Slashdot Mirror
Slashback: Mutuality, Transport, Spyware
Well, while we were switching things around here at the ad agency ... An anonymous reader writes "While looking around on Microsoft's site checking out the new Tablet PCs I noticed something very out of Place. In one of their Flash Demos for the Tablet PC there is an Apple Powerbook 1400! To see it for yourself, the flash is located here (then "Tablet PC Overview Demo," then "Tablet PC," then "Powerful") The first computer is really that Powerbook! Pic here."
What about to the legal brothels? Sacarino writes "Back in April, Slashdot ran a story about the Monorail project Las Vegas was embarking upon. It would appear that things are progressing nicely. "It's ugly" critics will be put to shame, the designers did a great job of making it non-obtrusive. (if that's possible in Vegas) Soon you too will pile off the airplane, trudge onto the monorail, then run into the casino to spend that money....ahh, Vegas."
Out of court, out of mind. Enry writes "SONICblue and TiVo have dropped the patent infringement lawsuits they filed against each other. The press release reads: "We believe our energies are better spent expanding the market for Digital Video Recorders (DVRs) rather than fighting each other. Both sides believe in the merits of their respective positions, but the overall success of the DVR category is what is most important to the companies at this time." Take that, AdAge!"
Sounds like a nice way to watch movies. For those intrigued by a 640x480, QWERTY-keyboard color, clamshell-case PDA as embodied by the Zaurus 5600, patrickoehlinger writes "Just found news and pictures about the new Sharp Zaurus SL-C700 released in Japan. With a 640 x 480 pixel display, a small design and a great keyboard! Golem.de has a article with pictures, but it's in German."
Would the BBC spy on you? An anonymous reader writes "The previous discussion on RedSheriff on slashdot was extremely confusing as well as mostly off-topic. The fact is, the BBC is downloading spyware to your machine when you surf their site. Very disappointing and surprising. I suggest e-mailing them to let them know what you think. The problem and remedies are covered in Google groups: "
Not to sound like too much of an idiot but the newspost didn't have much in the way of detecting the spyware on my box. I suppose it is safe to assume if I have hit the BBC site lately I am "infected" but I would like to be able to remove it manually not just disable it in the firewall. Anybody willing to offer some insight on this on both win2k(work) and linux boxes?
It is not enough to succeed, others must fail. - Gore Vidal
If you can sit through the whole demo, there's a second mac. About two thirds of the way through is a PowerMac Desktop I'm gussing circa 1996. I'm no mac expert. Maybe someone else can identify the model?
Somewhere, something incredible is waiting to be known. -- Carl Sagan
Monorail from the Airport? Man, that would ROCK HARD. No having to take the shuttles with endless stops or taxis with 20 years of grime built up.
I do feel a bit sorry for the taxi drivers: this is going to kill 80% of them. Apparently the union is not that powerful in Vegas. :) [which is yet another lesson why union's suck and why they tend to retard progress, but that's a rant for another day]
Sometimes it's best to just let stupid people be stupid.
Since I moved to Opera I've not had to deal with any Gators or other crap like that. Opera Beta 7.0 is really nice (once you get used to it) and is worth the money, IMHO.
With IE you really get what you pay for. Nothing.
Boobies never hurt anyone. - Sherry Glaser.
Slash dot had an article on how to reverse the screen on your apple powerbook duo. The guy used a glue gun and gave step by step instructions on turning your apple into a picture frame.
Some drink at the fountain of knowledge. Others just gargle.
I was in Las Vegas this past summer. Whoever designed that monorail was completely incompetent! The doors and cars were too small, so when a handicapped person (and there's a lot of those in Las Vegas) got on, attendants had to go in and move seats around. This took about 20 minutes, which is ridiculous. And then the thing starts moving, and I keep waiting for it to speed up, but it keeps plodding along at snail pace. I could have walked to the one destination stop in less time. Thanks for wasting my time, monorail designers.
The Disney World monorail is so much better.
But, per the google group discussion, is used my firewall software to block a couple of IP addresses that the java program is based off of. I just visited the BBC news site, and I'm not getting record of a block to those IPs in my firewall logs. It is possible that they already took this stuff down?
Cogito ergo sum in Slashdot.
Or am I missing somthing or is that exactly what is going on?
my experience and understanding with java is that insecure applets cant access URLS outside their source URL, they cant access other open windows (or atleast not anything that javascript cant access), and they cant access any system level communications or your files on disk. Thus they cant be spying on you. And if you leave the site they go poof. I suppose they could be playing frame games making you think you left the site.
can anyone tell me how they are getting around these restrictions?
Some drink at the fountain of knowledge. Others just gargle.
Any program that is forced upon you is spyware. If McDonald's made you fill out a questionaire as a term for buying a Big Mac, how would you react?
.03% of traffic today, but we are also yanks, and we don't read the stinkin' beeb. (God forbid other voices were to leak through the American propaganda machine.) Over time, I might see this traffic rise up to the 1% area and would have to really start to take measures. (Infact, the .03% traffic originated from only 14 unique IP's out of ~300 for the newsroom alone.)
/.
I simply do not believe that any website author has the right to upload any program on my computer as a condition of viewing content. I don't care what the software does.
That being said, it does not appear that red sherrif performs like most spyware and remains active as a service 24/7 on the resident machine. But for those of us who are security concious, and the Firewall admins out there, this is a big deal. I am an admin for a newspaper. This immediately explained the large amounts of traffic going to the IP's mentioned in the group posting.
Like most businesses, we expense our bandwidth. Red Sherrif Traffic only accounted for
Does that answer your question??
~Hammy
MY Mission: To build the biggest freak list on
I would rather have wanted the IBM Transnote
If the tablet PC should work, it should be cheap since I never really think it would be the only PC you would have. it would need to be thinner than it is. It wouldn't need a lot of fancy features. You could have a dockingstation that would give it more features, option for other graphiccard etc. It would have some very for some things, but bad for others.
my sig
First of all, why are people saying this Red Sherriff stuff is Java-based? Am I missing something here? I can see some JavaScript stuff on the BBC site - is there a Java component too perhaps?
... well ... let's see:
/snip/
u nt?ref='+
/snip/
m en t.write(imgN);" '+'w idth=1 height=2}'+/ applet}')
/snip/
... in this case either a 1x1 or 1x2 pixel image. The information is passed in the request for that image. From what I see above, aside from the colateral stuff like your IP address, a "Customer ID" string of "uk_bbc_0" is passed, along with the "Document Referrer". That is, if you clicked a link on another website somewhere in order to get to news.bbc.co.uk, the URL of that referring website is sent to Red Sherriff.
As for what it's reporting
Excerpt from the source of http://news.bbc.co.uk/:
{!-- START RedMeasure V4 - Java v1.1 $Revision: 1.9 $ --}
{!-- COPYRIGHT 2000 Red Sheriff Limited --}
{script language="JavaScript"}
{!--
var pCid="uk_bbc_0";
var w0=1;
var refR=escape(document.referrer);
if (refR.length>=252) refR=refR.substring(0,252)+"..."
{img src="http://server-uk.imrworldwide.com/cgi-bin/co
refR+'&cid='+pCid+'" width=1 height=1}'
if(navigator.userAgent.indexOf('Mac')!=-1){docu
}else{
document.write('{applet code="Measure.class" '+
'codebase="http://server-uk.imrworldwide.com/
'{param name="ref" value="'+refR+'"}'+'{param name="cid" value="'+pCid+
'"}{textflow}'+imgN+'{/textflow}{
{/noscript}
{/COMMENT}
{!-- END RedMeasure V4 --}
I'm not a JavaScript expert, but this says to me that the information is passed back to the Red Sherriff company by requesting a "web bug"
FYI, NineMSN (Australia's own big brother presence on the web, and the default exit page for Hotmail from Aus) also uses Redsheriff.
So does Suncorp Metway a BANK!!!
As such, microsoft now knows where I bank. Scary.
/* affect != effect */ void affect(int *thing,int effect) { *thing += effect; }
If uploading/downloading meant exactly the same as send/receive, there wouldn't be much point, would it?
That's why downloading means transfering from a server to a client, and uploading means transfering from a client to a server.
Just one more reason why I use mozilla religiously and disable activeX downloads in MSIE by using X-Setup.
Seriously, gator has gotten to epidemic levels. I'm a university student (in Canada) and I've gotten to the point where whenever I log onto a machine, I automatically fire up Ad-Aware and scrup the machine for spyware. (Every engineering student gets 500 mb to store/install whatever.) 60%+ of the time gator is running, plus there's a bunch of bonzibuddy shite. The really bad ones have cnsmin installed which is much harder to get rid of. (Ad-aware can't do it on its own.)
The point I'm trying to make here is that it's gotten to the stage where it's "everyone for themselves." The web is the wild wild west and only those gunslingers who are the fastest and smartest remain at the top of the food chain.
The fact is, the BBC is downloading spyware to your machine when you surf their site.
What browser allows BBC to send them spyware without the user's permission? If that really happens, it's a browser security bug. I'm surprised the spammers haven't leveraged this bug with their html mail efforts (if it's really that easy to install spyware on a user's system). I find it hard to believe this claim. Anyone have an explanation?
My question: is RedSheriff running when you are NOT viewing a page at BBC, or is it only actively collecting data on viewing habits at BBC?
If it's the former, HOW IS THIS TECHNICALLY POSSIBLE? It is running in the Java sandbox. If Java is not running or loaded, how can this thing run?
If it's the latter, WHY IS THIS A BIG DEAL? It is just another method of gathering statistics on your own site; scripts and applications to do this that run in the web client have been around for years and relatively few people have been complaining.
-Lx?
At the moment, I'm posting with Crazy Browser. It's free but not Open Source, and it's a small wrapper for the IE rendering engine that does tabbed browsing and popup killing all in one.
:). Otherwise, I also use Phoenix, similar with Mozilla.
Hope you guys find it useful