I just erased most of my RvB files last night -- looking for spare space and thinking "it's been a while since I've had a use for them"....
sigh.....
Murphy was an optimist.
In most cases that I'm aware of, the threat of litigation concerning violations of the GPL has been enough to gain compliance.
Obviously, this is not currently the case with SCOX.
SCO is already dead. They know it. They're living off of borrowed time trying to collect whatever they can before the gallows trap door opens out underneath them.
You can't threaten a dead man.
As the ghost in RvB said (paraphrase):
Or else
what? I"m already dead! What are you gonna do? Shoot me? Again?
Three thousand dollars???? Are you off your friggin rocker???!!!
People who complained about the $500 setup probably never got down to the section quoted below....
RGB's GalleryPlayer service,... charges $195 per month for 60 to 100 different digital images of classic paintings and photography,.....
RGB customers also need to purchase a $3,000 company-provided computer- like box.....
Instead of snipers up in the hills, you'll be looking for camoflaged RFID reception parabolic mirrors.
Sir! Signals intelligence indicates that the enemy has just dispatched 1 bradley fighting vehicles and 4 APCs with 34 marines -- probably from the 3rd batallion -- which indicates that they've recieved reinforcements.
Thank you corporal. Anything else to report?
A four day supply of food and 50,000 rounds of ammunition.
That definitely indicates reinforcements.. Yesterday's patrol had a 1 day supply and only 8000 rounds of ammunition
This, of course, would open up entierely new avenues of misinformation:
Sir: I've got bad news and more bad news. The first bad news is that Division headquarters has said that they can't get rienforcements to us for another 4 days and they can only do one -- very small -- supply drop. The other bad news is that I think we've found an enemy RFID reciever pointed at our east gate.
Thank you Seargent. Tell your men that they are NOT to destroy the RFID reciever, then tell signals to request that the supplies shipment include 35 sets of uniforms that have been used by members of another batallion as well as the RFID tags from their weapons and the RFID tags from 200 boxes of ammunition. and 500 MREs.
Sir?
That's all Seargent. I'll explain the rest to you later.
The most beautiful thing about this is that ESR's commentary about SCO's legal and political shenanigans has now effectively become a part of SCO's filings.
I think that this might get ESR the award for sabot of the year (if there is such an award, he definitely needs to be nominated).
RFID wouldn't be put on items that would be taken into the field. Those items, as the article stated, would be at least embeded at the "level of cases or pallets."
The way that it's written I'd say that they're expecting to have RFID tags on everything from boots to bombers.
Things like bullets are where you'd have the tags on the boxes.
Not at all - see, RFID tags work by responding to a transmission. You would have to have a transmitter close by a military base constantly transmitting. How long do you think that will last?
No need. Just find a transmitter near the camp entrance and put up a purely passive reciever. The 'official' transmitter will activate the tags. All you have to do is read their responses.
Umm, downvote me stupid if you want, but what's a DoS on a RFID tag actualy/do/? All it does is keep you from reading the tag reliably, which isn't all that useful. Also, the point from which you're DoSing is easy to trace -- just follow the hot/cold signals of energizer signal strength.
Remember that the inventory system, by this time, is going to be completely dependant on RFID tags. This allows attacks on 3 areas:
Disable the RFID tags themselves (burn them out with a (localized) EMP pulse). At this point, the batallion's ability to track it's equipment has been trashed.
Burn out the RFID readers (differently tuned EMP pulse). Similar problem, but batallion can always order replacements
EMP the computer systems into oblivion... I'm gussing that much of it isn't going to be EMP hardened either. (can you EMP harden a P4?)
Forget the mine.... (Besides, there are few countries outside of the US that have banned mines). To be legal, rather than blowing up, the mine can simply report back to headquarters that:
US Seal Team 7 is attempting to infiltrate sector 4
At that point, an automatic mortar unit could just blanket the area.
When the war was over, the RFID 'mine' would be reporting back to a non-existent control center. This means that the next kid that tripped it wouldn't get turned into mixed body parts.
Is it Mandrake specifically or any GNU/Linux distribution that damages these drives?
It's not just Mandrake generally.... It's only (known) to happen to Mandrake 9.2. Obvriously the install program does something in just the right (/wrong) way that triggers this error in the drives.
There are all sorts of problems that only engage if you do things in PRECISELY the wrong way. I'm guessing that there are Windows users who have had their LG drives spontaneously disentegrate, but there's been no pattern discerned... It just seemed like random product faulure.
The Mandrake 9.2 install, on the other hand, has precisely the wrong timing to cause self-destruction, and it just happens to do it on a reproducable basis -- so now you can see what the lg drives are doing wrong (if you have enough on hand to pinpoint the triggering instructions).
At least with ballistics evidence, there's some way to verify/disprove the data. All you really have to prove is that you've got the right bullet fragment,. After that, you've got the gun, and the bullet bits and pictures of the burn patterns on the victims. If you know that the data was wrong, you can always get your own experts to show what's wrong with the 'proof'.
With something like the black box, you pretty much have to trust (or not) that the data pulled out was real and not written to rathar than read.
In truth though, you probably have other data to back up the black box -- skid marks, how far body parts were thrown by the impact, etc.
Methinks jurisdiction is going to be much more interesting when they try to go after out-of-state/country people. If they do so.
Not likely to be a problem here. Jurisdiction requires a presence of some sort in California (in this case). Doing business (or attempting to do business) in california is enough to trigger local jurisdiction.
If you can prove that somebody (anybody
Consider this: If I pay somebody to go down to your house and rip up all the trees in the yard, you still have jurisdiction against me even though I live in Canada. You might have a hard time collecting on the decision against me, but that's a different issue.
You can almost guarantee that these people accept payment by Visa/MasterCard, so I'm thinking it should, at least, be possible to collect by attaching to their Visa/MC merchant accounts.
A friend of mine (who shall remain anonymous) came across an an Microsoft Software Roadmap. Public for the first time ever -- Now we know where they want to go today!
Somebody else pointed out that your problem is that the authorities don't know you from a hole in the ground, so they have a hard time trusting what you've got to say.
Read what I have below, but I think that your best bet is to go to the local university and find a Computing Science professor who's willing to listen to what you have to say. Once you can get the backing of someone like that and their willingness to walk into a meeting with you, then you should be able to go to almost anybody and get their ears perked.
Most University professors are used to having random people (students mostly) coming to to talk to them. Take advantage of this, but remember that you've probably only got a few minutes to get their attention.
Even if they can't help you directly, they can probably point you to someone who can.
____________
Chances are, however, that you do know somebody who can get you an inside track. People like that include would include friends who know high ranking public officials, media people politicians, etc.
Ask around.. see who can get you an appointment of interest. Once you have contacts lined up, your next step is to figure out, for each person of interest, where you can generate a common interest... Your end goal is to get a fire lit under an appropriate police investigator.
A journalist, for example, is going to want a story. On thing you'll need to do here is get their agreement to embargo the story until the hacker's been nailed, or it's clear that some publicity is needed to get some action. My worry here is that once the story breaks, the spammer is likely to destroy lots of evidence.
Politicians, of course, want fame and glory. Knowing that you've got a journalist on the line will help get their attention. The story that will make them look good is "Representative Muck-a-Muck, having been contacted by a constituent, got the appropriate authorities involved and active". Once the story actually breaks, then they can claim to have been on top of it almost from day one.
Police officers are generally overwhelmed. More than anything, they just want to get their assigned jobs done and get home by midnight.
There are two ways to approach this (depending on what end of the totem pole they're on).
On the lower end, you're probably looking for someone who knows enough about computers to vette your evidence and verify that it's legitimate. You may have to go through a few officers to get to someone who can understand your evidence well enough to explain it to someone who can get action.
. Remember... they hate spam too. If you can get this spammer 5 years in jail, this will probably set back spamming volume by a year or two as the rest of the spamming community drops these hacking tools for fear of Mr. Bendover.
On the upper end of the totem pole, You're probably best to go in with the backing of a journalist or a computing science professor. Journalists will put the fear of the pen to them. Professors will give you an air of serious credibility.
Let it be known just how much time you've but into the investigation so far, and how mudh more you're willing to put in.
Also let them know that your primary interest is putting this b*stard behind bars, and you'd prefer to see the investigation complete before this breaks in the press than afterwards (mostly because it will result in more usable evidence).
I'd have thought that someone who submitted his own site would be ready for the resulting slashdotting -- especially someone who passes his time doing benchmarks.
Hopefully, his next submission will be an estimate of the CPU and bandwidth required to handle a slashdotting, so that the rest of us don't get caught so flat-foted.
From the notes, 61-50=> $11Mil in the bank beforehand. That would have been easily enough for SCO to fight the lawsuits with IBM and Red Hat, presuming that they don't lose too much in the actual Unix/ Linux sales/support areas.
It does, however provide the prospect of an interesting side benefit for the open source community: If people start suing them for (gnu) copyright infringement, they're now plump and juicy with cash for payouts. I think that this might be a good time for some class-action lawsuits.
"When you GPL your work you still have ownership"
Not in any real way, no you haven't. And that is the point with the GPL, it should belong to everybody.
If you release something under the GPL, you still own copyright, and you still have the right to relicense your code to other people under other (i.e. proprietary) licenses. (Namesys' license for ReiserFS is a good example).
That having been said, if you wish to relicense code contributed to your GPL project by others then you have to obtain their permission to do so -- like the namesys people do.
Slashdot Mirror
I just erased most of my RvB files last night -- looking for spare space and thinking "it's been a while since I've had a use for them"....
sigh.....
Murphy was an optimist.
They were available -- until this article got posted.
Now they're stuck on the server, vainly trying to make their way against a veritable SYN flood.
Obviously, this is not currently the case with SCOX.
SCO is already dead. They know it. They're living off of borrowed time trying to collect whatever they can before the gallows trap door opens out underneath them.
You can't threaten a dead man.
As the ghost in RvB said (paraphrase):
People who complained about the $500 setup probably never got down to the section quoted below....
Emphasis mine.. . You show us yours, and then we'll show you .... yours.
I think that this might get ESR the award for sabot of the year (if there is such an award, he definitely needs to be nominated).
The way that it's written I'd say that they're expecting to have RFID tags on everything from boots to bombers.
Things like bullets are where you'd have the tags on the boxes.
No need. Just find a transmitter near the camp entrance and put up a purely passive reciever. The 'official' transmitter will activate the tags. All you have to do is read their responses.
Remember that the inventory system, by this time, is going to be completely dependant on RFID tags. This allows attacks on 3 areas:
- Disable the RFID tags themselves (burn them out with a (localized) EMP pulse). At this point, the batallion's ability to track it's equipment has been trashed.
- Burn out the RFID readers (differently tuned EMP pulse). Similar problem, but batallion can always order replacements
- EMP the computer systems into oblivion... I'm gussing that much of it isn't going to be EMP hardened either. (can you EMP harden a P4?)
Where there's a war, there's a way.When the war was over, the RFID 'mine' would be reporting back to a non-existent control center. This means that the next kid that tripped it wouldn't get turned into mixed body parts.
It's not just Mandrake generally.... It's only (known) to happen to Mandrake 9.2. Obvriously the install program does something in just the right (/wrong) way that triggers this error in the drives.
There are all sorts of problems that only engage if you do things in PRECISELY the wrong way. I'm guessing that there are Windows users who have had their LG drives spontaneously disentegrate, but there's been no pattern discerned... It just seemed like random product faulure.
The Mandrake 9.2 install, on the other hand, has precisely the wrong timing to cause self-destruction, and it just happens to do it on a reproducable basis -- so now you can see what the lg drives are doing wrong (if you have enough on hand to pinpoint the triggering instructions).
With something like the black box, you pretty much have to trust (or not) that the data pulled out was real and not written to rathar than read.
In truth though, you probably have other data to back up the black box -- skid marks, how far body parts were thrown by the impact, etc.
Not likely to be a problem here. Jurisdiction requires a presence of some sort in California (in this case). Doing business (or attempting to do business) in california is enough to trigger local jurisdiction.
If you can prove that somebody (anybody Consider this: If I pay somebody to go down to your house and rip up all the trees in the yard, you still have jurisdiction against me even though I live in Canada. You might have a hard time collecting on the decision against me, but that's a different issue.
You can almost guarantee that these people accept payment by Visa/MasterCard, so I'm thinking it should, at least, be possible to collect by attaching to their Visa/MC merchant accounts.
You mean they work????!
You mean the guys at SCO are communists too???
Man, now they're in deep trouble.
Please don't pass it out too widely. :-)
Read what I have below, but I think that your best bet is to go to the local university and find a Computing Science professor who's willing to listen to what you have to say. Once you can get the backing of someone like that and their willingness to walk into a meeting with you, then you should be able to go to almost anybody and get their ears perked.
Most University professors are used to having random people (students mostly) coming to to talk to them. Take advantage of this, but remember that you've probably only got a few minutes to get their attention.
Even if they can't help you directly, they can probably point you to someone who can.
____________
Chances are, however, that you do know somebody who can get you an inside track. People like that include would include friends who know high ranking public officials, media people politicians, etc.
Ask around.. see who can get you an appointment of interest. Once you have contacts lined up, your next step is to figure out, for each person of interest, where you can generate a common interest... Your end goal is to get a fire lit under an appropriate police investigator.
A journalist, for example, is going to want a story. On thing you'll need to do here is get their agreement to embargo the story until the hacker's been nailed, or it's clear that some publicity is needed to get some action. My worry here is that once the story breaks, the spammer is likely to destroy lots of evidence.
Politicians, of course, want fame and glory. Knowing that you've got a journalist on the line will help get their attention. The story that will make them look good is "Representative Muck-a-Muck, having been contacted by a constituent, got the appropriate authorities involved and active". Once the story actually breaks, then they can claim to have been on top of it almost from day one.
Police officers are generally overwhelmed. More than anything, they just want to get their assigned jobs done and get home by midnight. There are two ways to approach this (depending on what end of the totem pole they're on).
On the lower end, you're probably looking for someone who knows enough about computers to vette your evidence and verify that it's legitimate. You may have to go through a few officers to get to someone who can understand your evidence well enough to explain it to someone who can get action.
. Remember... they hate spam too. If you can get this spammer 5 years in jail, this will probably set back spamming volume by a year or two as the rest of the spamming community drops these hacking tools for fear of Mr. Bendover.
On the upper end of the totem pole, You're probably best to go in with the backing of a journalist or a computing science professor. Journalists will put the fear of the pen to them. Professors will give you an air of serious credibility.
Let it be known just how much time you've but into the investigation so far, and how mudh more you're willing to put in. Also let them know that your primary interest is putting this b*stard behind bars, and you'd prefer to see the investigation complete before this breaks in the press than afterwards (mostly because it will result in more usable evidence).
Mr Dalton taught the world to say
that our matter's an atomic pile
and it changed our scientific style.
So let me introduce to you
Common, lets give a cheer!
particle physics and nuclear chemistry!
(RIAA note: satire makes for fair use, so there!)
I just finished a short story on this issue. A little bit off on a tangent, but not by too much.
Hopefully, his next submission will be an estimate of the CPU and bandwidth required to handle a slashdotting, so that the rest of us don't get caught so flat-foted.
The Computer is your friend
The Computer is your only friend
Trust The Computer.
Trust The Computer in all things.
Trust only The Computer,
And remember:
In all probability,
The computer wants you dead .
(Grumble, grumble, commie mutant bastards, grumble grumble)
It does, however provide the prospect of an interesting side benefit for the open source community: If people start suing them for (gnu) copyright infringement, they're now plump and juicy with cash for payouts. I think that this might be a good time for some class-action lawsuits.
Not in any real way, no you haven't. And that is the point with the GPL, it should belong to everybody.
If you release something under the GPL, you still own copyright, and you still have the right to relicense your code to other people under other (i.e. proprietary) licenses. (Namesys' license for ReiserFS is a good example).
That having been said, if you wish to relicense code contributed to your GPL project by others then you have to obtain their permission to do so -- like the namesys people do.
Of the 27% that didn't have plans, how many of them had cancelled their plans/piots (in part) because of the SCO thing?