Probably the best reaction from the police that could have been made was to instead grab and arrest the offending few and allow the rest to protest peacefully.
Instead, like said above, they decided to take it out on everyone. I can see where past thoughts would have said to stop the entire protest because it could errupt into something very large. But, the police could have arrested the few perps and allowed the rest to go on. Anyone at the protest, who would have seen the people pushing their luck, probably would have supported the arrests and spread the word throughout.
Problem is that Americans see on TV how fast a crowd of peaceful people protesting can errupt into a mob of car-pushing, fire-lighting persons. Probably without even thinking, and going on what they have seen in the past, the police made the wrong decision.
It is time that police organizations around the country start to re-think the idea of crowd control. From the RNC to this situation, we have too much policing and not enough protesting.
There seems to be a remotely exploitable vulnerability in Sendmail up to
and including the latest version, 8.12.9. The problem lies in prescan()
function, but is not related to previous issues with this code.
The primary attack vector is an indirect invocation via parseaddr(),
although other routes are possible. Heap or stack structures, depending
on the calling location, can be overwritten due to the ability to go
past end of the input buffer in strtok()-alike routines.
As said above (and my $0.02), Sendmail has never been a big one on security. Most distros have sendmail by default configured open which is adding to the whole mess. This vulnerability will probably haunt a lot of people for a while, especially those who have no idea what Sendmail is or how to harden it.
Gee, that is about how long I thought this would all last. If they are not even registering their domain for longer than a year, maybe they do not plan to be around in a year?! <insert loud music: dum dum dum>
Don't support Transgaming!
on
WineX 3.0 Examined
·
· Score: 2, Insightful
Support people who are writing natively supported (ports) of the games. Buying a subscription to Transgaming will get you the game you currently are wanting to play, yes, but later when another game comes out, you will probably not be so lucky. OTC, I have had very little problems with my non-supported Loki produced games.
The only way to further alternative platform gaming (including MAC and *NIX) is to support the native code writers (icculus.org), the shops that sell the alternative OS games (tuxgames.com), and especially the companies that port (or pay to port) the games (Epic, Bioware, IDSoftware, etc).
Transgaming is wash! They "support" many games, but that support is strickly community-based and it may be a while before you get an answer. Their so-called "support" includes telling the customer they will need to use a CD-CRACK to get some games working (probably a really bad idea). And, not to mention, you pay for a service for a game that you already "own". Example: I pay $50 for a game I want to play and then I pay $15 (minimal subscription fee for Transgmaing) just to get it running (maybe?!) in Linux. I would much rather pay $50 (one time and maybe more $) for a game that is ported and I know that 75% of time it is going to run out of the box.
The new GUI, Point2Play is a good example. It looks as though they planned, developed, and released this thing in a matter of days. Geez, I understand they want to make money, but I think there may be better ways to do it.
If you think the entire network of a University should be open to any and all traffic, then by all means become a netadmin of a University and do it. Good Luck to ya buddy:/
I have no problem allowing access -- to certain people and trusted networks/machines. Not laying some kind of ground work for security, which includes the filtering, monitoring, and blocking of data being passed through it, opens you up to a bigger mess than just SPAM.
Students who have little or no experience using, much less installing and securifing, a network have no business using network traffic they do not own, administer, and share with others on campus for their own personal uses. This is why most universities have strong policies about personal websites and other servers being hosted on their network.
A more effective method would be to prevent the workstations from actually sending any mail directly - instead forcing them thru a corporate/university managed relay that can do appropriate anti-spam measures, including throttling excessive senders. This is the tactic that man commercial ISP's are taking the the exact same reasons.
I do agree that all outgoing and incoming mail should be scrutinized. But I do not see this solution working for very well in the long run. How would you block all the differing protocols used to send spam. You cannot (without a shadow of doubt) bet on every spam being sent from source as SMTP traffic. So as soon as you block SMTP, they will use HTTP to send the mail through a HTTP spam server. So what now -- are you talking about a total proxy solution, that would check all traffic and determine if it is mail or not -- and if so, it will determine if it is SPAM? And this is coming in an age where we cannot 100% filter ALL spam running through just one protocol (SMTP).
All I am stating is that the incorrect thing to do is assume everyone will play nice and account for a 1TB logfile every week of mail traffic to go through incase something happens (and leave it at that).
What I do not understand is why don't they just block all incoming traffic to the dorms and labs? Why is it that they allow for this traffic to even make it to the PC in the first place?
Frank Grewe, manager of Internet services for the University of Minnesota in Minneapolis-St. Paul, also wasn't surprised. He says the university does not let client machines be used as servers, employs static IP addresses and tracks the amount of traffic going to and from those addresses.
Why track... just do not allow it in the first place and it will be a whole lot easier. I just do not see a reason in allowing inbound traffic to a static IP address on a campus unless it is a server owned (no pun intended) and operated by the staff. When you allow anyone and everyone to do as they please, all hell will break lose.
I can see the point of some PCs and not others, but it should always be a special case when a PC needs access to it from the outside. This is how most corporate companies run their network. I just do not understand why in most cases all I have to do is 'host -l -t any uni-net.edu' and get a list of hosts to look at and forward my spam on from.
As for the out-sourcing of CS to someone else, I would have to disagree, because it is incidents like this that usually teach people. And when they go on to the corporate world, hopefully, they will remember that they need to lock their network down . It teaches fundamentals, and in this industry, unlike a lot of others and what a lot of corporate big-heads think, it is experience more than education that counts in the long run.
The attack deals with reoccuring data being sent between the client, man-in-the-middle, and the server. This deals with any data being sent many times across an SSL session and not just passwords, although passwords coming from a mail client such as Evolution, Outlook, Outlook Express, or whatever is a good example.
The description is a little misleading with the webmail and not cc info. If I sent my CC info across a SSL session many times, it would be just as bad as an email password.
Although, if I sent my CC info across any session more than once, I would be asking for it anyways.
Note: Gentoo and Entrust have already released updated packages for users to install. It will not be long until RedHat, SuSE, and others do as well.
...but the one on April fools where Bart puts Homer's beer in a paint shaker. Right as Bart jumps out to yell "April Foo..." --- BOOM!!! A mushroom (cloud?) of beer can be seen by Chief Wiggum on the other side of town.
Here... Many archive sites contain 2,000 gigabytes or more of pirated software, equivalent to approximately 1.4 million, 3.5- inch diskettes of copyrighted material.
I can imagine this poor FBI sap setting behind a PC [in/e]jecting disks.
In other news, the Bush Administration, along with Att.General Ashcroft, today released a new budget for the DoJ. "These monies will help protect our fellow Americans against the terrible crimes of copyright.... uhhhh... infringement." said Bush. Ashcroft later states "The FBI staff are hard at work making sure that every single piece of "warez" is accounted for" detailing plans in massive amounts of storage at the DoJ headquaters for all of the floppies/evidence/archives.
ok... mp3 (even mp2 and below) were here long before Napster. Napster just so happen to give the end-user an easier way to distribute this media. This is why I think that the companies and artists who think they can govern the.net are wrong in their endevors. They will never develop technology that will out smart everyone in the world. As soon as they release this crap, some l33t script kiddie from.SK will develop a tool to rewrite the song.mp3 file and give it another check sum. I for one am not worried about this. And to the companies out there... a little piece of advice... YOU CANNOT MAKE A WONDER TECHNOLOGY AND EXPECT IT TO WORK FOR VERY LONG!
i for one am happy to hear that one company stills stands against the tempatations to go with Microsoft. In this microsoft world, of giving free versions of OS/Utils to Universities and Companies, to mass populate the world with their crap... it is a good thing to hear that a company has enuff since to think about the situation at hand, before jumping into it. Thumbs up to ya doOds. (Of coarse, this is to be expected from *nix professionals -- think before you act.)
The IDSA's Anti-Piracy Program is designed to combat entertainment software piracy both in the U.S. and around the world. Worldwide piracy is estimated to have cost the U.S. entertainment software industry $3.0 billion in 1999.
Sorry, maybe I missed something, but it seems to me that the industery has not lost a single dime. They probably saw that enuff people downloaded these out dated applications/games/whatever and decided to hit it while they could. I am willing to bet, if there was no popularity for these abondoned appz... then they would not so much as say anything to anyone.
The OS does matter... especially WinNT based products. This is becuz Microsoft does not allow direct access to the hardware in WinNT based products. All games and software cannot access hardware directly, unless the driver works through the kernel. This is supposed to be a helpful thing to allow WinNT based products to be more stable (i.e. When Win9x products would crash, sometimes it would be due to the OS allowing writing to hardware that was already in use). This also constitutes new driver revisions and directx.
Kinda curious and clicked on the buttons below the HOME button (on the right). These people do not even desgin their own web work, designing this site through Network Solutions "Web Manager".
Slashdot Mirror
Instead, like said above, they decided to take it out on everyone. I can see where past thoughts would have said to stop the entire protest because it could errupt into something very large. But, the police could have arrested the few perps and allowed the rest to go on. Anyone at the protest, who would have seen the people pushing their luck, probably would have supported the arrests and spread the word throughout.
Problem is that Americans see on TV how fast a crowd of peaceful people protesting can errupt into a mob of car-pushing, fire-lighting persons. Probably without even thinking, and going on what they have seen in the past, the police made the wrong decision.
It is time that police organizations around the country start to re-think the idea of crowd control. From the RNC to this situation, we have too much policing and not enough protesting.
There seems to be a remotely exploitable vulnerability in Sendmail up to
and including the latest version, 8.12.9. The problem lies in prescan()
function, but is not related to previous issues with this code.
The primary attack vector is an indirect invocation via parseaddr(),
although other routes are possible. Heap or stack structures, depending
on the calling location, can be overwritten due to the ability to go
past end of the input buffer in strtok()-alike routines.
As said above (and my $0.02), Sendmail has never been a big one on security. Most distros have sendmail by default configured open which is adding to the whole mess. This vulnerability will probably haunt a lot of people for a while, especially those who have no idea what Sendmail is or how to harden it.
[whois.internic.com]
Expiration Date: 02-sep-2004
Gee, that is about how long I thought this would all last. If they are not even registering their domain for longer than a year, maybe they do not plan to be around in a year?! <insert loud music: dum dum dum>
Support people who are writing natively supported (ports) of the games. Buying a subscription to Transgaming will get you the game you currently are wanting to play, yes, but later when another game comes out, you will probably not be so lucky. OTC, I have had very little problems with my non-supported Loki produced games.
The only way to further alternative platform gaming (including MAC and *NIX) is to support the native code writers (icculus.org), the shops that sell the alternative OS games (tuxgames.com), and especially the companies that port (or pay to port) the games (Epic, Bioware, IDSoftware, etc).
Transgaming is wash! They "support" many games, but that support is strickly community-based and it may be a while before you get an answer. Their so-called "support" includes telling the customer they will need to use a CD-CRACK to get some games working (probably a really bad idea). And, not to mention, you pay for a service for a game that you already "own". Example: I pay $50 for a game I want to play and then I pay $15 (minimal subscription fee for Transgmaing) just to get it running (maybe?!) in Linux. I would much rather pay $50 (one time and maybe more $) for a game that is ported and I know that 75% of time it is going to run out of the box.
The new GUI, Point2Play is a good example. It looks as though they planned, developed, and released this thing in a matter of days. Geez, I understand they want to make money, but I think there may be better ways to do it.
I have no problem allowing access -- to certain people and trusted networks/machines. Not laying some kind of ground work for security, which includes the filtering, monitoring, and blocking of data being passed through it, opens you up to a bigger mess than just SPAM.
Students who have little or no experience using, much less installing and securifing, a network have no business using network traffic they do not own, administer, and share with others on campus for their own personal uses. This is why most universities have strong policies about personal websites and other servers being hosted on their network.
I do agree that all outgoing and incoming mail should be scrutinized. But I do not see this solution working for very well in the long run. How would you block all the differing protocols used to send spam. You cannot (without a shadow of doubt) bet on every spam being sent from source as SMTP traffic. So as soon as you block SMTP, they will use HTTP to send the mail through a HTTP spam server. So what now -- are you talking about a total proxy solution, that would check all traffic and determine if it is mail or not -- and if so, it will determine if it is SPAM? And this is coming in an age where we cannot 100% filter ALL spam running through just one protocol (SMTP).
All I am stating is that the incorrect thing to do is assume everyone will play nice and account for a 1TB logfile every week of mail traffic to go through incase something happens (and leave it at that).
Frank Grewe, manager of Internet services for the University of Minnesota in Minneapolis-St. Paul, also wasn't surprised. He says the university does not let client machines be used as servers, employs static IP addresses and tracks the amount of traffic going to and from those addresses.
Why track ... just do not allow it in the first place and it will be a whole lot easier. I just do not see a reason in allowing inbound traffic to a static IP address on a campus unless it is a server owned (no pun intended) and operated by the staff. When you allow anyone and everyone to do as they please, all hell will break lose.
I can see the point of some PCs and not others, but it should always be a special case when a PC needs access to it from the outside. This is how most corporate companies run their network. I just do not understand why in most cases all I have to do is 'host -l -t any uni-net.edu' and get a list of hosts to look at and forward my spam on from.
As for the out-sourcing of CS to someone else, I would have to disagree, because it is incidents like this that usually teach people. And when they go on to the corporate world, hopefully, they will remember that they need to lock their network down . It teaches fundamentals, and in this industry, unlike a lot of others and what a lot of corporate big-heads think, it is experience more than education that counts in the long run.
The description is a little misleading with the webmail and not cc info. If I sent my CC info across a SSL session many times, it would be just as bad as an email password.
Although, if I sent my CC info across any session more than once, I would be asking for it anyways.
Note: Gentoo and Entrust have already released updated packages for users to install. It will not be long until RedHat, SuSE, and others do as well.
...but the one on April fools where Bart puts Homer's beer in a paint shaker. Right as Bart jumps out to yell "April Foo..." --- BOOM!!! A mushroom (cloud?) of beer can be seen by Chief Wiggum on the other side of town.
Yahoodomains.com: Get your own eBay-like domainname & web-card from $35/Year!
Package includes:
Many archive sites contain 2,000 gigabytes or more of pirated software, equivalent to approximately 1.4 million, 3.5- inch diskettes of copyrighted material.
I can imagine this poor FBI sap setting behind a PC [in/e]jecting disks.
In other news, the Bush Administration, along with Att.General Ashcroft, today released a new budget for the DoJ. "These monies will help protect our fellow Americans against the terrible crimes of copyright
YOU CANNOT MAKE A WONDER TECHNOLOGY AND EXPECT IT TO WORK FOR VERY LONG!
Sorry, maybe I missed something, but it seems to me that the industery has not lost a single dime. They probably saw that enuff people downloaded these out dated applications/games/whatever and decided to hit it while they could. I am willing to bet, if there was no popularity for these abondoned appz ... then they would not so much as say anything to anyone.
The OS does matter... especially WinNT based products. This is becuz Microsoft does not allow direct access to the hardware in WinNT based products. All games and software cannot access hardware directly, unless the driver works through the kernel. This is supposed to be a helpful thing to allow WinNT based products to be more stable (i.e. When Win9x products would crash, sometimes it would be due to the OS allowing writing to hardware that was already in use). This also constitutes new driver revisions and directx.
Kinda curious and clicked on the buttons below the HOME button (on the right). These people do not even desgin their own web work, designing this site through Network Solutions "Web Manager".
EEERRRIPPPPSSS!!! -Ren
This would make one hell of a quake game. Then, as luck would have it, your boss walks in and you have to quickly ALT+TAB the screen ... DOLT!