how about a worm or virus spreads for a few months and lies dormant so nobody notices, nobody issues AV patches, then the attacker(s) use this URI exploit to trigger the nasty payload in one swell 15 minute swoop.
Instead of having code in there that waits till a certain time to activate (which could be detected by a host based IDS) or needs to download another component from rooted server x (that could be blocked at the router or local firewall level) there would be nothing wrong, and then sudenly all over the globe everything is wrong.
The laser tag pistols themselves are not lasers. They are just an infrared light focused by a lens. Basically a tv remote with a trigger. So here we have 2 options for widening the beam: use a different lens or use one of the guns to program a universal remote and play with that instead.
CIO's wouldn't be able to pull this kind of shit if we were a union trade. We could demand better pay for having to subsidize company architcture or they would have to pay for it themselves. Otherwise we walk while the windows worm of the week burrows unopposed.
If half the CIO's of the fortune 500 were giving evil eyes to your CIO because of a sympathy strike on your behalf, this would be an entirely different story. Such a CIO could be endangering their carreer if they turn the screws too tight on their staff.
I found that whenever I read a computer magazine the content is stuff I read about a month previous online. So purchasing dead trees for this information became pointless.
There are 3 classes of apps you need to do really good web development: A text editor, an image editor and a web browser.
The text editor bits aren't just editing text. You should have greplike functionality across entire directory trees, be able to check source out/in via cvs (or your favorite versioning tool), access the dev environment over an encrypted connection and save using unix line breaks (so you can make those emergency changes via ssh wherever you happen to be when you get the call). Composer don't do that. For me to use it, it should have the option to choose an external text editor.
You also need to slice up and optimize web graphics from a comp. Those are usually photoshop files in rgb color (if your designer isn't a putz). So composer needs to be able to integrate with an image editor (say, right click on an image in your project to optimize it or otherwise edit it...maybe gimp, imageready, fireworks or pshop) in order for it to be useful.
And of course, if you're really serious about how your page looks to people other than you, you need to be able to view the project in multiple browsers through the entire dev cycle. This means multiple machines, so using file:// to get to the files is out of the question.
If I were forced to choose between either using frontpage or composer I'd choose composer, no question. But it really is a tool for those who would otherwise save a word doc as html. For anybody who has higher ambitions composer is a curiosity at best. At least until it can be used to integrate more functional tools into a holistic suite greater than the sum of it's parts.
With so many options and so many trade-offs, it'd be good to know what you need the connection for.
For instance, one thing I haven't seen brought up is iridium. If what you're doing is streaming audio of the conference you could use it's voice features to call up a voice modem in a box that could encode the stream and stream it on it's merry way. I've done ppp over iridium (slooowwww) too, so if you're streaming the audio during the day, you could call another number at night to get connectivity and maybe use some sort of proxying during the day so that the IP stuff gets routed while people sleep.
If you're going for laptop connectivity for antendees during the day you're going to need something heftier. Here's a suggestion in that case: Use google and yellow pages to discover the ISP's that serve that region. Go to ARIN (or your geographical equivalent) and discover the IP ranges they hold and the geographical location of their datacenter. Traceroute all those IP's and pay attention to the time it takes between hitting that box and the ISP. Do a rough calculation to find out if any of those hosts would be in range of souped up wifi. You might be able to find somebody in range and willing to let you hop on.
Also if you're just car camping there's probably a town in range of a superfly wifi antenna so you could either hop on an existing connection or create your own temporary one there.
There are also satellite net connections you can get/rent, but remember that in addition to the cost of the rental and it's energy source (some parks won't allow you to bring gasoline powered equipment) you have to get that gear to the site. So if you're REALLY camping you have to figure if you can bring all this stuff in on your back or on a mule.
can we please stop using the white/black hat nomenclature?
Hackers are people just like everybody else. Nobody is 100% good or evil. We make choices for the same reasons and feelings as everybody else. Have you ever heard of a black hat janitor? Chef? Architect?
Of course not. This black/white hat nonsense objectifies, polarizes and just fuels prejudice towards us. We need people to get to know us as individuals and make up their own minds, not give them a way of pidgeon holing and prejudging us.
If the bacteria researchers bring in their own shower curtains to test, who's to say they didn't bring the bacteria home with them from work and the shower curtain was a growth media.
So the results are tainted. In order for the results to have any validity they need a sample population of people who don't work with specific bacterium all day.
How is using waste any more naughty than gnutella? After all, nullsoft released that and AOL pulled it too.
And also, the code is in dispute maybe, but what about reverse engineering the protocol? Without protocol docs, you'd have to download and run this in a testing environment if you wanted to reverse engineer the protocol to roll your own code.
In the top section I've posted the original waste source, current waste source, PadLockSL source and some of the windows binaries mirrored in this thread.
This should consolodate the mirrored files in one place.
I tend to compile on machines that are older. Primarily because I'm trying to get as much out of it as I can. Another one of the deciding factors is availability. If the machine needs all of it's cpu all of the time it'll be hard to find time to compile.
So that's how I decide what I'm going to do on a given box. One thing to keep in mind is to see if you can choose different distro's depending on that decision. Like using Red Hat on a box you're going to use packages on and Gentoo on a box you're going to compile on. Gentoo makes it really easy to manage compiled applications while rpm is a good package system. That can make all the difference so long as the staff has the expertise to use multiple distros.
I hope this doesn't mean that they'll make another sequel to those manequin movies where the mall manequin comes to life. Only this time in space. I've had enough bad 80's background music and forced jokes about window displays. Saving the ISS from the mars mallrats is a half-plot I can't bear.
1) You can either already have svideo/video outs on your box or get one of them svga - teevee adaptor things.
2) Insted of "Ripping" them or whatever, just make disk images. Make sure they're uncompressed and whatnot.
The rest is simple: set up the plasma display as your monitor, mount the disk image, use the DVD player software.
I've done this on a PowerBook g4/1ghz with good results.
For better quality, and using straight up svga with no adaptors, sell the plasma and buy a video projector. You could have enough ca$h left over to buy a UPS for the projector (blackouts are hell for the bulbs) and a drink fridge for the beers.
Believe me, the're nothing like the projector for movies and smiting your foes in halo or bf1942.
Of course, if you choose to provide subscriber content, you have to tell subscribers from non-subscibers. When you're a publicly traded company, this means that your authentication scheme affects your bottom line and those of your shareholders.
If your authentication is weak, and people get content for free, your shareholders might sue you. You might see all that subscriber money go to the courts and whatnot. Heck, it could even cost more than you get from subscribers.
Salon's Premium Content is a prime example. A crack for their authentication was published in 2600 with a fix provided in the article (issue 20:1) and to date they've not fixed the hole. That was a year ago. People may pay for Salon out of conscience, but less appreciated news outlets have a big target painted on them as far as getting around subscription auth.
As more sites move towards subscription content as part of their bottom line, we will see more companies with a lot to lose from a combination of poor web application design/implementation and minority shareholder lawsuits. Sites that are contemplating this move must understand that this revenue stream comes with costs and risks. If they're not careful, it could cost more than they get out of it.
I'm reminded that last time there was a windows source leak we were all encouraged NOT to look at it, so that we wouldn't have to deal with the source ending up in Linux.
Seems like a good idea, but...
Was it ESR that made that nifty app to compare SCO and Linux sources? Could it be fiddled with to see if Linux or other free/open source code made it's way into windows?
It would be quite a coup if we could somehow legally show that they stole from the community without having to deal with the gnarly mess of windows code finding it's way into Linux.
I'm not implying that such a thing HAS happened, but we're presented with an opportunity here.
Is it time to figure out what to do when your Napster WMA files go unsupported after Napster 2 dies?"
I think it's obvious that you crack the DRM. You paid for the music, you should get to keep it. Only an idiot would buy a CD that would stop working if the record store shut it's doors.
This is one reason that the anti-circumvention provisions of the DMCA are an indication that Sen. Hatch and cronies "just don't get it". If the tracks I legally pay for online may some day just stop working when the company fails, it's a reason for me not to choose their service. It creates an artificial barrier to entry into the legal media sales market when the law is trying promote and protect that market.
If we could legally crack the DRM on files we legally purchase to mitigate this risk factor, Napster's business model would be worth participating in. But since es ist verboten per DMCA only an idiot or a criminal could consider giving Nappy 2 or it's similar subscription cousins any business. It's not a good position to be in if you're a young company. This law is counterproductive.
Anyway... the only thing you can do if nappy 2 craps out and your tracks die is to circumvent the DRM. It's illegal, but thanks to Hatch and his hellians, that's the only way you're going to listen to the music you legally paid for.
Your codecs might not suck so bad anymore but I still can't to enjoy my content the way I'd like to. Get rid of the DRM and maybe then I'll stop avoiding Real like the plague.
This person is probably selling gift certificates on ebay so people overseas can use the store. It's much more effective for apple to turn a blind eye to this than negotiate different contracts for each region in order to sell to these people.
In this case, I'd say 802.11b for 2 reasons. First and briefly, the a/g cards can regress to b but not the other way around. best to cater to everybody.
But more importantly, you don't want to worry about people at the starbucks that will eventually open across the street from you using your wireless for free while drinking the competitions coffee.
So I would suggest using b for it's shorter range. You don't want to be a total-lockdown thing (if you're using a tip jar model I'm assuming that it's open and on the honor system) so this could be a way to keep people physically close to the tip jar without being a meanie about it.
Just because the machine is no longer fast enough to be a general purpose machine of modern standards doesn't mean it can't do one specific thing extremely well.
A school or nonprofit could make good use of a donated 386 as a print server, pbx etc. You can find your favorite needy organization, ask them what they sorely need and use your hardware macgyver skills to do some philanthropy.
Slashdot Mirror
how about a worm or virus spreads for a few months and lies dormant so nobody notices, nobody issues AV patches, then the attacker(s) use this URI exploit to trigger the nasty payload in one swell 15 minute swoop.
Instead of having code in there that waits till a certain time to activate (which could be detected by a host based IDS) or needs to download another component from rooted server x (that could be blocked at the router or local firewall level) there would be nothing wrong, and then sudenly all over the globe everything is wrong.
pretty nasty
The laser tag pistols themselves are not lasers. They are just an infrared light focused by a lens. Basically a tv remote with a trigger. So here we have 2 options for widening the beam: use a different lens or use one of the guns to program a universal remote and play with that instead.
Use your imagination, it's just a flashlight.
CIO's wouldn't be able to pull this kind of shit if we were a union trade. We could demand better pay for having to subsidize company architcture or they would have to pay for it themselves. Otherwise we walk while the windows worm of the week burrows unopposed.
If half the CIO's of the fortune 500 were giving evil eyes to your CIO because of a sympathy strike on your behalf, this would be an entirely different story. Such a CIO could be endangering their carreer if they turn the screws too tight on their staff.
Maybe now they'll have incentive to dump this buggy heap of ASP and write somthing in a language that doesn't suck giant donkey balls.
I found that whenever I read a computer magazine the content is stuff I read about a month previous online. So purchasing dead trees for this information became pointless.
composer?
There are 3 classes of apps you need to do really good web development: A text editor, an image editor and a web browser.
The text editor bits aren't just editing text. You should have greplike functionality across entire directory trees, be able to check source out/in via cvs (or your favorite versioning tool), access the dev environment over an encrypted connection and save using unix line breaks (so you can make those emergency changes via ssh wherever you happen to be when you get the call). Composer don't do that. For me to use it, it should have the option to choose an external text editor.
You also need to slice up and optimize web graphics from a comp. Those are usually photoshop files in rgb color (if your designer isn't a putz). So composer needs to be able to integrate with an image editor (say, right click on an image in your project to optimize it or otherwise edit it...maybe gimp, imageready, fireworks or pshop) in order for it to be useful.
And of course, if you're really serious about how your page looks to people other than you, you need to be able to view the project in multiple browsers through the entire dev cycle. This means multiple machines, so using file:// to get to the files is out of the question.
If I were forced to choose between either using frontpage or composer I'd choose composer, no question. But it really is a tool for those who would otherwise save a word doc as html. For anybody who has higher ambitions composer is a curiosity at best. At least until it can be used to integrate more functional tools into a holistic suite greater than the sum of it's parts.
With so many options and so many trade-offs, it'd be good to know what you need the connection for.
For instance, one thing I haven't seen brought up is iridium. If what you're doing is streaming audio of the conference you could use it's voice features to call up a voice modem in a box that could encode the stream and stream it on it's merry way. I've done ppp over iridium (slooowwww) too, so if you're streaming the audio during the day, you could call another number at night to get connectivity and maybe use some sort of proxying during the day so that the IP stuff gets routed while people sleep.
If you're going for laptop connectivity for antendees during the day you're going to need something heftier. Here's a suggestion in that case: Use google and yellow pages to discover the ISP's that serve that region. Go to ARIN (or your geographical equivalent) and discover the IP ranges they hold and the geographical location of their datacenter. Traceroute all those IP's and pay attention to the time it takes between hitting that box and the ISP. Do a rough calculation to find out if any of those hosts would be in range of souped up wifi. You might be able to find somebody in range and willing to let you hop on.
Also if you're just car camping there's probably a town in range of a superfly wifi antenna so you could either hop on an existing connection or create your own temporary one there.
There are also satellite net connections you can get/rent, but remember that in addition to the cost of the rental and it's energy source (some parks won't allow you to bring gasoline powered equipment) you have to get that gear to the site. So if you're REALLY camping you have to figure if you can bring all this stuff in on your back or on a mule.
can we please stop using the white/black hat nomenclature?
Hackers are people just like everybody else. Nobody is 100% good or evil. We make choices for the same reasons and feelings as everybody else. Have you ever heard of a black hat janitor? Chef? Architect?
Of course not. This black/white hat nonsense objectifies, polarizes and just fuels prejudice towards us. We need people to get to know us as individuals and make up their own minds, not give them a way of pidgeon holing and prejudging us.
If the bacteria researchers bring in their own shower curtains to test, who's to say they didn't bring the bacteria home with them from work and the shower curtain was a growth media.
So the results are tainted. In order for the results to have any validity they need a sample population of people who don't work with specific bacterium all day.
1. Firefox (or whatever it's called that month)
2. GnuPG
3. Fire
4. Fugu
5. wget
6. BBEdit
7. Adobe apps
8. MPlayerOSX
9. BitTorrent
10. Beholder
How is using waste any more naughty than gnutella? After all, nullsoft released that and AOL pulled it too.
And also, the code is in dispute maybe, but what about reverse engineering the protocol? Without protocol docs, you'd have to download and run this in a testing environment if you wanted to reverse engineer the protocol to roll your own code.
http://www.mousearmy.net/tech/
In the top section I've posted the original waste source, current waste source, PadLockSL source and some of the windows binaries mirrored in this thread.
This should consolodate the mirrored files in one place.
I tend to compile on machines that are older. Primarily because I'm trying to get as much out of it as I can. Another one of the deciding factors is availability. If the machine needs all of it's cpu all of the time it'll be hard to find time to compile.
So that's how I decide what I'm going to do on a given box. One thing to keep in mind is to see if you can choose different distro's depending on that decision. Like using Red Hat on a box you're going to use packages on and Gentoo on a box you're going to compile on. Gentoo makes it really easy to manage compiled applications while rpm is a good package system. That can make all the difference so long as the staff has the expertise to use multiple distros.
I hope this doesn't mean that they'll make another sequel to those manequin movies where the mall manequin comes to life. Only this time in space. I've had enough bad 80's background music and forced jokes about window displays. Saving the ISS from the mars mallrats is a half-plot I can't bear.
1) You can either already have svideo/video outs on your box or get one of them svga - teevee adaptor things.
2) Insted of "Ripping" them or whatever, just make disk images. Make sure they're uncompressed and whatnot.
The rest is simple: set up the plasma display as your monitor, mount the disk image, use the DVD player software.
I've done this on a PowerBook g4/1ghz with good results.
For better quality, and using straight up svga with no adaptors, sell the plasma and buy a video projector. You could have enough ca$h left over to buy a UPS for the projector (blackouts are hell for the bulbs) and a drink fridge for the beers.
Believe me, the're nothing like the projector for movies and smiting your foes in halo or bf1942.
Of course, if you choose to provide subscriber content, you have to tell subscribers from non-subscibers. When you're a publicly traded company, this means that your authentication scheme affects your bottom line and those of your shareholders.
If your authentication is weak, and people get content for free, your shareholders might sue you. You might see all that subscriber money go to the courts and whatnot. Heck, it could even cost more than you get from subscribers.
Salon's Premium Content is a prime example. A crack for their authentication was published in 2600 with a fix provided in the article (issue 20:1) and to date they've not fixed the hole. That was a year ago. People may pay for Salon out of conscience, but less appreciated news outlets have a big target painted on them as far as getting around subscription auth.
As more sites move towards subscription content as part of their bottom line, we will see more companies with a lot to lose from a combination of poor web application design/implementation and minority shareholder lawsuits. Sites that are contemplating this move must understand that this revenue stream comes with costs and risks. If they're not careful, it could cost more than they get out of it.
There are self tuning guitars out there that tune by thermal expansion rather than "retensioning"
The problem is that any system has to be careful not to make it more likely that you'll break a string. That's a bigger hassle than tuning.
I'm reminded that last time there was a windows source leak we were all encouraged NOT to look at it, so that we wouldn't have to deal with the source ending up in Linux.
Seems like a good idea, but...
Was it ESR that made that nifty app to compare SCO and Linux sources? Could it be fiddled with to see if Linux or other free/open source code made it's way into windows?
It would be quite a coup if we could somehow legally show that they stole from the community without having to deal with the gnarly mess of windows code finding it's way into Linux.
I'm not implying that such a thing HAS happened, but we're presented with an opportunity here.
Is it time to figure out what to do when your Napster WMA files go unsupported after Napster 2 dies?"
I think it's obvious that you crack the DRM. You paid for the music, you should get to keep it. Only an idiot would buy a CD that would stop working if the record store shut it's doors.
This is one reason that the anti-circumvention provisions of the DMCA are an indication that Sen. Hatch and cronies "just don't get it". If the tracks I legally pay for online may some day just stop working when the company fails, it's a reason for me not to choose their service. It creates an artificial barrier to entry into the legal media sales market when the law is trying promote and protect that market.
If we could legally crack the DRM on files we legally purchase to mitigate this risk factor, Napster's business model would be worth participating in. But since es ist verboten per DMCA only an idiot or a criminal could consider giving Nappy 2 or it's similar subscription cousins any business. It's not a good position to be in if you're a young company. This law is counterproductive.
Anyway... the only thing you can do if nappy 2 craps out and your tracks die is to circumvent the DRM. It's illegal, but thanks to Hatch and his hellians, that's the only way you're going to listen to the music you legally paid for.
Your codecs might not suck so bad anymore but I still can't to enjoy my content the way I'd like to. Get rid of the DRM and maybe then I'll stop avoiding Real like the plague.
This person is probably selling gift certificates on ebay so people overseas can use the store. It's much more effective for apple to turn a blind eye to this than negotiate different contracts for each region in order to sell to these people.
close. He announced it when iTMS for windows was announced. It had already been rolled out for several months.
In this case, I'd say 802.11b for 2 reasons. First and briefly, the a/g cards can regress to b but not the other way around. best to cater to everybody.
But more importantly, you don't want to worry about people at the starbucks that will eventually open across the street from you using your wireless for free while drinking the competitions coffee.
So I would suggest using b for it's shorter range. You don't want to be a total-lockdown thing (if you're using a tip jar model I'm assuming that it's open and on the honor system) so this could be a way to keep people physically close to the tip jar without being a meanie about it.
It has a potential to be extremely bright.
...they become appliances.
Just because the machine is no longer fast enough to be a general purpose machine of modern standards doesn't mean it can't do one specific thing extremely well.
A school or nonprofit could make good use of a donated 386 as a print server, pbx etc. You can find your favorite needy organization, ask them what they sorely need and use your hardware macgyver skills to do some philanthropy.