Slashdot Mirror
Slashback: Streamend, Stego, Patches
Getcher hot streams while they last ... jmoffitt writes: "In his post to the Vorbis list, Ciaran announced that the Ogg Vorbis BBC streams of Radio 1 and Radio 4 that we've enjoyed since early November would go offline as the test is ending. Everyone is encouraged to send their encouragement for these streams to continue to webweaver@bbc.co.uk. Also, as a special treat, the Radio 4 Ogg stream has been extended a week - just enough for all to catch the first episode of Lord of the Rings on Saturday at 1430 GMT."
Please mind the people interrupting your privacy. Matt Clauson writes: "Discussion list for the Qwest privacy issue and possible protest action has been set up -- send an email qwest-action-subscribe@dotorg.org to subscribe to it."
Plug, plug, plug ... timekillerj writes "Well it looks like AOL jumped right in and fixed that pesky hole. We can all go back to speculating how insecure it is now. An article on Yahoo has more info, including a short debate on w00w00 disclosing before getting a response from AOL."
Backstepping by any other name ... dagoalieman writes "It appears the FBI has decided that MS's patch is sufficient. According to CNN, they announced this earlier today in a rather quiet fashion. While MS may see it as good news, I think the fact that the hole is coming back to public attention just blackens the eye a little more for them. It will be interesting to see future ramifications of the government getting involved in these issues, too..." It can't look good when your company's software is called into question by some of your largest customers.
Nope, still don't see any. Niels Provos writes: "I just updated http://www.citi.umich.edu/u/provos/stego/usenet.php to reflect the final results from our search of hidden messages in USENET images. We did not find a single hidden message.
I also released a new version of stegdetect.
The disconcert cluster that we used for the dictionary attack contained more than two-hundred workstations, mostly from CAEN (that is the computer aided engineering network at UMich). The peak performance is comparable to 72 1200 MHz Pentium III machines :-) ...
Below my mail to the cryptography mailing list.
------- Forwarded MessageThanks for the update, Niels!
From: Niels Provos <provos@citi.umich.edu>
To: cryptography@wasabisystems.com
Subject: Stegdetect 0.4 released and results from USENET search available
Date: Fri, 21 Dec 2001 12:16:14 -0500
Sender: provos@citi.umich.eduI just released Stegdetect 0.4. It contains the following changes:
- Improved detection accuracy for JSteg and JPhide.
- JPEG Header Analysis reduces false positives.
- JPEG Header Analysis provides rudimentary detection of F5.
- Stegbreak uses the file magic utility to improve dictionary
attack against OutGuess 0.13b.You can download the UNIX source code or windows binary from
http://www.outguess.org/download.php
- -----
The results from analyzing one million images from the Internet Archive's USENET archive are available at http://www.citi.umich.edu/u/provos/stego/usenet.php.
[...]
After scanning two million images from eBay without finding any hidden messages, we extended the scope of our analysis.
This page provides details about the analysis of one million images from the Internet Archive's USENET archive.
Processing the one million images with stegdetect results in about 20,000 suspicious images. We launched a dictionary attack on the JSteg and JPHide positive images. The dictionary has a size of 1,800,000 words and phrases. The disconcert cluster used to distribute the dictionary attack has a peak performance of roughly 87 GFLOPS. However, we have not found a single hidden message. [...]Comments and feedback are welcome. We have an FAQ at http://www.citi.umich.edu/u/provos/stego/faq.html"
Dear Friend , Especially for you - this red-hot intelligence . If you no longer wish to receive our publications simply reply with a Subject: of "REMOVE" and you will immediately be removed from our mailing list . This mail is being sent in compliance with Senate bill 1622 ; Title 1 ; Section 307 ! This is not a get rich scheme ! Why work for somebody else when you can become rich within 60 days ! Have you ever noticed society seems to be moving faster and faster and nobody is getting any younger ! Well, now is your chance to capitalize on this ! WE will help YOU deliver goods right to the customer's doorstep and decrease perceived waiting time by 160% ! You can begin at absolutely no cost to you ! But don't believe us ! Mr Simpson of Connecticut tried us and says "My only problem now is where to park all my cars" . We are a BBB member in good standing . We beseech you - act now ! Sign up a friend and you'll get a discount of 60% ! Thank-you for your serious consideration of our offer ! Dear Professional , Thank-you for your interest in our letter ! If you no longer wish to receive our publications simply reply with a Subject: of "REMOVE" and you will immediately be removed from our mailing list ! This mail is being sent in compliance with Senate bill 1620 ; Title 9 ; Section 306 . This is different than anything else you've seen ! Why work for somebody else when you can become rich in 37 days ! Have you ever noticed the baby boomers are more demanding than their parents & society seems to be moving faster and faster . Well, now is your chance to capitalize on this . WE will help YOU increase customer response by 170% and deliver goods right to the customer's doorstep . The best thing about our system is that it is absolutely risk free for you . But don't believe us ! Mr Ames who resides in Delaware tried us and says "I was skeptical but it worked for me" ! This offer is 100% legal ! We implore you - act now . Sign up a friend and your friend will be rich too . Thanks !
I admit that I haven't studied the details of the exploit, but you're implying that spoofing a malicious packet or packets won't work?
Sure, they shut off the easy way to launch an attack, but I can still send that same message from another host, can't I?
You have violated Robot's Rules of Order and will be asked to leave the future immediately.
To dethrone it you have to have demonstratable advantages that motivate people to adopt it, and honestly as of yet I haven't seen those advantages.
I think what you meant to say is that you haven't heard the audible benefits of using ogg. I have something in mind that might change your mind, its only one example but i think it will suffice. And keep in mind that the next release of the ogg encoder (RC4) will have even more improvements in the low bitrate range.
Try the following streams, one is ogg and the other mp3 , both broadcasting 32Kbps/mono.
ogg123 -d oss -vp 64 http://shoutcast.mediacast1.com:7000/32.ogg
mpg123 -b 64 -u a http://shoutcast.mediacast1.com:7005/32
If you believe the mp3 stream sounds better then I suggest you give a reputable otorhinolaryngologist in your area a visit... or talk to El Rusbo if that cooks your noodles.
Contain my voice. Place my user into your foe list.
Another thing they are discounting is XP's default Internet firewall function. When XP is initially configured, it asks you a question stated something like "Do you directly connect to the Internet (or not sure), or are you connected to a LAN?" If you select "directly connected," your adapter is automatically firewalled. Also, I noticed that the UPnP service does not start automatically, and last I checked it was listed as "Manual" startup and not enabled. So much for that.
I read the linked message in the original post and saw the phone number to call. After waiting for their normal office hours, I called and talked to a human. I asked that they not rent or sell my personal information or calling patterns internally or with their marketing partners.
The response was that the agent had removed my authorization to share that information among the different parts of qwest. This was not specifically what I asked for. So I called that to his attention and he said he would do that. On questioning about why it had not happened when I first asked for it, he said that you had to specifically ask for it.
Note that in the end, he just said he would take care of it.
I am crankish about snail spam and make it point to do my best about getting off mailing lists and I have learned there a number of sleazy companies out there. For instance, you have to not only get off a mailing list, but specify that your name not be rented or sold. Most people I think would not have caught the qwest deceit.
A good source of information on what to do about snail spam is junkbusters
1) Internet firewall protects you from unicast attacks, but not multicast.
2) UPnP service is not the one with the vulnerability. It's the SSDP Discovery Service. It's also a manual startup, but it's started after boot on my box and every other xp box I've ever looked at (OK that's only about 5).
Wow... that is odd... it is listed as manual. But it's started nevertheless (make that 6). I need to read those descriptions more closely: ('Enables discovery of UPnP devices on your home network.') Reason for that being, well, I just patched it and kinda swept it under the rug for the time being. Aren't multicast attacks kind of hard to implement, though?
grc.com has some more info on how the FBI messed up ... again.
Note to moderators: the following has to do with Windows XP (SatanOS 5.1), so don't let that influence your moderation.
PLEASE NOTE: There is a great deal of confusion being caused by Microsoft's non-obvious naming of the two UPnP services. This situation is exacerbated by the FBI's NIPC web site, which has unfortunately posted wrong information over the holidays. People are led to believe that disabling the service named "Universal Plug and Play Device Host" disables the UPnP system. But it does not. That service is not even running by default. The correct action is to STOP then DISABLE the service named "SSDP Discovery Service".
You can demonstrate this for yourself by issuing the command "netstat -an" at a command prompt. While the SSDP Discovery service is running, Netstat will show that TCP port 5000 is in the listening state and UDP port 1900 is accepting inbound datagrams. After the SSDP Discovery Service has been stopped those Netstat lines will disappear.
actually, we use arabic numerals. our script is roman based, as you can tell if you look at latin (which the romans spoke) and it consists of many similar letters as the 26-character alphabet we currently use.
if you look at arabic you'll notice a lot of flowing lines and a more "cursive" appearance.
this is why your character coding is called "ROMAN" not "ARABIC".
Stegdetect checks for the signatures of three steg programs (JSteg, JPHide, and OutGuess .13b)(Research Paper), and it does not detect new algorithms. Also, the effectiveness of stegdetect is determined by what steg program was used. It missed from 5% of JSteg stegs to 60% of OutGuess stegs. Finally, they did not try to detect stegs generated with OutGuess 0.2 because it has a better method of randomly selecting bits to change.
I dont think either of you quite get it, although the two of you might have no trouble listening to 128kbps streams, there are _millions_ still on dialup... both of those streams will work fine on a dialup link but if i had to choose the lesser of two evils I'd pick ogg anyday.
as for higher bit rates I suggest you play around a bit with it... _some_ have said nominal 128kbps ogg is better than 160K lame encodings...
use -q 3.75
Contain my voice. Place my user into your foe list.
AT&T "deathstar" broadband does the same thing. In fact, I installed their cute virtual technician software and it ended up fucking my machine up a bit. Fixable, but still annoying.
If asked about WHY companies include spyware / trojans, they usually burp something wet and smelly up about how falling revinues from banner ads (blech) etc, aren't all there. Duhhh!!! Then they point out the fact that by clicking the "Agree" button you have agreed to anything they want to do to your computer, privacy, or anal orifice. Basically, I see that in the very near future, every windows program will have built-in spyware that phones home to mamma. Even right now, limewire, gnutella, kazaa, bearshare, any commercial game demo (except RTCW, thanks ID!!!), unregistered and maybe even registered opera, and a whole glut of software I am not aware of and could care less about already have it built in.
Maybe that's what Magic Lantern is: the spyware that is included by default in most new software.
Fuck all that shit in the ear.
In an effort to make a "first post" that would be found by stegdetect i failed so far:.
Making a small image that contains "first post" with jhsteg stegdetct fails to find it.
If i make a big picture jpsteg warns it fails to insert to complete file.
By simply resizing the picture(paint shop pro) it should hide in stegdetect says:(skipped)this is likely a false positive. just because the origin is blocky.
Blurring the orginal picture solves this problem and after 3 more ties i find a ratio the jpsteg program still allows to insert and at the same time makes stegdetect bark.
Now to insert it in usenet: sh*t no usenet access from this location, and a fail to find a free service to insert a picture. Ebay needs a credit card, so no luck inserting it in ebay.
well maybe later......