Slashdot Mirror
Slashback: Spambots, Retroism, VoIPhooey
Let's find the spamsters and turn them over to Hormel. Neil Gunton writes: "Further to my previous article about stopping Spambots with Apache, Perl, MySQL and ipchains, it appears that the spambots have evolved somewhat. They seem to come in using a search engine to find promising pages, and then spoof the User-Agent field and generally try to behave as much like a real person as possible. Here is an update to my original article. This is something that anyone who runs a website and dislikes spambots should be aware of..."
If I ever have children I might let it go at that. jamie writes: "'If I ever have children,' says Rich Dreher, 'I would want them to see and touch one of the very first 'real' personal computers, not some simulation of an Apple in a window on a Pentium VIII running Windows 2012.' Over the last few months he's put together a CompactFlash/IDE adapter card for the Apple //e and IIgs, and now he's taking orders. The largest hard drive that ProDOS supports, as flash RAM, costs $14! Seeing the card really brought back memories..."
We mentioned this a while ago, before the pressing need of Apple ][ owners was quite so evident.
What's a little $80 million mistake among friends? Sinjun writes: "In what is believed to be one of the first prison sentences given to the creator of a virus, David L. Smith of the infamous Melissa plague recieves 20 months in federal lockup. I would have thought he would recieve more, seeing the massive amount of money lost by corporate America resulting from Melissa. Oh well, this is the precedent that has been set."
Smith should be grateful that his victims weren't allowed to each pluck one hair from his body per Melissa message received.
But what about the GBA? bobbydigitales writes: "A while back someone suggested porting linux to Samsungs GP32 handheld games console. As I own one, I did a bit of 'googling' and found a post from a guy at Samsung about a problem he was having with his linux port to the s3c2400x chip (this constitutes most of the GP32's hardware). It seems he finished his port as he sent me all the patches and instructions needed to compile the kernal for the s3c2400x.
As I dont have any experience porting linux i thought I'd share this information with the world and see if anyone could offer help and/or suggestions on how to proceed. Here are the files and info.
Samsung have completed the following drivers:
- LCD
- Serial
- USB Host (with mouse driver),
- Sound
- Keyboard
- Network (not actually on the GP32 chip)
Things that are missing:
- bootloader,
- SmartMedia Card driver"
I knew I should have ordered a few. Alex Law writes "Only days after Slashdot's article about Creative Labs great deal on VoIP Blasters, it appears that they are no longer in production or available from Creative's web site. Shame; mine arrived yesterday, and we were all quite impressed."
From the Mozilla front: Lots of good reports and an oops.
The good stuff -- reaper20 writes "With 1.0 around the corner, it seems like the folks over at Mozilla.org have their hands full. Between interviews and last minute security bug fixes, it seems like the Mozilla is poised for the big push to 1.0.
David Hyatt brings up the IE Advantage, and the death of user-experince based browsers. Mozilla.org itself has stood firm on some of these marketing driven issues - yet some changes have caused some interesting developments in the Mozilla community. The recent context menu revisions and personal toolbar recommendations by Netscape have caused a bit of controversy. (Bugzilla entries ommitted for obvious reasons)
Recently, the mozilla/browser and Chimera projects have been started to address certain usability problems and the desire for OS X native widgets. With Galeon and other Mozilla derivatives getting better and better, it seems that Mozilla 'proper' will serve as a platform for derivative browsers customized for the target platform.
Lots of standards-compliant clients each tailored to user needs, sounds like what web was originally designed for."
And the oops -- An Anonymous Coward writes: "An Israeli software firm has discovered a flaw in Netscape and Mozilla software that allows code hidden in a Web page to read files from the user's PC. The bug is a more serious variant of one patched in Microsoft's Internet Explorer in February."
Silly boy, haven't you learnt yet that Microsoft software never contain bugs, only "undocumented features".
"Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
So what does that make bugs in open source software, "documented features" since the source is open?
Sometimes it's best to just let stupid people be stupid.
The flaw doesn't affect Mozilla 1.0 release candidate 1 because XMLHttpRequest appears to be broken in that release
;)
Hehe, I find that kinda funny
Could someone summarize what the story is here? About the only thing that annoys me about the current crop of fresh Mozilla installs is that it keeps changing my default search engine away from Google and back to Netscape.
Schwab
Editor, A1-AAA AmeriCaptions
No OSS dropped nothing; the bug was/will be fixed before Mozilla 1.0 will be released. So the OSS-idea worked quite well once again.
0x or or snor perron?!
Why not pay users to collect e-mail addresses? Just create a 'plugin' (not unlike the google tool bar) so that where ever users go, the plugin automatically collects the e-mail addresses on the page. The user could get paid in some way (money? otherwise?), and there could even be a space in the tool bar to enter e-mail addresses obscured, as in an email addresses displayed as an image, as to avoid detection.
It would be almost perfectly undetectable.
is someone, from the human race mind you, creating these bloody things. I mean, how could you do that? Didn't they realize what they were doing, the annoying havoc that they were about to unleash upon the world? It's like setting off a nuke, only the nuke just sits there poking you incessantly until you click on their goddamn wares.
They have not really dropped the ball,
because the versions of IE were released, final,
production versions, wheras Mozilla is not.
Simple
The VoIP Blaster had huge potential, IMHO, because it was easy for non-internet-telephony-experts to plug in their POTS telephones and place a call. I was preparing to buy more when I discovered there were no more available.
In a desperate effort to find out how to buy more VoIP Blasters, I called Creative Labs. Yes, it's official, they have discontinued sales of this product. That explains why they were blowing them out at $10 a pop. But, it goes deeper than this.
I discovered that Creative Labs didn't manufacturer the VoIP Blaster. They were value added resellers of the InnoMedia InfoAccel USB. I decided to send a message to InnoMedia to find out who else resold their units.
My Question to InnoMedia, made through their "contact us" page:
"Creative Labs has now officially discontinued the VoIP Blaster (the repackaged InfoAccel USB). Are there other OEM partners who are repackaging the InfoAccel USB I can purchase from? Is InnoMedia considering releasing a consumer version of the InfoAccel USB?"
Short yet concise response from Kelly Zhang, Director of Sales, InnoMedia:
"We do not intend to release any more version of InfoAccel USB."
Now that the VoIP Blaster party is officially over, what other inexpensive hardware platforms look promising to allow Grandma to pick up a phone and place a call without a Ph.D in Internet Telephony?
My car gets 40 rods to the hogshead, and that's the way I likes it!
I think by undocumented they mean code that some MSCE certified programmer wrote in a MS product that they strangely left uncommented. So in a sense, they both have undocumented features left by MSCE-ish programming professionals.
Karma: SELECT `karma` FROM `users` WHERE `userid`=138474;
I think its great that someone took the time to create a card like this. Expecially for 14 dollars. Also i think apple made all of their software for the gs open sounrce/ public domain or something like this.
One of the complaints about spambots was that they either ignored, or read and then flouted, robots.txt. But, Google is well behaved - so won't the new generation of spambots implicitly obey robots.txt?
Seems you could use robots.txt to keep Google out of your email address pages, and still keep your other spambot defenses.
My amazing wife - Artist, Author, Philosopher - Laurie M
I really don't understand the levels spammers goe to. I'm an intelligent person, and if I want something, I know where to go to get it. I've been around on the net long enough to know where the best sites are, be they news, computer sales, money matters, or even porn. It's gotten[sic] so ridiculous that I often want to scream. On a technology forum I post on(very private, mostly real life friends, but still public THCNET)about once a week someone will come in a make a damn spam post on the board. This is utterly pathetic. For one, if I know you circumvented security features for your email to get through, I'm going to be so angry I would never, ever desire to give you one red cent. Most likely, I would find some way of retribution, be it legal avenues or guerilla tactics on your servers.
This has got to stop. It's been proven time and time again that if you want consumers money make the best product/offer the best service, and do it in a helpful, non-pushy way.
Finally, math books without any of that base 6 crap in them.
Let's see, it's buggy and its development has been slow. Are you telling me that those two bad things cancel each other out, producing yet another triumph for open source? You zealots can rationalize anything.
A major problem with mozilla is their "improved" handling (i.e. hiding) of referers in certain new situations, like from one HTTPS page to another accross domains. This is preventing people from placing orders with websites that use at least one major credit card processing service. We've been getting lots of complaints because mozilla/netscape users cannot place orders and have to tell these customers to use IE, as much as we hate doing that!
And, yes, I know it's easy to fake referers, but it's just one of a variety of checks the credit card processing company uses and if any of them fail - no order!
I'm guessing that they feel that this is a browser security issue, but it is really a website security issue. Any website that has critical info in the URL is itself a security hazard...someone could just walk by the system to oggle that info directly. Hiding the referer isn't going to fix the site. For the browser to cripple its ecommerce applications for this is a truly bad decision.
What's a little $80 million mistake among friends? Sinjun writes: "In what is believed to be one of the first prison sentences given to the creator of a virus, David L. Smith of the infamous Melissa plague recieves 20 months in federal lockup. I would have thought he would recieve more, seeing the massive amount of money lost by corporate America resulting from Melissa. Oh well, this is the precedent that has been set."
The massive amount of money lost by corporate America?!?!
First of all, since when do we start supporting corporate america?
Second, were do "they" get damage figures from? Probably the same accountant that say software firms lose "billions and billions" to piracy although many people would never buy the software anyways.
Also, if corporate america didn't have their heads up their asses, they could have avoided all the "damage" the melissa virus did. In fact many companies who know what their doing were completely unaffected.
By the way, why not jail the programmers at Microsoft for writing an e-mail client that allows "billions and billions of damage"
simple fact is this, It's well known that outlook is not secure. If companies have not taken steps to protect themselfs, I can hardly agree with jailing someone who wrote a program (and I believe didn't distribute).
Chicago2600.net more than a lifestyle, its a survival trait.
I have a 1GB hard drive hooked up to my IIGS right now...and all the space can be used. ProDOS 8 only allows 32MB partitions, but RamFAST and Apple rev. D SCSI cards provide various methods for mapping more than two drives to a physical slot. (ProDOS 8 itself allows for four drives if the controller is in particular slots.) The number of slot/drive combinations limits you to somewhere around 300-350MB maximum online storage with ProDOS 8 (the RamFAST will let you mark partitions active or inactive). If you're using a IIGS and its GS/OS, though, you just create a couple of 32MB ProDOS partitions (to boot and to run your 8-bit apps) and one big HFS partition to use up the entire drive. (The only downside to HFS is that you'll need a Mac to fix the partition if it's corrupted.)
20 January 2017: the End of an Error.
That web page linked to has a demo of their security flaw. It appears to be targeted at Windows users, trying to read from c:\.. but if you try to read this file under the Linux build, it crashes Mozilla.
Using your sig line to advertise for friends is lame.
The site is prob. already slashdotted so here is the introduction text from the site.
Project Introduction:
This page describes a project to create a CompactFlash / IDE Interface card for Apple II computers. The card is ProDOS 8 compatible, and GS/OS compatible with an extra driver. I did the original wire-wrap prototype over the span of several months. This project is very much a case of old technology (the Apple II computer) meets new (CompactFlash cards and Altera CPLDs).
My reasoning for this project is described in detail in the Background section , but suffice it to say, I wanted to be able to pull out my old Apple II and use it from time to time to reminisce about the early days of personal computers. I wanted a reliable way to store my Apple II programs and data files for many years to come. Due to the long term reliability prospects of floppy drives, and my general laziness, I decided a mass storage device is what I needed.
The Apple II was an excellent example of an open system, with unheard-of-today documentation like system schematics, firmware listings, and peripheral design tips. Indeed the only thing that was totally hidden was the source for the BASIC interpreter - "AppleSoft" written by giga-monopoly Microsoft. In the spirit of the Apple II this project is also an open project.
I am currently in the process of assembling a run of 100 units and I am now taking orders. I have contacted everyone who has expressed some interest in this project. If you would like to order a CFFA unit, assembled and tested, please check out my order page . I am assembling these boards by hand and will fill orders in the order in which I receive payments. Also, please realize that hand assembly will mean that I will probably need a month or more to build them all. I will fill orders in batches of 10 or so, which could easily result in a delay of several weeks for your order.
Interestingly enough, one of my former roommates went to college with David Smith, when he was at UNC. She said he was a quiet, but rather odd man. She was very adamant about her impression that he wasn't really a bad guy.
On a related note, how many people actually picked apart one of their copies of Melissa? The really nasty bit of code was only maybe 10 lines long. Doesn't seem like he had to go through all that much trouble to write the thing. For years I've been thinking that Microsoft should really be held accountable for building that capability into Outlook in the first place. Then just a couple weeks ago someone said that is like holding gun makers accountable for murders. Now I'm not so sure that MS is to blame - they had their reasons for building it in, dubious as they may be, and I'm sure people besides the virus writers have made use of this feature. Would calling for Microsoft to remove it be the same as calling for file sharing networks to be torn down just because people use them illegally?
It's funny that I didn't notice how much of a hypocrite I was until it was pointed out to me.
(I was only an egg, but then I cracked)
I could well be wrong about this - it's been many years since I've used a ][... I seem to remember that very little of the early Apple software would work with ProDOS. All the little BASIC games were no problem, but most of the commercial titles would boot directly from the floppy (not the System Master disk with DOS 3.3 or whatever it was). I don't recall having a way to save them to my hard disk.
So anyway, if I get this card and put ProDos on the drive, is there some way I can just load all my floppies onto there as images, and run them after booting into ProDos?
For Mozilla, that would be true. But Netscape 6.x is considered a final release. Hence Netscape is screwed.
-- Kircle
It had this security bug first!
So what does that make bugs in open source software, "documented features" since the source is open?
:)
I would say they are "obfuscated features", since yeah, it's there, but if anybody could read the source they would see the bug.
I'm just glad mine came in via fedex today.
Just a nitpick, but I'm absolutely amazed at the number of people who cannot spell 'kernel'.
A hint for you Linux users (and for those who say it doesn't matter) - www.kernal.org doesn't distribute the Linux kernel.
IIRC, IE always looks for a "favicon.ico" file. If the browser has a User-Agent corresponding to IE, but doesn't request favicon.ico, it's a spambot. This is easy for the spambot to defeat, but it's one more step.
I won't post the bug number (bugzilla won't allow links from slashdot anyway), but it's already been fixed as of tonights builds, if I remember correctly.
slashdot broke my sig
The bug is a more serious variant of one patched in Microsoft's Internet Explorer in February
If Microsoft fixed the bug, it must have been pretty serious to begin with.
On the other hand, I have to think the greymagic guys could have found more productive ways to spend their time. For example, it would have taken 5 minutes to emaile the mozilla secur... well...
Wait, what am I thinking? Writing a file browser is definately the most productive thing to do...
I see.....four.....lights!!!!
Blame the victims for not protecting themselves better.
"Yes the man broke into your house and stole your money, but it's really your fault for not having better security"
Is that what you're saying?
Opera and Omniweb are funded by smaller companies, companies that don't have deep pockets like AOL or Microsoft, so in some small way they can be forgiven for the steps that they take to make money to support themselves. These browsers at least offset their nagging with the ability to block popups and images.
Now, how about saving sets of opened page to continue browsing them anytime. I have several of them, one for each subject I commonly browse for. And continue to browse the last opened pages if your browser/operating system crashes. Import and Export bookmarks and email contacts. Browse offline content, delete every personal info left on your computer by your browser with two clicks (for the privacy freaks), multiple languages supported, pre defined texts to fills forms, 13 search engines available in a tab. Skins, layout customization, modify settings of html text and link tags, load your own css, zoom, block frames, load only cached images, report Javascript errors. Identify the browser as being another (right, "you must use IE to view this page" crap). Full control over cache and cookies. And password protection. Not to mention fully functionals email and newsgroup clients, low comsumption of computer resources, all in 3.2 megas.
And if everything here didn't catch your attention, two words:
"Mouse gestures".
That alone is worth a thousand dollars. Hover a link, right click and up+down with mouse. Page loads at the background. Open 25 links this way, hold mouse button, down+right, close current window. Do it for every page you have found. Hold mouse button and press another, back to pages you previously visited. Another way of buttons, forward the pages.
Opera was worth every cent I paid for. With it, my productivity raised so much I can't live without anymore. I do programming for living, and if having +20 windows opened at the same time, searching for information with Google, discussing at newsgroups, and reading mailing lists, weren't delivered so fast and nice over the last years that I am using Opera, I know a lot of work would not have been done.
Buy a Nintendo DS Lite
Nothing wrong with the linkage to the VoIP, it has not been removed from their production web site. I ordered my 4 units days after the initial /. post!
c t. asp?maincategory=7&category=&product=203&nav=spec
http://www.americas.creative.com/products/produ
So if you can see that link then it proves them wrong! Unless they have run out of stock, they seem to be still selling units.
It isn't a lie if you belive it.
You couldn't get hard drive interfaces manufactured for $14 a piece for something that will draw as little interest as this.
ProDOS supported 32mb partitions, so i'm assuming the $14 is for a 32mb flash card.
A friend of mine who's a judge joked about how they should approve the death penalty for the writer of Melissa back during its heyday. The really funny and/or worrisome part is that now he's a State Supreme Court Justice in VA.
Vote Technocratic! Government by killer robots!
Please note, this is intended as a joke. It has been done before, but it is intended as a joke.
:
:), after reporting the spam numerous times to abuse@domain. This was the only one to elicit a response, which followed the lines of "What are you trying to do? Get me killed?"
If you get a spam from China, reply with a message (in Chinese if possible) stating
Thank you for your continued support of the Falun Gong movement. It's great to see that people even in China understand the horrible oppression under which members of Falun Gong live. I look forward to your future e-mails on this issue.
A friend of a friend did this (and now if you tell the story, you can say it was a friend of a friend of an anonymous guy posting on a weblog
The spammer had to call his local government agency as soon as he received the e-mail to let them know that it did *not* reflect his opinion.
Slashdot running Microsoft Commercials. I want to puke.
Bug 141061 - XMLHttpRequest allows reading of local files
When an http server redirects the user to a local file, XMLHttpRequest gets tricked into thinking the page came from the http server.
Bug Reported on 2002-04-29 17:46
Bug Fixed on 2002-05-01 09:11
MOD THE CHILD UP!
It'd be a simple matter to write a SpamBot that gets pages with a random delay in between hits, that spoofs the Referer, User-Agent, and other headers, that actually downloads images to /dev/null, etc.
So how does one fight it? Unfortunately, you just have to do what most big weblog sites are doing - obfuscation, either with random text strings, or by dynamically generating an image with the email address in it.
Or, you can offer an online HTML form that will send the email out to the address you have on file (but don't display it in plain text anywhere). Not a great solution, as the email will come from your server, and most people like to use their own mail agent, but at least there's no way for the SpamBot to gain access to the email list.
I think trying to develop automated "traps" for SpamBots is a battle we just can't win, at least until every ISP in the world doesn't allow their users to send out spam (read: never).
Think spyware which harvests every single email address that crosses your computer. Everything from web pages you visit to emails you send and recieve. Viruses have used this technique, why not spy/marketingware?
Of course, I do concider this evil, and would rather beat my head into a brick wall than code something like that.
galeon may have a bug here or there, but is so clean and fast, and un bloated that its worth it. its like (IE - M$ + Gnome == Galeon)
Any links available to that text in Chinese?
Dahlmann tightly grips the knife, which he may have no idea how to use, and steps out into the plain.
What I do is include on every web page I produce an invisible 1x1 gif with a mailto: to a special e-mail address. My goal is not to prevent SPAMBOTS or even try to confuse them. I want them to scarf up the special e-mail address. When SPAM is sent to this address, I have scripts on my Mac OS X system that downloads the e-mail and scans it for headers, subject and body message. Once it collects this information, it sends a copy to SpamCop and then it sends the info to my postfix e-mail server to scan other accounts for the same message and then updates my postfix configuration to block further e-mails. I give my "special e-mail address" a name that will alphabetically sort before any other e-mail addresses in my domain. I have noticed SPAMMERS tend to send SPAMs out in alphabetical order to my domain so this works fairly well. I have never had a false positive with this method.
The great thing about this system is that 90% of the time I report SPAM to SpamCop, it says its a fresh SPAM. So not only am I helping to prevent SPAM to my users, I am hopefully helping others that are using SpamCop's RBL.
Strange women lying in ponds distributing swords is no basis for a system of government.
You're talking about the browser that has been plagued by security bug upon security bug almost every week for the past four years? *That* IE? Or do you know of a different IE?
I mean, the IE I know has major gaping security bugs such as the Javascript "back button" bug, which MS has known about since last November but still not fixed.
Do you even read what the updates in Windows XP's automatic updating do? You'd be horrified at the IE bugs you've been sitting with.
No, clearly you must be talking about a *different* Internet Explorer.
How can people fall so blindly for propaganda in the face of overwhelming evidence?
With 1.0 around the corner
...just like it has been for three decades...
Information wants to be free! Why do you publish something on the web if you don't want people to download it? Get on the cluetrain already!
This does not just set the precedent that virus writers can be put in prison for their code, this sets precedent that writing software can land you in prison. This is a very bad thing no matter how you slice it. This precedent flies in the face of the "Software as Free Speech" argument favored by most slashdotters. I, as a long-time slashdot reader, am appalled at the support for this judgement. A man has been imprisoned for writing software. Not killing, raping, or even dealing drugs. No, just writing software. What will it come to next? Will I be imprisoned for describing a virus in public where anyone could put my ideas to code? Will they be imprisoned for putting my ideas to code?
SOFTWARE IS FREE SPEECH!!!
And what of a writer whose essay starts riots? Will we as slashdotters stand behind the writer voicing his opinion or will we say that his speech caused riots in which people died? Don't we, as slashdotters, support free speech in all its forms regardless of the harm it may cause? DeCSS could cause as much damage to the MPAA as Melissa did to the rest of the corporate world. Why do we stand behind DeCSS and its authors and not the poor MPAA victims? Because DeCSS is protected speech, that's why!
I'm not arguing that what the guy did was right or wrong. That's a matter of opinion. I am arguing that Melissa was free speech. It was exploit code demonstrating a security hole in Microsoft Outlook. Was it irresponsible of someone to spread it in the wild? Hell yes. But it was just plain old exploit code nonetheless.
Oh shit! I forgot to click "Post Anonymously"...
Its about time the mozilla mongers got put in there place.. On the plus side, I guess this means mozilla is getting popular enough now that people bother to find exploits.
Well then, at the rate Mozilla is going, they will never be able to 'drop the ball'.
Heh. The guy would have to be a 500 foot tall gorilla covered with soft down if the number of copies we got is any indication...
ends at my nose.
it roughly means that your right to free speech is allowed until it hurts someone else.
Photos.
Comment removed based on user account deletion
Ahem... I believe it's spelled "k3rn4l"
IN TEH FUCHAR, LITERSY WLIL EB OPSHANAL!!!!!111
Have you considered making this script publicly available? If you're generating so many new records, just imagine the good it could do if it spread.
WMBC freeform/independent online radio.
I wasn't very impressed... it didn't work on my system (win2k, moz 0.9.9)! Why can't I get to play with all the fun exploits?
"Save the whales, feed the hungry, free the mallocs" -- author unknown
I'm absolutely amazed at the number of people who cannot spell 'kernel'.
"KERNAL" (with an A) was the name of the BIOS in the Commodore 64 computer. It contained some basic drivers and a BASIC interpreter. Don't ask me what it stood for; I was an Apple ][ user.
"MONITOR" was the name of the BIOS in the Apple ][ computer. It included Applesoft BASIC, some drivers, and a simple machine-level debugger.
ObTopic: "LINUX" is the name of the kernel (with an E) in the GNU/Linux operating system. It is also the name of the BIOS in computers that use LinuxBIOS.
Will I retire or break 10K?
Now, I know that if you are looking at porn or whatever, IE is a very tightly integrated multimedia device. But for most things, it is overkill and overcomplicated. To be sure, I don't want most multimedia to be automagically loaded. It is a waste of my time and a waste of my bandwidth. There are a lot of stupid sites that force inane music on me. I have to disable Flash just to protect myself from silly adverts.
Furthermore, the assertion that Microsoft is in some sort of unique usability nirvana due to Microsoft's wealth is ludicrous. Everyone uses IE not because it is easy to use, or easy to setup, but because it is the default in windows, and as stated above, is critical for viewing porn. As far as IE being resistant to advertising, remember that IE is a critical building block in MS web services package and it quirks critical to the destruction of other browsers. If IE allows users to block ads, it is merely because MS wants to direct all traffic to it's affiliates, and not have the advertising stream contaminated with pesky competitors.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
Of course the answer is simple: It's not an IE problem. It's not a chance to bash Microsoft. Yet a lot of people who use Linux also use Mozilla (or variants thereof).
So I ask again, why didn't it make the front page? Nowadays when every scrapping little bug in IE is splashed all over the place and fills up with 400+ posts?
So we found a little bug, big deal. It seems like an easy fix, and maybe even an extra feature. All they need to do is add an option (disallow scripts reading local files, ask before allowing, always allow). Easy as that, default to ask before. Sometimes it would be nice, if you trust the script. Maybe it could be extended even. How about creating a user for each script/site/etc and then you can set that users permissions? something like that. Always up-to-date html based software could do alot. Save emails directly to harddrive from web interface or other way around.
Every cloud has its silver lining.
Question
http://www.ironfroggy.com/
The bug works. I saw my /bin!
Question
http://www.ironfroggy.com/
Remember the zlib bug? That went daylight front-page, didn't it? We don't hide things... Alot.
Question
http://www.ironfroggy.com/
A quick search on google for "Falun Gong movement" turn up a bunch of stories about the followers in the US trying to sue the Chines gov. Now, the hard part, finding an e-mail that actually works in a spam, assuming you also can figure out which ones are sent from someone in china. Not just bounced thourgh one of their open relays. But I would like to see all those open realy admins get F***ed. They are the root of all evil...as far as that goes.
LinuxWorx
Spelling errors are intentional as are gramatical error
Mouse gestures do indeed kick ass, and sessions do indeed come in damn useful, and zooming is downright essential at some sites -- after using new releases of Galeon for a while (with mouse gestures and tabbed browsing turned on), I wouldn't ditch it for the world... well, at least not for Minnesota. If it were, say, northern California on the table, I'd have to think...
Opera's a nice browser -- but it's not the only one out there. And given the choice between using a nice browser that's commercial software or one I can put on every machine I own (and my work boxen, and my friend's boxen, &c) for free... well, let's say it ain't Opera I use.
For $19.95. It took my order now let's see if they deliver.
The quality is very good. I have a 201 area code which has a real local number. Unfortunately, the local 201 number is in Oradel, NJ (the middle of nowhere). Your number is hard coded into the Cisco adaptor. The service is best for making outgoing calls. For that purpose, 40 bucks a month is a steal. I think I'm going to try to change my number to a 212 (NYC) one. The 201 is useless to me because of where it is.
The VoIP blaster is still available from several online stores, though at ~$20 a pop.
I've just ordered 10 more from buy.com
Spock
The spambots are already way, way, way beyond this.
and understand english or any other human language AFAIK.
Of course some humans may not be able to send an email without a mailto link.
The google search returns in english, text you can use to express his suport for Falun Gong.
google.com> advanced search> languages> chinese simplified "falun gong movement"
You must be new around here if you haven't heard about the mighty pornzilla. Check out the modifications section to improve both your porn and general websurfing experience.
"I may not have morals, but I have standards."
I follow what you're saying here. And I generally agree. But in this case, the author is being imprisoned for not just writing code but using it.
This is a really important distinction. In most cases, potentially destructive tools are generally legal as long as they are not used for illegally destructive acts (your local laws my varry). Some examples include firearms, knives, hammers... and exploit code.
But, unless I am mistaken, Smith did not simply post the code on a site warning the world of the vulnerability he found. He released it. He used it. He put in motion the events that lead to infamy.
Because of this act, I can understand the conviction. Although, I don't find myself as thrilled as some here seem to be.
Virus writers seem to be, for the most part, an annoying messanger. A vandalistic Paul Revere. Damages accredited to these outbreaks seem to be mostly the man hours billed in detecting, stopping, and removing the malicious code. Yet these worms and virii ("viruses" my be correct, but its clumsy) could very well have done MUCH more damage if their writers were so inclined. Instead, they propogate and (again - for the most part) leave their host systems' valuable data intact.
Yea, its a pain in the butt to deal with these things. Especially when an outbreak blossoms within a client's or employer's environment. But the ugly truth is that these malicious agents take advantage of completely insecure environments organizations insist on using. And I have come to realize that many managers and IT reps will not pay attention to infosec issues unless they directly experience the consequences to these issues.
That's right. Virus writers are doing us a favor. Sofar. Its when an individual or organization with a much more malicious intent (damage, espionage, etc) begins to employ these methods that we should REALLY be worried.
The VoIP Blaster was just a repackaged InfoAccel USB VoIP bridge. You can find more info on this product here: http://www.innomedia.com/consumer_products/infoacc el_USB/index.htm
Filling their database by hundreds of false email :
Just add an hidden link (for example a 1x1 image)
to a page where there is hundreds of random-generated emails. If many sites use this most of their database will be filled with noise, and may be unusable.
It's _NOT_ 'wallah'
It's VOILA.
The actual statement from the majority opinion is: "The most stringent protection of free speech would not protect a man in falsely shouting fire in a theatre and causing a panic."
That single omitted word, "falsely", offers an enormous difference in meaning. Yelling fire in a crowded movie theatre if there is a fire is probably protected speech, even if it might not be the most intelligent manner of addressing a clear and present danger.
If your interested in what the scum that sell spam software have to say check this out
http://Lenny.com
4 great justice!
And they would probably find that as interesting as a parent today showing their kid an old black and white TV with no remote control.
I am getting old. I find myself saying "I remember when there was no internet!" to people.
My beliefs do not require that you agree with them.
Throw away . Download the new Improved Mozilla web browser!
It slices, it dices, it lets you share your files with anyone!
-Jeff
Fun fun fun! I suppose you could call that 'fixed'...
Whatever happened to JonKatz?
Consider using Alt-LeftArrow and Alt-RightArrow instead.
fencepost
just a little off
If you get a spam from China, reply with a message (in Chinese if possible) stating:
Thank you for your continued support of the Falun Gong movement. It's great to see that people even in China understand the horribleoppression under which members of Falun Gong live. I look forward to your future e-mails on this issue.
Of course the spammers' response will be to provide return addresses pointing to their enemies (such as chinese anti-spammers, sysadmins, etc.) or other innocent parties.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
This might say that, it's from babelfish
Falun &# 32493; 255;, &# 35299; Falun &# 21487; 290;ੑ 0;
"better ways of doing things eventually just replace the inferior things" - Linus Torvalds 09-08-07
In Redmond, Washington, 14 Microsoft executives were arrested by the Dept. of Justice under the RICO Act.
DoJ Attorney General announced that due to a tribe of typing monkeys hammering out random Visual Basic macros. One of the VB Macro bore the title "Melissa II", in ONLY ten lines, infecting 43.8 million Windows platforms world-wide in under four hours.
DoJ AG announced that since the monkeys are not fit for trial, the U.S. Code "Deep Pocket" kicks in, and that Windows O/S is next to be blame.
The maximum sentence possible for 14 executives totals 2,651 years.
IE Advantage pshaw!
IE has the same exact tie-ins as Netscape, deault start page is MSN. Default set of bookmarks Hotmail, MSN, Microsoft... Default search engine is microsoft's.
AND it goes DEEPER! Default media player (since version 6.0) is built-in version of MS Media Player, where does this guy get off saying that IE doesn't have these sorts of tie-ins?
Unfortunately, Creative does not intend to sell these devices in europe.
:) (the layouts fit thinkgeek.com..)
After searching a bit, I found http://www.ame-group.com/ who have similar devices. (They also got 'Linux Products', but i'm not an expert on these products.)
After an inquiry at this company I again found out another company overlooked Europe, though, this company is actively looking for a European partner/distributor.
If Anyone knows a possible (European) distributor please get them in contact with this company.
Their products range from wireless camera's to microscopes and video phones. Very interesting devices
Well I suppose there are other bad Linux distros out there, but RedHat is quite popular and it is bad. Maybe you don't think so, however, from all that I've read and seen, their distro seems pretty bad--using releases of programs from the unstable branches, they used to have insecure default settings, apparently they even have their own people add patches and modify the kernel. (I believe the "pure" Torvalds kernel is the best choice)
I haven't ever used their distro just because by the time I may have considered trying it, I already knew about the stupid things they do (I only listed what relates to security above). I have read a lot about them and have helped some people that use their distro, so I do know about the subject. Yes, they fixed the default settings on their systems and I haven't been keeping track of them recently, however the way they do things in terms of software quality, security and "usability" seems to be exactly the same as Microsoft. Therefore I have zero confidence in RedHat.
I don't remember saying they're evil, however it does seem they are becoming the mark of the beast for Linux. Why else would everyone insist upon using their packaging format to distribute binaries (now official in the Linux Standard Base) when tar is good enough? It's fine that they use their own internal packaging system, however it's annoying to have that forced upon me when I don't use their distro.
Why are you such a spastic?
Heh.