I would like, just one day out of the year, to fire up slashdot in the morning and not find news of yet another Windows security hole. This is getting very tiresome, and I wish Microsoft, for all I dislike them, would take some real responsibility.
You also gain knowladge about who really needs particular access and why. That way you can know when you have a real security threat and someone just data mining.
This would be applicable if the entire purpose of honeytokens was to track data access for security. Honeytokens are designed to trap unsuspecting people. The frustrating thing is, not a hacker worth their salt breaks into a system or file just to see what's there. That's left for the luzors that want to prove that they're better than everyone else.
I don't see how it invites them. To see any honey tokens I have on my system people must ALREADY be in my system. Which is illegal without my permission. This isn't about inviting people to break in, its about catching those who have already.
It has less to do with people on your computer and more to do with other computers that you would use. Humans are, by nature, curious. Hackers and geeks (read: Just about anyone who reads/.) are by nature proactive when it comes to computers. Let's say; I come across a file on the hard drive of the computer I'm using at work. I'm perfectly within my rights to use this computer, and I'm supposed to be digging around in this directory. However, some overcontrolling nazi of a system administrator thinks that users will only open the files they are "allowed" to open (in his/her limited world view) has placed this file in a diliberate attempt to catch someone who is "trying to access a file that they aren't allowed to." The legal system has a word for this, it's called "entrapment."
This isn't to say that there aren't files that need security and protection and genuinly need restricted access. I don't want my bank's financial records in the hands of some lame cracker with a shell script. What I have a problem with is overcontrol and people thinking that certain information is really important when it's not.
For example. If I stick a file called creditcard-num in a directory as a honeytoken how do people know its there? hmm? They don't. They have to be doing something they aren't allowed to be doing in the first place.
What are you doing allowing people on your computer without your permission? Have you no firewall? Have you no secured gateway? Are you not using Linux/UNIX? Unless you're using the computer your corprate IT department gave you and restricted your permissions on, chances are you've taken enough precautions to keep out all but the most ambitious black hat hackers. (Script kiddie crackers probably won't even see your computer if you're practicing proper security.)
As far as your park ranger analogy...*laughs* Planting a honey token is different then planting a mine (in more ways then one). The token won't actually DO anything. Its just a marker so you can see results of others actions. A mine hoever does actually DO something. Thats totally different.
Park ranger == Overcontrolling nazi system administrator
Ravine == Some site or path that people "in the know" have used since it's discovery in mostly harmless ways
Mines == Honeytokens
If you think these honeytokens don't do anything, trip one at work and see how long you have a job. For even more family fun, go to some government web site and trip one, and time how long it takes the arrest warrant to arrive.
This really strikes me as a wasteful use of resources (as someone already pointed out earlier). However, this whole concept (honeypot, honeytoken) shows how people are so paranoid they INVITE other people to prove them right.
It's like this: Let's say there's a ravine. This ravine is in a somewhat dangerous area of the mountains, and so people are generally told to avoid it. However, this ravine is the shortest walking distance between two towns. Some park ranger with an inflated sense of superiority and WAY to much time on his hands decided that this ravine is now OFF LIMITS because it's dangerous, so he plants some mines. If people step on the mines, well, it's their fault, because the park ranger declared the ravine off limits.
High schools may even be able to offer broadcast curricula now, if there's interest in it, or perhaps have the FM Club to go with Key Club, Civitans, the Chess Club, and other activities, which enrich kids... Which might further increase "good" radio.
I like this. It's similar to a closed-circuit "tv station" that one of my high schools had.
FM translators have NO technical differences from FM stations. The difference is simply legal: a translator must rebroadcast the programs of another station, while a station may originate its own programs.
This strikes me as a serious inconsistency in the FCC regulations. (created by chance, not really intentionally) I have considered filing a petition to close the gap...
...WHY? If people were charged for running these FM translators, then people who live in remote or interference laden areas wouldn't be able to recieve the FM signals without paying a fee. I face something similar with my TV, I'm on a Plain-Ol-Antena (POA) and I can't recieve three local stations because there's no signal booster. The stupid thing is that these station's broadcasting antennas are closer than the other stations towers.
No, there won't. The restrictions on getting an LPFM license (even now) are nearly insurmountable. In addition, there are no provisions to decrease your fees to RIAA, and you are not allowed (basically) to earn money on the station. So, unless you are in a garage band, you've got no music.
Be that as it may, some people do some things without expectation of monitary reward. Charity workers and open-source coders come immediatly to mind.
You will trot your geeky li'l butt over to here (if you're a digital geek) or to here (if you're a radio geek) and get yourself a transmitter.
A bit of both, actually. Toys!
BTW, these are legal with or without the LPFM regulations because they're under 100mw. The range is about 100-200 feet, or up to a quarter mile with a longer antenna (but you might be pushing it, legal-wise, at that range.)
Other people who find your show can set up their own low power transmitters and rebroadcast it, and maybe add their own shows and content to the "network"
Clever idea. It would certainly give the luzer stations that play now a run for their money.
This would hopefully lead to a situation where democratic radio stations would emerge. If enough people like your content, the area in which it could be heard would grow as more transmitters are added. This could snowball to the point where, at least in urban areas, you'd have something like a real coverage area. If your show quality drops off, well, transmitter owners can go elsewhere.
Good idea, bad implimentation. This requires that all the "station owners" agree on what's good, which may not coincide with what the listening audience thinks. Picture this though, software and hardware tuners that are specially designed for these stations so that when someone likes a song, they push a button, and that song is upgraded. Same, of course, for songs people don't like being downgraded. The station "owner" would still be able to play what they wanted, but they would have direct feedback as to what their listeners wanted as well, without going through an intermediary like Neilson (or whoever).
You mean have an FM-receiver card in your PC and using it to receive coded FM frequencies, which can be converted to digital? Sounds intriguing... Surely this has been though about before (and probably denounced as unfeasible,) although I (obviously) know nothing about radio waves.
That's what I'm talking about, though it doesn't necessarily have to be for just computer stuff. You could probably encode, say, ID3-type information in the broadcast so that when it's playing on your "radio" the artist/song informaion is displayed on your system, rather like MP3 players. There is, of course, the possiblity of encoding pure data in the wave, but there's probably some regulation against that. (stupid though such regulation may be.)
A full, easily exploitable security hole in MacOS X. Now all those windoids will have no reason not to switch, as MacOS X now provides all the features of Windows, including a security hole.
Why bother? Why not push for full digital convergence and have everyone use EFT for ALL transactions? We're headed that way anyway, I haven't used paper cash in nearly a month now for anything.
... it's not a Unicomp Buckling Spring keyboard! Damn things take, like, 3-million pounds of pressure to push a key and sounded like an elephant throwing a tanrum when you really got going. Now the Macintosh keyboards, silent, easy, responsive, THOSE are keyboards.
I worked at Sea World San Diego for a little over 2 years total. There are some people (heck, MOST people) who shouldn't be allowed to bath themselves because they're so freaking stupid. If you were to compare the demographic of the people who gave out their passwords to the demographic of people who tried to fasten their safetybelts SIDEWAYS on the Shipwreck Rapids ride, the numbers would probably be the same.
With all these articles, books, quotes, speeches, and industry pundits yammering on about.NET, I still have no clue how.NET, or any related "technology," (since they all seem like vaporware and/or "it just sits there, doesn't do anything"-ware) is supposed to benifit me in my everyday computing experience. Or anybody for that matter. It keeps passwords coordinated, sets up a "secure" computing environment, and allows access to all data via a "software cloud?" Sounds like PR-ware to me.
1000 songs in MP3 format. After deleting the ones that I didn't like, there were still nearly 950 of them.
You said: I can't help picturing you walking into a video dating service, watching 10 tapes, and after rejecting the ones you don't like you announce you'd like to date 9 and a half of them:)
Slashdot Mirror
I would like, just one day out of the year, to fire up slashdot in the morning and not find news of yet another Windows security hole. This is getting very tiresome, and I wish Microsoft, for all I dislike them, would take some real responsibility.
You also gain knowladge about who really needs particular access and why. That way you can know when you have a real security threat and someone just data mining.
This would be applicable if the entire purpose of honeytokens was to track data access for security. Honeytokens are designed to trap unsuspecting people. The frustrating thing is, not a hacker worth their salt breaks into a system or file just to see what's there. That's left for the luzors that want to prove that they're better than everyone else.
I don't see how it invites them. To see any honey tokens I have on my system people must ALREADY be in my system. Which is illegal without my permission. This isn't about inviting people to break in, its about catching those who have already.
It has less to do with people on your computer and more to do with other computers that you would use. Humans are, by nature, curious. Hackers and geeks (read: Just about anyone who reads /.) are by nature proactive when it comes to computers. Let's say; I come across a file on the hard drive of the computer I'm using at work. I'm perfectly within my rights to use this computer, and I'm supposed to be digging around in this directory. However, some overcontrolling nazi of a system administrator thinks that users will only open the files they are "allowed" to open (in his/her limited world view) has placed this file in a diliberate attempt to catch someone who is "trying to access a file that they aren't allowed to." The legal system has a word for this, it's called "entrapment."
This isn't to say that there aren't files that need security and protection and genuinly need restricted access. I don't want my bank's financial records in the hands of some lame cracker with a shell script. What I have a problem with is overcontrol and people thinking that certain information is really important when it's not.
For example. If I stick a file called creditcard-num in a directory as a honeytoken how do people know its there? hmm? They don't. They have to be doing something they aren't allowed to be doing in the first place.
What are you doing allowing people on your computer without your permission? Have you no firewall? Have you no secured gateway? Are you not using Linux/UNIX? Unless you're using the computer your corprate IT department gave you and restricted your permissions on, chances are you've taken enough precautions to keep out all but the most ambitious black hat hackers. (Script kiddie crackers probably won't even see your computer if you're practicing proper security.)
As far as your park ranger analogy...*laughs* Planting a honey token is different then planting a mine (in more ways then one). The token won't actually DO anything. Its just a marker so you can see results of others actions. A mine hoever does actually DO something. Thats totally different.
Park ranger == Overcontrolling nazi system administrator
Ravine == Some site or path that people "in the know" have used since it's discovery in mostly harmless ways
Mines == Honeytokens
If you think these honeytokens don't do anything, trip one at work and see how long you have a job. For even more family fun, go to some government web site and trip one, and time how long it takes the arrest warrant to arrive.
This really strikes me as a wasteful use of resources (as someone already pointed out earlier). However, this whole concept (honeypot, honeytoken) shows how people are so paranoid they INVITE other people to prove them right.
It's like this: Let's say there's a ravine. This ravine is in a somewhat dangerous area of the mountains, and so people are generally told to avoid it. However, this ravine is the shortest walking distance between two towns. Some park ranger with an inflated sense of superiority and WAY to much time on his hands decided that this ravine is now OFF LIMITS because it's dangerous, so he plants some mines. If people step on the mines, well, it's their fault, because the park ranger declared the ravine off limits.
High schools may even be able to offer broadcast curricula now, if there's interest in it, or perhaps have the FM Club to go with Key Club, Civitans, the Chess Club, and other activities, which enrich kids... Which might further increase "good" radio.
I like this. It's similar to a closed-circuit "tv station" that one of my high schools had.
FM translators have NO technical differences from FM stations. The difference is simply legal: a translator must rebroadcast the programs of another station, while a station may originate its own programs.
This strikes me as a serious inconsistency in the FCC regulations. (created by chance, not really intentionally) I have considered filing a petition to close the gap...
...WHY? If people were charged for running these FM translators, then people who live in remote or interference laden areas wouldn't be able to recieve the FM signals without paying a fee. I face something similar with my TV, I'm on a Plain-Ol-Antena (POA) and I can't recieve three local stations because there's no signal booster. The stupid thing is that these station's broadcasting antennas are closer than the other stations towers.
No, there won't. The restrictions on getting an LPFM license (even now) are nearly insurmountable. In addition, there are no provisions to decrease your fees to RIAA, and you are not allowed (basically) to earn money on the station. So, unless you are in a garage band, you've got no music.
Be that as it may, some people do some things without expectation of monitary reward. Charity workers and open-source coders come immediatly to mind.
You will trot your geeky li'l butt over to here (if you're a digital geek) or to here (if you're a radio geek) and get yourself a transmitter.
A bit of both, actually. Toys!
BTW, these are legal with or without the LPFM regulations because they're under 100mw. The range is about 100-200 feet, or up to a quarter mile with a longer antenna (but you might be pushing it, legal-wise, at that range.)
Can you set up rebroadcast stations with this?
Other people who find your show can set up their own low power transmitters and rebroadcast it, and maybe add their own shows and content to the "network"
Clever idea. It would certainly give the luzer stations that play now a run for their money.
This would hopefully lead to a situation where democratic radio stations would emerge. If enough people like your content, the area in which it could be heard would grow as more transmitters are added. This could snowball to the point where, at least in urban areas, you'd have something like a real coverage area. If your show quality drops off, well, transmitter owners can go elsewhere.
Good idea, bad implimentation. This requires that all the "station owners" agree on what's good, which may not coincide with what the listening audience thinks. Picture this though, software and hardware tuners that are specially designed for these stations so that when someone likes a song, they push a button, and that song is upgraded. Same, of course, for songs people don't like being downgraded. The station "owner" would still be able to play what they wanted, but they would have direct feedback as to what their listeners wanted as well, without going through an intermediary like Neilson (or whoever).
You mean have an FM-receiver card in your PC and using it to receive coded FM frequencies, which can be converted to digital? Sounds intriguing... Surely this has been though about before (and probably denounced as unfeasible,) although I (obviously) know nothing about radio waves.
That's what I'm talking about, though it doesn't necessarily have to be for just computer stuff. You could probably encode, say, ID3-type information in the broadcast so that when it's playing on your "radio" the artist/song informaion is displayed on your system, rather like MP3 players. There is, of course, the possiblity of encoding pure data in the wave, but there's probably some regulation against that. (stupid though such regulation may be.)
Does this mean we'll be getting good radio stations now?
Seriously, this is a good thing, especially if someone can find a way to harness this for some sort of digital traffic.
A full, easily exploitable security hole in MacOS X. Now all those windoids will have no reason not to switch, as MacOS X now provides all the features of Windows, including a security hole.
...Microsoft is eating a $200-300 loss on ever Xbox console they "sell." (more like "give away")
HA! All you wierd for-en-ers switching to your mit-rik system! Shows to go ya!
I can move back to Colorado now without being arrested for running a firewall! I think I'll do that soon, actually...
Ah, yes! The "public service" people.
Why bother? Why not push for full digital convergence and have everyone use EFT for ALL transactions? We're headed that way anyway, I haven't used paper cash in nearly a month now for anything.
I can start using Quicken again! No more concientious protesting for /that/ company!
Too right!
When there's a point to "interplanetary Internet," I'll be more interested. Until then, these stories are a big fat yawn.
... it's not a Unicomp Buckling Spring keyboard! Damn things take, like, 3-million pounds of pressure to push a key and sounded like an elephant throwing a tanrum when you really got going. Now the Macintosh keyboards, silent, easy, responsive, THOSE are keyboards.
I worked at Sea World San Diego for a little over 2 years total. There are some people (heck, MOST people) who shouldn't be allowed to bath themselves because they're so freaking stupid. If you were to compare the demographic of the people who gave out their passwords to the demographic of people who tried to fasten their safetybelts SIDEWAYS on the Shipwreck Rapids ride, the numbers would probably be the same.
Well, that'll make it easy to boycott, though admitedly I never went to them in the first place.
With all these articles, books, quotes, speeches, and industry pundits yammering on about .NET, I still have no clue how .NET, or any related "technology," (since they all seem like vaporware and/or "it just sits there, doesn't do anything"-ware) is supposed to benifit me in my everyday computing experience. Or anybody for that matter. It keeps passwords coordinated, sets up a "secure" computing environment, and allows access to all data via a "software cloud?" Sounds like PR-ware to me.
1000 songs in MP3 format. After deleting the ones that I didn't like, there were still nearly 950 of them.
You said:
I can't help picturing you walking into a video dating service, watching 10 tapes, and after rejecting the ones you don't like you announce you'd like to date 9 and a half of them
Heh! :) I did say that I had over 1000...