Spoofing URLs With Unicode
Embedded Geek writes: "Scientific American has an interesting article about how a pair of students at the Technion-Israel Institute of Technology registered "microsoft.com" with Verisign, using the Russian Cyrillic letters "c" and "o". Even though it is a completely different domain, the two display identically (the article uses the term "homograph"). The work was done for a paper in the Communications of the ACM (the paper itself is not online). The article characterizes attacks using this spoof as "scary, if not entirely probable," assuming that a hacker would have to first take over a page at another site. I disagree: sending out a mail message with the URL waiting to be clicked ("Bill Gates will send you ten dollars!") is just one alternate technique. While security problems with Unicode have been noted here before, this might be a new twist."
When you have a crime to investigate, and you have no suspects, where do you start? Obviously you begin by looking at the person or persons who have the most to gain by perpetrating the crime.
This is why we must consider: who had something to gain from the disasterous crimes of September 11th? Obviously not Osama Bin Laden, who would net no financial windfall from the destruction of the World Trade Center and the Pentagon. Although he has loudly applauded the "terrorist" acts of September 11th and even tacitly taken credit for them, there is no reason to believe that he is anything more than a bandwagon jumper. Being blamed for the destruction of the World Trade Center has done more for his image than any amount of militant Islamic rhetoric.
But if not Bin Laden, then who?
It so happens that on December 11th, "coincidentally" 2 months after the tragedy, Credit Suisse First Boston quietly agreed to pay out US$100 million in order to settle an 18 month old investigation into its handling of certain high-profile technology IPOs (Initial Public Offerings). One of the most controversial amongst these being the IPO of VA Linux Systems, Inc. (LNUX) .
VA Linux Systems, Inc., now known as VA Software, is widely derided as a poster child of the dot-com bust, though inexplicably still in business. At the time of the IPO, VA Linux (Software) shares opened trading at nearly 10 times their $30 offer price, closing the first day of trading at $239.25. This meteoric rise made many early investors rich, strangely on account of a company which purports to sell a hobbyist operating system which can be obtained for free on the Internet. "The It was then that Eric S. Raymond suggested something he had read in a book by Tom Clancy. Crashing two planes into the World Trade Center Plaza would guarantee the destruction of the SEC offices, killing the operatives and possibly a number of SEC investigators at the same time. The plan seemed flawless, and would cost little more than the price of a few plane tickets. In a secret session, the board voted unanimously in favour of Eric's suggestion, and began to put it into action.
VA Software/Linux, at the time of planning the attacks, had no shortage of H1-B visa workers, who they employed for the purpose of writing and improving hacking, encryption, and other terrorist tools for the Linux operating system. It had been decided that a hand-picked few of these foreign H1-B workers would be used as the "patsies" in the operation. A contest was held, and the most zealotous Linux advocates were chosen for this secret assignment, direct from the board of directors. They accepted their mission after being told that, if successful, it would guarantee the adoption of Linux in the desktop market.
Alan Cox was brought into the fold to provide some planning and logistics for the mission. It was he who determined that since there was no adequate flight simulator software for Linux, the patsies would need to train at a flight school in order to pull off the plan successfully. It was also his idea to hijack a third and fourth plane for the purpose of crashing them into Washington D.C., to express his extreme rage over the DMCA, or Digital Millenium Copyright Act. The board of directors agreed with this addition to the plan in the hopes that it would help divert attention from the purpose of the WTC attack.
The H1-B workers were given false identities by using Linux hacking tools. Once they had attended the necessary flight training, they stayed at the Massachusetts home of Richard M. Stallman for a brief "faith building" retreat. During this time spent at the house of Stallman, between the nauseating stench of patchouli, Stallman's incessant, pitiful recorder playing, and Stallman's droning seminars on the grammatical and syntactical accuracy of various statements by Microsoft representatives, the H1-B workers were effectively hypnotized to the point that they were ready to lay down their lives for Free Software. It was then that they departed for Boston's Logan International Airport to board the planes.
Fuck Subscription!
J U N K B U S T E R
Just say NO to annoying StinkGeek banners and in-line 200x200 pixel "Do YOU have reliable [foo]...? Then you NEED SourceForge(TM) Enterprise 2002...! Order today."-esque ads.
CmdrTaco, Homos, Gayme, CowboiKneel, et. al...:GET REAL FUCKING JOBS!
Thank you.
Huh huh, he said homograph
This must mean...
A) The majority of Internet users are f'ing clueless.
B) Lauren is not only the president of the unsophicated Internet users club, but also a member.
C) We must hold the Internet responsible for such irresponsibility.
Sex Tips For Hackers: On Being Good In Bed
Like being sexy and picking up women, being good in bed is a skill that will never develop if you fear failure too much. Rather, it feeds on its own success. So the most important thing you need to know about being good in bed is that it's not really very complicated or difficult at all.
Oh, sure, if you're an accomplished sexual athlete/aesthete you can pore over the Kama Sutra and try exotic positions and dabble in sex toys and scented oils and variations for more than two people. These things have their place and you'll get to them. But they are really the last 10% of the experience; the first 90% percent consists of learning how to have basic satisfying sex face-to-face with one partner, factory equipment only.
Guys, a few simple techniques and the right attitude will get you most of the way to that goal. And, by the way, part of the reason is today's girls; it has been long enough since really effective and easy contraception was first deployed in the early 1960s, and I doubt that so many women have ever been more sexually sophisticated or less inhibited in the whole prior history of the world than they are today. You have it easier than you know. So begin with confidence...
Let's start with attitude. Remember that you're there to have fun with your partner. Joy and satisfaction are the goals, whether the two of you are just scratching a mutual itch or affirming a lifelong bond. So be generous to your partner -- the satisfaction you give her will come back to you. (This advice isn't quite as true for her, unfortunately -- but we'll cover that below.)
There are three basic ways in which male and female sexual response are different in bed that you'll need to keep in mind. These differences determine the basic rhythm and pacing of good sex.
First: under ordinary circumstances she can have multiple orgasms in fairly rapid succession, while you can't. This is the most important difference and the one least affected by psychology, mental attitude, or self-training.
Second: under ordinary circumstances, she will take more time to warm up to the point where a really satisfying orgasm is possible than you will. Intimacy and trust can shrink the difference but aren't likely to erase it completely.
Third: her response will vary in subtler and less predictable ways than yours. The best places to stimulate her will wander around; also, women vary as to whether they want progressively heavier or progressively lighter stimulation as they approach orgasm. Her attitude and self-training matter here; women with more experience and/or fewer inhibitions tend to have a simpler and more robust response to stimulation, more like a man's.
These three differences set your basic policy. Unless you know differently about the specific woman you're in bed with, the two basic things you need to do to be a good lover are slow down and pay attention.
The classic male failure mode is to jump on the woman, rush through foreplay, plug a cock into her pussy, and gallop to orgasm before she's even completely warmed up. If she comes at all under that kind of treatment, it's going to be just a shadow of the rip-snortin' multiorgasmic joyride a good lover would take her on.
Cathy: "Yes, and she is likely to be angry with you for leaving her hung up."
So slow down. You've got hands and lips. Use them. A few minutes of good old-fashioned lip-to-lip smooching is always an appropriate starter even if that's what you were doing before the clothes came off. Run your hands gently over her body; women love the feeling of being caressed all over, of being explored and owned by a lover's hands. Try different levels of pressure from light to very firm. Pay attention to the way her breathing and muscle tension changes as you touch different parts of her in different ways; her body will tell you what she likes, so you can do more of it.
Cathy: "If she wants you to speed up, she will probably say so."
The erotic sensitivity of her body is more diffused than yours, less exclusively centered on her genitals. Use this fact. Where your hands find a good response (especially a good response to light or teasing touches) it is often wise to follow up with your lips and tongue. Dial in on areas where the skin is naturally sensitive; the neck, ears, the inner surfaces of arms and legs.
Cathy: "And if you get no response, or a confusing one, ask her how she likes what you're doing! The message that you want to please her will get through (even if the sex isn't perfect)."
Women dig men who exhibit this same kind of whole-body sensitivity as much as men dig women who are readily satisfied by simple intercourse; it's reassuring to them, it's a response they can identify with. So cultivate whole-body sensitivity if you can. Your nipples are good places to start; encourage her to tease them, and let it be known when that's turning you on. She'll love you for this.
Cathy: "Allow me to emphasize the `let it be known when that's turning you on' part. The most frustrating sexual encounter I ever had was with a guy who did not react at all to anything I did."
In general, make noise when she's pleasing you. Feedback should go both ways; she'll please you more, and enjoy you more, if she knows which things she's doing right.
OK, so you've been doing horny things to each other for a while now and she seems hot enough to fuck. Do you immediately perform a genital docking maneuver? Nope. Not if you're smart. At this point, dear hacker, my advice for you is learn to love cunnilingus.
Remember, she's capable of multiple orgasms. Your unassisted cock is going to give her approximately one. I say `approximately' because some women have trouble orgasming from genital intercourse alone (though nowadays this is much less a problem than formerly; the appropriate qualifier used to be "many women"). On the other hand, if you're a stud with serious arousal control you may be able to avoid popping while she has several (but this is wearing, and even those of us who can do it tend to reserve it for special occasions). It averages out to about one.
Cathy: "But that `one' is okay if both of you have a great time with your erection while it lasts, and with the encounter in general. Women don't really expect men to be sex gods -- they just want the guys to try to meet their needs."
(Women: There's a flip side to this. If you just lie there waiting to be aroused and penetrated, you are short-changing him. Maybe he can't have as many orgasms as you, but that's all the more reason to let your hands and lips roam. Tease him. Thrill him. Rub your body against his. Be active. Make noise. Be aggressive, even -- put his hands where you want them, squeeze his cock or do something else to reward him when he does something you like. If the classic male error is being too fast, the classic female error is being too passive and expecting him to do all the work. Many guys are so starved for decent feedback that they'll love you for avoiding this mistake alone.)
The basic disparity between a man's typical single-peak response and a woman's multiorgasmic capability is why cunnilingus is your friend, and why (if you want to be remembered as a hot lover) the right lead-in to genital sex is often some serious muff-diving. When a woman has had several orgasms on the tip of your tongue, she's likely to be forgiving even if you're so aroused that you explode immediately on entry. Think of it as defensive programming...
Your basic good cunnilingus technique is to lap at her labia and clitoris as if you were licking an ice-cream cone. Women vary a good deal in their response to this kind of stimulation, so unless you know your partner's preferences start light and slow and gradually crank up the intensity until you find where she responds best. Note that some women find direct tongue stimulation of the clitoris unbearably intense at low arousal levels -- so, though it makes a tempting target, you should sneak up on it gradually and be preparted to back off if she shows signs of distress. Breaking off occasionally to kiss and lick her inner thighs will tease her a bit and give you a rest. Be creative!
(Women: when a man gives you a thorough licking, it's only courteous to return the favor with some hearty fellatio just before he enters you. It's also smart; a man concentrating hard on giving you pleasure can lose some arousal levels, and you may well enjoy his cock more if you polish up that erection a bit.)
Cathy: "Agreed. This is especially if the guy has had to lick you a long time because it was hard for you to get aroused for some reason. You kept him waiting, and fair is fair."
If you've set up your no-lose situation properly, you can safely let instinct pretty much take over after the point of penetration. Paying attention and slowing down is still a good idea, though. There are various techniques for slowing down; one that I find effective is to thrust deep and then just freeze, no genital or body motion at all for a few seconds. (If your partner likes deep penetration this will drive her berserk, so you'll get a double benefit).
Cathy: "Be careful about that thrust-and-hold maneuver if you're built large. Some guys have this idea that they can't be good in bed if they are not hung like a horse. Untrue! In fact, I have sad memories of real pain that I suffered from well-meaning lovers who were so well-endowed that each thrust hurt. You don't need to be thick and long. Thick and short will fill her up quite nicely in most cases, because the vagina doesn't have very many nerve endings and much of the sensation comes from the lateral stretching a thick cock provides. And if you're short and thin...well, as Eric said, you still have lips and hands. One of the best lovers I ever had was short and thin, but his mouth and hands made up for it."
Sensible women will tell you when they're reaching the big-thunderclap final orgasm; in fact, enthusiastic ones not infrequently scream it loudly enough to scandalize the neighbors. If you're paying attention, you'll get fairly clear indications even when she's not vocal; whole-body tremors are a common sign. If you can pace things so you let go just after she begins to climax, that's about ideal.
If you arranged things properly, the two of you are having a thumping good mutual orgasm about now. Enjoy your reward. If you feel so inclined, roaring and bellowing in harmony with her cries of ectasy is quite good manners at this point. She'll feel appreciated.
Cathy: "However, don't bellow directly in her ear..."
Congratulations. But you are not quite done yet, stud. Never underestimate the importance of the post-coital cuddle. Chicks dig this amazingly. Just hold her gently for a while (murmured endearments and light kisses are optional but usually much appreciated). Let the afterglow happen. You will score serious points for this, even if you wander off to hack a few minutes later.
Cathy: "This can be a good time to talk quietly about personal things, if you are trying to get to know her better."
Note: I have just laid out a template for good basic sex. It works -- if you follow it you won't go far wrong. However, beware of taking it too literally. As in other kinds of art, over-reliance on technique tends to produce mechanical, joyless results. No woman wants to feel like a paint-by-numbers diagram or an obstacle course; if you find yourself mentally checking off boxes on a rote grand tour of her erogenous zones, it's not likely to work well for either of you.
Tastes differ, and you need to adapt to local conditions with each partner. Some women will really get off on having their nipples sucked; others are almost indifferent to it. A few prefer shallow penetration to deep. Notice these differences (and others) and use them.
You will also occasionally run into special situations in which her particular needs are so pressing that your own gratification runs a very distant second to satisfying her. The most common of these is virginity. If the woman tells you she is a virgin, or you discover it through the presence of an intact hymen (a membrane half-blocking access to the vagina), feel extremely honored that she has trusted you to help her have a good first experience. A woman's first time is more difficult than a man's and may involve minor pain and bleeding as the hymen ruptures. Accordingly, you need to be extra gentle and extra careful that she is extremely aroused before penetration, so that any discomfort will quickly be washed away by pleasure. The post-coital cuddle is especially important with a virgin; you could literally shape her attitude towards men and sex for the rest of her life with that few minutes of kindness.
In general, remember the objectives: joy and satisfaction. Pay attention to her feedback and tune your behavior accordingly. Answer her desires, and let her know when she's answering yours. That, not physical equipment or fancy moves, is what will make you terrific in bed.
Oh, and we should instead rely on a search engine scheme, where a company may never get the users that are searching for it, because of a million idiots (Sadly, they turn out to be non-idiots more often than idiots. My apologies) ranting about XYZ Inc. ?
.US namespace with a similar scheme (what was the highest level you could get, 3rd level subdomain?). Since anything a customer can get is necessarily a lousy url that is cryptic and says little about the site, what do you expect? They often have draconian ToS's that forbid running servers, so that's not a fix, and even if you press on after that, they only offer dynamic IP's, so you still can't get a decent domain. They refuse to offer something along the lines of mysite.smalltown-isp.net either. Which further forces a person onto third-party webhosts, making it necessary to put up banners just to pay expenses. See how bad ISP policy just makes all the shit roll downhill, until you have an avalanche of it?
The ironic thing is, I'm rabidly anti-corporate. But if I need to see something about IBM, it's a sure bet starting at ibm.com puts me within 3 clicks of where I want to be. Google, or any other search engine technology that I've ever heard of, just isn't good for this sort of thing.
You want to know what the real problem is?
First off, it's laziness on the part of morons like yourself, that lust after AOL keywords and are pissed that the internet doesn't bend itself to fit your warped little design philosophies.
Secondly, not everything is the web. Not even close. DNS and domain names aren't about identifying your lousy porn site, they are about identifying a particular host. Done well though (which isn't the case), it's pretty decent at getting you within a few clicks of where you want to be.
Thirdly, how the fuck do you expect to ever type in the first URL, google.com or whatnot, if it's hidden from you on your brand new Dell? I can see the horror that would be inevitable in such a scheme. microsoft-search.com as a nice little button on the toolbar, that never ever brings up a link to click on for google or yahoo, no matter how you phrase the keywords.
Finally, the problem is the fact that the vast majority of ISP's view their customers as users of content that they provide, rather than participants in the first, and largest, p2p network ever devised. At best, you'll recieve a lousy homepage with no ftp, cgibin, or any other goodies, and a lousy url like "http://www.smalltown-isp.net/users/~dumbfart/". Of course it sucks. Hell, they even screwed up the
Sen. Hollings wants to know why there isn't enough compelling content to drive demand for broadband? Well, it's because AT&T Broadband goes out of their way to make sure I can't put any decent content up, unless I'm willing to have it polluted by their own self-serving ads, chop it down til it fits in 10megs, and refuse to do anything other than the simple static html/javascript pages that is all that they'll allow.