A couple of councils (local govt.) in the UK, specifically Newham in London, are already using digital face-recognition systems to (they claim) identify known criminals from CCTV and move them on.
CCTV coverage has exploded in the UK in recent years, with mixed results -- crime has fallen in some areas, and the recent bomber was caught partly through the extensive coverage of the area where I live, Brixton. OTOH (a) muggers, drug users & other anti-social types just move away -- eg to the (CCTV free) council estate where I live. The Civil Liberty aspect hasn't really got much attention over here AFAIK -- the police and govt. have their marketing down perfectly...
... coulda sworn there were 11 +2 comments here waiting for me to read, now they seem to have gone ?
Or did I dream it ?
Re:At last, a credible story to scare my boss ...
on
Hotmail Cracked Badly
·
· Score: 1
I absolutely agree. I do seem to have made some progress in increasing awareness; and I've decided to leave anyway, for (partly;) ) unrelated reasons...
OK, so two minutes later (4pm BST, 10am EDT) it's blocked at last -- approx 40 mins from the first/. post. Anyone know what time news leaked before that ?
So the question is, just how long will it be before Hotmail admins wake up and pull everything down ?
original/. post was at August 30, 09:23 AM EDT;
At 3:50pm UK, ie. 9:55am EDT the exploit still works;
Only *one* other media story AFAIK -- on The Register -- sorta fun to see who picks it up next...
BTW it's a public holiday in the UK, so double plus good to the Register.
OTOH, 'there but for the grace of god'. How many of the sysadmins here are > 95% sure they've covered every hole & patched every exploit on every one of their systems ?
Hmm, that doesn't seem to work for me. perhaps the Swedish site is adding a cookie which has a value set by a simple XOR of the username or somesuch obvious device.
At last, a credible story to scare my boss ...
on
Hotmail Cracked Badly
·
· Score: 2
Trust == reputation == value to an operation like Hotmail, and this is going to make them a laughing stock.
In the last year my PHB has heard of Amazon, which is great, because now I'm being *asked* to do interactive / DB backed web stuff -- "like that Amazon thing". I can also defend Perl, *nix etc as credible because "Amazon use it !" & not have him glaze over.
Now with a bit of luck I'll be able to convince him that we really *should* have some sort of basic security policy. What with us having access to info on billion dollar deals, and users running around with Windows 95 laptops, and so forth... "Remember what happened to Hotmail !" I shall say, "See, even the mighty Microsoft are not immune to security problems... " In his eyes, if MS. can be cracked, anyone can...
> Where it becomes more questionable is in a > mid-sized environment. Sometimes time is > cheaper than money -- use Linux. Sometimes > money is cheaper than time -- use Microsoft, > but be aware that you will probably spend > more time than you ought maintaining things.
My employers, who I am trying to subvert from within;) , use Netware file servers, NT application (email, web, DNS/DHCP) servers and '95 on the 230-ish clients (including ~35% laptops). Shock result:
The Netware box has crashed twice in eighteen months (a dodgy NLM.)
The NT servers are tempramental -- OK-ish for a few months, then randomly crashing / locking up several times a day for a while.
The client machines are on a six month duty cycle : twice I year, regardless of whether problems have been reported, they are pulled in, stripped down and rebuilt.
I'm running the webservers -- I can't do anything about NT *yet*, but Apache performed exactly as the previous poster described in comparison with IIS. IIS 'works' approximately out of the box, whilst Apache will *not* work until you've at least read and understood the.conf files. However there's been loads of issues with IIS (security holes, exploits, old-fashioned bugs etc) and ours crash the server or grab 100% of the CPU every few weeks. Apache 1.3.* OTOH has required zero maintenance since started.
This really is a catastrophe , although maybe positive in the long run --
(a) another demonstration of the importance of avoiding patented code / libraries / algorithms; (b) an incentive to get people moving to PNGs; (c) everyone has it burnt into their brains : BAD Unisys... BAD Unisys...
A fine idea -- I'm surprised no-one thought of this before. What's wrong with the idea that rich people pay towards the common good ? Tax is the basis of a civilised society. cf. USA / Russia.
www.bbc.com is on SunOS. This is Boston Business Computing.
www.bbc.co.uk is on... Solaris / Apache. I was wrong...
But the point remains the same... the same Netcraft app shows a bunch of high profile large corporations running IIS / NT... even Windows 98 ?!?! (Gillette)... so these must all be easy meat for crackers, right ?... and then all their MIS people would be fired, and replaced with Unix hackers...
I'm no fan of NT OR IIS -- I'm just saying that it's not impossible to make them reasonably secure.
telnetd (and lots lots more ports of 'real' software) are available for NT and possibly '9x as well. Certainly bash. csh and tcsh are available; so is X11R6.4... no, really ! Performance sucks of course. There's a short & incomplete list here.
BTW if NT is so ludicrously insecure, how come www.bbc.co.uk has never been cracked ? They seem to use IIS as well as NT...
A friend who works at A.N. Major global financial institution tells me that they do indeed have their own internal crypto group. They really seem to know their stuff; they have a largish number (~50) of throbbing-brained academic mathematicians, programmers, cryptographers etc. Eg: I'm no expert, but apparently the generation of as-random-as-possible random numbers is a crucial part of the deal; well this organisation allegedly were or are planning to install dedicated cards in all their PCs that use (IIRC) radioactive decay to seed the RNG for the hard-core crypto they use on all sensitive internal stuff.
OTOH I have personally worked for [another large business services firm] with tons of extremely sensitive info on clients. We're talking billion-dollar deals on a daily basis, market-moving deals too. Naturally they take client security to paranoid lengths; yet they're completely clueless when it comes to IT security (eg: straight win95 as standard, no intrusion detection whatsoever, not even a formal written RFC-site security handbook - style security policy.) They just happened to be based in the US... (I'm in Europe.) Of course it would be pure paranoia to suspect that they might be deliberately allowing all this sensitive commercial info to whizz around the net in plain text to make it easy for ECHELON to intercept...
I work for The Man. My line manager was fired 4 months ago and so far hasn't been replaced. Result : a large increase in morale, I'm getting more done -- work AND/. -- and it's better stuff, too.
There's one you've missed... the best license I've seen for a long time, and I write as someone owning a GPL T Shirt;)
SETI@home. Check it out.
SETI@home, version 1.0: License Agreement
You should carefully read the following terms and conditions before using this software. Your use of this software indicates your acceptance of this license agreement and warranty.
Disclaimer of Warranty
THIS SOFTWARE AND THE ACCOMPANYING FILES ARE DISTRIBUTED "AS IS" AND WITHOUT WARRANTIES AS TO PERFORMANCE OR MERCHANTABILITY OR ANY OTHER WARRANTIES WHETHER EXPRESSED OR IMPLIED. NO WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE IS OFFERED.
Adviso
I understand that strong signals will occasionally be detected and displayed on this screen saver during the course of data analysis. I will not get alarmed and call the press when such signals appear, as I understand that thousands of signals have so far all proven to be due to interference (human made artificial signals) or test patterns used to test the hardware and software. I understand that potential signals this program identifies must be checked by SETI@home scientists to insure they are not from terrestrial origin, thencompared with other observations from the same star, then independently confirmed by different group of astronomers with different equipment.
Distribution
There is no charge for this software. Distribution of this software is prohibited.
"VB and C++ are the No.1 and No.2 languages for creating dynamic web applications [says Zone Research]"... I rest my case !!
When I first fell into professional IT I was working in a Windows / Netware shop, and PC Week was my bible -- I read every page, every week, obsessively trying to work out what I didn't know, especially about the Web and Internet. This is back in 1995. Gradually I started hearing about "the PERL scripting language" [sic], located a copy of Llama, and never looked back...
Please remember, there are a LOT of very ignorant Microsoft/Netware shops out there in corporate land that have never *heard* of Unix except as something for industrial scale / hardcore applications, and they don't begin to consider Linux, Apache, Perl etc. In that context, there's no such thing as bad publicity. Especially as OSS shops start to gain competitive advantage over their M$-fixated competitors.
> What about other countries, why here? (Score:2) > by D3 (dhenning@www.usda.gov) on Mon April 26, 01:05 PM EDT > > Why are we so narrow minded to think that only kids > in the US have problems in late grade school > and through high school? There are pleanty of non-conformist > kids in schools in England, Canada, Australia, and (insert > any non US country you like here) Yes, certainly, in the countries you name; but that's an interesting choice of non-US countries, no ? (I'm UK-ish.) There's a deeper issue here which ties in with this this post; pardon me quoting 2 in 1... > The torture of high school (Score:3) > by maynard (maynard@jmg.com) on Mon April 26, 01:17 PM EDT > > Getting teased regularly is one thing, but these kids assaulted me > in large groups. I didn't stand a chance [...] > This is a human rights issue. I know many who had to drop out > of high school because it was just > too dangerous to continue in school > [...] > Because of my experience I will never place my children (when I > do have children) in public schools. I would rather homeschool or > find a good private school than potentially subject my children > to that environment.
the thing is : Culture... A friend who went to a reasonable public (ie., fee paying, prestigious) school in the UK, describes an experience a world away from mine; intelligence, academic achievement and so on were actively rewarded and encouraged, and this was so embedded in the culture that (he claims) people would actually compete to answer questions in class. My experience, a few hundred miles away in the state system, was the opposite -- recognisably what the 'merkins here say of High Schools.
Any one qualified to talk about anthropological / sociological implications of this ? Are there national differences as well as class differences ? How uniform is the culture of educational oppression ? Will state-funded education always tend to the culture of conformity and oppression ? etc. I really don't know what to think; I'm copping out by not breeding:) -- Cally
Try not to allow bitterness or self-hatred consume you
Seek out your peers; they are out there, in the same schools
do what you have to to survive
remember that things can only get better
you are not alone
educate *yourself*
five years seems like an eternity to a teenager. I'm old enough to be these kids' father, and I'm in the UK, but this all sounds exactly like my schooldays. Folks: it can, and does, get better. -- Cally
I grew up in the country where EVERYONE owned several guns, and guess what, we never, ever even let it cross our minds to point a gun at another human being, mainly because our parents drilled this fact into us from 1year old on.
Are you suggesting that the answer to the problem IN THE U.S. is better training in how to use a gun ?
BTW, every gun they had was illegal.
Clearly if possession of guns were outlawed tomorrow, death rates would not drop immediately. We (in the UK) still have the occasional incident with WW2 era weapons kept as souvenirs. It would take a long time to bring the US into line with, say, Canada in death rates.
These people just don't understand how important, and precious life is.
What about Canada ? Society is presumably similar to the US -- but what's the murder rate there ?
If life has such great value, isn't it more important than this facile "right to carry guns" ? \a
Sure, "if the gun is outlawed, only outlaws will have guns !" say the NRA. "Well, yes, that's kind of the idea, folks...
Like most everyone else ex-USA, I find their gun culture absurd. Everytime something like this happens the same tired arguments get another go round the ring. It's really _very_ simple...
re: geeks -- I was a classic techie geek at the age of 17, emotionally withdrawn and not a happy bunny. God knows I fantasised enough about blowing the heads off the UK equiv. of 'jocks'... fortunately I couldn't get a gun, and eventually grew up & realised that though I had smaller muscles, I had a more brains:) and that they get you status, too, if you work at it.
It will be interesting to examine the stats for such incidents in a decade's time, to see whether the Net explosion has an overall positive or negative effect. I'm pretty sure it will be positive cos potential killers will have more scope for socialisation outside their RL peer group. That will hopefully more than counter-balance the idiots who spend their time researching pipe bombs.
Incidentally, I lost a lot of respect for ESR over that 'geeks with guns' nonsense.
There's a fallacy at play here. . . .
on
Gene Leakage
·
· Score: 1
Steve Jones *is* a highly respected, as well as well known, authority on genetics; and in this piece he makes the timely observation that the 'Frankenstein foods' paranoia being whipped up by the tabolids in the UK is a complete red herring. GM foods are very unlikely to be poisonous, but that's not the issue.
It has recently become clear that genes hop from species to species in nature very frequently. For example we carry fossilised viral DNA in our cellular mitochondria -- they were once free-living virus but have now become so symbiotically linked to other species that their genes are indistinguishable from the "human" genome.
Anyway for real paranoia-inducing science, forget GM foods -- check out the latest climate change predictions, and have a look at the Larsen B ice shelf in the Antarctic...
Slashdot Mirror
grep Need To Know, 1st October 1999 for quantum.
CCTV coverage has exploded in the UK in recent years, with mixed results -- crime has fallen in some areas, and the recent bomber was caught partly through the extensive coverage of the area where I live, Brixton. OTOH (a) muggers, drug users & other anti-social types just move away -- eg to the (CCTV free) council estate where I live. The Civil Liberty aspect hasn't really got much attention over here AFAIK -- the police and govt. have their marketing down perfectly ...
Or did I dream it ?
I absolutely agree. I do seem to have made some progress in increasing awareness; and I've decided to leave anyway, for (partly ;) ) unrelated reasons ...
OK, so two minutes later (4pm BST, 10am EDT) it's blocked at last -- approx 40 mins from the first /. post. Anyone know what time news leaked before that ?
BTW it's a public holiday in the UK, so double plus good to the Register.
OTOH, 'there but for the grace of god'. How many of the sysadmins here are > 95% sure they've covered every hole & patched every exploit on every one of their systems ?
Hmm, that doesn't seem to work for me. perhaps the Swedish site is adding a cookie which has a value set by a simple XOR of the username or somesuch obvious device.
In the last year my PHB has heard of Amazon, which is great, because now I'm being *asked* to do interactive / DB backed web stuff -- "like that Amazon thing". I can also defend Perl, *nix etc as credible because "Amazon use it !" & not have him glaze over.
Now with a bit of luck I'll be able to convince him that we really *should* have some sort of basic security policy. What with us having access to info on billion dollar deals, and users running around with Windows 95 laptops, and so forth ... "Remember what happened to Hotmail !" I shall say, "See, even the mighty Microsoft are not immune to security problems ... " In his eyes, if MS. can be cracked, anyone can ...
> mid-sized environment. Sometimes time is
> cheaper than money -- use Linux. Sometimes
> money is cheaper than time -- use Microsoft,
> but be aware that you will probably spend
> more time than you ought maintaining things.
My employers, who I am trying to subvert from within ;) , use Netware file servers, NT application (email, web, DNS/DHCP) servers and '95 on the 230-ish clients (including ~35% laptops). Shock result:
I'm running the webservers -- I can't do anything about NT *yet*, but Apache performed exactly as the previous poster described in comparison with IIS. IIS 'works' approximately out of the box, whilst Apache will *not* work until you've at least read and understood the .conf files. However there's been loads of issues with IIS (security holes, exploits, old-fashioned bugs etc) and ours crash the server or grab 100% of the CPU every few weeks. Apache 1.3.* OTOH has required zero maintenance since started.
1995 statement from Unisys : http://lpf.ai.mit.edu/Patents/Gif/uni sys.html .
? Go figure.
This really is a catastrophe , although maybe positive in the long run --
... BAD Unisys ...
(a) another demonstration of the importance of avoiding patented code / libraries / algorithms;
(b) an incentive to get people moving to PNGs;
(c) everyone has it burnt into their brains : BAD Unisys
A fine idea -- I'm surprised no-one thought of this before. What's wrong with the idea that rich people pay towards the common good ? Tax is the basis of a civilised society. cf. USA / Russia.
flames to /dev/null.
www.bbc.com is on SunOS. This is Boston Business Computing.
www.bbc.co.uk is on ... Solaris / Apache. I was wrong ...
But the point remains the same ... the same Netcraft app shows a bunch of high profile large corporations running IIS / NT ... even Windows 98 ?!?! (Gillette) ... so these must all be easy meat for crackers, right ? ... and then all their MIS people would be fired, and replaced with Unix hackers ...
I'm no fan of NT OR IIS -- I'm just saying that it's not impossible to make them reasonably secure.
...
Hmmm, Netcraft seems to be down at the mo ... but telnet on :80 says 'apache 1.3 (Unix).'
Interesting, because it definitely USED to be IIS / NT. No, really, it was !!
Re: the BBC -- sure there are loads of uncracked boxes out there, but don't you think bbc.com would make a rather prestigious trophy ?
BTW www.zpok.demon.co.uk is hosted by Demon -- I'm pretty certain they're not using NT.
BTW if NT is so ludicrously insecure, how come www.bbc.co.uk has never been cracked ? They seem to use IIS as well as NT ...
OTOH I have personally worked for [another large business services firm] with tons of extremely sensitive info on clients. We're talking billion-dollar deals on a daily basis, market-moving deals too. Naturally they take client security to paranoid lengths; yet they're completely clueless when it comes to IT security (eg: straight win95 as standard, no intrusion detection whatsoever, not even a formal written RFC-site security handbook - style security policy.) They just happened to be based in the US ... (I'm in Europe.) Of course it would be pure paranoia to suspect that they might be deliberately allowing all this sensitive commercial info to whizz around the net in plain text to make it easy for ECHELON to intercept ...
I work for The Man. My line manager was fired 4 months ago and so far hasn't been replaced. Result : a large increase in morale, I'm getting more done -- work AND /. -- and it's better stuff, too.
SETI@home. Check it out.
"VB and C++ are the No.1 and No.2 languages for creating dynamic web applications [says Zone Research]" ... I rest my case !!
When I first fell into professional IT I was working in a Windows / Netware shop, and PC Week was my bible -- I read every page, every week, obsessively trying to work out what I didn't know, especially about the Web and Internet. This is back in 1995. Gradually I started hearing about "the PERL scripting language" [sic], located a copy of Llama, and never looked back ...
Please remember, there are a LOT of very ignorant Microsoft/Netware shops out there in corporate land that have never *heard* of Unix except as something for industrial scale / hardcore applications, and they don't begin to consider Linux, Apache, Perl etc. In that context, there's no such thing as bad publicity. Especially as OSS shops start to gain competitive advantage over their M$-fixated competitors.
\a
> What about other countries, why here? (Score:2)
> by D3 (dhenning@www.usda.gov) on Mon April 26, 01:05 PM EDT
>
> Why are we so narrow minded to think that only kids
> in the US have problems in late grade school
> and through high school? There are pleanty of non-conformist
> kids in schools in England, Canada, Australia, and (insert
> any non US country you like here) Yes, certainly, in the countries you name; but that's an interesting choice of non-US countries, no ? (I'm UK-ish.) There's a deeper issue here which ties in with this this post; pardon me quoting 2 in 1
> The torture of high school (Score:3)
> by maynard (maynard@jmg.com) on Mon April 26, 01:17 PM EDT
>
> Getting teased regularly is one thing, but these kids assaulted me
> in large groups. I didn't stand a chance [...]
> This is a human rights issue. I know many who had to drop out
> of high school because it was just
> too dangerous to continue in school
> [...]
> Because of my experience I will never place my children (when I
> do have children) in public schools. I would rather homeschool or
> find a good private school than potentially subject my children
> to that environment.
the thing is : Culture ...
A friend who went to a reasonable public (ie., fee paying, prestigious) school in the UK, describes an experience a world away from mine; intelligence, academic achievement and so on were actively rewarded and encouraged, and this was so embedded in the culture that (he claims) people would actually compete to answer questions in class. My experience, a few hundred miles away in the state system, was the opposite -- recognisably what the 'merkins here say of High Schools.
Any one qualified to talk about anthropological / sociological implications of this ? Are there national differences as well as class differences ? How uniform is the culture of educational oppression ? Will state-funded education always tend to the culture of conformity and oppression ? etc. :)
I really don't know what to think; I'm copping out by not breeding
-- Cally
- Keep your head down
- Try not to allow bitterness or self-hatred consume you
- Seek out your peers; they are out there, in the same schools
- do what you have to to survive
- remember that things can only get better
- you are not alone
- educate *yourself*
five years seems like an eternity to a teenager. I'm old enough to be these kids' father, and I'm in the UK, but this all sounds exactly like my schooldays. Folks: it can, and does, get better. -- CallyAre you suggesting that the answer to the problem IN THE U.S. is better training in how to use a gun ?
Clearly if possession of guns were outlawed tomorrow, death rates would not drop immediately. We (in the UK) still have the occasional incident with WW2 era weapons kept as souvenirs. It would take a long time to bring the US into line with, say, Canada in death rates.
What about Canada ? Society is presumably similar to the US -- but what's the murder rate there ?
If life has such great value, isn't it more important than this facile "right to carry guns" ? \a
Like most everyone else ex-USA, I find their gun culture absurd. Everytime something like this happens the same tired arguments get another go round the ring. It's really _very_ simple ...
re: geeks -- I was a classic techie geek at the age of 17, emotionally withdrawn and not a happy bunny. God knows I fantasised enough about blowing the heads off the UK equiv. of 'jocks' ... fortunately I couldn't get a gun, and eventually grew up & realised that though I had smaller muscles, I had a more brains :) and that they get you status, too, if you work at it.
It will be interesting to examine the stats for such incidents in a decade's time, to see whether the Net explosion has an overall positive or negative effect. I'm pretty sure it will be positive cos potential killers will have more scope for socialisation outside their RL peer group. That will hopefully more than counter-balance the idiots who spend their time researching pipe bombs.
Incidentally, I lost a lot of respect for ESR over that 'geeks with guns' nonsense.
It has recently become clear that genes hop from species to species in nature very frequently. For example we carry fossilised viral DNA in our cellular mitochondria -- they were once free-living virus but have now become so symbiotically linked to other species that their genes are indistinguishable from the "human" genome.
Anyway for real paranoia-inducing science, forget GM foods -- check out the latest climate change predictions, and have a look at the Larsen B ice shelf in the Antarctic ...