Umm... the person executed the attachment explicitly. Their machine was patched completely. They were using Pegasus. They downloaded a "screen-saver" executable, and were infected.
The only way we could have been invulnerable to this sort of mishap is by using linux; however, we need to use FoxPro quite heavily, and thus another platform is not possible.
Careful... even if you have this patch, you can still get the virus from an exe on your network. This happened to me at work. All because I was a couple weeks behind updating my virus definitions...:(
All it taks is one doofus down the hall who opens that infected screen-saver file, or exe, com, etc. in his email to cause you a ton of grief.
We got hit by Klez (AMG; allmusic.com). Let me tell you, it SUCKED. This was a really potent virus. It got in through our video department (somebody opened an email...) and from there, it spread through some shared network apps. Within an hour or so, virtually everyone was toasted.
Since this one spread through exe's, and since it was one strain of like 20 different Klez variants, cleaning was a real bitch. Luckily, I'm in programming, so I didn't have to do much of the visit-everyone's-machine thing. I did have to format my box, tho, as all my applications (including system apps) were hosed.
mike feldkamp
Re:Becuase of Stupidity of course
on
Web Services
·
· Score: 1
Whoa there...
Web services != HTTP Web services
While web services can be used over http, even microsoft is pushing to not use http, merely because http was not designed for this sort of thing.
This is complete nonsense. C++ is NOT a bad language. If you've ever heard Bjarne talk, you would know that he has a powerful mind for design, and his research background gives him the practical experience to build a great language.
C++ is big. C++ is complicated. But these features do not make it a poor language. Rather, it takes a better programmer to effectively use C++.
And you believe in the "C language philosophy"? The C language philosophy was "hey guys, I'm tired of porting assembler from machine to machine, let's generalize it". C is not faster than C++. At all. If you are a horrible C++ programmer, and completely missuse the more advanced features of C++, well, then C might be faster.
And powerful? C is not powerful. Powerful is the STL - being able to use hyper-efficient genralized data structures with very little effort, and having that code be portable to virtually every platform you could dream of. Powerful is built-in exception handling.
I would not agree that Linux can be considered "Modern". Most of the crucial components are in fact based on old UNIX ideas and methodologies.
Note, however, that this is usually not a bad thing. Linux is a derivative of many proven and well tested technologies, which lends to its reliability.
Also, your other points do not seem to make much sense... Bloated?, Free (as is Speech?), Cryptic Config? (maybe a few years ago...), Advanced? (how so... in many ways Linux is very simplistic by design)
If you're using a cheap-o NAT box like I am, they can just look at your MAC address. Manufacturers stick to a certain range of values for their products - when I was setting up my cable modem, the rep (who was actually quite technically adept) knew that I was using a linksys router.
I know that some of these little boxes have MAC spoofing built in... does anyone know if that could be used to fool them?
While I'm sure fooling comcast will be pretty easy in the long run, I'm getting sick of all the shit that they've been pulling lately... It looks like I'm going to have to bite the bullet and switch back to DSL (which will be more costly).
First of all, I have no copied music on my computer. I am, however, sitting next to about 700 cds. I like music. I also respect the work that goes into making music, and so I don't pirate it.
However, I do analyze music at work, and it sucks when I can't analyze a disc's music just because of some simple error that universal has introduced. So I find a way around it.
Now, this may be merely the "first round", but subsequent "copy protection" schemes will be just as easy to get around.
Also, the quote "People we work with are losing their jobs right now because not enough people are buying CDs anymore" is hard to believe. A recent study was posted on slashdot that examined cd sales in the napster age, and it was shown that cd sales rose. Only cd singles took a hit - mostly due to the fact that the single format has been dying for quite some time. If cd sales are down now it's because in this time of economic downturn people are being conservative, and spending less on non-essentials.
As for this quote:
'You should really post your "I can break the copy protection" types of posts anonymously from now on. Just a tip from an insider..edu and.com users posting from their real addresses are the most vulnerable to being intimidated.'
I guess if UMG wants to sue me for doing this, they'll quickly find that my possessions consist mainly of lots of student loans, and a fridge full of cheap beer. I mean, if they wanted to intimidate me by sending a thug to steal my Natural Ice, I guess I'd be pretty pissed, but that's the extent of it.
Universals new discs ARE redbook standard. However, they messed with the yellowbook standard table of contents information. This is the standard that computer cdrom drives use to read data. However, there is an easy way to rip these discs. Read my comment here if interested:
http://slashdot.org/comments.pl?sid=26070&thresh ol d=0&commentsort=0&mode=thread&cid=2825240
Basically, my thought is "any disc that plays in a normal cd player can be ripped". And they can be...
...is really easy to break. It's a simple integer underrun error that is placed on the first track of the disc (in the LBA field of the TOC). Simple sanity checking in future cd rippers will easily circumvent this. In fact, the latest beta of CoolEdit is able to rip these discs by accident (they do the sanity checking, I think).
If anyone that writes CD rippers wants a more in depth description of how to circumvent this, just email me (m-i-k-e-f-e-l-d@engin.umich.edu without the dashes). It's really simple.
Anyhow, I only know of one disc that has this "protection" from universal on it... "The Fast and the Furious Vol. 2". I was trying to run some audio analysis algorithms on its tracks, and couldn't rip the audio... which is why I investigated. Once more discs with this "protection" come out, it will just be a matter of patching existing mp3 rippers.
OK, first off, this email is OBVIOUSLY a fake. There are no Linux insiders. If Microsoft had "Linux insiders", they wouldn't write email about them.
Secondly, this "propoganda" is not being introduced by Microsoft, or by the retailers. This kind of sales line is the result of some pimply-faced teenager's ignorance of computer operating systems.
What he/she should be saying is "choose XP instead of ME so that your computer doesn't crash every 8 seconds". XP really is a huge leap forward from 98/ME (although just a small from win2k).
The sales literature for Circuit City (a friend of mine, Ron, works there selling computers and computer peripherals) about XP is your standard "it's easier, faster, and shinier!" PR stuff. The spiel that he gives centers basically around all of the cutesy little additions that ms has made, like the build in digital photo stuff, the new gaudy interface, and the other media-centric stuff that they have tweaked.
I would like to bring to the table a motion to disallow the use of the word "dotDudes" in the future:)
Joking aside, I agree with the point of the post...
What would *really* be cool is the porting of the windows forms libraries, and the other stuff that's in the non-standardized libraries...
Then, us programmers can write pretty GUIs in a nice, relatively efficient, and modern language (hey, I like C#) and have them run everywhere. And we could do it quickly:) This would be a dream come true... if mainstream applications were written for.net, then getting the latest titles for linux/*bsd/whateverOS would be a snap.
While this is quite a bad hole, at least WinXP comes with that automatic-update thingy right out of the box. It should download and install the patch automatically, if there is an internet connection present.
... At least I think. I know my winxp box is set to notify me before applying patches... and it's already downloaded a few.... I guess I'll have to wait until I get home to see if it got this one automatically? Anyone know? Hopefully it will, otherwise there are going to be a lot of r00t3d windows machines out there.... which means a lot of ammunition for the DoS assholes.
At the college I attend, we have a "computer science" degree, and a "computer engineering" degree.
The difference is that computer engineers are required to take additional classes that center around engineering methodology and responsibility.
From what I've gathered, and have been fed, I see the difference between a computer/software ENGINEER and a computer/software DEVELOPER as being one word: rigor.
Not to say that rigor is something that is exclusive to engineers; an engineering degree merely says "I have been taught and have been successful with the rigorous approach to my chosen field". You'll always find people who slipped through the cracks - engineers who weaseled or cheated their way through college. But for the most part, it is a good bet that someone with an engineering degree from a reputable university should have the attention to detail that it takes to get the job done.
From the article:
"In languages like C and C++, each subarray of a multidimensional array must have the same dimensions. In Java and C# arrays do not have to be uniform because jagged arrays can be created as one-dimensional arrays of arrays"
In C, C++, or any other language that allows pointers and runtime memory allocation you can set up jagged multidimensional arrays almost as easily. You have to use pointers, but that's no biggie.
Slashdot Mirror
Umm... the person executed the attachment explicitly. Their machine was patched completely. They were using Pegasus. They downloaded a "screen-saver" executable, and were infected.
The only way we could have been invulnerable to this sort of mishap is by using linux; however, we need to use FoxPro quite heavily, and thus another platform is not possible.
Now, back to your hole please.
They were using Pegasus. They executed the attachment specifically.
Careful... even if you have this patch, you can still get the virus from an exe on your network. This happened to me at work. All because I was a couple weeks behind updating my virus definitions... :(
All it taks is one doofus down the hall who opens that infected screen-saver file, or exe, com, etc. in his email to cause you a ton of grief.
We got hit by Klez (AMG; allmusic.com). Let me tell you, it SUCKED. This was a really potent virus. It got in through our video department (somebody opened an email...) and from there, it spread through some shared network apps. Within an hour or so, virtually everyone was toasted.
Since this one spread through exe's, and since it was one strain of like 20 different Klez variants, cleaning was a real bitch. Luckily, I'm in programming, so I didn't have to do much of the visit-everyone's-machine thing. I did have to format my box, tho, as all my applications (including system apps) were hosed.
mike feldkamp
Whoa there...
Web services != HTTP Web services
While web services can be used over http, even microsoft is pushing to not use http, merely because http was not designed for this sort of thing.
This is complete nonsense. C++ is NOT a bad language. If you've ever heard Bjarne talk, you would know that he has a powerful mind for design, and his research background gives him the practical experience to build a great language.
C++ is big. C++ is complicated. But these features do not make it a poor language. Rather, it takes a better programmer to effectively use C++.
And you believe in the "C language philosophy"? The C language philosophy was "hey guys, I'm tired of porting assembler from machine to machine, let's generalize it". C is not faster than C++. At all. If you are a horrible C++ programmer, and completely missuse the more advanced features of C++, well, then C might be faster.
And powerful? C is not powerful. Powerful is the STL - being able to use hyper-efficient genralized data structures with very little effort, and having that code be portable to virtually every platform you could dream of. Powerful is built-in exception handling.
HAHAHAHAHAHAHAHA!!!!HAAHAHAHAHAHAHAAHAHA!
AHHHAHAHAHAAHAHAHAHAHAHAHAH!
Right Jack. Sure I'll buy a piece of hardware that has copy control features built in.
AHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!
hmmm... why isn't the network up....
...
God dammit mom! you recycled my networking equipment again!
I would not agree that Linux can be considered "Modern". Most of the crucial components are in fact based on old UNIX ideas and methodologies.
Note, however, that this is usually not a bad thing. Linux is a derivative of many proven and well tested technologies, which lends to its reliability.
Also, your other points do not seem to make much sense... Bloated?, Free (as is Speech?), Cryptic Config? (maybe a few years ago...), Advanced? (how so... in many ways Linux is very simplistic by design)
This would probably work, but it introduces a bunch of overhead and latency...
If you're using a cheap-o NAT box like I am, they can just look at your MAC address. Manufacturers stick to a certain range of values for their products - when I was setting up my cable modem, the rep (who was actually quite technically adept) knew that I was using a linksys router.
I know that some of these little boxes have MAC spoofing built in... does anyone know if that could be used to fool them?
While I'm sure fooling comcast will be pretty easy in the long run, I'm getting sick of all the shit that they've been pulling lately... It looks like I'm going to have to bite the bullet and switch back to DSL (which will be more costly).
Regards,
Mike Feldkamp
You can... see my other post in this discussion for a link to a description.
Or you could just rip the audio
sorry... the link shouldn't have a space in it...
The post is here
This new copy protection seems easy to circumvent... I guarantee mp3 rippers will be able to get around this protection quite easily.
8 25 240
see my previous post:
http://slashdot.org/comments.pl?sid=26070&cid=2
Mike Feldkamp
It refers to when a website is clogged with traffic due to it being posted on slashdot.
Us geeks always rush to read the story, and the website is hosed.
First of all, I have no copied music on my computer. I am, however, sitting next to about 700 cds. I like music. I also respect the work that goes into making music, and so I don't pirate it.
.edu and .com users posting from their real addresses are the most vulnerable to being intimidated.'
However, I do analyze music at work, and it sucks when I can't analyze a disc's music just because of some simple error that universal has introduced. So I find a way around it.
Now, this may be merely the "first round", but subsequent "copy protection" schemes will be just as easy to get around.
Also, the quote "People we work with are losing their jobs right now because not enough people are buying CDs anymore" is hard to believe. A recent study was posted on slashdot that examined cd sales in the napster age, and it was shown that cd sales rose. Only cd singles took a hit - mostly due to the fact that the single format has been dying for quite some time. If cd sales are down now it's because in this time of economic downturn people are being conservative, and spending less on non-essentials.
As for this quote:
'You should really post your "I can break the copy protection" types of posts anonymously from now on. Just a tip from an insider.
I guess if UMG wants to sue me for doing this, they'll quickly find that my possessions consist mainly of lots of student loans, and a fridge full of cheap beer. I mean, if they wanted to intimidate me by sending a thug to steal my Natural Ice, I guess I'd be pretty pissed, but that's the extent of it.
cheers,
mike feldkamp
Universals new discs ARE redbook standard. However, they messed with the yellowbook standard table of contents information. This is the standard that computer cdrom drives use to read data. However, there is an easy way to rip these discs. Read my comment here if interested:
h ol d=0&commentsort=0&mode=thread&cid=2825240
http://slashdot.org/comments.pl?sid=26070&thres
Basically, my thought is "any disc that plays in a normal cd player can be ripped". And they can be...
...is really easy to break. It's a simple integer underrun error that is placed on the first track of the disc (in the LBA field of the TOC). Simple sanity checking in future cd rippers will easily circumvent this. In fact, the latest beta of CoolEdit is able to rip these discs by accident (they do the sanity checking, I think).
If anyone that writes CD rippers wants a more in depth description of how to circumvent this, just email me (m-i-k-e-f-e-l-d@engin.umich.edu without the dashes). It's really simple.
Anyhow, I only know of one disc that has this "protection" from universal on it... "The Fast and the Furious Vol. 2". I was trying to run some audio analysis algorithms on its tracks, and couldn't rip the audio... which is why I investigated. Once more discs with this "protection" come out, it will just be a matter of patching existing mp3 rippers.
mike
Hey, you might be a panzy, but some of us can take it like real men. Jesus, some people just can't stop whining :)
kidding around as usual
-mike
OK, first off, this email is OBVIOUSLY a fake. There are no Linux insiders. If Microsoft had "Linux insiders", they wouldn't write email about them.
Secondly, this "propoganda" is not being introduced by Microsoft, or by the retailers. This kind of sales line is the result of some pimply-faced teenager's ignorance of computer operating systems.
What he/she should be saying is "choose XP instead of ME so that your computer doesn't crash every 8 seconds". XP really is a huge leap forward from 98/ME (although just a small from win2k).
The sales literature for Circuit City (a friend of mine, Ron, works there selling computers and computer peripherals) about XP is your standard "it's easier, faster, and shinier!" PR stuff. The spiel that he gives centers basically around all of the cutesy little additions that ms has made, like the build in digital photo stuff, the new gaudy interface, and the other media-centric stuff that they have tweaked.
I would like to bring to the table a motion to disallow the use of the word "dotDudes" in the future :)
:) This would be a dream come true... if mainstream applications were written for .net, then getting the latest titles for linux/*bsd/whateverOS would be a snap.
Joking aside, I agree with the point of the post...
What would *really* be cool is the porting of the windows forms libraries, and the other stuff that's in the non-standardized libraries...
Then, us programmers can write pretty GUIs in a nice, relatively efficient, and modern language (hey, I like C#) and have them run everywhere. And we could do it quickly
Alas, this is probably just a pipe dream...
While this is quite a bad hole, at least WinXP comes with that automatic-update thingy right out of the box. It should download and install the patch automatically, if there is an internet connection present.
... At least I think. I know my winxp box is set to notify me before applying patches... and it's already downloaded a few.... I guess I'll have to wait until I get home to see if it got this one automatically? Anyone know? Hopefully it will, otherwise there are going to be a lot of r00t3d windows machines out there.... which means a lot of ammunition for the DoS assholes.
Mike Feldkamp
Programmer, All Media Guide
At the college I attend, we have a "computer science" degree, and a "computer engineering" degree.
The difference is that computer engineers are required to take additional classes that center around engineering methodology and responsibility.
From what I've gathered, and have been fed, I see the difference between a computer/software ENGINEER and a computer/software DEVELOPER as being one word: rigor.
Not to say that rigor is something that is exclusive to engineers; an engineering degree merely says "I have been taught and have been successful with the rigorous approach to my chosen field". You'll always find people who slipped through the cracks - engineers who weaseled or cheated their way through college. But for the most part, it is a good bet that someone with an engineering degree from a reputable university should have the attention to detail that it takes to get the job done.
ok, i'm nitpicking, but...
From the article:
"In languages like C and C++, each subarray of a multidimensional array must have the same dimensions. In Java and C# arrays do not have to be uniform because jagged arrays can be created as one-dimensional arrays of arrays"
In C, C++, or any other language that allows pointers and runtime memory allocation you can set up jagged multidimensional arrays almost as easily. You have to use pointers, but that's no biggie.