In your bio, it is clearly indicated that you work at WorldCom. As an insider, though, it seems likely you might have a little more info about the whole deal than what the big media conglomerates tell us. What is your opinion of the company, and/or could you shed a little more light on the big scandal involved?
IIRC, EMACS can be run as its own OS as well. Granted, it's not done much, but it is possible.
And, there's a great OS called Oberon (yeah, there's a programming language of the same name--from the same people too) but this beast required a special, rather expensive and obscure card. On an 8-bit card for an 8086 or 80286 came an array of anywhere from 4 to 8 processors. It was one of the first true multitasking OSes available--well before PC hardware really supported it.
Personally, I was proud when I had 8 OSes installed in rather small partitions on my 1.2GB drive. (Hey, 1.2GB was "big" back around '95 or so....:) I used a third-party bootloader called "BootIt". It had the ability to create up to 10 partitions of different types, didn't have any problems getting around that 1024cyl barrier, and was capable of booting any OS I threw at it--even the MS products were able to boot from logical partitions, even well past the 1024th cylinder!
From a technical standpoint, when I read "37 OSes, 1 PC", I thought "Yeah, how many partitions, and what bootloader?" After all, there's a bit of a fixed limit of only 4 partitions in a partition table.... But BootIt got around that by storing the actual partition info in its own partition, and wiping out the partition info in the table, rewriting it just before booting the relevent OS (and unhiding the related logical/extended partitions as well.)
Theoretically, with a nice 20GB drive, I could have pulled the same stunt with BootIt--it was also capable of booting itself.
From the article:
If you count my 18 DOS window managers, I have a total of 57 operating systems on my PC.
Well, if you count QuarterDeck's DesqView, you can throw in a whole new mix of multiple versions of DOS, Win 2.x, and Win 3.x--and you can even use it like I do--I put DesqView on a spare box an ran a Win3.1 version of IE 5 on it. I found it to be a great way to get IE "running" on linux. (I have a friend who said he wouldn't switch unless he could keep his Internet Explorer. Boy, converting Windows zealots can be kinda rough!:) Okay, and it felt a little satisfying--like a slap in the face of the great, evil Empire of Microsoft. Make the two platforms interoperate, somehow, even when they go out of their way to prevent it. It's one of my favorite--and frustrating--challenges.
And, coming back to the article again, you can count these new permutations separately:
DesqView
DesqView+Dos3+Dos4 (setver.exe didn't come with DOS until 5.0)
DesqView+Dos5+Win3.1+WinS extensions
Oh, and if this guy really wanted to get his hands dirty, he could start rolling out his own OS; that has been a bit of a hobby for some of us underchallenged college students.:)
And finally, one more note--I haven't seen the obligatory V2OS reference on here yet... As of around V0.89, it can be installed to a hard disk.:)
I hate to sound like a troll, but I read "Build your own [homebrew] subwoofer."
This is clearly not the case, as it appears some guy just built a tube for it and took pictures. Big deal; what highschooler hasn't built a sub box or eight?
I was honestly expecting talk of how to wrap the coils for the electromagnet, calculating impedence, how to determine signal sensitivity, locating a sufficiently strong permanent magnet, and preferred choices of cones. Finally, I expected charts of how this sub stacked up against aftermarket subs, in terms of frequency response.
But what is there?
I got the terminal cup and driver from AdireAudio. I used the Shiva II driver and the terminal cup is the 4 post kind that comes with straps for summing the leads if you aren't using an old DPL receiver to power it like I am.
Low and behold, the guy bought the speaker! Build Your Own Subwoofer? I think not.
Many schools have already bought the FCC licenses. So if you get the school's OK you might be able to co-operate with them, operating under their license. You may also be able to use much of their hardware, since many of today's transmitters, repeaters, and broadcast towers can transmit multiple simultaneous signals.
That said, you can also reduce the number of royalties you must pay by getting in touch with a company called Clear Channel--they dictate what is played on most US radio stations.
Further, your little Mandrake box can do it, using shoutcast, an icecast-server, and a microphone, but that would give you an "Internet radio station" as many of the shoutcast servers you can listen to with winamp or Windows Media Player are called.
Finally, a local station I listen to was discovered to be transmitting a syndicated Internet radio stream--you can hear a bit of "tinniness" to the audio when doing this (because many stations use a very low bitrate to accomodate dialup users) but it seemed to work rather well for them. That would be a way to allow people to listen when you're not manning the studio...
Well, Microsoft did have a good idea or two. They have implemented digital signatures and certificates even in the PE (Portable Executable) loader, and so Windows can verify if a binary has been modified. (Admittedly, it's not used much, but it is supported....) Anyway, these certificates are signatures have built-in expiration dates, which can be quite useful for this challenge.
Add a little strong encryption and non-repudiation, and we have a decent solution here. See, given the cluster of metadata servers hold only templates, we can all get "smart cards" (like Sun makes) that hold our personal information. Part of the authentication process to use a computer would be to insert said smart card.
Now, when the data is sent (and that could happen only upon the user's request and entering of a single password/phrase), it is given a very short expiration time (say, 5 minutes or so), and encapsulated in a digitally-signed certificate. Finally the cert is sent through an encrypted channel, to prevent eavesdropping. Any/all personal information is stored on the smart card, and even encrypted on the card, such that malicious users cannot attempt to read the card and capture the unsecured and non-expiring personal information.
Of course, even this will prove to have some holes in it that I haven't considered, but it seems like a step in the right direction.
I hate to sound like I don't think this is news... But it's not. CNN just decided to let the rest of you in on something that the FTC has been doing for a long time. For example, even I mentioned it in one of my previous messages. And that comment was from a post called Spamming Gets Expensive in Utah and Ohio, which happened a little over a month ago. I've been emailing uce@ftc.gov messages for about 6 months now.
As for what they are going to do with it--us not-so-paranoid people would expect them to use it to generate a "paper trail", a collection of evidence, for the location, apprehension, and prosecution of said spammer. We who are paranoid may worry about the government taking a sudden interest in us when they discover we exist, but I would tend to think that argument is well worn and a little unfounded anyway.
Nevertheless, it's always nice to see it happen when the public gets a startling revelation of what they really have at their disposal--lots of people simply don't know, and since they don't know, they can't very well take proper advantage of the tools afforded them as US citizens.
Now, if you go look at Spam Laws you'll see the US has been considering a few federal bills, but haven't gotten anywhere yet. But a lot of states do have laws in effect--whether these have had stood up in court is another question...
Well... I did something to these ends myself. I can't say I'm proud of my actions, but it did cause a little stir...
I run a linux box that holds the website for a local indie band myself. We started with a webserver on windows, and I moved them to linux. Then we added soundbites on the website, gave them {member's first name}@{their band.com} email addresses, and set up a realplayer 8 server. (Real did release the linux server for free--but it didn't stay up long.)
Then we put a few select mp3s of their music on the server, and with icecast and shout, we ran a shoutcast server. Shout supports some random looping and continuous play, so we could cause it to seem like it was a pseudo-live internet radio station.
Then we got a little nefarious. We configured the icecast server to announce back to shoutcast.com, and with a couple minor tweaks to the source, we fraudulently announced ourselves as a server capable of 2500 listeners with (random num +1600) listening, and then announced to each genre.
And the listeners did come. Watching the connection logs, I got over 400 listeners in a 2-week spread, some from as far away as.hu (we're in Iowa.) We also got a nasty letter from the Nullsoft people along the lines of cease-and-desist or we'll see you in court, so I shut it down and put an old, unmodified server back up. Number of listeners did drop off, but we did get some loyal fans in the process.
But I'm not proud of what I did--in the strictest sense, it was morally, ethically, and legally wrong. But in the marketing sense, it was great because it cost only the money we were already spending for electricity and internet access. So, our marketing budget was $0, but we still made an impact. As for me--well, I was under orders from the boss to get creative. When I dreamed it up, he demanded to see it work.:)
Oh, come on. Way back in 1978 Popular Science Magazine covered stuff like this. Their solution then required plugging in infrared receivers (that were simple switches) in between the lamp and the wall. You plug the lamp into the receiver, plug the receiver into the wall, and turn the lamp on. Point the remote at a specific receiver and push a button, and the light can be turned on or off via remote. Similar receivers were designed to be mounted in the light switch for overhead lights. The beauty of this was that we had all the receivers keyed to the same remote, but the directional signal from the infrared remote prevented you from starting more than one or two things at once.
Now, this problem saw a fair solution back a few years ago with a real "learning" remote that came with an LCD touch panel. I don't recall the exact name, but you taught it by pushing a "train" button and pushing a specific spot on the lcd. Then you took your factory-provided remote and pushed the corresponding button on that remote. The learning remote read the signal and could then output the same signal to control your infrared wireless device. No flipping through a remote manual and entering codes from a chart, trying to find a combination that works with your TV/VCR/stereo.
Now, blenders become a real problem. Sure, you could turn it on or off remotely. But controlling speeds or providing safety (what if your child stuffed his/her hand in there when you turned it on?) would be a big issue. These things don't come with remote controls--I'd tend to think it'd be better for safety reasons to leave some of these manually controlled.
Toilets have another problem altogether. If you look at your toilet, there's no wires going into it (unless you live in an apartment and the owner put an electric heater in it to keep it from freezing). There's no remote sensor of any kind. Don't give up hope, though--all you need is a small, waterproof motor that can pull up that plug in the bottom of the tank. If a motor can be easily obtained, one could fashion a bracket to hang it over the back of the tank, and a clip to attach it to the chain already attached to the plug. But why give this a remote control? It seems a better idea to me to install a photoelectric sensor to determine that someone was using it, and simply flush it as he/she walks away. Such devices have already been developed; when I was in college they had these on the urinals in the men's room. It strikes me that one could do something similar with a toilet without much difficulty.
So, perhaps the first question should be, "Do I really need to control this via remote?"
A certain midwest university still uses VMS for the primary mailserver and public access dialup internet service. I happen to have been a student there for a few years, and the systems have been reliably serving up mail and such to approximately 13,000 students and professors for nearly a decade. Now, having grown up on MS-DOS, the DCL prompt was somewhat second nature for some trivial operations.
However, I soon discovered that one of the nicest features of VMS that we had on those systems was also one of the most dangerous for my account. The system appeared to have some form of revision control. Anytime you saved a file, a ";1" was attached if you had no existing file by that name. Otherwise the next-lowest number was appended to ensure a unique filename. This was good in that you never corrupted a file or overwrote it accidentally (and if you save your files often, if one is corrupted you can back up to the next most recent version) but with a pithy 1.5MB disk quota, it meant that you had to frequently clean out old files. And unpriviledged user backups were nontrivial tasks, because ftp was disabled, and you were limited to using Kermit for file transfers on a 9600 baud line.
Nevertheless, VMS had a good number of benefits to it--and to this day it seems to handle the immense load of our users quite well.
But I should make a point here--don't go calling VMS secure. It can be cracked. Any OS can. The simple fact that it's not used much nowadays may very well be the reason we don't hear much in the way of exploits and cracks for these machines. And further, if the VMS cracking docs you're reading are not modern (within the last 2 years, even for VMS) they are certainly not current--and there are people out there who do, can, and will exploit this OS. Sure, it's not so easy as downloading some program and running it, but it's clearly quite possible. It just might take a bit more effort.
At my university, we installed a computer-controlled train lab. It was the first semester of the course, so we students were put in groups of three "in order to be more effective software pioneers." My group was unfortunate in that one student dropped the class, so we were shorthanded. Then another student decided to focus on his senior project. So from a group of three, I became the only student in my group writing code. I was the only student in the class with experience with electronics and device drivers, and several years experience with linux. So I got to be the volunteer sysadmin in addition to course assignments, and additional code that would be provided to the other students in the class; it was assumed that they would not be capable of writing device drivers, and these were outside the scope of the course anyway.
Long story short, at least 5 nights per week were tied up in that computer lab (the other 2 nights were long nights at a part-time job), keeping the machines going, performing backups, fixing windows and linux interoperability problems, and coding the drivers that were passed out free to the rest of the class. Since we were given keys to the lab, I came in any free moment I had, and worked until I passed out and fell out of my chair, only to be found unconscious by the professor the following morning. Then I'd get up and go at it again.
I got sick frequently, but came in anyway. I was in the only group that didn't have a working program to control up to 3 trains running the tracks simultaneously, and my code was errorprone and buggy. The other teams actually had to code failsafes for contingencies when my device drivers actually failed. My attitude changed that semester, much for the worse. When repeatedly accused of being severely sleep-deprived, I responded with "Sleep is for the weak! It's an addiction! The addiction should be broken!" But even the professor, for whom I was putting in so much effort, accosted me of pushing too hard, and getting nothing done. I was then enlightened of the cliche "diminishing returns"--you can keep putting effort in, but without proper rest, you'll get less and less back out. On the other hand, this rather lengthy post (and its likely incoherent babblings) comes from the bleary-eyed eyes of someone working on a goofy kludge of socket programming in C to interface to Java applets. Thing is, I have no control of how many users can connect, so I must assume that there can be thousands of simultaneous connections.
Oh how I long for the days of sysadminning--I got more sleep as a sysadmin than I do as a programmer!
It's remarkable that a graphics card with a video input and video recorder software can record TV-quality images to the PC HD in real-time, yet the same card can't even record it's own renderings at 1/10th this speed.
Hmm. Way back in the early 80s we had a nifty device known as a "genlock" that converted PC video card output back to NTSC-compliant signals for viewing on a standard TV. These have gotten much better, and I've seen projectors that can handle 1200x1600 or better in true color. I'm just surprised that enthusiasts haven't devised some sort of "loopback" device utilizing one of these. It could theoretically get the data back to the CPU, but it wouldn't help in the way of increasing performance if in fact it is the problem of bad drivers, as the article suggests...
Of course, I suspect it's not entirely the fault of the drivers; more than likely, there would have to be some near-redundant circuitry to help prevent lagging on the video card.
I've found that if you decided to start a business in troubleshooting computers instead of software consulting, and charged a nominal fee for your services (I highly recommend the concept of a fee cap if service takes more than n hours) you can still make a good bit of scratch, working out of a garage.
Computers are everywhere these days, and we don't seem to run out of people who have problems with them. In many cases, simply having a policy that says that the owner must provide the software on original media can keep you out of any legal trouble, and in many cases, "fixing computer problems" can be reduced to simple software reinstallations.
Or you could perform hardware upgrades--many computer users won't remove the cover and install a part themselves. There's almost always money to be made here, because computers keep getting faster and better, and people simply aren't comfortable upgrading on their own.
These alternate courses are feasible, will turn profits fairly quickly and don't really require much in the way of education/certifications, and can be done even with a staff of one. Really, the biggest part of such a business is advertising.
If the RIAA wins this, they have a legal precedent for blocking whatever the hell they want to under the guise of copyright infringement.
Uh-oh. Precedents aren't "owned" by the winner. So in our country, that means that anyone else can use it. Microsoft could use their lawyers pull a similar stunt against kernel.org, on the grounds of the historic writable NTFS issue.
Or, we could see this used as a means for attack for patent infrigement. The ISPs will be running scared, afraid of being sued, and will start getting block-happy about things.
Loho will send out threatening letters, resulting in Davezilla being blocked. Forgent Networks could do some serious blacklisting of any site that hosted jpeg-editing software
The possibilities are endless for such a vague precedent. This could be quite the witchhunt-inspiring precedent.
Sun was originally (and, primarily, still is) a hardware company. Heck, they make mighty fine enterprise-grade servers. But their systems are as overpriced as the average baseball player's salary, compared to the price of a typical 2GHz PC running linux. So they can't compete in price. Sun makes some pretty sweet servers. Oh, but look--IBM makes some great servers now too, and their machines have more bang for the buck. So Sun is being driven out of the server market, largely by IBM.
Sun also made high-end workstations. There was a nice market for the workstations up until just a few short years ago, but now the performance of the desktop PC is blurring the distinction between "workstation" and "personal computer". With the immensely lower cost of purchase for a PC, Sun is simply priced right out of the market by names like Gateway, Dell, HP, and Compaq.
So they've been insisting upon trying to reinvent themselves as a software company--at least on the surface. Solaris has been around a while, developing name recognition after being quietly renamed from the not-so-nice-sounding SunOS. And, some things in Solaris are done a little better than in linux. A few previous versions of SunOS ran on PCs, attracting more users to their platform, without requiring the heavy price of Sun's special servers to run it.
A college professor of mine said it: "The writing is on the wall for Sun. Their days are numbered." As a believer in Sun's products (their systems did seem nicer than comparable PCs of yesteryear) I cringed to hear him say that. But alas, it may not be all that far from true. Sun reported losses last quarter, and their stock is now trading at less than $4 per share. The likelihood of their filing for Chapter 11 Bankruptcy protection in the next 12 months seems quite high.
Sun claimed it would release Solaris 9 before, but then realized it could pull a bait-and-switch, in effect demanding that their servers (Cadillac in performance, Rolls Royce in price) be purchased for the latest version of their operating system. This maneuver backfired on them, as people responded by moving from Solaris to Linux because of the difference in licensing costs--a significant factor in business, particularly during this US recession.
Once a solid company with a strong name and reputation and a definite foothold in the market, Sun is being pushed out. Pushed out from above by IBM, from below by desktop makers Dell, HP, Compaq, and Gateway, and pushed out of the software market by linux.
The promise to release Solaris 9 can be seen as an attempt to re-attract old customers who may have already upgraded and moved on to linux. It's becoming obvious, IMHO, that Sun is desperate and looking for quick fixes to keep them afloat, to prevent them from joining the growing list of names: Enron, Arthur Anderson, WorldCom, US Airways. Will Sun be next? I can't say for sure. Others might fall first, but it seems fair to expect some definite problems with Sun.
Even a worm that's only about 1 inch in diameter (like my little finger) that's 5 to 7 feet long would still add up to some serious size. Imagine, for example, if it were coiled up like a snake. That would sill be rather large...
Since in the above thread we were discussing having one of these internally--that strikes me as rather painful.
Re:Oh damn...
on
Gone Fission
·
· Score: 2, Interesting
Intestinal worms make the best of friends...
Call me a skeptic, but I don't personally think you'd want a 5-foot-long worm crawling around inside of you.
Out here in the country, we seem to have lots of crickets. My cat has found a new favorite hobby--it plays with a cricket for a little while, and then eats it. This normally wouldn't be a big deal, except that when a cricket dies, it lets out a long string of eggs the writhe around like a worm. My cat sat there and gagged for about 10 minutes because it had a string of cricket eggs coming up its throat and out through its nose.
Now, if by "intestinal worms" you just mean the ones that seem to just consume everything you do, and you never gain weight--well, I'm surprised that wasn't in that last US bill about weight control in children.
The article only said 5-7 feet long; I wonder how big around these bad boys get. For some reason, that description called to mind a boa constrictor for me...
Hmm. I'd give my left nut, sure. I smashed it in a motorcycle accident when I was 14. Hell, since the doctors say I'm sterile, I'd give my right one too. They really don't seem to help or hinder much anyway.:/
Me, I've been job-hunting everywhere within a 50 mile radius of my home for the last 4 months. I haven't found anything, in any profession, until just last week. And that was burger-flipping. Now the real insult is that I also got a phone call from a company that wants me as a sysadmin. The business doesn't know me at all, but I have a friend who works there and is pulling for me--I've been sysadminning his boxen for free for the last 5 years, and never left him hanging on something. Even his user requests were fulfilled in under a week. He knows he's been treated like a king, and he doesn't want to lose such excellent service! But the problem is, after 4 months I have barely a dime to my name and would have to put insurance back on my car and move 150 miles to take the job. And I don't have a place to live when I get there. Worst part is, with the economy the way it's been, the university cut financial aid across the board, suspending mine. So while this time of year I'd normally be packing up to go back to school, I'm now forced to take at least a year off because I can't afford to take more classes.
So I'm gonna go flip burgers and make tacos for a while. Hell, it's a job, it might just put a few pennies back in my pocket. If the sysadmin job is still there and they're hiring after I've racked up about $800-$1000 flipping burgers, then I'll move and settle in on something more towards my interests. If not--well, I'll still probably move. I had a kickass job in a grocery store there for a couple years. Okay, the pay stunk. But there always seems to be a really cute gal or two in a grocery store...:)
I believe the point here is not that this one article is a duplicate, but that this is a growing trend on our beloved Slashdot. A brief look at the articles today:
3 in one day does seem a bit extreme, at least to my way of thinking.
Perhaps the concept proposed by a previous poster (to help catch "duplicate" stories) might be a good idea.
Perhaps I am mistaken, but as I recall,/. is heavily based in SQL. Thus it could be fairly trivial to check something such as this, presuming that the articles' links are entered into the SQL database.
This, of course, shows the beauty of Open Source, though:
I am a programmer.
I have an itch.
I'm going to scratch it.
Slash is freely available. I think it would be nice, in the true spirit of Open Source, to simply develop a link search and submit a patch. In fact, since I just spent all this time complaining and finding the links, I just downloaded it. I'll commence work on a patch immediately.
Well... It's been experimented on rats before, that if you give a mouse a button to push to stimulate its pleasure center in its brain, it'll literally kill itself by pushing that button until it drives itself to exhaustion, and it'll lose interest in everything else (food, water, etc.) It's been speculated that the same would happen to human beings.
After reading that article (which sounds quite similar in nature to the opening of the book "The Terminal Man" by Michael Chrichton), I think it might be plausible to say that the same thing could be implemented in humans, but...
The problem with controlling a human the same way is that a human, with the power of reasoning, will eventually come to the conclusion that there is something going on here--something or someone with an agenda trying to control it. And a human would likely then end up resisting--unless there were a pain center with an electrode implanted in it as well, for correction.
Herein lies a Catch-22. Given a particularly strong-willed person with both pleasure and pain electrodes, after a while the person, beginning to resist, will quit being subjected to pleasurable stimulation and instead be frequently punished. This will tear away at the psyche of the subject in such a fashion as to eventually drive him/her to schizophrenia, insanity, or suicide.
Of course, all this is quite barbaric and all. But this is what the psychiatric community tends to teach...
Nevertheless, it would be great to have an electrode stuck into a pleasure center in my brain, with an easily-accessible pushbutton--surely I could handle it, right?
Well, no, I suppose not. But the point was, it demonstrated that I had determined the exact match if it confirmed that one of them was the match, and the others were fictitious addresses.
Therefore, as far as the site was concerned, she was the match.
On the other hand, certain other sites estimate our compatibility at well under 40%. Nevertheless, the sex is good, as 2.5 years together might suggest...;p
Spam? What spam? I have my hotmail account set to exclusive. I entered the 2 email addresses I expect mail from (the same ones in my Messenger client; I supposedly needed the hotmail account to register for messenger.)
I don't figure I've submitted any extra information to Microsoft than I have to. And since I log in on Messenger every now and again, the hotmail account gets checked and stays open.
Almost all spam just goes straight to the trash--I get mail there only from the people on my messenger contact list. Well, that and direct from Microsoft--they do have one thing that keeps sending me notices to pay for more disk space. But since I only use about 5k of space, I don't figure I need 10MB. So in the end, I only get about 3 spams a month that I know about. Yeah, that spam is from Microsoft directly, so maybe that spam is Hotmail's fault. But the rest of it--the spam you see and I don't--I wouldn't consider to be the fault of Hotmail.
I was fortunate enough so far in my 23 years to have filtered away from my usual existance most of the people who would pilfer my email for such frivolous purposes.
So when my address was spammed by SomeoneLikesYou, I got on the phone. Sure enough, the one person who actually did it was my not-so-security-minded girlfriend.
So when I hit the site, I entered only one email address--hers. The site didn't like that, and since it doesn't like bounces either, I just started registering aliases on my linux box. So we had a@mybox.net, b@mybox.net, c@mybox.net, and d@mybox.net.
And, sure enough, when it finally accepted that, it said I had a match! (I also had some 4 more emails popping up in my inbox....)
Since the site demanded that I pay up-front or sign up for affiliate info, I went on my merry way, happy to know I hadn't offended anyone else.
About a month later, though, I got this email "Are you sure this loser Sara is right for you?" which told me to come back and visit the site again, threatening to remove my information and promising not to spam me again. I received a second mesage, again titled "Are you sure this loser Sara is right for you?", before I created a new procmail rule.
I figured I was lucky, I got everything I wanted to know without it costing me anything but the time. I doubt many others were so lucky.
Re:Someone discovered Windows is insecure.
on
Shattering Windows
·
· Score: 1
Yep. I missed the tag. When doing the preview, I was more interested in making that tag look right than proofreading that particular bulleted item.
As for the file tag, if it's a standard, okay... Well, a little experimenting shows that Netscape Communicator renders it okay, but it doesn't appear to function.
But my point was meant thusly:
Thousands of machines on the 'net are running IIS and the owners/operators are not aware of it because it was installed by default. The same goes for PWS (the Personal Web Server) on win9x. Now, suppose that we have a form on said Windows box, placed by the default installation or some cracker. And websurfers find the box, either by a link on the page by the original cracker, or by a search engine hit. Finally the surfing user submits a file that is infected.
Sounds contrived, I know, but where there's a will... Look at it this way:
John Q. Cracker gets a two-week notice of his termination. He noted long ago that PWS is installed on his win98 workstation, but it had never been used. So he simply drops a registry key in and points it to some directory publicly accessible via the webserver. He also puts in a short, simple form with a file tag, and a dummy executable to prevent an error on startup. In so doing, he has effectively created a backdoor for himself.
Now, when he's gone home and gone on to another job, he can then upload some program or other (say, a windows telnet server, or packet sniffer) via the form, and waits. Once that windows box is rebooted, he has access to his old box at his former workplace. With no logging functionality, the Windows box can't reliably indicate that he did this or when, and certainly can't provide proof that John was the one who did it. Thus he now has access to the network of the old workplace, to launch attacks, to retrieve information, for corporate espionage, etc. And the only recourse the former employ has is to reinstall windows on the machine--if they ever find out it was compromised.
This could be prevented if the WinXX OSes had specific file permissions to prevent execution, but I'm quite certain that win9x does not, and I'm fairly confident that NT,2k,XP don't either. (Well, technically files marked "System" can't be executed trivially, but this is an antiquated kludge and isn't used for much of anything these days--and since "system" files appear to be hidden from the casual user, it wouldn't be particularly useful for a webserver to set the system attribute on a file to prevent its execution.)
So it's not really the point that the foolhardy would do it and others would not. It's more the point that *it can be done*, and with minimal effort; that should be prevented. Disabling the "file" tag would be a possible barrier to prevent it.
As long as we have Windows machines running webservers, we have no line of defense against this simple intrusion example...Unless the next version of windows supports a filesystem with ownership and permissions at least as comprehensive as the average unix-based OS. NT on ext2 would be a step up--in security, if not performance. (Heck, then they could get rid of the disk defragmenter too! Consider the millions of users who've never discovered or used the defragmenter...)
And on a more personal note.... I've nearly been thrown out of my university on numerous occasions because I happened to use some tool or other in a fashion other than it was intended, and demonstrated an exploit. The sysadmins reported me repeatedly and I've gone through expulsion hearings, even though I reported my findings to the admins. I was, at the time, of the opinion that they should thank me for pointing out a problem. They saw me as a threat that should be closely monitored to gather evidence, and then eliminated. So you see, prevention is an ideal we strive for....
Slashdot Mirror
In your bio, it is clearly indicated that you work at WorldCom. As an insider, though, it seems likely you might have a little more info about the whole deal than what the big media conglomerates tell us. What is your opinion of the company, and/or could you shed a little more light on the big scandal involved?
And, there's a great OS called Oberon (yeah, there's a programming language of the same name--from the same people too) but this beast required a special, rather expensive and obscure card. On an 8-bit card for an 8086 or 80286 came an array of anywhere from 4 to 8 processors. It was one of the first true multitasking OSes available--well before PC hardware really supported it.
Personally, I was proud when I had 8 OSes installed in rather small partitions on my 1.2GB drive. (Hey, 1.2GB was "big" back around '95 or so.... :)
I used a third-party bootloader called "BootIt". It had the ability to create up to 10 partitions of different types, didn't have any problems getting around that 1024cyl barrier, and was capable of booting any OS I threw at it--even the MS products were able to boot from logical partitions, even well past the 1024th cylinder!
From a technical standpoint, when I read "37 OSes, 1 PC", I thought "Yeah, how many partitions, and what bootloader?" After all, there's a bit of a fixed limit of only 4 partitions in a partition table.... But BootIt got around that by storing the actual partition info in its own partition, and wiping out the partition info in the table, rewriting it just before booting the relevent OS (and unhiding the related logical/extended partitions as well.)
Theoretically, with a nice 20GB drive, I could have pulled the same stunt with BootIt--it was also capable of booting itself.
From the article:
Well, if you count QuarterDeck's DesqView, you can throw in a whole new mix of multiple versions of DOS, Win 2.x, and Win 3.x--and you can even use it like I do--I put DesqView on a spare box an ran a Win3.1 version of IE 5 on it. I found it to be a great way to get IE "running" on linux. (I have a friend who said he wouldn't switch unless he could keep his Internet Explorer. Boy, converting Windows zealots can be kinda rough!Okay, and it felt a little satisfying--like a slap in the face of the great, evil Empire of Microsoft. Make the two platforms interoperate, somehow, even when they go out of their way to prevent it. It's one of my favorite--and frustrating--challenges.
And, coming back to the article again, you can count these new permutations separately:
Oh, and if this guy really wanted to get his hands dirty, he could start rolling out his own OS; that has been a bit of a hobby for some of us underchallenged college students. :)
And finally, one more note--I haven't seen the obligatory V2OS reference on here yet... As of around V0.89, it can be installed to a hard disk. :)
This is clearly not the case, as it appears some guy just built a tube for it and took pictures.
Big deal; what highschooler hasn't built a sub box or eight?
I was honestly expecting talk of how to wrap the coils for the electromagnet, calculating impedence, how to determine signal sensitivity, locating a sufficiently strong permanent magnet, and preferred choices of cones. Finally, I expected charts of how this sub stacked up against aftermarket subs, in terms of frequency response.
But what is there?
Low and behold, the guy bought the speaker! Build Your Own Subwoofer? I think not.
That said, you can also reduce the number of royalties you must pay by getting in touch with a company called Clear Channel--they dictate what is played on most US radio stations.
Further, your little Mandrake box can do it, using shoutcast, an icecast-server, and a microphone, but that would give you an "Internet radio station" as many of the shoutcast servers you can listen to with winamp or Windows Media Player are called.
Finally, a local station I listen to was discovered to be transmitting a syndicated Internet radio stream--you can hear a bit of "tinniness" to the audio when doing this (because many stations use a very low bitrate to accomodate dialup users) but it seemed to work rather well for them. That would be a way to allow people to listen when you're not manning the studio...
HTH. HAND.
Add a little strong encryption and non-repudiation, and we have a decent solution here. See, given the cluster of metadata servers hold only templates, we can all get "smart cards" (like Sun makes) that hold our personal information. Part of the authentication process to use a computer would be to insert said smart card.
Now, when the data is sent (and that could happen only upon the user's request and entering of a single password/phrase), it is given a very short expiration time (say, 5 minutes or so), and encapsulated in a digitally-signed certificate. Finally the cert is sent through an encrypted channel, to prevent eavesdropping. Any/all personal information is stored on the smart card, and even encrypted on the card, such that malicious users cannot attempt to read the card and capture the unsecured and non-expiring personal information.
Of course, even this will prove to have some holes in it that I haven't considered, but it seems like a step in the right direction.
As for what they are going to do with it--us not-so-paranoid people would expect them to use it to generate a "paper trail", a collection of evidence, for the location, apprehension, and prosecution of said spammer. We who are paranoid may worry about the government taking a sudden interest in us when they discover we exist, but I would tend to think that argument is well worn and a little unfounded anyway.
Nevertheless, it's always nice to see it happen when the public gets a startling revelation of what they really have at their disposal--lots of people simply don't know, and since they don't know, they can't very well take proper advantage of the tools afforded them as US citizens.
Now, if you go look at Spam Laws you'll see the US has been considering a few federal bills, but haven't gotten anywhere yet. But a lot of states do have laws in effect--whether these have had stood up in court is another question...
I run a linux box that holds the website for a local indie band myself. We started with a webserver on windows, and I moved them to linux. Then we added soundbites on the website, gave them {member's first name}@{their band.com} email addresses, and set up a realplayer 8 server. (Real did release the linux server for free--but it didn't stay up long.)
Then we put a few select mp3s of their music on the server, and with icecast and shout, we ran a shoutcast server. Shout supports some random looping and continuous play, so we could cause it to seem like it was a pseudo-live internet radio station.
Then we got a little nefarious. We configured the icecast server to announce back to shoutcast.com, and with a couple minor tweaks to the source, we fraudulently announced ourselves as a server capable of 2500 listeners with (random num +1600) listening, and then announced to each genre.
And the listeners did come. Watching the connection logs, I got over 400 listeners in a 2-week spread, some from as far away as .hu (we're in Iowa.)
We also got a nasty letter from the Nullsoft people along the lines of cease-and-desist or we'll see you in court, so I shut it down and put an old, unmodified server back up. Number of listeners did drop off, but we did get some loyal fans in the process.
But I'm not proud of what I did--in the strictest sense, it was morally, ethically, and legally wrong. But in the marketing sense, it was great because it cost only the money we were already spending for electricity and internet access. So, our marketing budget was $0, but we still made an impact. As for me--well, I was under orders from the boss to get creative. When I dreamed it up, he demanded to see it work. :)
Hmm. That announcement also tells the AC posting is disabled. So where are the trolls coming from? Who are they? Huh? :)
Now, this problem saw a fair solution back a few years ago with a real "learning" remote that came with an LCD touch panel. I don't recall the exact name, but you taught it by pushing a "train" button and pushing a specific spot on the lcd. Then you took your factory-provided remote and pushed the corresponding button on that remote. The learning remote read the signal and could then output the same signal to control your infrared wireless device. No flipping through a remote manual and entering codes from a chart, trying to find a combination that works with your TV/VCR/stereo.
Now, blenders become a real problem. Sure, you could turn it on or off remotely. But controlling speeds or providing safety (what if your child stuffed his/her hand in there when you turned it on?) would be a big issue. These things don't come with remote controls--I'd tend to think it'd be better for safety reasons to leave some of these manually controlled.
Toilets have another problem altogether. If you look at your toilet, there's no wires going into it (unless you live in an apartment and the owner put an electric heater in it to keep it from freezing). There's no remote sensor of any kind.
Don't give up hope, though--all you need is a small, waterproof motor that can pull up that plug in the bottom of the tank. If a motor can be easily obtained, one could fashion a bracket to hang it over the back of the tank, and a clip to attach it to the chain already attached to the plug. But why give this a remote control? It seems a better idea to me to install a photoelectric sensor to determine that someone was using it, and simply flush it as he/she walks away. Such devices have already been developed; when I was in college they had these on the urinals in the men's room. It strikes me that one could do something similar with a toilet without much difficulty.
So, perhaps the first question should be, "Do I really need to control this via remote?"
Now, having grown up on MS-DOS, the DCL prompt was somewhat second nature for some trivial operations.
However, I soon discovered that one of the nicest features of VMS that we had on those systems was also one of the most dangerous for my account. The system appeared to have some form of revision control. Anytime you saved a file, a ";1" was attached if you had no existing file by that name. Otherwise the next-lowest number was appended to ensure a unique filename. This was good in that you never corrupted a file or overwrote it accidentally (and if you save your files often, if one is corrupted you can back up to the next most recent version) but with a pithy 1.5MB disk quota, it meant that you had to frequently clean out old files. And unpriviledged user backups were nontrivial tasks, because ftp was disabled, and you were limited to using Kermit for file transfers on a 9600 baud line.
Nevertheless, VMS had a good number of benefits to it--and to this day it seems to handle the immense load of our users quite well.
But I should make a point here--don't go calling VMS secure. It can be cracked. Any OS can. The simple fact that it's not used much nowadays may very well be the reason we don't hear much in the way of exploits and cracks for these machines. And further, if the VMS cracking docs you're reading are not modern (within the last 2 years, even for VMS) they are certainly not current--and there are people out there who do, can, and will exploit this OS. Sure, it's not so easy as downloading some program and running it, but it's clearly quite possible. It just might take a bit more effort.
At my university, we installed a computer-controlled train lab. It was the first semester of the course, so we students were put in groups of three "in order to be more effective software pioneers." My group was unfortunate in that one student dropped the class, so we were shorthanded. Then another student decided to focus on his senior project. So from a group of three, I became the only student in my group writing code.
I was the only student in the class with experience with electronics and device drivers, and several years experience with linux. So I got to be the volunteer sysadmin in addition to course assignments, and additional code that would be provided to the other students in the class; it was assumed that they would not be capable of writing device drivers, and these were outside the scope of the course anyway.
Long story short, at least 5 nights per week were tied up in that computer lab (the other 2 nights were long nights at a part-time job), keeping the machines going, performing backups, fixing windows and linux interoperability problems, and coding the drivers that were passed out free to the rest of the class. Since we were given keys to the lab, I came in any free moment I had, and worked until I passed out and fell out of my chair, only to be found unconscious by the professor the following morning. Then I'd get up and go at it again.
I got sick frequently, but came in anyway. I was in the only group that didn't have a working program to control up to 3 trains running the tracks simultaneously, and my code was errorprone and buggy. The other teams actually had to code failsafes for contingencies when my device drivers actually failed.
My attitude changed that semester, much for the worse. When repeatedly accused of being severely sleep-deprived, I responded with "Sleep is for the weak! It's an addiction! The addiction should be broken!"
But even the professor, for whom I was putting in so much effort, accosted me of pushing too hard, and getting nothing done. I was then enlightened of the cliche "diminishing returns"--you can keep putting effort in, but without proper rest, you'll get less and less back out.
On the other hand, this rather lengthy post (and its likely incoherent babblings) comes from the bleary-eyed eyes of someone working on a goofy kludge of socket programming in C to interface to Java applets. Thing is, I have no control of how many users can connect, so I must assume that there can be thousands of simultaneous connections.
Oh how I long for the days of sysadminning--I got more sleep as a sysadmin than I do as a programmer!
Hmm. Way back in the early 80s we had a nifty device known as a "genlock" that converted PC video card output back to NTSC-compliant signals for viewing on a standard TV. These have gotten much better, and I've seen projectors that can handle 1200x1600 or better in true color. I'm just surprised that enthusiasts haven't devised some sort of "loopback" device utilizing one of these. It could theoretically get the data back to the CPU, but it wouldn't help in the way of increasing performance if in fact it is the problem of bad drivers, as the article suggests...
Of course, I suspect it's not entirely the fault of the drivers; more than likely, there would have to be some near-redundant circuitry to help prevent lagging on the video card.
Computers are everywhere these days, and we don't seem to run out of people who have problems with them. In many cases, simply having a policy that says that the owner must provide the software on original media can keep you out of any legal trouble, and in many cases, "fixing computer problems" can be reduced to simple software reinstallations.
Or you could perform hardware upgrades--many computer users won't remove the cover and install a part themselves. There's almost always money to be made here, because computers keep getting faster and better, and people simply aren't comfortable upgrading on their own.
These alternate courses are feasible, will turn profits fairly quickly and don't really require much in the way of education/certifications, and can be done even with a staff of one. Really, the biggest part of such a business is advertising.
Uh-oh. Precedents aren't "owned" by the winner. So in our country, that means that anyone else can use it. Microsoft could use their lawyers pull a similar stunt against kernel.org, on the grounds of the historic writable NTFS issue.
Or, we could see this used as a means for attack for patent infrigement. The ISPs will be running scared, afraid of being sued, and will start getting block-happy about things.
Loho will send out threatening letters, resulting in Davezilla being blocked.
Forgent Networks could do some serious blacklisting of any site that hosted jpeg-editing software
The possibilities are endless for such a vague precedent. This could be quite the witchhunt-inspiring precedent.
Microsoft should sue Martha Stewart for using her MICROwave to SOFTen the butter, claiming trademark infringement.
Sun also made high-end workstations. There was a nice market for the workstations up until just a few short years ago, but now the performance of the desktop PC is blurring the distinction between "workstation" and "personal computer". With the immensely lower cost of purchase for a PC, Sun is simply priced right out of the market by names like Gateway, Dell, HP, and Compaq.
So they've been insisting upon trying to reinvent themselves as a software company--at least on the surface. Solaris has been around a while, developing name recognition after being quietly renamed from the not-so-nice-sounding SunOS. And, some things in Solaris are done a little better than in linux. A few previous versions of SunOS ran on PCs, attracting more users to their platform, without requiring the heavy price of Sun's special servers to run it.
A college professor of mine said it: "The writing is on the wall for Sun. Their days are numbered." As a believer in Sun's products (their systems did seem nicer than comparable PCs of yesteryear) I cringed to hear him say that.
But alas, it may not be all that far from true. Sun reported losses last quarter, and their stock is now trading at less than $4 per share. The likelihood of their filing for Chapter 11 Bankruptcy protection in the next 12 months seems quite high.
Sun claimed it would release Solaris 9 before, but then realized it could pull a bait-and-switch, in effect demanding that their servers (Cadillac in performance, Rolls Royce in price) be purchased for the latest version of their operating system. This maneuver backfired on them, as people responded by moving from Solaris to Linux because of the difference in licensing costs--a significant factor in business, particularly during this US recession.
Once a solid company with a strong name and reputation and a definite foothold in the market, Sun is being pushed out. Pushed out from above by IBM, from below by desktop makers Dell, HP, Compaq, and Gateway, and pushed out of the software market by linux.
The promise to release Solaris 9 can be seen as an attempt to re-attract old customers who may have already upgraded and moved on to linux. It's becoming obvious, IMHO, that Sun is desperate and looking for quick fixes to keep them afloat, to prevent them from joining the growing list of names:
Enron, Arthur Anderson, WorldCom, US Airways. Will Sun be next? I can't say for sure. Others might fall first, but it seems fair to expect some definite problems with Sun.
Since in the above thread we were discussing having one of these internally--that strikes me as rather painful.
Call me a skeptic, but I don't personally think you'd want a 5-foot-long worm crawling around inside of you.
Out here in the country, we seem to have lots of crickets. My cat has found a new favorite hobby--it plays with a cricket for a little while, and then eats it. This normally wouldn't be a big deal, except that when a cricket dies, it lets out a long string of eggs the writhe around like a worm. My cat sat there and gagged for about 10 minutes because it had a string of cricket eggs coming up its throat and out through its nose.
Now, if by "intestinal worms" you just mean the ones that seem to just consume everything you do, and you never gain weight--well, I'm surprised that wasn't in that last US bill about weight control in children.
The article only said 5-7 feet long; I wonder how big around these bad boys get. For some reason, that description called to mind a boa constrictor for me...
Me, I've been job-hunting everywhere within a 50 mile radius of my home for the last 4 months. I haven't found anything, in any profession, until just last week. And that was burger-flipping.
Now the real insult is that I also got a phone call from a company that wants me as a sysadmin. The business doesn't know me at all, but I have a friend who works there and is pulling for me--I've been sysadminning his boxen for free for the last 5 years, and never left him hanging on something. Even his user requests were fulfilled in under a week. He knows he's been treated like a king, and he doesn't want to lose such excellent service!
But the problem is, after 4 months I have barely a dime to my name and would have to put insurance back on my car and move 150 miles to take the job. And I don't have a place to live when I get there.
Worst part is, with the economy the way it's been, the university cut financial aid across the board, suspending mine. So while this time of year I'd normally be packing up to go back to school, I'm now forced to take at least a year off because I can't afford to take more classes.
So I'm gonna go flip burgers and make tacos for a while. Hell, it's a job, it might just put a few pennies back in my pocket. If the sysadmin job is still there and they're hiring after I've racked up about $800-$1000 flipping burgers, then I'll move and settle in on something more towards my interests. If not--well, I'll still probably move. I had a kickass job in a grocery store there for a couple years. Okay, the pay stunk. But there always seems to be a really cute gal or two in a grocery store... :)
-
This article repeats Feb 2, 2002 First by Hemos, today by CmdrTaco
-
Jet Exhaust Affects Weather by Hemos repeats Peer-Review Process Confirms Contrails Climate Effect by timothy, Aug 8; a mere 3 days later.
-
Rat Mind Control repeats Remote Controlled Rats both posted by timothy
3 in one day does seem a bit extreme, at least to my way of thinking.Perhaps the concept proposed by a previous poster (to help catch "duplicate" stories) might be a good idea.
Perhaps I am mistaken, but as I recall,
This, of course, shows the beauty of Open Source, though:
- I am a programmer.
- I have an itch.
- I'm going to scratch it.
Slash is freely available. I think it would be nice, in the true spirit of Open Source, to simply develop a link search and submit a patch.In fact, since I just spent all this time complaining and finding the links, I just downloaded it. I'll commence work on a patch immediately.
After reading that article (which sounds quite similar in nature to the opening of the book "The Terminal Man" by Michael Chrichton), I think it might be plausible to say that the same thing could be implemented in humans, but...
The problem with controlling a human the same way is that a human, with the power of reasoning, will eventually come to the conclusion that there is something going on here--something or someone with an agenda trying to control it. And a human would likely then end up resisting--unless there were a pain center with an electrode implanted in it as well, for correction.
Herein lies a Catch-22. Given a particularly strong-willed person with both pleasure and pain electrodes, after a while the person, beginning to resist, will quit being subjected to pleasurable stimulation and instead be frequently punished. This will tear away at the psyche of the subject in such a fashion as to eventually drive him/her to schizophrenia, insanity, or suicide.
Of course, all this is quite barbaric and all. But this is what the psychiatric community tends to teach...
Nevertheless, it would be great to have an electrode stuck into a pleasure center in my brain, with an easily-accessible pushbutton--surely I could handle it, right?
On the other hand, certain other sites estimate our compatibility at well under 40%. Nevertheless, the sex is good, as 2.5 years together might suggest... ;p
YMMV. HTH. HAND.
I don't figure I've submitted any extra information to Microsoft than I have to. And since I log in on Messenger every now and again, the hotmail account gets checked and stays open.
Almost all spam just goes straight to the trash--I get mail there only from the people on my messenger contact list. Well, that and direct from Microsoft--they do have one thing that keeps sending me notices to pay for more disk space. But since I only use about 5k of space, I don't figure I need 10MB. So in the end, I only get about 3 spams a month that I know about.
Yeah, that spam is from Microsoft directly, so maybe that spam is Hotmail's fault. But the rest of it--the spam you see and I don't--I wouldn't consider to be the fault of Hotmail.
Of course, as always, YMMV. HTH. HAND.
So when my address was spammed by SomeoneLikesYou, I got on the phone. Sure enough, the one person who actually did it was my not-so-security-minded girlfriend.
So when I hit the site, I entered only one email address--hers. The site didn't like that, and since it doesn't like bounces either, I just started registering aliases on my linux box. So we had a@mybox.net, b@mybox.net, c@mybox.net, and d@mybox.net.
And, sure enough, when it finally accepted that, it said I had a match! (I also had some 4 more emails popping up in my inbox....)
Since the site demanded that I pay up-front or sign up for affiliate info, I went on my merry way, happy to know I hadn't offended anyone else.
About a month later, though, I got this email "Are you sure this loser Sara is right for you?" which told me to come back and visit the site again, threatening to remove my information and promising not to spam me again. I received a second mesage, again titled "Are you sure this loser Sara is right for you?", before I created a new procmail rule.
I figured I was lucky, I got everything I wanted to know without it costing me anything but the time. I doubt many others were so lucky.
As for the file tag, if it's a standard, okay... Well, a little experimenting shows that Netscape Communicator renders it okay, but it doesn't appear to function.
But my point was meant thusly:
Thousands of machines on the 'net are running IIS and the owners/operators are not aware of it because it was installed by default. The same goes for PWS (the Personal Web Server) on win9x. Now, suppose that we have a form on said Windows box, placed by the default installation or some cracker. And websurfers find the box, either by a link on the page by the original cracker, or by a search engine hit. Finally the surfing user submits a file that is infected.
Sounds contrived, I know, but where there's a will... Look at it this way:
John Q. Cracker gets a two-week notice of his termination. He noted long ago that PWS is installed on his win98 workstation, but it had never been used. So he simply drops a registry key in and points it to some directory publicly accessible via the webserver. He also puts in a short, simple form with a file tag, and a dummy executable to prevent an error on startup. In so doing, he has effectively created a backdoor for himself.
Now, when he's gone home and gone on to another job, he can then upload some program or other (say, a windows telnet server, or packet sniffer) via the form, and waits. Once that windows box is rebooted, he has access to his old box at his former workplace. With no logging functionality, the Windows box can't reliably indicate that he did this or when, and certainly can't provide proof that John was the one who did it. Thus he now has access to the network of the old workplace, to launch attacks, to retrieve information, for corporate espionage, etc. And the only recourse the former employ has is to reinstall windows on the machine--if they ever find out it was compromised.
This could be prevented if the WinXX OSes had specific file permissions to prevent execution, but I'm quite certain that win9x does not, and I'm fairly confident that NT,2k,XP don't either. (Well, technically files marked "System" can't be executed trivially, but this is an antiquated kludge and isn't used for much of anything these days--and since "system" files appear to be hidden from the casual user, it wouldn't be particularly useful for a webserver to set the system attribute on a file to prevent its execution.)
So it's not really the point that the foolhardy would do it and others would not. It's more the point that *it can be done*, and with minimal effort; that should be prevented. Disabling the "file" tag would be a possible barrier to prevent it.
As long as we have Windows machines running webservers, we have no line of defense against this simple intrusion example...Unless the next version of windows supports a filesystem with ownership and permissions at least as comprehensive as the average unix-based OS. NT on ext2 would be a step up--in security, if not performance. (Heck, then they could get rid of the disk defragmenter too! Consider the millions of users who've never discovered or used the defragmenter...)
And on a more personal note.... I've nearly been thrown out of my university on numerous occasions because I happened to use some tool or other in a fashion other than it was intended, and demonstrated an exploit. The sysadmins reported me repeatedly and I've gone through expulsion hearings, even though I reported my findings to the admins. I was, at the time, of the opinion that they should thank me for pointing out a problem. They saw me as a threat that should be closely monitored to gather evidence, and then eliminated. So you see, prevention is an ideal we strive for....
HTH. HAND. :)