Here's the feedback I submitted: I am glad my ISP doesn't pay to access espn360.com. If they did, they would be passing the charge through to all their customers, and I would be subsidizing their customers who want to watch espn360.com. You should follow an individual subscriber model instead of trying to make money off me when I don't want your service. I will encourage my ISP to *not* pay for espn360.com. Regards, Vic.
I encourage folks to flood the feedback form. Not that they'll read or respond, but to let them know that some people are keeping an eye on them and think that they're pricks.
Wouldn't it be better to use 0.0.0.0 instead of 127.0.0.1? The latter attempts to connect while the former doesn't bother. And it helps when you're running a local server:)
People will tell you to not do it - it can cause problems - but I replace 127.0.0.1 with 0.0.0.0 for every address in the hosts file *except* localhost, which remains 127.0.0.1. Functionally, I encounter no issues, and you're correct, page loading is quicker because you're not waiting for the connection.
From about 8-10ish most of the US news sites were melted down on 9/11.
That's what I recall as well. cnn.com, for example, was completely hosed for a couple of hours, and then was dropped back to a very simple page with a heading like 'America Under Attack' with at least one picture on it. No more links that I can recall.
Here's a community that looks to be more recently active (that is, it has been dormant for a shorter period) than the original IBM site, having taken the last IBM build and worked on it - http://www.opendx.org/news.html.
Disclaimer: I looked at OpenDX for a project, but never went anywhere with it.
The Beatles wrote straight-up, standard pop music. There is nothing particularly noteworthy about them,... [ snip ]..., but they aren't really any more skilled or special than, say, Smashing Pumpkins.
I'm being constructive here... take the time, read one of Alan Pollack's Notes On... Series, say 'Strawberry Fields Forever' at http://www.icce.rug.nl/~soundscapes/DATABASES/AWP/sff.shtml, listen to the song, and then point me at one of Billy's songs that is 'particularly noteworty' in comparison.
Or maybe you just dig S.P.'s more that the Beatles... if so, that's fine. Then let's talk about it in that context.
But there is nothing 'straight-up' or 'standard' about SFF. It's a fucking cool song and it is innovative, sophisticated and was ground-breaking in many different ways.
Okay, so I probably deserve a troll mod on this, but for chrissakes why do we still see submissions referencing articles by Adrian Kingsley-Hughes on/.?
Even *Adrian* can't figure out whether he's a Microsoft apologist or an MS shill, which is presumably why he flips back and forth between the two modes.
I know, I know. I don't have to read them - who reads TFA on/. anyway? But it's like this grim fascination which, once it's been presented to me, I can't resist; out of body, I watch myself, horror struck as I click through to TFA, start twitching when I see it's AK-H, screaming gibberish and invective until I run out of lickspittle...
And to top it all off, he's got a hyphenated surname, pretentious ginga that he is.
Remember, only incompetent admins apply patches without testing them.
Okay, I'll bite on playing devil's advocate here - so what's your test proc?
This is an patch developed and distributed by the OS manufacturer. I don't know what files are being touched by the fix, but how are your folks testing against those files, all apps which touch those files in execution, and what constitutes a successful test?
I agree with what you're saying in principle, but in practise it is very difficult to truly test OS vendor patches comprehensively. How do you ensure that every piece of functionality used by apps (and thus users) is not borked by the patch?
The Bloomberg/Google slipup a while back also caused large-scale losses, in that instance to United Airlines.
Good catch. While the market rebounded on United when the error was noted and disseminated, IIRC correctly United's capitalization dipped $1.1 billion and rebounded $800 million. This does illustrate the delicate nature of wealth which exists by virtue of perception - $300 million can disappear pretty quick. But I'm not sure that there is any other kind of wealth... ?
While I agree with the substance of you comment - Investments need to be chosen based on real data - I think the idea of what is real data is probably changing and up for grabs somewhat.
Note that there was human intervention in the Bloomberg/United fiasco - my understanding is that it was pulled from Google and placed in Bloomberg's service, but I don't have a citation for that. The lack of a date on the original post didn't help either.
I dunno. They've got a bunch of encrypted documents attached to your gmail address. Whether that is equivalent to having your e-mail is a topic for healthy debate, I'd say.
I've never liked the K&R, even later versions, much preferring Harbison & Steele
I'll second the Harbison & Steele recommendation, but push for a K&R recommendation - it's just a fun and informative read. A copy of each of this books is all that I every really needed (and I wasted money on other books that I shouldn't have, including one by Schildt before I knew any better). Of course, I'm 12 years out of doing any serious coding for a living, so what the hell do I know?.
about online presence. For this comp.lang.c remains the most useful.
Again, I second this recommendation. Read, think and learn. If you're going to post, check the FAQ first for questions, and if you're answering, make sure you know what you're talking about. There are an awful lot of very smart people reading your post, and you won't get away with anything trite or bs.
This wouldn't have even been an issue if she'd used encryption.
Hear, hear. You don't need a reason to encrypt your mail beyond the fact that it is your mail. Looking at my gmail inbox, I guess you can tell something about date and time of mailing, frequency of mailing to particular addresses, and get a view into what a message is about through the subject line - and that's more than anyone should know already by just looking at my inbox. It's very satisfying to look at my gmail account and see all those encrypted messages in the inbox as well as encrypted copies to self.
Fuck 'em. If they want to read my mail, they at least have to work at it. And then suffer the disappointment of endless shit from my family about taking my Mother shopping Saturday morning.:)
Okay, that's not bad - skip update(s) you don't like. How about just skipping *all* updates? Here's my approach - we'll see if it turns out I'm a moron, or not...
Install FF. Never run IE (any rev) again. Install NoScript. Be fascistic about not running JS on pages. Go to Black Viper's page ( http://www.blackviper.com/ ). You'll find others beyond that. Use BV and others to turn off every damn service you can manage. And then turn off a few more.:)
Put all data you give any sort of a kentucky about into a Truecrypt partition. I should probably change this to full disk encryption using Truecrypt. Get the sysinternals utilities so you can tell what's going on in your system. Get a Rootkit Revelaer-type utility. Install Avast! (optional if you're not a bonehead about running shit you shouldn't). Ditto for Spybot. Run HijackThis on a regular interval.
Install and run Open Office instead of MS Office.
Put stuff you care about - like on-line banking - into an environment you have more trust in. For example, for on-line banking, I launch a vmplayer Damn Small Linux virtual machine that suspends on shutdown, so when it fires up it is running FF and has loaded my bank's page (takes about 11 steamboats to launch and let me start entering my bankcard number).
I run behind a Tilgin broadband router.
Windows Firewall is shutdown (in fact it won't run because of required services behind it being shut down - thanks, BV). Automatic Updates are also turned off.
Or, if you can, avoid this hassle and dump Windows. For example, switch to Ubuntu. I have *one* app left, and it is getting converted to a web interface, so Ubuntu here we come. And yes. I am aware that Ubuntu will come with its own administrative overhead.
I'm not a U.S. citizen, nor do I live in the U.S. But that COINTELPRO wiki read is enough to stand anyone up and make 'em pay attention: national law enforcement agency is frustrated with Supreme Court rulings limiting the Government's power to proceed overtly against dissident groups so it starts up domestic covert operations designed to disrupt any 'dissident' group and prevent the exercise of First Amendment rights of speech and association, with no oversight, and in the end, with no censure. Apparently much documentation still remains unreleased (that's a wikipedia assertion, so I'm not sure exactly what that means).
I'm not trying to do a Chicken Little here, but do Americans feel that TFA is just more of what has been seen in previous years (e.g. COINTELPRO), or is there a fundamental change to the relationship between the police and the American public occurring?
I know it sounds like high moral ground apple pie crap, but at this point it is true: it's time to stop giving money to companies that treat their customers and the public so shabbily. Fuck Sony. Fuck Universal. Fuck Warner Bros. Especially, Fuck Sony - they do at least double duty.
Find local theatre groups - go see live actors. Check out local bands - go see live music. Video games - well, I don't know what to there, but someone will have a suggestion.
I'm not interested in buying their crap, taking their crap, listening to their crap, pirating their crap, or watching their crap.
They're behind the people who sue. They're directly responsible for rootkit installations to support their DRM. They're behind the distribution of lies such as this material in TFA. Okay, well, we don't know the last part, but I'm guessing.
No Más. Let's spend our money buying entertainment from people who give a shit.
The shutdown of the Shadow bot is an interesting co-operative effort, but does it give rise to a new layer within the onion? We can expect phishing mails to now represent themselves as anti-malware agency/company X, telling you you're infected and pointing to a page with convenient 'utilities' for 'cleaning' your desktop up.
How is a user to differentiate between legit and attacking communications?
I went and had a look at the thread (dated from Jul 30 2001) referenced in the excerpt at djb's site (follow the posting link in the URL above). As far as I can tell, Jim Reid was pooh-poohing the usefulness of port randomization, the approach used as an emergency backstop against Kaminsky's attach just over seven years later. To be fair, Reid was doing so in the context of advocating for Secure DNS.
djb drives people crazy (particularly the BIND folks), but he's someone to listen to - is it the case, as I understand from reading through these docs, that in 2001, djb's dnscache performed the port randomization that everyone's been scrambling to deploy over the past several weeks for other implementations, including BIND?
Does This 'Ask Slashdot' have the air of a troll to anyone else? It's like the questioner is serving it up so that every Google-hating/privacy-loving/I-told-you-so'er can go *apeshit* on it.
That's some pretty high moral ground you're seizing there, brother. I can't argue with the ideals you're espousing in the your final sentence. However...
They think of themselves as the "Middle Kingdom" and believe that they are so above everyone else that their rules do not matter, only theirs.
errr... what? Anyway, perhaps you could hold yourself to similar high ground when it comes gross generalizations about the beliefs of every Chinese. Developed third party, too, it would seem:
Several friends have visited China over the years and all of them have said the same thing
An (sic) live exploit was demoed using a non-cisco sslvpn vendor during the session.
I guess I'm not afraid to demonstrate my incompetence before the entire world, but I searched for results in the two months for i) generic ssl vpn fix, ii) nortel ssl vpn fix and iii) microsoft ssl vpn fix, and came up empty handed.
Or are they talking about the Debian OpenSSL key debacle? Or maybe I should drop the "fix".:)
A week ago I was booked for flight and hotel by a client's travel service. The e-ticket showed up in one of my Gmail accounts (multiple accounts with +append addresses and thought-through forwarding really does help) along with address info and an expense form. Google's integrated service meant that I was able to move between e-mail, the expense form and the mapping service while all the while auto-formatting/transferring documents between services. It worked very well.
Seriously, it just wasn't worth the hassle of doing a Save As... waiting for Office to fire up, and then attaching the resultant file(s) back into the mail service.
Obviously YMMV, and I wasn't doing anything particularly sophisticated. But I could do everything I wanted in a browser, and that's where the data showed up originally, so why move it anywhere else?
Slashdot Mirror
I get the same message. Here's the URL for their feedback form: http://espn.go.com/broadband/espn360/feedback.
Here's the feedback I submitted: I am glad my ISP doesn't pay to access espn360.com. If they did, they would be passing the charge through to all their customers, and I would be subsidizing their customers who want to watch espn360.com. You should follow an individual subscriber model instead of trying to make money off me when I don't want your service. I will encourage my ISP to *not* pay for espn360.com. Regards, Vic.
I encourage folks to flood the feedback form. Not that they'll read or respond, but to let them know that some people are keeping an eye on them and think that they're pricks.
Wouldn't it be better to use 0.0.0.0 instead of 127.0.0.1? The latter attempts to connect while the former doesn't bother. And it helps when you're running a local server :)
People will tell you to not do it - it can cause problems - but I replace 127.0.0.1 with 0.0.0.0 for every address in the hosts file *except* localhost, which remains 127.0.0.1. Functionally, I encounter no issues, and you're correct, page loading is quicker because you're not waiting for the connection.
YMMV, but that's my experience.
From about 8-10ish most of the US news sites were melted down on 9/11.
That's what I recall as well. cnn.com, for example, was completely hosed for a couple of hours, and then was dropped back to a very simple page with a heading like 'America Under Attack' with at least one picture on it. No more links that I can recall.
Here's a community that looks to be more recently active (that is, it has been dormant for a shorter period) than the original IBM site, having taken the last IBM build and worked on it - http://www.opendx.org/news.html.
Disclaimer: I looked at OpenDX for a project, but never went anywhere with it.
The Beatles wrote straight-up, standard pop music. There is nothing particularly noteworthy about them, ... [ snip ] ..., but they aren't really any more skilled or special than, say, Smashing Pumpkins.
I'm being constructive here ... take the time, read one of Alan Pollack's Notes On ... Series, say 'Strawberry Fields Forever' at http://www.icce.rug.nl/~soundscapes/DATABASES/AWP/sff.shtml, listen to the song, and then point me at one of Billy's songs that is 'particularly noteworty' in comparison.
Or maybe you just dig S.P.'s more that the Beatles ... if so, that's fine. Then let's talk about it in that context.
But there is nothing 'straight-up' or 'standard' about SFF. It's a fucking cool song and it is innovative, sophisticated and was ground-breaking in many different ways.
If anyone knows why my comments recently started appearing with score 1, despite "Excellent" karma, I'd love to hear.
You show with a starting score of 1 and a karma bonus modifier of +1 here for a total of 2 - what I would expect with Excellent karma.
Few are the IT veterans who don't know Esther Dyson
There's got to be a joke about anonymity in here somewhere, but has anyone else never heard of Esther Dyson before this article?
Maybe I'm not an Internet Veteran? I think I know what Usenet is, doesn't that get me in the club?
Okay, so I probably deserve a troll mod on this, but for chrissakes why do we still see submissions referencing articles by Adrian Kingsley-Hughes on /.?
Even *Adrian* can't figure out whether he's a Microsoft apologist or an MS shill, which is presumably why he flips back and forth between the two modes.
I know, I know. I don't have to read them - who reads TFA on /. anyway? But it's like this grim fascination which, once it's been presented to me, I can't resist; out of body, I watch myself, horror struck as I click through to TFA, start twitching when I see it's AK-H, screaming gibberish and invective until I run out of lickspittle ...
And to top it all off, he's got a hyphenated surname, pretentious ginga that he is.
This is about 20 kms away from me. I think some investigation might be in order. :)
Remember, only incompetent admins apply patches without testing them.
Okay, I'll bite on playing devil's advocate here - so what's your test proc?
This is an patch developed and distributed by the OS manufacturer. I don't know what files are being touched by the fix, but how are your folks testing against those files, all apps which touch those files in execution, and what constitutes a successful test?
I agree with what you're saying in principle, but in practise it is very difficult to truly test OS vendor patches comprehensively. How do you ensure that every piece of functionality used by apps (and thus users) is not borked by the patch?
The Bloomberg/Google slipup a while back also caused large-scale losses, in that instance to United Airlines.
Good catch. While the market rebounded on United when the error was noted and disseminated, IIRC correctly United's capitalization dipped $1.1 billion and rebounded $800 million. This does illustrate the delicate nature of wealth which exists by virtue of perception - $300 million can disappear pretty quick. But I'm not sure that there is any other kind of wealth ... ?
While I agree with the substance of you comment - Investments need to be chosen based on real data - I think the idea of what is real data is probably changing and up for grabs somewhat.
Note that there was human intervention in the Bloomberg/United fiasco - my understanding is that it was pulled from Google and placed in Bloomberg's service, but I don't have a citation for that. The lack of a date on the original post didn't help either.
http://www.technewsworld.com/story/64440.html
Err, no. Google's still got your mail.
I dunno. They've got a bunch of encrypted documents attached to your gmail address. Whether that is equivalent to having your e-mail is a topic for healthy debate, I'd say.
I've never liked the K&R, even later versions, much preferring Harbison & Steele
I'll second the Harbison & Steele recommendation, but push for a K&R recommendation - it's just a fun and informative read. A copy of each of this books is all that I every really needed (and I wasted money on other books that I shouldn't have, including one by Schildt before I knew any better). Of course, I'm 12 years out of doing any serious coding for a living, so what the hell do I know?.
about online presence. For this comp.lang.c remains the most useful.
Again, I second this recommendation. Read, think and learn. If you're going to post, check the FAQ first for questions, and if you're answering, make sure you know what you're talking about. There are an awful lot of very smart people reading your post, and you won't get away with anything trite or bs.
This wouldn't have even been an issue if she'd used encryption.
Hear, hear. You don't need a reason to encrypt your mail beyond the fact that it is your mail. Looking at my gmail inbox, I guess you can tell something about date and time of mailing, frequency of mailing to particular addresses, and get a view into what a message is about through the subject line - and that's more than anyone should know already by just looking at my inbox. It's very satisfying to look at my gmail account and see all those encrypted messages in the inbox as well as encrypted copies to self.
Fuck 'em. If they want to read my mail, they at least have to work at it. And then suffer the disappointment of endless shit from my family about taking my Mother shopping Saturday morning. :)
... Reboot and WGA will never bother you again.
Okay, that's not bad - skip update(s) you don't like. How about just skipping *all* updates? Here's my approach - we'll see if it turns out I'm a moron, or not ...
Install FF. Never run IE (any rev) again. Install NoScript. Be fascistic about not running JS on pages. Go to Black Viper's page ( http://www.blackviper.com/ ). You'll find others beyond that. Use BV and others to turn off every damn service you can manage. And then turn off a few more. :)
Put all data you give any sort of a kentucky about into a Truecrypt partition. I should probably change this to full disk encryption using Truecrypt. Get the sysinternals utilities so you can tell what's going on in your system. Get a Rootkit Revelaer-type utility. Install Avast! (optional if you're not a bonehead about running shit you shouldn't). Ditto for Spybot. Run HijackThis on a regular interval.
Install and run Open Office instead of MS Office.
Put stuff you care about - like on-line banking - into an environment you have more trust in. For example, for on-line banking, I launch a vmplayer Damn Small Linux virtual machine that suspends on shutdown, so when it fires up it is running FF and has loaded my bank's page (takes about 11 steamboats to launch and let me start entering my bankcard number).
I run behind a Tilgin broadband router.
Windows Firewall is shutdown (in fact it won't run because of required services behind it being shut down - thanks, BV). Automatic Updates are also turned off.
Or, if you can, avoid this hassle and dump Windows. For example, switch to Ubuntu. I have *one* app left, and it is getting converted to a web interface, so Ubuntu here we come. And yes. I am aware that Ubuntu will come with its own administrative overhead.
http://barrapunto.com/ I believe the title literally translates to "Slashdot"
And hey, if you Google translate barrapunto.com from Spanish to English, it's more better grammar, too!
http://translate.google.ca/translate?u=http%3A%2F%2Fbarrapunto.com%2F&sl=es&tl=en&hl=en&ie=UTF-8
I'm not a U.S. citizen, nor do I live in the U.S. But that COINTELPRO wiki read is enough to stand anyone up and make 'em pay attention: national law enforcement agency is frustrated with Supreme Court rulings limiting the Government's power to proceed overtly against dissident groups so it starts up domestic covert operations designed to disrupt any 'dissident' group and prevent the exercise of First Amendment rights of speech and association, with no oversight, and in the end, with no censure. Apparently much documentation still remains unreleased (that's a wikipedia assertion, so I'm not sure exactly what that means).
I'm not trying to do a Chicken Little here, but do Americans feel that TFA is just more of what has been seen in previous years (e.g. COINTELPRO), or is there a fundamental change to the relationship between the police and the American public occurring?
I know it sounds like high moral ground apple pie crap, but at this point it is true: it's time to stop giving money to companies that treat their customers and the public so shabbily. Fuck Sony. Fuck Universal. Fuck Warner Bros. Especially, Fuck Sony - they do at least double duty.
Find local theatre groups - go see live actors. Check out local bands - go see live music. Video games - well, I don't know what to there, but someone will have a suggestion.
I'm not interested in buying their crap, taking their crap, listening to their crap, pirating their crap, or watching their crap.
They're behind the people who sue. They're directly responsible for rootkit installations to support their DRM. They're behind the distribution of lies such as this material in TFA. Okay, well, we don't know the last part, but I'm guessing.
No Más. Let's spend our money buying entertainment from people who give a shit.
[/rant]
The shutdown of the Shadow bot is an interesting co-operative effort, but does it give rise to a new layer within the onion? We can expect phishing mails to now represent themselves as anti-malware agency/company X, telling you you're infected and pointing to a page with convenient 'utilities' for 'cleaning' your desktop up.
How is a user to differentiate between legit and attacking communications?
And the beat goes on ...
For those that haven't seen it, djb threw up some information regarding this problem and various options a few years ago.
http://cr.yp.to/djbdns/forgery.html
I went and had a look at the thread (dated from Jul 30 2001) referenced in the excerpt at djb's site (follow the posting link in the URL above). As far as I can tell, Jim Reid was pooh-poohing the usefulness of port randomization, the approach used as an emergency backstop against Kaminsky's attach just over seven years later. To be fair, Reid was doing so in the context of advocating for Secure DNS.
djb drives people crazy (particularly the BIND folks), but he's someone to listen to - is it the case, as I understand from reading through these docs, that in 2001, djb's dnscache performed the port randomization that everyone's been scrambling to deploy over the past several weeks for other implementations, including BIND?
Or am I mis-interpreting here?
Does This 'Ask Slashdot' have the air of a troll to anyone else? It's like the questioner is serving it up so that every Google-hating/privacy-loving/I-told-you-so'er can go *apeshit* on it.
Game ideas are ten a penny
It's worse than that, man - it's a ha' penny.
[And for the humour-impaired, yes I know that "ten a penny" is less that "one ha' penny, two ha' penny"]
http://en.wikipedia.org/wiki/Hot_cross_bun
That's some pretty high moral ground you're seizing there, brother. I can't argue with the ideals you're espousing in the your final sentence. However ...
They think of themselves as the "Middle Kingdom" and believe that they are so above everyone else that their rules do not matter, only theirs.
errr ... what? Anyway, perhaps you could hold yourself to similar high ground when it comes gross generalizations about the beliefs of every Chinese. Developed third party, too, it would seem:
Several friends have visited China over the years and all of them have said the same thing
So TFA says that"
An (sic) live exploit was demoed using a non-cisco sslvpn vendor during the session.
I guess I'm not afraid to demonstrate my incompetence before the entire world, but I searched for results in the two months for i) generic ssl vpn fix, ii) nortel ssl vpn fix and iii) microsoft ssl vpn fix, and came up empty handed.
Or are they talking about the Debian OpenSSL key debacle? Or maybe I should drop the "fix". :)
A week ago I was booked for flight and hotel by a client's travel service. The e-ticket showed up in one of my Gmail accounts (multiple accounts with +append addresses and thought-through forwarding really does help) along with address info and an expense form. Google's integrated service meant that I was able to move between e-mail, the expense form and the mapping service while all the while auto-formatting/transferring documents between services. It worked very well.
Seriously, it just wasn't worth the hassle of doing a Save As ... waiting for Office to fire up, and then attaching the resultant file(s) back into the mail service.
Obviously YMMV, and I wasn't doing anything particularly sophisticated. But I could do everything I wanted in a browser, and that's where the data showed up originally, so why move it anywhere else?