... unless you're doing something illegal, what reason would you have to hide it?(edited for spelling)
It's good to hear that you're so co-operative. Now you won't have to wait in line for the daily X-ray scans or weekly body cavity search - you can go right up to the front. I'm sure you won't mind the intrusion, after all you've got nothing to hide.
On the plus side this could make for a great new 'Reality TV' spot or even a new cable channel.
I've been folowing this story all day and the last thing I expected to see on/. was a regurgitation of "facts" with a 'questionable heritage'.
Several sites (groklaw, lwn) have already pointed out that the claims of being hacked should be viewed with a liberal ointment of skepticism for any of the following reasons;
SCO was full of shit on the last DDoS 'attack'
SYN flood? Are you bullshitting me? A corporate firewall that can't handle something as old as that? Was it a high volume attack?
Funny that every other network server on the same subnet was still available (ie: ftp.sco.com)
my personal favorite "and corporate operational traffic to be unavailable during the morning hours including e-mail, the company intranet, and customer support operations" - corporate intranet down from a DDoS?. If that means that employees can't surf jobs.com because they get ported through the same address space as their http server then I guess the GNU.Linux community has little to worry about. Anybody that dim couldn't possibly find their way to court let alone be the plaintiff in a three billin dollar lawsuit.
This is not a Good Idea. Why in the fuck do I have to pay the following taxes when I'm not copying music illegally? We go through assloads of CD-Rs to archive projcet photos and now we have to pay more "Because I said so." That's pure thuggery.
We're already getting jacked for $.21 for each CD-R we buy and they want that bumped to $.59, double that if it's a "CD-R Audio" disc. You want an MP3 player? Pony up $21 per GB of storage. Memory sticks/cards for your digital camera? Sure! Just hand over.8 cents per megabyte. How about a fancy new 256MB USB dongle for your keychain? Same rate for that, too.
Unfortunately they seem to think I have a lot of money left over so now they're petitioning for an Internet levy on ISPs. Again they take my money and I get...nothing?
and they call us pirates?
Face it. If I really wanted to live in a police state and be subjected to financial shakedowns on the whim of the local merchants I'm quite sure I could find a much warmer place to live than Canada
I'll bet we'll see an RSS aggregator integrated into Outlook or MSIE. If that happens, the barrier of entry will be significantly reduced. Of course that brings about the question of whether or not having MS in the RSS client game is a good thing, but I'll worry about that later..
(emphasis added)
Oh I'm sure we'll all worry about that later. With the, erm, past problems with IE and Outlook Express as a vector it would make any RSS feed an even tastier target for exploits.
The last line of "The Periodinc Table of Science Fiction - Helium" (Michael Swanwick) pretty much sums it up.
Oh, it's silly of me, I know. But destroying the universe is a lot more fun when the little bastards can see it coming.
So is it really a first/last issue or is it a ploy to beg and plead for a saviour? PhysicsToday had a similar article about the demise of "The Sciences" which used to be a bi-monthly published by the New York Academy of Science. Instead of dowscaling to pulp and line-drawings they may be trying to hold it hostage so a wealthy benefactor can bail it out. Something about "money better spent elsewhere". Either way, I'll miss it.
Wrong again. "Slug" was the IP lawyer who represented "Glug" in the patent infringement case, claiming "Mammoth hunting begats Mammoth counting which is an integral process in the hunt. Mr Ugh's machine is a direct infringement of his prior art. We also beleive that Mr. Slug's process could enable the copying of Mr. Ugh's work, depriving him of hundereds of kills he could have legitimately claimed were it not for the illegal copies."
Although Ugh was a pioneer in his field, the unfortunate facts are; he still couldn't get laid and Glug wound up working for Slug who now owns the rights to the process and all slate products. Ugh was last seen promoting the value of "OpenSlate".
...and it's call theft. If Slashdot is using banner ads as a revenue stream and Gator's ads pre-epmt these then the person paying for the original banner ad loses. That's theft or fraud or something far more concrete than what happened here.
First off - a house is the wrong analogy. You have a reasonable expectation of privacy as you are not offering or promoting a good or service that invites the general public.
Second - the way I read the article, the system was not secured. A more apt analogy might read like this...
While dropping off my Atari cluster at the local Mini Self Storage I was surprised to learn that after opening the door to my unit, my stuff was all gone and
totally replaced with someone else's! After a quick check I realized that I was in the wrong unit. Then I noticed that while the doors were equipped with locks, they were not set up at all. I could turn the knob on any door and take whatever I wanted. Instead I chose to alert this obvious problem to the owners. The owners asked for details on how it was done and said they would contact the locksmith immediately. Instead he phoned the police who in turn notified the FBI.
45 Seconds to the first infection acording to a recent msnbc article. I'm getting one hit at least every two minutes. Although that may fix the CodeRedII back door, it won't remove any trojans that may or may not have been pushed to the offending rig during active infection.
As scary the possibility that the verdict could be overturned might be, it is completely outweighed by the fact that if they lose this one, Microsoft has nowhere else to turn. They will have appealed to the highest court in the USA and LOST.
...until the 2002 Q2 release of Microsoft's new JusticeXP rollout which will leverage the use of the new.COURT initiative. As yet there are no plans to announce compatibility with browsers other than IE9.0-SP7. Features of the new OutlookXP will include the new "AutoAppeal" button which builds a mailing list from your.COURT acounts to create a targeted campaign for your appeals process.
No word yet as to what the theme music will be but they will likely approach artists who already have a grudge against the Federal Government. There have been a significant number of Gnutella searches this week for "Willie Nelson"...
...that these funny-dressed people are the ones who literally keep the electronic wheels turning throughout the world.
That would be great if people actually stopped to listen. Where I come from a protest is just another day in the news. The general public tunes them out and if they actually make the news it is due to some act of (not usually) civil disobedience.
Approach people in the street to educate them about your cause and they are immediately threatened. All day they are innundated by Junk mail, marketing people, bosses, subordinates, CNN, and anybody else who wants an opinion or time. The creative appraoch I had challenged for in the parent of this thread was not to write a 133t script or drop a power grid into black. I ranted and said "oh. another protest" and I still stand by that statement. Dont make it just another protest/march. I mean make people stop and think without getting in their way. I mean get their attention. You want suggestions? Well I went to the suggestion warehouse and here's a few on the house.
Considering that the main issues here are Freedom of Speech, copyright and Fair Use and Interoperability there are plenty of forums for educating people.
The copy room in your office. Place relevant sections of the DMCA there. That should make them think.
Padlock (loosely) all the dead-tree books in your office. Keep the key. Inform anyone that improper removal of the padlock may result in federal criminal charges
ROT-13 all your office memos and tell anyone that if they try to circumvent your encryption or if they tell anybody how to do it they may be subject to federal prosection.
So go ahead and take the protest to the streets. Keep it clean. But most of all keep it interesting. I'll take my argument to where people will take their time to stop and hopefully think.
Ditto here on the left Coast of Canada using @home and xDSL. Looks as if the DSL provider got scared/trashed by the new requests as it was out for five hours, thirty minutes after my first log incident. Might it be taking a harder bite out of the patched Cisco equipment?
I also noticed a steady reduction of "NNNN" probes throughout the day - down to 1 - 2 per hour. Whether it kills, displaces or just overwhelms, it does reduce it.
The really scary thing is to consider how long CodeRed V2.0 would have gone unnoticed if the probes would have stuck with the "NNNN" series instead of the "XXXX" as the overflow fodder? It took me two cups of coffee this morning (well, ten-ish) to see that I was looking at a page of "X"s. Could it have gone relatively stealthy?
Seeing a lot of "XXXX" and far fewer "NNNN" in the logs. This version appears to stay crunchier in milk than the first. Up to 25-30 per hour, from 10 this afternoon. The 24.x.x.x may be getting slammed, but I can see another that is just as bad.
Snipped from incidents dot org (emphasis added)
Both Henk Wevers and corecode submitted packet traces of the complete
request as shown below. Comparing this trace with the original Code Red
(see the Code Red Infection Illustrated section of the July 23
Handler's Diary at: http://www.incidents.org/diary/july2001.php)
it is immediately obvious that we are dealing with a new worm.
Note that line 820 shows that the worm is doing something with
CMD.EXE; also the dump contains the string 'CodeRedII' on line 230.
Note the references to root.exe on lines 840 and 880.
Article also mentions that it appears the compromised servers are backdoored and rooted. Ouch.
The editorial accusations of crying wolf might look a little pale this evening...
While I'm sure that the protest will generate all kinds of warm and fuzzy feelings in the radical/. camps, I fail to see how they will get any attention other than "Hey, look at all the nerds." The bulk of the population still does not understand the issues involved and will just write the whole thing off as "another protest, but these ones dress funny." Marches, chants and signs? Most of the press doesn't 'get it' and will only cover it if
someone does something icredibly stupid (therefore newsworthy), or
someone can actually get the point across that the DMCA is a horrible piece of legislation.
But c'mon - a protest? I would have expected something a little more creative from the/. commnunity.
As far as the general population is concerned, the case involves a "Russian hacker". That's all they need to know and they will tune in to the new and improved CNN for the sentencing details and patiently await the feature-length movie or game-show style punishment.
Slashdot Mirror
128 kbps over 35 million miles... looks like we'll need another benchmark to replace the station wagon full of DAT tapes
It's good to hear that you're so co-operative. Now you won't have to wait in line for the daily X-ray scans or weekly body cavity search - you can go right up to the front. I'm sure you won't mind the intrusion, after all you've got nothing to hide.
On the plus side this could make for a great new 'Reality TV' spot or even a new cable channel.
I've been folowing this story all day and the last thing I expected to see on /. was a regurgitation of "facts" with a 'questionable heritage'.
Several sites (groklaw, lwn) have already pointed out that the claims of being hacked should be viewed with a liberal ointment of skepticism for any of the following reasons;
This is not a Good Idea. Why in the fuck do I have to pay the following taxes when I'm not copying music illegally? We go through assloads of CD-Rs to archive projcet photos and now we have to pay more "Because I said so." That's pure thuggery.
We're already getting jacked for $.21 for each CD-R we buy and they want that bumped to $.59, double that if it's a "CD-R Audio" disc. You want an MP3 player? Pony up $21 per GB of storage. Memory sticks/cards for your digital camera? Sure! Just hand over .8 cents per megabyte. How about a fancy new 256MB USB dongle for your keychain? Same rate for that, too.
Unfortunately they seem to think I have a lot of money left over so now they're petitioning for an Internet levy on ISPs. Again they take my money and I get ...nothing?
and they call us pirates?Face it. If I really wanted to live in a police state and be subjected to financial shakedowns on the whim of the local merchants I'm quite sure I could find a much warmer place to live than Canada
I'll bet we'll see an RSS aggregator integrated into Outlook or MSIE. If that happens, the barrier of entry will be significantly reduced. Of course that brings about the question of whether or not having MS in the RSS client game is a good thing, but I'll worry about that later..
(emphasis added)Oh I'm sure we'll all worry about that later. With the, erm, past problems with IE and Outlook Express as a vector it would make any RSS feed an even tastier target for exploits.
Why didn't she have to sign an NDA? Perhaps it's because she's just a SCO tounge wag
That's only if you install the shareware version.
The last line of "The Periodinc Table of Science Fiction - Helium" (Michael Swanwick) pretty much sums it up.
So is it really a first/last issue or is it a ploy to beg and plead for a saviour? PhysicsToday had a similar article about the demise of "The Sciences" which used to be a bi-monthly published by the New York Academy of Science. Instead of dowscaling to pulp and line-drawings they may be trying to hold it hostage so a wealthy benefactor can bail it out. Something about "money better spent elsewhere". Either way, I'll miss it.
Wrong again. "Slug" was the IP lawyer who represented "Glug" in the patent infringement case, claiming "Mammoth hunting begats Mammoth counting which is an integral process in the hunt. Mr Ugh's machine is a direct infringement of his prior art. We also beleive that Mr. Slug's process could enable the copying of Mr. Ugh's work, depriving him of hundereds of kills he could have legitimately claimed were it not for the illegal copies."
Although Ugh was a pioneer in his field, the unfortunate facts are; he still couldn't get laid and Glug wound up working for Slug who now owns the rights to the process and all slate products. Ugh was last seen promoting the value of "OpenSlate".
...and it's call theft. If Slashdot is using banner ads as a revenue stream and Gator's ads pre-epmt these then the person paying for the original banner ad loses. That's theft or fraud or something far more concrete than what happened here.
First off - a house is the wrong analogy. You have a reasonable expectation of privacy as you are not offering or promoting a good or service that invites the general public.
Second - the way I read the article, the system was not secured. A more apt analogy might read like this...
Well then it's either "Lucky You!" or "You're looking at the wring logs!"
45 Seconds to the first infection acording to a recent msnbc article. I'm getting one hit at least every two minutes. Although that may fix the CodeRedII back door, it won't remove any trojans that may or may not have been pushed to the offending rig during active infection.
...until the 2002 Q2 release of Microsoft's new JusticeXP rollout which will leverage the use of the new .COURT initiative. As yet there are no plans to announce compatibility with browsers other than IE9.0-SP7. Features of the new OutlookXP will include the new "AutoAppeal" button which builds a mailing list from your .COURT acounts to create a targeted campaign for your appeals process.
No word yet as to what the theme music will be but they will likely approach artists who already have a grudge against the Federal Government. There have been a significant number of Gnutella searches this week for "Willie Nelson"...
until CNN said it was so.
That would be great if people actually stopped to listen. Where I come from a protest is just another day in the news. The general public tunes them out and if they actually make the news it is due to some act of (not usually) civil disobedience.
Approach people in the street to educate them about your cause and they are immediately threatened. All day they are innundated by Junk mail, marketing people, bosses, subordinates, CNN, and anybody else who wants an opinion or time. The creative appraoch I had challenged for in the parent of this thread was not to write a 133t script or drop a power grid into black. I ranted and said "oh. another protest" and I still stand by that statement. Dont make it just another protest/march. I mean make people stop and think without getting in their way. I mean get their attention. You want suggestions? Well I went to the suggestion warehouse and here's a few on the house.
Considering that the main issues here are Freedom of Speech, copyright and Fair Use and Interoperability there are plenty of forums for educating people.
So go ahead and take the protest to the streets. Keep it clean. But most of all keep it interesting. I'll take my argument to where people will take their time to stop and hopefully think.
25 - 30 per hour here on 24.x.x.x and same on 216.x.x.x.x.
Mod parent UP! That made my DAY!
Ditto here on the left Coast of Canada using @home and xDSL. Looks as if the DSL provider got scared/trashed by the new requests as it was out for five hours, thirty minutes after my first log incident. Might it be taking a harder bite out of the patched Cisco equipment?
I also noticed a steady reduction of "NNNN" probes throughout the day - down to 1 - 2 per hour. Whether it kills, displaces or just overwhelms, it does reduce it.
The really scary thing is to consider how long CodeRed V2.0 would have gone unnoticed if the probes would have stuck with the "NNNN" series instead of the "XXXX" as the overflow fodder? It took me two cups of coffee this morning (well, ten-ish) to see that I was looking at a page of "X"s. Could it have gone relatively stealthy?
Should read: Several @Home users reported that everything was moving along normaly. Most of thier friends giggled and left the room.
Someone should copyright the "code red algorithm". No. Wait. That would make it more popular.
Changing the name to "Code Bob" or "Clippy" might slow things down a bit.Seeing a lot of "XXXX" and far fewer "NNNN" in the logs. This version appears to stay crunchier in milk than the first. Up to 25-30 per hour, from 10 this afternoon. The 24.x.x.x may be getting slammed, but I can see another that is just as bad.
Snipped from incidents dot org (emphasis added)Article also mentions that it appears the compromised servers are backdoored and rooted. Ouch.
The editorial accusations of crying wolf might look a little pale this evening...
While I'm sure that the protest will generate all kinds of warm and fuzzy feelings in the radical /. camps, I fail to see how they will get any attention other than "Hey, look at all the nerds." The bulk of the population still does not understand the issues involved and will just write the whole thing off as "another protest, but these ones dress funny." Marches, chants and signs? Most of the press doesn't 'get it' and will only cover it if
- someone does something icredibly stupid (therefore newsworthy), or
- someone can actually get the point across that the DMCA is a horrible piece of legislation.
But c'mon - a protest? I would have expected something a little more creative from theAs far as the general population is concerned, the case involves a "Russian hacker". That's all they need to know and they will tune in to the new and improved CNN for the sentencing details and patiently await the feature-length movie or game-show style punishment.
..and the home edition is the one that will be employed by the clueless/careless.