish it had (now that I've got USB set up on my Linux box, and can sync MP3s to it to listen to at work and in the car) is the ability to control the Media Player using the directional pad (up/down for volume, left/right for seeking). :)

Re:illegal software producers?

[Chris+Burke]

But when it is produced by the code writers, it isn't illegal, is it? So there is no illegal software being produced. The actions of the pirates is what causes the software to be illegal, thus illegal software producer :)

Re:Opera is one alternative [karma is low; plz rat

[Unknown+Bovine+Group]

At the moment

quoting just the end != in context

Re:Opera is one alternative [karma is low; plz rat

[aozilla]

quoting just the end != in context

Quoting just the end may or may not = in context. In this case, I didn't take anything out of context. Mozilla is not GPLed.