As long as we're broadening the question, what about other fields? I'm thinking Bob Marley (musically and for sociopolitical significance), Roy Lichtenstein,...
Elvis Presley, because of this quote from Culture Jam:
Over a tweny-year period, Elvis Presley evolved from the avatar of American cool to the embodiment of American excess. Almost entirely confined to bed in his last months, Elvis devoured pills and fried-banana-and-peanut-butter sandwiches, suppressing the pain of being Elvis and seemingly trying to lose himself inside his own expanding girth. He was found, appropriately, dead on the throne, head down, like an offensive lineman waiting for the snap. Three points of contact: his fat hand on the tile and his ass on the porcelain.
There is no better metaphor for the old American dream. With a few exceptions, we are all Elvis now. We have learned what it means to live full-on, to fly and fornicate like an American, and now we refuse to let that lifestyle go. So we keep consuming. Our bodies, minds, families, communities, the environment - all are consumed.
One of the most popular singers and one of the first to die the tragic rockstar death. now that's cultural statement.
the first time i read a PKDick book (Three Stigmata of Palmer Eldritch) was a year after my first Gibson (Count Zero). At first i thought Dick was one of the many Gibson copycats (hi Stephenson!), then i looked at the publishing date of the Dick book - it had been written some 20 years before Gibson's - and realised how much the genre owes Dick's genius.
Sometimes i wonder how many gray dust dystopic worlds i can read about, but PKDick always brings enough innovation, wit and satirical hope that i can never put one of his books down.
If there had never been a Philip K Dick, it would almost have been necessary to invent him.
i've been through help support enough in the past couple years that i answer their questions before they ask and tell them what needs to be done. never had a complaint, and it beats lieing about my OpenBSD firewall. "X, Y, Z are the symptoms, A, B, C are the settings, i've already tried to do L, M, N to fix the problem, so now i need you to do T to fix it. Thank you".
The main difference is that most XP users probably wont be knowledgeable about their systems or knowledgable enough to lie. But it's probably more a matter of time (training, etc) before it's supported.
A vulnerability was found in the Win32 port of
Apache 1.3.20. A client submitting a very long URI
could cause a directory listing to be returned rather than
the default index page. A 403 Forbidden will now
be returned CAN-2001-0729
A vulnerability was found in the split-logfile support
program. A request with a specially crafted Host:
header could allow any file with a.log extension on
the system to be written to. PR#7848 CAN-2001-0730
A vulnerability was found when Multiviews
are used to negotiate the directory index. In some
configurations, requesting a URI with a QUERY_STRING of
M=D could
return a directory listing rather than the expected index page.
CAN-2001-0731
Have you, in your acting career, ever been a young woman?
read his faq. (get the google cache if it's still slashdotted). His stunt double during part of Stand By Me was a woman; try getting your kicks by watching that flick.
The Perl Journal had an article...
on
Serving WAP Pages?
·
· Score: 5, Informative
The Spring 2001 issue of the Perl Journal had an article about developing wireless applications- http://www.samag.com/documents/s=1131/sam05040004/
which outlines useful perl modules, how to configure apache to play well with wml, and sample code for wireless appilcations.
University schooling teaches you how to play the game. It teaches you how to sit through too too long lectures (business meetings?), it teaches you how to spend countless hours doing research into subjects you arent necessarily interested in, it teaches you to play a particular game for at least 4 years or 120+ credit hours. A business will look at that and think, "good, this person knows how to play the game".
The most extreme example comes from a person's doctorate work - chances are you will not be continuing research into the specific subfield topic that you did your doctorate in - you'll probably never touch that again. but it tells companies that you can do 2 years of intense research into a very particular field and come out with a good thesis.
and that's a very important thing for a company to know. you might know everything there is to know about network infrastructure and you might have years of experience planning network implementation, but without that degree how will the company know if you are easy to work with? a degree will let them know that you can play well with people.
Yes, it is essential that some people learn to think for themselves - "Imagination is more important than Knowledge" rings true for some of us, perhaps most of us in this community, but Einsteins can't exist without a large number of drones to support them- we're not all gonna be the next Great Thinker, the next Innovator
If you want practical knowledge like how to start a business or pay employess, or as others mention, write a resume or networking (people-wise) skills, look to your community college.
also consider Bush's recent comments concerning the New War on Terrorism:
it will be a long war
it will be a secretive war
the U.S. government will not necessarily reveal evidence against the terrorists they uncover.
the U.S. government expects all other governments to comply and assist with its anti-terrorist actions.
now make hacking terrorism.
now make assisting hacking terrorism.
now make hacking crimes retroactively punishable.
i've read bugtraq for years and have not informed the FBI about all the vulnerabilities released on that mailing list - will this make me negligent and punishable? will my punishment come in the form of an official court prosecution, or will special forces be sent in to take me out without ever letting anyone else know? if i move to Norway, will Norway allow the Navy SEALS to seize me?
Beware, that unmarked white van may be coming for you.
Yeah, sure, very paranoid to think that way, but consider history and consider how other police states have started their lives: will we be naive enough to let this one start as well?
Dispite the difficulties in starting a worm on a Unix clone, such a feat is still within the realm of possibility. re there things that the Unix camp can be learning from Code Red and Nimbda?
what difficulties?
whenever an inexperienced user brings up a redhat 7.0 or lower box on our network, it is exploited within 12 hours. within 24 hours i have received email from admins on other networks informing me that the redhat box has been probing their network. 1 minute later i have informed yet another user that it takes more to do my job than booting off of cd and following instructions on the screen.
someone out their has already taken advantage of the various vulnerabilities found in older distros.
lessons learned? i am reminded of something my brother told me:
Having your own box appeals to the pioneer spirit: your own plot of land to develop as you please, fighting off the savages, protecting from the elements.
In other words, every time you run software which other people will somehow have access to (users running desktop software, server software connected to the internet , etc) you will need to constantly monitor and upgrade that software.
where i grew up bombs blew up once every other week.
You saw a few thousand get killed because they ignored what their government has done around the world; i've seen more get killed/disappeared because they tried to speak out against what their governent was doing in their country.
The vast majority of the US chooses not to fully excercise their freedom of speech, this does not mean the rest of us should have that freedom taken away.
Now you will ask me what good free speech is when your dead? what good is life without the ability to express myself freely?
i grew up seeing just how bad it can get when a government supresses its people. i live in the U.S.A. because i feel i have the best chance for preserving my freedom of expression in this country. I dont want to see another reversion into McCarthism or worse - do we really forget how much wrong our government has done in the past? Thousands died living in a country i'm sure they would hail as the Land of the Free. You would have the next thousands die in a much different country.
The Really Silly Command Virus identified by Blackant Systems has the potential to remove all files from a hard drive. It was recently spotted in the wild a few days ago when a junior sysadmin logged in as root on a production server and executed a shell script he had been emailed from a user known only as script_kiddie@hotmail.com.
Impact
Given a detailed analysis of the source code behind this virus, it is possible that the Really Silly Command Virus may eventually mutate into a self-propagating worm.
Recomendations
Blackant Systems reccomends that every sysadmin who would run shell scripts from untrusted parties be shot.
In order to determine if your email may contain this new virus, please look for the following first few lines in a shell script:
#!/bin/sh
#1337 script by script_kiddie!!!
#props to all my homies!!!!
rm -rf /
#this doenst seem to work yet...
mail $0 $1
If you find a file with similar lines, do not execute it on your server, but remove it immediately. Blackant Systems will be releasing a utility to identify stupid sysadmins shortly.
Surely you've seen that really annoying javascript which creates images around your mouse whenever you move it? What about having something similar to that for ssh - create ghost characters whenever you type in one character?
Let's say you enter one char of text, your client recognizes this and begins to send out more bytes of data to provide cover for your char. This cover should last for a random period of time after the initial key press (say, 1-5 seconds) and should consist of a random number of packets sent with timings from 0 to the average timing between key presses. The packets have to be something predetermined by the client and server so that the server knows to ignore these packets. Any other packets the client sends which happen to match this predetermined packet will have to be escaped somehow.
so when i go to type in passwd
the client sends these packets:
p
(cover packet)
(cover packet)
a
(cover packet)
s
(cover packet)
(cover packet)
(cover packet)
(cover packet)
s
(cover packet)
(cover packet)
w
(cover packet)
(cover packet)
(cover packet)
d
(cover packet)
This should destroy an attacker's ability to determine the timing frequencies between your keypresses. The length of the text you've entered may still be determined, but only within a certain range, provided the cover packets last for long enough after a single keypress. That is, if the cover packets last up to 3 average key presses in length, then the attacker will know the length of the string you entered +-3 characters.
i have a quick question. would something like pgp work to stop this snooping garbage? just have the data encrypted when you send it to people, and then no one can snoop, right?
as long as they cannot decrypt what you're sending, you're safe. i doubt Excite@home will also spend the money on a beowulf cluster to decrypt everything that's getting dl'd, but the RIAA might.
We should all be sending all packets encrypted anyways, using encrypted protocols, but oops, neither am i. I bet if we were encrypting everything then the big players would lobby for key escrow or similar so they could monitor everything.
On a side note, does this mean all the FBI has to do, to use Carnivore without a warrant, is to become an ISP?
Re:So we might as well shut down Bugtraq...
on
Hotmail Hacked
·
· Score: 1
If pasting it here is potentially 'illegal' than so are 90% of Bugtraq posts.
the intent is different in the bugtraq post vs. the slashdot post.
at least, that's what i'd imagine a prosecutor might say.
Releasing Security updates is tantamount to full disclosure - any blackhat with a bit of knowhow and enough time will be able to reverse-engineer the bug (no DMCA regs, please, we're talking about blackhats here).
So, since releasing a security patch is equivalent to giving the blackhats full disclosure, no software should ever be patched again. Instead it should be understood that anytime anyone finds a security hole, they need to be quiet forever.
If we have self-cleaning, color changing, size-shifting shirts, what am I going to do with all my trade show
accumulated shirts from now-defunct.com's that come in the "one size fits all - or else" XL? I have shirts I
haven't even worn yet. From 1996....
Instead of giving you a t-shirt those now-defunct dotcom's would have given you a license to wear their logo.
The subscription service will not be for wireless service, it will be for designs and logos and phrases. Want to show off your enjoyment of the latest boy-band? Buy a license for their logo and go download their mod for your shirt. (aside: if it was named similar to winamp, would that be licensing a new "skin" for your shirt?)
Personally, i prefer to make my own shirts, though making a silk screen for one or two shirts is a laborious process and CafePress just doesn't cut it (industrial iron-on? *shudder*). A technology whereby i can easily show off a new design would be nice.
Clothes that change colour reminds me of Rorschach from Watchmen.
looking at the load average you need a new processor
Thanks for the advice. I am running a dual PIII machine (i built it a while ago; today i'd make it a dual athlon) and that load average is from 3 processes: netscape (after a week it goes crazy) and 2 sessions of seti@home. Killing those off brings everything back into the "zippy" speed range, otherwise it's just normal.
Add to that this: the "book" as we know it has been around for over 500 years.
Storytelling via word of mouth has been around much longer. When i want to leave work and stop staring at a computer screen then i'll be biking up and down liberty/state/main/s. university street, maybe stopping in Ashley's or Leopold's for a quick pint, seeing who's there, finding out what's new, listening to tales of happenings past and present, meeting new folks and learning from their stories.
I agree that most people's negative reactions to ebooks are due to their newness - your own examples particularly bring this to light, as well as other's "if they were as convenient" statements. When books first came out you'd have to wait a while for a monk to make a copy for you, or wait for Gutenberg's invention. Give ebooks some time and the rough edges will hopefully get smoothed out appropriately.
Personally, i wish i had an electronic copy of every book i've ever read (yes, i read too - i'll stop in Old Towne for to sit and read with a pint on occasion) so that i could easily grep out a certain phrase or name or example from the text.
But i'd also like an electronic copy of every bit of data that passes through me, so the next time i'm at the Fleetwood and someone's telling me about their Seattle WTO experience i could quickly reference it against the newspaper articles and tv news i heard and read. Sure my notebooks handle this functionality too and i wouldn't give up making them for anything, but as i open up my notebook i can't help but think 'grep -i seattle' and wish i could have written down full transcripts of what i heard.
This has happened to me before - i was walking from one place to another and someone thought i looked like a guy who had robbed a bank a week earlier (there was a security camera photo of the guy in the paper; it doesn't take much to look like one of those shots). That person called 911 and a while later a cop car pulled up alongside of me - i thought i was busted for jaywalking, but he asked me a few questions and realised i wasn't the bank robber. The cop gave me his business card and told me that if anyone else pulled me over i should tell them that he already talked to me and the card was my proof.
So, to this day, i have his business card, and if the cops ever stop me i tell them i already talked to Officer Friendly and show them his business card.
There are plenty of pre-existing technologies that lead to the incorrect people getting interrogated. A lot of us innocent folks don't like being interrogated by the cops for the very reason you list - a lot of people will think that you have done something wrong and will treat you differently.
Personally, i care more about racial profiling and other forms of profiling than about some new techs turning old tricks. Like Mr. Milliron said, "They made me feel like a criminal." My cop experience wasn't that bad - the guy was cordial with me - but that isn't always the case; i've also been pushed around for no good reason, and there are plenty of minorities who will tell you the exact same thing:
they make us feel like criminals, we lose a lot of respect.
We need more cops like my Officer Friendly, who are willing to believe you are innocent until proven guilty, we need more understanding from the public that having thhe cops visit you isn't necessarily a Bad Thing.
Slashdot Mirror
Elvis Presley, because of this quote from Culture Jam:
Over a tweny-year period, Elvis Presley evolved from the avatar of American cool to the embodiment of American excess. Almost entirely confined to bed in his last months, Elvis devoured pills and fried-banana-and-peanut-butter sandwiches, suppressing the pain of being Elvis and seemingly trying to lose himself inside his own expanding girth. He was found, appropriately, dead on the throne, head down, like an offensive lineman waiting for the snap. Three points of contact: his fat hand on the tile and his ass on the porcelain.
There is no better metaphor for the old American dream. With a few exceptions, we are all Elvis now. We have learned what it means to live full-on, to fly and fornicate like an American, and now we refuse to let that lifestyle go. So we keep consuming. Our bodies, minds, families, communities, the environment - all are consumed.
One of the most popular singers and one of the first to die the tragic rockstar death. now that's cultural statement.
the first time i read a PKDick book (Three Stigmata of Palmer Eldritch) was a year after my first Gibson (Count Zero). At first i thought Dick was one of the many Gibson copycats (hi Stephenson!), then i looked at the publishing date of the Dick book - it had been written some 20 years before Gibson's - and realised how much the genre owes Dick's genius.
Sometimes i wonder how many gray dust dystopic worlds i can read about, but PKDick always brings enough innovation, wit and satirical hope that i can never put one of his books down.
If there had never been a Philip K Dick, it would almost have been necessary to invent him.
among other stories listed for Dec 21, 1997 are:
Sounds the same to me!
The main difference is that most XP users probably wont be knowledgeable about their systems or knowledgable enough to lie. But it's probably more a matter of time (training, etc) before it's supported.
I can;t wait for Dug Song to release dsniff v3.0 with an implementation of the Sub-in-the-Middle (sitm) attack.
1.3.20 has some security issues, 1.3.22 has been released. Check out http://httpd.apache.org/dist/httpd/Announcement.ht ml for more info, and here are the security vulnerabilities listed in the announcement:
read his faq. (get the google cache if it's still slashdotted). His stunt double during part of Stand By Me was a woman; try getting your kicks by watching that flick.
The Spring 2001 issue of the Perl Journal had an article about developing wireless applications-/
http://www.samag.com/documents/s=1131/sam05040004
which outlines useful perl modules, how to configure apache to play well with wml, and sample code for wireless appilcations.
The most extreme example comes from a person's doctorate work - chances are you will not be continuing research into the specific subfield topic that you did your doctorate in - you'll probably never touch that again. but it tells companies that you can do 2 years of intense research into a very particular field and come out with a good thesis.
and that's a very important thing for a company to know. you might know everything there is to know about network infrastructure and you might have years of experience planning network implementation, but without that degree how will the company know if you are easy to work with? a degree will let them know that you can play well with people.
Yes, it is essential that some people learn to think for themselves - "Imagination is more important than Knowledge" rings true for some of us, perhaps most of us in this community, but Einsteins can't exist without a large number of drones to support them- we're not all gonna be the next Great Thinker, the next Innovator
If you want practical knowledge like how to start a business or pay employess, or as others mention, write a resume or networking (people-wise) skills, look to your community college.
sun put the dot in dot com,
but slashdot took it out.
- it will be a long war
- it will be a secretive war
- the U.S. government will not necessarily reveal evidence against the terrorists they uncover.
- the U.S. government expects all other governments to comply and assist with its anti-terrorist actions.
now make hacking terrorism.now make assisting hacking terrorism.
now make hacking crimes retroactively punishable.
i've read bugtraq for years and have not informed the FBI about all the vulnerabilities released on that mailing list - will this make me negligent and punishable? will my punishment come in the form of an official court prosecution, or will special forces be sent in to take me out without ever letting anyone else know? if i move to Norway, will Norway allow the Navy SEALS to seize me?
Beware, that unmarked white van may be coming for you.
Yeah, sure, very paranoid to think that way, but consider history and consider how other police states have started their lives: will we be naive enough to let this one start as well?
im not the net admin of said network. but beyond that, i work for an educational institution which complicates the matter even further.
what difficulties?
whenever an inexperienced user brings up a redhat 7.0 or lower box on our network, it is exploited within 12 hours. within 24 hours i have received email from admins on other networks informing me that the redhat box has been probing their network. 1 minute later i have informed yet another user that it takes more to do my job than booting off of cd and following instructions on the screen.
someone out their has already taken advantage of the various vulnerabilities found in older distros.
lessons learned? i am reminded of something my brother told me:
Having your own box appeals to the pioneer spirit: your own plot of land to develop as you please, fighting off the savages, protecting from the elements.
In other words, every time you run software which other people will somehow have access to (users running desktop software, server software connected to the internet , etc) you will need to constantly monitor and upgrade that software.
where i grew up bombs blew up once every other week.
You saw a few thousand get killed because they ignored what their government has done around the world; i've seen more get killed/disappeared because they tried to speak out against what their governent was doing in their country.
The vast majority of the US chooses not to fully excercise their freedom of speech, this does not mean the rest of us should have that freedom taken away.
Now you will ask me what good free speech is when your dead? what good is life without the ability to express myself freely?
i grew up seeing just how bad it can get when a government supresses its people. i live in the U.S.A. because i feel i have the best chance for preserving my freedom of expression in this country. I dont want to see another reversion into McCarthism or worse - do we really forget how much wrong our government has done in the past? Thousands died living in a country i'm sure they would hail as the Land of the Free. You would have the next thousands die in a much different country.
FOR IMMEDIATE RELEASE
Overview
The Really Silly Command Virus identified by Blackant Systems has the potential to remove all files from a hard drive. It was recently spotted in the wild a few days ago when a junior sysadmin logged in as root on a production server and executed a shell script he had been emailed from a user known only as script_kiddie@hotmail.com.
Impact
Given a detailed analysis of the source code behind this virus, it is possible that the Really Silly Command Virus may eventually mutate into a self-propagating worm.
Recomendations
Blackant Systems reccomends that every sysadmin who would run shell scripts from untrusted parties be shot.
In order to determine if your email may contain this new virus, please look for the following first few lines in a shell script:
#!/bin/sh
#1337 script by script_kiddie!!!
#props to all my homies!!!!
rm -rf /
#this doenst seem to work yet...
mail $0 $1
If you find a file with similar lines, do not execute it on your server, but remove it immediately. Blackant Systems will be releasing a utility to identify stupid sysadmins shortly.
Let's say you enter one char of text, your client recognizes this and begins to send out more bytes of data to provide cover for your char. This cover should last for a random period of time after the initial key press (say, 1-5 seconds) and should consist of a random number of packets sent with timings from 0 to the average timing between key presses. The packets have to be something predetermined by the client and server so that the server knows to ignore these packets. Any other packets the client sends which happen to match this predetermined packet will have to be escaped somehow.
so when i go to type in
passwd
the client sends these packets:
p
(cover packet)
(cover packet)
a
(cover packet)
s
(cover packet)
(cover packet)
(cover packet)
(cover packet)
s
(cover packet)
(cover packet)
w
(cover packet)
(cover packet)
(cover packet)
d
(cover packet)
This should destroy an attacker's ability to determine the timing frequencies between your keypresses. The length of the text you've entered may still be determined, but only within a certain range, provided the cover packets last for long enough after a single keypress. That is, if the cover packets last up to 3 average key presses in length, then the attacker will know the length of the string you entered +-3 characters.
You mean sftp?
as long as they cannot decrypt what you're sending, you're safe. i doubt Excite@home will also spend the money on a beowulf cluster to decrypt everything that's getting dl'd, but the RIAA might.
We should all be sending all packets encrypted anyways, using encrypted protocols, but oops, neither am i. I bet if we were encrypting everything then the big players would lobby for key escrow or similar so they could monitor everything.
On a side note, does this mean all the FBI has to do, to use Carnivore without a warrant, is to become an ISP?
the intent is different in the bugtraq post vs. the slashdot post.
at least, that's what i'd imagine a prosecutor might say.
So, since releasing a security patch is equivalent to giving the blackhats full disclosure, no software should ever be patched again. Instead it should be understood that anytime anyone finds a security hole, they need to be quiet forever.
Yeah, should be some good shows, just watch out for blindness and the Triffids.
Instead of giving you a t-shirt those now-defunct dotcom's would have given you a license to wear their logo.
The subscription service will not be for wireless service, it will be for designs and logos and phrases. Want to show off your enjoyment of the latest boy-band? Buy a license for their logo and go download their mod for your shirt. (aside: if it was named similar to winamp, would that be licensing a new "skin" for your shirt?)
Personally, i prefer to make my own shirts, though making a silk screen for one or two shirts is a laborious process and CafePress just doesn't cut it (industrial iron-on? *shudder*). A technology whereby i can easily show off a new design would be nice.
Clothes that change colour reminds me of Rorschach from Watchmen.
Thanks for the advice. I am running a dual PIII machine (i built it a while ago; today i'd make it a dual athlon) and that load average is from 3 processes: netscape (after a week it goes crazy) and 2 sessions of seti@home. Killing those off brings everything back into the "zippy" speed range, otherwise it's just normal.
[frisco@eff /music]$ uptime /music]$
8:52am up 142 days, 3:34, 2 users, load average: 3.10, 3.26, 3.05
[frisco@eff
no changing here. i'm waiting for a year uptime, then maybe i'll think about upgrading. i wonder what i did 142 days ago that required a reboot?
Storytelling via word of mouth has been around much longer. When i want to leave work and stop staring at a computer screen then i'll be biking up and down liberty/state/main/s. university street, maybe stopping in Ashley's or Leopold's for a quick pint, seeing who's there, finding out what's new, listening to tales of happenings past and present, meeting new folks and learning from their stories.
I agree that most people's negative reactions to ebooks are due to their newness - your own examples particularly bring this to light, as well as other's "if they were as convenient" statements. When books first came out you'd have to wait a while for a monk to make a copy for you, or wait for Gutenberg's invention. Give ebooks some time and the rough edges will hopefully get smoothed out appropriately.
Personally, i wish i had an electronic copy of every book i've ever read (yes, i read too - i'll stop in Old Towne for to sit and read with a pint on occasion) so that i could easily grep out a certain phrase or name or example from the text.
But i'd also like an electronic copy of every bit of data that passes through me, so the next time i'm at the Fleetwood and someone's telling me about their Seattle WTO experience i could quickly reference it against the newspaper articles and tv news i heard and read. Sure my notebooks handle this functionality too and i wouldn't give up making them for anything, but as i open up my notebook i can't help but think 'grep -i seattle' and wish i could have written down full transcripts of what i heard.
So, to this day, i have his business card, and if the cops ever stop me i tell them i already talked to Officer Friendly and show them his business card.
There are plenty of pre-existing technologies that lead to the incorrect people getting interrogated. A lot of us innocent folks don't like being interrogated by the cops for the very reason you list - a lot of people will think that you have done something wrong and will treat you differently.
Personally, i care more about racial profiling and other forms of profiling than about some new techs turning old tricks. Like Mr. Milliron said, "They made me feel like a criminal." My cop experience wasn't that bad - the guy was cordial with me - but that isn't always the case; i've also been pushed around for no good reason, and there are plenty of minorities who will tell you the exact same thing:
they make us feel like criminals, we lose a lot of respect.
We need more cops like my Officer Friendly, who are willing to believe you are innocent until proven guilty, we need more understanding from the public that having thhe cops visit you isn't necessarily a Bad Thing.