Slashdot Mirror
Slashback: Real-ID, PriceRitePhoto, RIM
iBill stolen info a framejob? An anonymous reader writes "The database of stolen credit card information recently discussed on Slashdot appears not to have come from iBill after all. From the article: 'Secure Science's Lance James backed away from his conclusion that iBill, which processes most of its transactions on behalf of adult services, was the source of the leak. He says pornography transaction databases may be considered especially desirable to spammers, and that a criminal may have deliberately mislabeled a database taken from another source.'"
First steps towards defying the Real ID act. An anonymous reader writes "With House Bill 1582, The New Hampshire House of Representatives has taken the first steps towards defying the Federal Government on the infamous Real ID act, which last year passed 100-0. This bill does not express disagreement with the Real ID act, it prohibits the state DMV from amending licensing procedures altogether, and it passed 270-84. Several impassioned testimonies were given at the House, and even those against the bill expressed displeasure with the Real ID act. It now moves on to the 24-member state Senate. The afternoon's proceedings can be viewed or listened to via the NH General Court website under the afternoon of March 8th."
Peter Quinn continues his support of Open Source. Stony Stevenson writes "Computerworld Australia reports that former Massachusetts state government CIO, Peter Quinn is fronting the battle for OpenSource. He believes the cost of government is not sustainable in its present form and any technology leader who is not supporting and implementing open standards should resign and get out of the business. From the article: 'Even though the personal toll from state government experience was huge, Quinn said he would not be silenced. "I will remain very vocal and prominent regarding open standards, open source, especially Open Document Format and all aspects of accessibility for the disabled community," he said.'"
Judge flunks lawsuit against spammers. Hawkeye writes "A federal court in California has just created a huge legal loophole for companies who hire sleazy spammers. Kennedy-Western, an unaccredited university (aka diploma mill) has been absolved for outsourcing its email advertising to 'proxy-abusing, header-forging, hash-busting spammers,' according to the story at Spam Kings. The court ruled that Kennedy-Western didn't violate the CAN-SPAM Act because the plaintiff, a small California ISP named Hypertouch, 'failed to provide any evidence that KWU had actual knowledge or consciously avoided knowledge of a current or future violation of the CAN-SPAM Act by anyone who sent the e-mails at issue.' Perhaps not surprisingly, KWU enlisted as an expert witness Jason Rines, an email marketer who once worked with the notorious Sanford Wallace and who has been listed on the Spamhaus Block List."
WinXP on a Mac, round 2. fan777 writes "Slashdot recently posted a story regarding blurry Flickr photos on what may be the first WinXP installation on a Mac. To those who claimed heavy photochopping, narf2006 has finally released a blurry video (Complete with Mirror || Torrent)."
Juniper drops message board suit. It seems that Juniper Networks has finally come to their senses and dropped the suit against several unidentified LightReading message board users. From the article: "What is still unknown is whether or not Juniper ever uncovered the identities of "Does 1-10." The company's complaint cited several messages that got the company riled up, and most those messages allege that Juniper is bribing lawyers and spying on its employees."
Vint Cerf answers TLD questions. netzer writes "CircleID is running responses they have received from Vint Cerf on the questions submitted to him from the community with regards to top level domains."
PriceRitePhoto gets relisted. Thomas Hawk has an interesting blog entry in which he details how PriceRitePhoto, the online retailer who gained so much recent infamy, has been relisted on Yahoo! shopping after only a three month penance. From the article: "What was interesting to me at the time when the PriceRitePhoto story was going on was that PriceRitePhoto had supposedly been delisted a year earlier from comparison shopping site PriceGrabber. What I never could get is how after being delisted on PriceGrabber that PriceRitePhoto ended back on there a year later to try and rip me off. Of course that first delisting didn't get the visibility that mine did, but not to worry, not only is PriceRitePhoto back in business at Yahoo! Shopping, they are back in business on PriceGrabber as well. This after being delisted there at least twice that I know of."
RIM goes on the offensive for patent reform. flanman writes to tell us it seems that RIM has decided to continue the patent reform fight even after giving up their recent court battle. RIM is running full page ads in a number of US newspapers urging lawmakers to change the way patents are issues and managed. RIM also has more details on the Blackberry site.
Normally I would say that PriceRitePhoto was relisted for a simple reason: money...except that in this case, I can't see where _anyone_ would profit from them being relisted. Am I wrong here? Does Yahoo! or PriceGrabber somehow make money from them being relisted? (bribes?)
For those who don't want to sell their souls to Quicktime heres the Video
Artificial intelligence is no match for natural stupidity
Look, I'll agree the patent system needs a major overhaul, in fact, most people well versed in patent law feel the same way. RIM did not lose this case because of bad patent law. They lost the case because they made really bad decisions. Their two major arguments (that the Intel processor in the BB was the mobile device, not the BB itself; that RIM's Canadian servers weren't subject to US patent law) were BLATANTLY contradicted by US Patent law precedent and by the U.S.C. (US Code of Law). Not only that, their courtroom and executive behavior was asinine. They infuriated the Judge (District court Judge James Spencer), may have been lying in their testimony (about procedure MANDATED by US federal law!), and filed the SAME motion FOUR TIMES (it was beat 4 times, by the same argument; James Spencer began to wonder if there was something wrong with his hearing). RIM had an easy win, but lack of technical expertise in their legal decisions (lawyers usually know the LAW, not technology) and simple good corporate behavior, and NTP would likely have been sent packing. I also theorize that a critical argument could be made regarding obviousness, but it would require examining the fundamental precedent that NTP used, and judging its usefulness. Alas, that is another topic for another day (and hopefully a scholarly publication for myself, but I digress...). Patent Law would have protected RIM, if they hadn't shot themselves in the foot. Patent law was not the problem here.
I sure would like to know how that was accomplished. Even though the video is interesting it doesn't really tell the tale.
For all we know it could just be a full-screen movie of a Windows XP install/boot that's running. I want some information on how he got XP to talk EFI.
I enjoy large posteriors and I cannot prevaricate.
If you don't stop your whiny attitude, we are gonna send somebody to your house to beat you up.
Sincerely,
PriceRitePhoto
For a sake of all the fanboys who are about the flood this article as well, I will make the mandatory cross-platform statement:
Q - Why would you want to run Windows XP on mac?
A - Dell was fresh out of quad core computers with three PCI-express slots and the ability to add 8 GIGABYTES of ram. Shucks.
I know that everyone always says, "oh, every big company is pro-patent", &c. &c., but i have to say that it's nice to see that a company that's been burned by shaky patents (RIM) has decided to pursue / support the effort towards patent reform. I hope that they are able to do something good.
Many people are wondering if the video is real or not. The obvious problem is that it could be a video from a Windows PC running on a Mac in full-screen, but there are a few problems with that theory. For example, I think at one point the resolution of the screen changes, complete with all the visual craziness that causes. What kind of video capture software would catch a screen resolution change like that?
People also noticed that the Windows boot screen changed. Instead of being a black background with a Windows logo and a little pulsating bar at the bottom (reminds me of the Knight Rider car), it is just the Windows logo on a greyish background. Maybe a result of the EFI hacking?
The other way it could be faked is if the screen isn't actually connected to the iMac at all. There could be a PC somewhere directly connected to the screen somehow. Personally, I think that would take a lot of hacking by itself, probably more effort than the average hoaxster is willing to commit.
WARNING: If accidentally read, induce vomiting.
Since the story didn't link to the blog, here it is: http://thomashawk.com/2006/03/yahoo-shoppers-bewar e-priceritephoto.html
Looks like state nullifciation isn't dead yet! Good job NH.
I was sceptic as well but if you watch carefully he actually turns on the Mac from sleep mode at one point (see teh white Led on the front). I cannot imagine that any computer could wake up and *instantly* playback full screen video. I just doesn't work like that.
For all I can tell this is real unless he managed to hook up the iMac's screen directly to a behind the scenes PC. Even then I would have doubts.
The little windows logo that replaces teh Mac at bootup tells me that this guy did his homework and was able to modify the EFI for it to load some custom bootloader
Artificial intelligence is no match for natural stupidity
For all we know it could just be a full-screen movie of a Windows XP install/boot that's running.
For all we know, it could be a broadcast by UFOs.
Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
No. Flash is evil. Adobe/Macromedia have done nothing to further the cause of web standards. You will use a cross-platform standard (MPEG) or you will use nothing at all.
Yeah Flash may be Evil but it's the only thing that will work in my office where the gestapo.. sorry admins I mean, have decided to remove all media players. So quicktime isn't even an option. Mpegs are blocked by the firewall and even if they made it through I would have nothing to read them with.
Flash rulez...
I found a really good summary of what could be the technique behind making this happen.. The chances are he is using the BOCHS hack for implementing a video bios. In the process of booting, windows does NOT take control until its kernal is fully loaded which is where the first screen flicker comes in. The *ONLY* way he could have done this way to connect the LCD of the Mac directly to a PC behind the scenes. However, even then, if you look at the model # of the hard drive, its the same one you find in the first intel imacs shipped. My conclusion is that it would take far too much work to make this a hoax so it must be real. I'm pretty sure this guy is using the Bochs technique.
Turnover in these departments tends to be pretty high. It wouldn't be unusual that whoever approved the relisting has no idea about what happened previously (unless they were alerted, which it appears they now have been).
I suppose one could say they ought to have a blacklist to check or some such, but who knows how the actual department functions or what the internal policies are.
-
which last year passed 100-0...
Damn! So much for Mr. Feingold...Thought we had a winner for a second.
What?
A - Dell was fresh out of quad core computers
Apple's fresh outta those, too, though likely not for that much longer (August for the PowerMac replacement?).
I'm convinced, for those that didn't catch on. I mean, people have every right to be skeptical, but I think anyone with enough time to put that much faking into a video is more than capable of actually doing the necessary hacking to run the real deal.
How are sites slashdotted when nobody reads TFAs?
Right when the XP final setup screen appears, the screen resolution changes such that the apparent image is smaller than the full LCD. However, if you look carefully in the video, you can see the mouse pointer go off into the black region of the LCD...how is this possible!?!? Not to mention, the parent did mention that the machine came out of sleep mode, it was not a complete boot of the machine, this could still all be within Virtual PC or something along the same lines. Oh yeah, and why on earth would someone buy a Mac to run Windows?
If you look at the textmode setup screen, you can see there's a 256MB USB key present (244MB storage device). Later after the GUI is booted, you can see under Disk Drives there's a Generic USB storage disk.
I'm willing to bet that what's happening here it that he's managed to copy the NT bootloader onto the USB drive and then boot to it. Booting to USB devices is, I believe, something that Apple supports. I know it's supported by every current BIOS so why should the next generation EFI have fewer features? Maybe if you plug in a bootable USB device, the EFI will boot it instead of the MBR on the primary disk drive...or more likely there's a hotkey to boot to USB devices like how holding "C" I think forces a boot to CD-ROM.
Anyway, the sneaky part is that booting to CD-ROM or USB kicks in all sorts of helpful things. Booting to most CD-ROMs (El Torito spec) creates a fake "A:" drive with the contents of the bootsector binary file. Ironically, you can't acccess the CD-ROM itself unless that bootsector loads a CD-ROM driver. Booting to USB drives, I would guess, creates Int 13 or 80h or whatver it's called...basically BIOS-compatible addressing for drives. This is how funky SCSI or RAID controllers can create drives that you can see in DOS, which has no idea how to access a 32-bit PCI device.
So my theory is that the Mac creates a C: drive and loads the NT installer kernal, at which point the installer loads the right driver to see the IDE drivers (or perhaps he loads the appropriate textmode driver for the actual disk controller). Once the kernal can see the drive, it can put the pointer in the BOOT.INI and format and partition it. Then, the USB drive becomes the boot drive (has BOOT.INI, NTLDR, etc) and the internal IDE drive becomes the system drive (\WINDOWS directory, pagefile, etc).
There are people who know how to boot the NT kernal from USB keys and even read-only media like CD-ROMs. I wonder if anyone has tried using a WinXP embedded bootable CD on an Intel Mac (like BartPE or the official Microsoft recovery one. It's a clever idea, and I wouldn't be surprised if this is the magic step. As a bonus, using the BIOS emulation provided by USB burning would probably bypass all of the trusted computing components since they are not DOS compatible.
Still, talk about making a sow's ear out of a silk purse!
-JoeShmoe
.
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
I know you can't be ultra-knowledgable about everything, but I would have thought that Vint Cert would know better than to talk about topics he's ignorant of.
A more serious problem has been that JAVA programmers for web pages often don't know that there are more than seven gTLDs and that many of them have more than three letters. That leads to rejection of email addresses and other entries into web forms that make reference to domain names. We need some educational outreach to fix that.
How about an educational outreach to explain that:
Wouldn't it have been quicker, easier and safer to simply say that web developers make forms that don't accept unusual email addresses instead of trying to include technical details of something you aren't familiar with?
You may even be right, but I still think we need reform.
I remember reading some patents currently in the system on the USPTO's official website during some Slashdot story and seeing an entry for something like "Method and Apparatus for Peri-Anal Hygine."
Should people really be able to patent the act of wiping one's ass?
The little windows logo that replaces teh Mac at bootup tells me that this guy did his homework and was able to modify the EFI for it to load some custom bootloader
My initial reaction to seeing that is that what's happening is they've hacked BootX (which is responsible for displaying the apple logo) to emulate BIOS. I don't know if that's possible, but it seems like a viable approach.
I think this probably proves it most of all http://contact.ebay.com/ws/eBayISAPI.dll?ReturnUse rIdHistory&requested=barclaysphoto
yay for id changes!
the fact of the matter is, is that the guy showed the back of the computer to prove that he hadn't hacked in to the machine. I have pulled apart imacs before the connections are usually the older bigger mac connectors. Typically you need an adapter to get them to boot another computer, but still. Although you could probably purchase the same harddrive that is in the newer imacs, I have come to the conclusion that this is possible. In fact buying the intel 945 chipset on the market isn't all that hard to do. So he could technically get the drivers for the ethernet and so forth on the Windows installation. Oh well it won't be long untill Bill Gates starts crying cause we hacked his operating system.
I was sceptic as well but if you watch carefully he actually turns on the Mac from sleep mode at one point (see teh white Led on the front).
What happened to the LED on the front? It shut off once Windows was installed; is this normal? Does it do this when you run Linux on a Mac?
A guy that I know that added me onto his political mailing list which is through Yahoo. However, he added me to the mailing list without my consent. I removed myself from the list several times, only to find myself readded several times. I told this guy that I didn't want to stay on the list, as well as reported him to yahoo several times... only to find myself to be readded to the mailing list.
Adding someone to a mailing list without their consent is against Yahoo's TOS, and they say that they take it very seriously. Apparently, this is not the case.
</rant>
Actually, I think it is more along the lines of this:
:)
EFI looks for a bootloader on certain types of filesystems. On the Intel Mac, HFS+ and FAT32 are supported, nothing else. So what you do is you write your own EFI bootloader which loads a CSM to get BIOS compatibility, and loads the NT kernel and so on. You can also patch the in-RAM copy of EFI with your bootloader to know how to load El Torito CDs to do the install as well.
Once you have a functional CSM and a bootloader that knows how to load the NT kernel, you are pretty much set. However, because of the FAT32/HFS limitations, you still need some sort of small bootstrap partition for your bootloader. In this case, what is better than a USB key? You can quickly change the files under OS X, and reboot straight to it for testing your changes.
With regards to the CAN-SPAM issue, sure, spam is bad and spammers are evil. But does anyone really want a court system where there's no requirement to prove that the defendent was aware of the illegal activities of their subcontractors? Just saying they "should have been" is emotionally rewarding, but I for one am glad that the judge here is insisting on proof.
-b
If I wanted a sig I would have filled in that stupid box.
Isn't easier to write a EFI boatable program that loaded one of the open source bios and then trashed everything setup by the EFI boot loader and called the reset vector of the old style bios?
I just talked to Joe about this.
The judge ignored the California spam law in this case, which provides almost strict liability. The "expert" for Kennedy Western said that the headers could have been forged by Hypertouch and Joe's family members. Even though the people that that KW hired said that they probably was not.
What you talking about "knowing" requirment creates the Sargent Schultz Defense. And they don't want to know anything since they profit from the spam. Now, if KW, displayed verified "affiliate" information when you went to their website, then I might agree with you. They want to know nothing.
Fight Spammers!
How hard would it be to record a video of this demo done on a PC before hand, and then rig up your iMac to display it fullscreen? Surely mplayer or VLC will build on OSX even if quicktime isn't discreet enough about the process.
One thing I might point out is that during the login / welcome to windows thing, the screen doesn't take up the whole screen. Its been some time since I last reinstalled windows, is this normal?
I Browse at +4 Flamebait
Open Source Sysadmin
also on the Windows install/format screen you can see a 300mb FAT entry = usb key ?
Is OpenSource a brand name?
Although the ComputerWorld article mentions open source too, Peter Quinn's main battle is (was?) over open standards - a very different topic. Microsoft likes to confuse them so they can say that Massachusetts is excluding them. That's not true - they are free to implement the open standard (Open Document) in their closed source.
Please don't confuse the two.
Graham
Yeah, on the first-boot screen Windows does that and it's all natural. The image that they show stating "Please Wait" is at 680x480 and Windows normally changes the resolution to 800x600. And you are free to move the mouse cursor werever you want.
Another idiocy of Windows.
The hip way to get your IP. No ads, ever.
I forget if you sleep your system if the RDC comes back with it but why didnt he simply use VNC or some other remote system.
BTW did you see that it had a Microsoft Power Adapter attached. Mighty suspicious to me.
If it is for real then congratulation narf2006 on doing it. Now simply make it dual boot and a unedited high-res static cam of the install to satify us all.
Procrastinating life a way at a rapid rate of speed.
Reinvent the wheel only at either a lower cost, greater effectiveness, or your own personal enrichment and satisfaction.
For once the feds realized that something is a state matter and beyond their control. However, the feds can regulate themselves, such as specifying what federal offices will accept as valid identification. The law basically says they won't accept any state identification that doesn't comply with some basic rules, such as being in the country legally (something so sensible that it's not done in all states).
States are free not to comply, but they might get some gripes from the people trying to collect their welfare checks with no valid ID.
If it was as simple as booting off a usb drive, it would be done already. Long ago. The problem is that windows needs a BIOS. It's looking in the BIOS region for video support and other things that simply aren't there. Apple doesn't have one with the iMac, so booting off the drive can't "create an int 80h" and expect regular BIOS things to happen.
The most plausible trick I've seen thus far is writing a new bootloader that copies one of the open source BIOSes (who would have thought they'd be useful!?) into the region of memory windows / windows installers expect to find this stuff.
I Browse at +4 Flamebait
Open Source Sysadmin
but_i'm_a believer
Muzik.4.Machines
As for the whole thing being a demo, we can't rule it out, but the whole bit about it going into sleep mode (or whatever it's called, if not just plain off) seriously complicates that. As someone said at some point, would it really be able to return from sleep mode back instantly into fullscreen video? Quite unlikely imo. But my experience with Macs is limited to... umm... trying to fix a printer setting on an old PowerPC my grandparents have, which is probably running OS3 or something (back when Macs were just beige boxes too).
How are sites slashdotted when nobody reads TFAs?
I say thumbs up to the State of New Hampshire for refusing to go along with the Real ID Act of 2005. Unfortunately, NH is a small state that the Federal Gov't can easily ignore their citizens. If one of the heavily populated states such as California, New York, Texas decide not to go along and are defiant towards the Federal Gov't like NH, the house made from the deck of cards known as the Real ID Act will come tumbling down.
One of the most onerous provisions of the Real ID Act is requiring states to electronically link their driver databases. I don't know how extensive this will be. The worst case scenario is another state can add violations to a different state's driver's record. Best case would be states can access other states records on a "read only" basis. One of the biggest pitfalls are states with very strong privacy laws can be accessed from states with weak privacy laws. The strong privacy laws are no good ! The original language of the act required states to join an international compact known as the Driver License Agreement (DLA) which would not only other states can access your state's records but also foreign countries starting with Canada and Mexico. The foreign countries do not even have to comply with the Driver Privacy protection Act. If I was a stalker and I was interested in finding a certain person who went through all steps to protect themselves such as with unlisted phone numbers, I can go to Mexico, pay off a corrupt official (easy to find) to get the given information.
The author of the Real ID Act of 2005 was Francis James Sensenbrenner, Jr. of Wisconsin. An interesting item about him, he bullies people to get his way and does not take kindly to people who dare to disagree with him ! When it was time for people to testify against the PATRIOT Act, he got up, walked out of the hearing room, turned off the microphones. He acted like the Democrats. With his arrogance, he is not fit to be Congressman. Even though I am a Libertarian who usually votes Republican, I am having thoughts of giving money to his Democrat opponent.
This law was passed through the most underhanded ways. It was attached to a must pass appropriations bill. It would have never passed the Senate as a standalone bill. When the standalone bill was assigned to the Senate Judiciary Committee, it was not given a hearing. The Real ID Act was also included in the House provisions of the Intel Reform bill that was later removed and passed at the end of 2004 in the 108th Congress.
The best way to get rid of this law is to tell people and get them pissed off enough to where they raise hell with their Congressman and demand a repeal.
Also a heads up, the DLA provision that didn't make the Real ID Act, it is included in the immigration bill under the Scott Gardner Act. Contact your Congressman. Raise hell about this DLA in the immigration bill and raise hell about the Real ID Act and politely & diplomatically tell him how much it stinks !
Lastly, not many people remember back in 2001, the CEO of Oracle, Lawrence Ellison mentioned that it is time for a National ID card here in the US. At the time, there were more congressman with common sense that put a kibosh on this like Rep. Dick Armey, Rep. Bob Barr who no longer are members of Congress. This leaves a question, how much lobbying money did Larry Ellison put in to get this asinine law passed.
"If you are on fire you can just stop, drop, and roll. If you fall into Lava you are just dead." - my 5yr old daughter
Translation: "Fuck. You got me there. I'll throw a bunch of acronyms at you and hope you're distracted enough to not notice I'm not competant and ethicial enogh to help you buy a toaster. Anything else should be deferred to committee. We may have to make a new committee. This will cost more money; we shall raise domain prices. Thanks for asking and thanks for playing ICANN roulette. We take PayPal and ship internationally.
Translation: Hi Randy, pass me a beer would you? Oh and for the benefit of our home audience it would be helpful to pretend we don't know each other. The potential improproiety of us being joined at the hip for 30 years cannot be seen by the maggots out there. God forbid they figure out what a short meaningfull easy to remember domain name means in todays i-electro-my-company-here78.com world. We need more money to study this.
HELLO MY TRADEMARK OWNING FRIEND! Marty your name hasn't graced our PayPal inbox recently; we do ship internationally and I'm sure this is an administrative oversight on your part. Anything you want is fine with me buddy, you're the boss, just write what you want on the back of a check and we're there for ya buddy. Um, see if you can get
From the Blues Brothers:
... IMPOUND VEHICLE
Jake: Goddamned.
Elwood: Man, I haven't been pulled over in six months. I bet those cops have got SCMODS.
Jake: SCMODS?
Elwood: State County Municipal Offender Data System.
(The cops do have SCMODS, Elwood has a record:
BLUES, ELWOOD
ILLINOIS LICENSE : B263-1655-2187
CURRENTLY UNDER SUSPENSION
WARRANTS OUTSTANDING : PARKG. 116
MOVING VIOLATIONS : 56
ARREST DRIVER
Officer Daniel returns to the car)
Officer Daniel: Elwood, we show your license currently under suspension. Step out of the car please.
(Elwood and Jake look at each other. Elwood starts the car and drives off, the police follow them)
Jake: First you trade the Cadillac for a microphone. Then you lie to me about the band, now you're gonna put me right back in the joint.
Elwood: They're not gonna catch us. We're on a mission from God.
Jake: Elwood...!
IIRC, Intel-based Apples don't support El Torito, and they definitely don't support all the assorted legacy BIOS calls you need to run the standard Windows bootloader (hence why it's so difficult).