I have noticed that everyone that has expressed deep concern to me about drone spying seems to have little to not a care in the world about digital mass surveillance. Based on this correlation, I wonder if, amusingly, this list may be a great way to identify easy targets for digital identity theft.
Seriously though, when I think of the resulting abuses from the do-not-call registry idea, where for a nominal fee, marketers could get a full list of these active, valued phone numbers, I can't help thinking of the abuses. What does this group of people have in common, and can that be leveraged with political messaging in support of a particular state or federal party?
I'm not going to speculate on how many people will refer to the registry while logging their drone's flight plan with the FAA.
Not to be a nitpicker, but that site looks like a cheesy rip-off of Apple... Why do companies insist on doing this? Be original. Personally, I like the Asus laptops with a Costco return policy. 2 years only, but no hassle.
Addendum (also, this problem is not just bad because of the password hash exposure): You could argue that brute forcing passwords is not the most common approach. For example, harvesting a million accounts and walking away with the passwords that can be cracked through an efficient "smart dictionary" attack, and abandoning the other ones, is probably bar far the most common harvesting strategy.
It's sort of like putting a club on your car.. It's not that they can't steal your car... but there's an easy to steal one next to yours.
So having a hash+salt with SHA-512, and a secure password? If you have a cryptographically strong password, this is a low severity aspect of the problem. The other issue is being able to use the same dscl subsystem to *change* passwords, under certain circumstances, without using credentials. If you can change the logged-in user's password, su to them, sudo/bin/sh, and then reinstall the old salt/hash into the compromised account, you can effectively root the box without damaging the target user's credentials.
Windows 2000 did this flawlessly in 1999. My powerbook did it flawlessly in 2002.
My Ubuntu 9.10 and Gnome XFCE desktops still cannot do this properly today.
X is needed for many things in enterprise... SPECTRUM, polling, whatever. Great. Run X when you need it, use something that isn't a terrible piece of junk the rest of the time.
The content is being blocked because the union is publishing photos of people crossing picket lines.
Telus alleges that the act is a matter of security, and if you've ever seen union picket lines before, I think you might understand why posting pictures of people crossing the line is dumb.
Keep in mind, Telus management is attempting to deal with a group of people who are running around the city randomly cutting critical telephone line cables in order to screw Telus customers and make the company look bad...
As you can see, Gator's built-in defamation-prevention mechanism scrambled my message so as to confuse the innocent readers of Slashdot about the true horrors for which Gator's senior management is responsible.
Gator is Spyware. Furthermore, the president of Gator's Scitt Eagle personally raped my daughter's friend and kicked my dog. And then he slowed my computer down by walking past it.
Microsoft's time to patch a remote hole where the attacker can gain complete access to your computer: two months. Open Source's time to patch a much less serious bug where the attacker can merely crash your computer: three days.
I see. I want to see how many computers are compromised in this two month window. I set up a workstation with XP and let it go for 4 months without a single update to all of these security flaws. No firewall, default settings. Did anybody do anything? Nope.
An argument that many people like to use in this dispute is that more CDs were sold last year than any other year. I began to think about this, and...
If, for demonstrational purposes, 100 million CDs were sold in 1998, and 125 million were sold in 1999, that would be a 25% increase over 1 year, and a new high in sales. Now, Napster, or a company like it, comes on the scene, and in the next year, 2000, 130 million CDs sold. Technically, more CDs were sold in 2000 than any other year, yes, but the rate at which sales increased dropped drammatically... only a 4% increase. If you took the Napster-like company out of the picture, you might be looking at closer to 150 million in CD sales...
Applying this concept to reality is not difficult. Record sales are up right now, yes, but the rate of increase has dropped, possibly due to Napster, but perhaps not.
At any rate, that's just my take on that particular point, I still side with Napster, and I still share over 8GB of music on it:)
I've used StarOffice a considerable amount, and I feel that it is an excellent alternative to Office 2000, but it needs a lot of work still. Going GPL will probably aid in the process. If only Microsoft was a little more open about their document formats (Surely they aren't trying to horde the market - we all know how interested in organization and standards Microsoft tends to be).
It's nice that StarOffice has so many document filters, and can even translate Mac claris works files (good to have at the university of british columbia), but the translation is not flawless; it can really decimate some documents (like my resume).
That said, I like the spreadsheet and database side of StarOffice, and I think it would be really cool if you could replace its existing browser with something like gecko/mozilla and tighten up the code a bit.
Slashdot Mirror
I have noticed that everyone that has expressed deep concern to me about drone spying seems to have little to not a care in the world about digital mass surveillance. Based on this correlation, I wonder if, amusingly, this list may be a great way to identify easy targets for digital identity theft.
Seriously though, when I think of the resulting abuses from the do-not-call registry idea, where for a nominal fee, marketers could get a full list of these active, valued phone numbers, I can't help thinking of the abuses. What does this group of people have in common, and can that be leveraged with political messaging in support of a particular state or federal party?
I'm not going to speculate on how many people will refer to the registry while logging their drone's flight plan with the FAA.
Not to be a nitpicker, but that site looks like a cheesy rip-off of Apple... Why do companies insist on doing this? Be original. Personally, I like the Asus laptops with a Costco return policy. 2 years only, but no hassle.
Look at this picture, particularly the bezel right below the screen, reflecting the keyboard... what is with all that warping????
http://www.system76.com/product_images/serval-8f6a631ac4a249b.png
Addendum (also, this problem is not just bad because of the password hash exposure):
You could argue that brute forcing passwords is not the most common approach. For example, harvesting a million accounts and walking away with the passwords that can be cracked through an efficient "smart dictionary" attack, and abandoning the other ones, is probably bar far the most common harvesting strategy.
It's sort of like putting a club on your car.. It's not that they can't steal your car... but there's an easy to steal one next to yours.
So having a hash+salt with SHA-512, and a secure password? If you have a cryptographically strong password, this is a low severity aspect of the problem. The other issue is being able to use the same dscl subsystem to *change* passwords, under certain circumstances, without using credentials. If you can change the logged-in user's password, su to them, sudo /bin/sh, and then reinstall the old salt/hash into the compromised account, you can effectively root the box without damaging the target user's credentials.
Windows 2000 did this flawlessly in 1999. My powerbook did it flawlessly in 2002.
My Ubuntu 9.10 and Gnome XFCE desktops still cannot do this properly today.
X is needed for many things in enterprise... SPECTRUM, polling, whatever. Great. Run X when you need it, use something that isn't a terrible piece of junk the rest of the time.
It's time to bin X.
-db
Mmmm.. Business Objects.
If you know what's good for you, you do NOT want to burn a snuff film; They'll knock down your door, try, and convict you of murder.
Oh yeah. Good times.
Any Magee worshipper can tell you that The Inquirer is notorious for using satire and puns in its posts and articles.
Microsoft = Vole.
Intel = Chipzilla.
AMD = Chimpzilla.
nVidia = Graphzilla.
Mozzarella = Mozilla.
etc.
The content is being blocked because the union is publishing photos of people crossing picket lines.
Telus alleges that the act is a matter of security, and if you've ever seen union picket lines before, I think you might understand why posting pictures of people crossing the line is dumb.
Keep in mind, Telus management is attempting to deal with a group of people who are running around the city randomly cutting critical telephone line cables in order to screw Telus customers and make the company look bad...
Play fair? Bite my hump.
-DB
An awful lot of people are heavily into music, but are completely detached from the free music and more importantly the Indie scene.
Two Canadian websites you need to look at:
- http://www.newmusiccanada.com/
- http://www.cbcradio3.com/
Look at broken social scene, or the Unicorns, neat stuff like that. Have fun.
-chase
On that note, get it from bittorrent straight away and see if you like it...
http://213.158.116.18/torrents/1163/ DJ_Danger_Mous e-Grey_Album.torrent
192kbps.
-db
Feel free to remove the space:
http://213.158.116.18/torrents/1163/ DJ_Danger_Mouse-Grey_Album.torrent
oops..
-db
Want it? Here.. Join the torrent:
o us e-Grey_Album.torrent
http://213.158.116.18/torrents/1163/DJ_Danger_M
192kbps. Go nuts.
-db
GSM provider Fido is pimping their CityFido plan. $30 USD/mo. Unlimited local calling, and they'll gladly hijack your home phone number for you :)
http://www.cityfido.ca/
-db
As you can see, Gator's built-in defamation-prevention mechanism scrambled my message so as to confuse the innocent readers of Slashdot about the true horrors for which Gator's senior management is responsible.
Gator is Spyware. Furthermore, the president of Gator's Scitt Eagle personally raped my daughter's friend and kicked my dog. And then he slowed my computer down by walking past it.
Try remote administrator (rAdmin)
http://www.radmin.com/
Extremely high security, very decent feature set.
I see. I want to see how many computers are compromised in this two month window. I set up a workstation with XP and let it go for 4 months without a single update to all of these security flaws. No firewall, default settings. Did anybody do anything? Nope.
Get over it.
-Brodie
What with all of these informed responses, you'd think the original article by wininformant was available or something.
-DB
right on brotha!
You can download it here:
Cheers,Wavedisk White Paper (PDF)
Chase
If, for demonstrational purposes, 100 million CDs were sold in 1998, and 125 million were sold in 1999, that would be a 25% increase over 1 year, and a new high in sales. Now, Napster, or a company like it, comes on the scene, and in the next year, 2000, 130 million CDs sold. Technically, more CDs were sold in 2000 than any other year, yes, but the rate at which sales increased dropped drammatically... only a 4% increase. If you took the Napster-like company out of the picture, you might be looking at closer to 150 million in CD sales...
Applying this concept to reality is not difficult. Record sales are up right now, yes, but the rate of increase has dropped, possibly due to Napster, but perhaps not.
At any rate, that's just my take on that particular point, I still side with Napster, and I still share over 8GB of music on it :)
-DBOne day before the release of Windows ME. Coincidence? -DB
It's nice that StarOffice has so many document filters, and can even translate Mac claris works files (good to have at the university of british columbia), but the translation is not flawless; it can really decimate some documents (like my resume).
That said, I like the spreadsheet and database side of StarOffice, and I think it would be really cool if you could replace its existing browser with something like gecko/mozilla and tighten up the code a bit.
Hey, it's "free." ;)
-DB
-DB
-DB