Slashdot Mirror


User: tftp

tftp's activity in the archive.

Stories
0
Comments
5,552
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,552

  1. Laptop is not needed on UK Police Cracking Down on Broadband Theft · · Score: 1

    Terrorism Act 2000 Section 44 gives officers the power to stop and search for articles that could be used in terrorism. No reasonable suspicion is required. Authorisation for stops in a defined area must be given by an officer of the rank of commander or above and last for up to 28 days. The whole of London is an authorised area all the time, with ministers renewing the power every 28 days. Under section 43 an officer may stop and search someone whom he or she reasonably suspects to be a terrorist.

    (as seen here)

  2. Re:I think it's good on Free Tuition for Math, Science, and Engineering? · · Score: 2, Insightful

    The USA's involvement also must be counted. Cuba is under a trade blockade for half a century now. As a side note, isn't it amazing how the mighty USA is scared of a little tropical island?

  3. Re:Or... on Hear No Evil, See No Evil — E-mail Kills the Phone · · Score: 1
    Yes but only if you are a sysadmin with access to mail and backups (to fix them also.) But sysadmins rarely care about emails. Managers and directors might, but they don't have access to backups and wouldn't know what to do with them anyway. So a conspiracy is required between a director who is interested and a sysadmin who is not interested at all. A director may have a million at stake, but a sysadmin has nothing and he'd have to be a fool to do the forging for someone else.

    There is another issue - in large companies backups are stored offsite, frequently many states away from the company, and each and every access to old tapes is recorded by the storing company, permanently and in a very safe manner (these companies are like banks.) In such a situation - which is perfectly typical for a public company - nobody can get access to an old backup without leaving traces everywhere, and mail logs is not something that you need to have, they are purely read-only material. So if a director of a company claims receiving (or not receiving) some email and this email (or the logs) is found (or not found) on old backups that weren't touched since then it's pretty hard evidence for the opposing side to impeach.

  4. Re:Intentionally misleading on DMCA Means You Can't Delete Files On Your PC? · · Score: 1

    No, it would probably set a precedent that circumvention could be a deletion (as well as addition or change) and that is quite an obvious thing. As Art said above, alteration with intent to circumvent is the key. Even if you discover that you can print free stamps in your online stamps program by entering a long magic sequence of gibberish into some field, without any changes in the program, it's still circumvention. IANAL, but the court could see what the license says, then what the normal operation of the program does, and what the "special hack" does. If the special hack grants you rights not given to you in the license or other agreements then it gives you more than you should have, and thus is a circumvention technique.

  5. Re:Not a verifiable record on Hear No Evil, See No Evil — E-mail Kills the Phone · · Score: 2, Informative

    In most cases email is difficult to bury. Aside from mandatory logging which any large company has to have, there are always backups. Besides, if there are multiple recipients of the email then it's very hard to convince the court that all of those unrelated and disinterested parties conspired to fake an email complete with reasonable headers etc. And if you keep mail logs then these headers can be checked against the log, and if there was a message sent then it's practically proven - unless it's a criminal case where requirements for conviction may be tougher.

  6. Re:How much does it cost not to... on How Much Does a New Internet Cost? · · Score: 1
    No, pings don't work until you are logged in. I don't know exactly [yet] how they do it, but their mandatory proxy redirects all port 80 traffic (and https, probably) to the registration box. There it reads your cookie (or processes a new login from a new user) and associates your MAC address and probably your location with a temporary route that they set up for you. If there is no activity for some short period of time the route is dropped.

    The easiest way to implement a keepalive is to invoke Lynx or FF on a timer, say every 5 minutes, and request a URL that can't be cached (or kill the cache first.) After this login is done your box has a route to the Internet, and you can use TCP and UDP connections to wherever you want (or so it seems.)

    I haven't tried an IM client because I don't have any, and I don't use IM :-(

  7. Re:How much does it cost not to... on How Much Does a New Internet Cost? · · Score: 1
    Yes, I have a couple of options of this kind in mind, and most likely I will put a Linux box with a WiFi card (which I already gathered from some junk) and then Ethernet all the way, to the PS3 and to an IP phone, and to whatever laptop I may have at home at any given moment. This will also place a good, reliable firewall in front of the devices at home, which is always useful.

    I will only need to ensure that the Linux box runs a browser with cookies enabled, and logs onto the network every 10 minutes or so, or else MetroFi kicks you out. I find it unpleasant, since I use a Sony Vaio with WiFi, and if I read a long article for a while I can't follow the links after I'm done because the routing had been conveniently dropped for me, even if the physical link is still going strong. You have to click on links every few minutes to keep the connection alive.

  8. Re:How much does it cost not to... on How Much Does a New Internet Cost? · · Score: 4, Informative
    I don't see why a private company doesn't set up a city-wide 802.11 wireless network.

    MetroFi, actually, did just that - and I live within their coverage.

    The MetroFi's signal is decent, but they require a login before you can access any IPs beyond the registration server, so if you have equipment that assumes connectivity (like an IP phone, or even a PS3) then it does not work (since there may be no browser to do the login first.)

  9. How much? on How Much Does a New Internet Cost? · · Score: 5, Insightful
    How much would a properly upgraded internet backbone cost?

    It will always cost as much as you are willing to pay, and the upgrade does not matter here at all.

  10. Re:The code snippet seems to be wrong on Did Russian Hackers Crash Skype? · · Score: 5, Funny

    It actually executes, I tried the loop just now.

  11. Re:Err on the side of caution...don't you think? on Images of Endeavour's Damaged Tiles · · Score: 1
    (1) Simply going outside puts the astronaut at risk of all kinds possible accidents.

    Then he has a wrong job. Astronaut's work is to fly the spacecraft and do spacewalks. It's risky, but otherwise why do we even bother to send them up?

    (2) The repair attempt could go wrong and cause more damage

    The repair can be attempted on a test set of tiles, pre-damaged in various ways and not needed for the landing (such as tiles for this test glued to non-critical or already protected areas.)

    (3) the repair method is untested and may not even work

    This is equivalent to your (2), namely that the repair may go wrong. The technique should have been safely tested. But now NASA may need to test on a live setup, where failures are dangerous.

  12. Re:JPL Closed, Scientists Search for Nothing on Spirit Outlasts Viking 2 Lander · · Score: 2, Funny
    Finally, finally: I have no friends.

    But you have 23 fans ...

  13. Re:$69.95 U.S. on Google Pack Adds StarOffice · · Score: 1
    If the world follows your advice we'd have no CIOs left :-) Many are narrow-minded PHBs who get all their technical knowledge from the CIO Magazine and from Gartner. The reason is that the CIO position, like CEO and CFO and COO, is a non-technical one, since it involves mostly office politics mixed with periodic begging for money. Technical skills are detrimental to getting the position. It's highly paid and is on top of the food chain, so to become a CIO you'd better have some MBA. "It does not matter what you know; it matters who you know."

    In a small startup you can easily meet a CIO who remembers Linux kernel boot parameters; in a large company your average CIO probably can't use a computer. That type of CIO can easily believe anything, and they feel more comfortable by paying other people's money for peace of their own mind. Licenses like GPL they like send to Legal, and when the lawyers are done the GPL's goose is not just cooked, but incinerated.

  14. Re:$69.95 U.S. on Google Pack Adds StarOffice · · Score: 1
    Maybe Google just doesn't want too many questions asked about GPL? Some people heard of "viral nature" of GPL, and now they are afraid. A standard commercial license of the "me pay, me use" sort would be more comfortable to many.

    Besides, the non-free StarOffice does have modules that are relevant to Google's customers. How would a typical customer create flyers for a yard sale if there is no clip art included? This is a better deal than OpenOffice just because of that.

  15. Re:Damn... on Gouge Found on Shuttle Endeavour's Underside · · Score: 1
    Especially since there is a teacher on board.

    I'm sure it will be seen as bad omen. Sailors, and by extension - astronauts - are superstitious. You would be too, considering the age of the equipment they have to use. Paris is worth the Pascal's Wager, so to say.

  16. Re:Perseid meteor shower on Gouge Found on Shuttle Endeavour's Underside · · Score: 1
    Yes, there are patching materials on ISS. The micrometeorite hole would be small and facing inward, so any strong duct tape like substance would seal the hole for good. The pressure is continuously monitored throughout the station, and there are airtight doors everywhere in case the hole is too large for patching. As long as the micrometeorite does not hit any occupants, they are safe enough.

    I do not know for sure what they would do aboard the Shuttle. Probably there are procedures for that too, since the air leak can have other causes too (a bad valve, a crack, some defective gasket etc.) The easiest and most obvious procedure could be to jump into their pressurized suits and land ASAP. The only catch is that if the pressure loss is fast they have no compartments to escape and no doors to close.

  17. Re:A math PhD student's perspective: this is good on Discouraging Students from Taking Math · · Score: 1
    Here's a nice example of a mistake we see all the time: sqrt(a^2 + b^2) = a + b

    Even assuming that they forgot, why don't they say [b := a] and then immediately see that their answer is patently wrong? Or by applying a geometrical equivalent - a triangle?

  18. Re:who needs math on Discouraging Students from Taking Math · · Score: 1

    What we really need is more people like the GP poster, who understand what is it that the country imports, manufactures and exports. Sticking one's head into sand will not help. Thinking 50 years ahead will.

  19. Re:Why is this a bad thing? on Discouraging Students from Taking Math · · Score: 1
    Really? Then why aren't they doing it?

    I don't know about "every kid", but I can't compose music because I can't tell the difference between neighboring sounds. I just have no memory for it. I know that 400 Hz sounds lower than 1 kHz, but if you give me 300 Hz or 500 Hz I can't say which one is which without comparing them. Composers need to have absolute pitch, and I have none of that. Besides, I am not that interested in music, and can enjoy my work and my books for many months without listening to any musical piece. On the other hand, I like logic, and I never had issues with semi-complex math.

    On another axis, I can see all colors and decently memorize them, but I have no visual memory of shapes (faces, figures) and can't draw or paint. On the other hand, I do technical drawings very well (3D designs lately) and have good understanding of how parts join in a 3D assembly. Straight lines, or anything that is defined by a formula is fine with me. Freehand drafting is fine. Drawing of a face is impossible - I don't even remember how a typical face looks like! I can itemize what a face ought to have, but I can't position any of those ears and eyes unless I have a table or a formula or some other physical guidance that I can measure and follow.

  20. Re:Why is this a bad thing? on Discouraging Students from Taking Math · · Score: 1

    Now I understand why AT&T sent me a sales leaflet where they proudly claim that my future phone line will work 99.9% of time. I guess the salesdroid who wrote this had no clue what the number really means. (it means that my phone line will be dead for 1.5 minutes every day, on average - an unacceptably poor performance for a telco.)

  21. Re:How do you know? on Discouraging Students from Taking Math · · Score: 2, Insightful
    Can you think of some examples where you would need trig or calculus to understand some historical phenomenon?

    Between 1400 and 1500 the population of Languedoc doubled, but the war in 1450 reduced it to 88% of what it was in 1400. During this time the average profits per household tripled, except the 40% dip in the drought of 1470. Can you estimate the taxes that kings collected over this period of time if records give you some absolute numbers to fit the curves to?

  22. Re:Shhhhhh on Discouraging Students from Taking Math · · Score: 2, Interesting
    Graduate math students or full professors taught all the math courses at my university

    In my university years I had to have a full year course of Technical Electrodynamics. It was super-heavy on math (we started on Maxwell's Equations about five minutes into the course.) It was taught to us by a TA. I am still amazed at his memory - he was really good with the stuff, and you need to literally remember whole books (or to be a genius of Heaviside class who would do that from scratch as needed.) He was not a professor yet, but he wasn't far away from that.

  23. Re:Cannot you be anyone on your LAN? on Oklahoma Security Expert Attacks RIAA Claims · · Score: 1

    It's not always necessary, but the attacker has no way of knowing when the original lease expires. If it does - and if you are using a static IP that you forced into the system just like the MAC address - then you will cause an IP address conflict. It is probably easier to just fake the MAC address but to leave the IP address to the DHCP. Besides, the attacker would be enjoying a better cover, because if a lease expires and you don't know about it, and if the IP address is not reused immediately then the network admin can't explain why an IP address is still in use after the lease is gone. The admin would tell RIAA that the IP address was not assigned to anyone at the time of violation, so they'd have to dig harder.

  24. Re:If wishes were horses on Oklahoma Security Expert Attacks RIAA Claims · · Score: 1
    I let people connect to my WAP. They let people connect to their WAP. If something illegal happens over my network connection, *I* get arrested. If something illegal happens over their network connection, they don't.

    First of all, it's not a fact yet that anyone will be arrested. However a hired employee who is not even directly tasked with management of WiFi for thousands of visitors is a less likely suspect than you, who exercises full control over your WiFi that you personally purchased. Besides, it's easy to see what the manager (or any employee) is doing during work ours than to check what you are doing when you are near your WiFi.

    It is still possible, of course, that an employee of a coffee shop is guilty of doing something online, and if it comes to that all employees will be investigated, just as you would be. But as I said the employees are far more exposed during their work hours, and most of them do not have the necessary access to the hardware to do what it takes to install Kazaa or other software illegal use of which is alleged.

    Also, at the coffee shop the possible suspects are just the manager, three employees and about 1,000 visitors. At your home the suspects are you and your cat. The choice of suspects is far more narrow in your case.

  25. Re:A little oversimplified... on Oklahoma Security Expert Attacks RIAA Claims · · Score: 4, Informative
    Indeed, I read his deposition and basically all he does is state that you are anonymous behind a NAT. I am sure the logs do not indicate that 192.168.1.250 is the offender. There must be something more tangible. The expert probably just refuted literal RIAA's statements, ignoring the context (I haven't seen the logs so can't say for sure.)

    One thing, though, he could have mentioned - various IP spoofing methods. Imagine you are on a DHCP network (on campus, for example.) You ask for an IP and you will get it, and this will be logged: "00:f0:3e:45:33:66, authorized as belonging to John Doe, asked for an IP and got 10.0.15.213 for 6 hours". Nice. However what if you want to misrepresent yourself? An enterprising student can use ping and arp (if not some better tools) to find out what IP and MAC addresses are online, and once some of those computers go to class (or to sleep, for example,) take over the MAC address and ask for a new DHCP lease ... done, and you have a new shiny IP address, perfectly logged as belonging to John Doe whereas you are someone else entirely.

    This would clearly demonstrate that the DHCP has no authentication beyond the MAC address, and that can be easily changed on many cards. Any judge, however technically illiterate, can understand that if you can get any identity by just asking then it's pointless to hold the identity owner responsible.

    This text, as seen here, would be relevant in the expert's refutation:

    Unfortunately it's the very simplicity of DHCP that's actually the problem as far as security goes. No authentication or authorization takes place during an exchange between a DHCP server and DCHP client, so the server has no way of knowing if the client requesting the address is a legitimate client on the network, and the client has no way of knowing if the server that assigned the address is a legitimate DHCP server. The possibility of rogue clients and servers on your network can create all kinds of problems.