Slashdot Mirror

← Back to Stories (view on slashdot.org)

Slashback: Blaster, Sabers, Canada

Posted by timothy on from the hi-from-omaha-nebraska dept.

Slashback tonight brings you more on the recent cracking of GSM encryption,the odds of file sharers escaping industry scrutiny in Canada, the recently found (and stomped) OpenSSH bug, installation-time ads in Mandrake, and more. Read on below for the details.

Art of the Saber Jagaast writes "As a counterpoint to all the hype about the Star Wars kid, here's a Star Wars fan film that's actually very well done. Art of the Saber is 'a light saber fight sequence with the flavor of a Hong Kong martial arts action movie.' Well worth watching." Update by J : I've made torrents available.

Vote early, often, and reversably. An anonymous reader writes "As a follow up to a previous story here on Slashdot on electronic voting, Excite has a story on the same subject with a bit more information including this amazing quote from Deborah Seiler, Diebold's West Coast sales representative: '"These activists don't understand what they're looking at," Seiler said.'"

GSM-crack paper online morcheeba writes "Copies of the GSM-crack paper described in last week's Slashdot article are now available online (PDF) thanks to John Young's Cryptome"

Mandrake ads...take 2 *no comment* writes "Apparently there has been some controversy over the ads in the upcoming Mandrake 9.2. I thought it was pretty cut & dried, but apparently Mandrake thought it was enough of a controversy to to release a written statement about it. I wonder how many flames were posted in the slashdot forum using the download version of Opera."

Blaster Worm still alive and well on MIT campus fwc writes "MIT still has 900 network drops disabled due to the Blaster worm infection. Of particular interest is that MIT network security requires users to reformat their hard drive and re-install their operating system before they get back on the network. Sounds like a good excuse to reinstall something other than a Microsoft operating system."

A big AWOOOGAH for Canadian file sharers. Rumor writes in response to a recent story suggesting that Canadian users could swap files scot-free: "Listen, Canadians, don't go using your p2p apps and thinking you are immune from lawsuit, you are liable for copyright infringement if you share files on p2p apps.

To wit: a fellow law student and I have written an analysis of s. 80 of the Copyright Act and we've concluded that one can download music safely under the Private Copying provision, but no one can share or upload files without infringing on copyright.

In a nutshell, Private Copying allows anyone to make a copy of a song purely for their own use. As you probably know, when you share files and someone downloads from you, what actually happens is that their computer makes a request and your computer actually sends the file to them. Thus, you're copying for someone else's use and infringing. It doesn't matter if you didn't realize that's what happens, either... intent is not required for infringement.

The upside is that you can accept copies from other people (ie. download) all you want. Although there might be an issue of contributory infringement to worry about... I won't go into analyzing that, since so far the record companies are only suing uploaders.

The article can be found on greplaw.

I've recently confirmed this analysis with an IP law professor at my university, so I'm pretty damn sure of it. So, please, be aware of this danger. Downloading cool, uploading/sharing not. I guess the situation still better than nothing."

Why not ask for your money back? zaaj writes "There are several articles out about a newly found/fixed(openssh.org) buffer management bug in OpenSSH and some derivatives. Cisco's Advisory only mentions DoS attacks against certain of their SSH-enabled devices, but ZDNet's article hints at rumors of long-existing root exploits. Regardless, RedHat's got their typical list of updated packages with the patch back-ported. A few other distro's have info in the vendor section of Cert's advisory CA-2003-24"

2 of 317 comments (clear)

  1. Re:P2P by Gherald · · Score: 5, Interesting

    Well you could ask for everything at once. All you'd have to do is generate a text file 9238472093847 lines long saying:

    Is bit 0 a 1?
    Is bit 1 a 1?
    Is bit 2 a 1?
    Is bit 3 a 1? ...

    Then gzip it and send it via some standard TCPIP protocol.

    The server would then just generate a similar file saying:

    Yes, bit 0 is a 1
    Yes, bit 1 is a 1
    No, bit 2 is not a 1
    Yes, bit 3 is a 1 ...

    --
    The unofficial /. digest
  2. Re:P2P by PetiePooo · · Score: 5, Interesting

    I realize that this thread is mostly in jest, but you're all missing the bigger point. The problem isn't the actual transfer of the file.. its indexing the files that are available. How can you legally say to the room-temp-IQ crowd that "I have a song here, but its not available.. sorta.." and still get away with it?

    Remember those college students that just ran an indexing web page listing all of the songs on their fellow students' shared folders? They didn't share the files themselves, but they're now working their way out of debt thanks to the RIAA.

    There are hundreds of ways of actually transfering the file without attracting undue attention (Waste would be my favorite at the moment). But how do I find the person who has that file that I want when he's not telling the world that he has it because the world includes that suit-happy association whose business model it obliterates?

    How do I find that person?

    Seriously, I want to know. I'd like to borrow some of his/her CDs for personal use. Of course, I have some to lend as well...