Nah, it's all part of a master plan. You see - there's a common misconception that geeks like games. If slashdot has a garish games section that hardly gets any visits (because people can't stand the colour scheme) and slashdot is one of the leading geek sites: it'll prove that geeks really don't like games (or else they'll visit the game section).
Totally logical you see!:)
But that'll be discriminating against PORGs (people of restrictive growth) and that'll be illegal.
Ok, ok, instead of porgs put "those little funny dwarf people that you throw in pub games around Europe".
I was shocked to find out you were right about the original Harry Potter movie, but the second one (Chamber of Secrets) is already available on DVD-rip via FastTrackMovies (a very good site btw!)
Actually, that'll be something I'd do. Give them a no good password (such as "t3st") to collect the pen and during audit logs, keep an eye out for usage of that password.
Of course, a password alone isn't much good. I could give them one of my many real passwords, yet without knowing the user name associated with the password and which system it's for - the password is as good as useless (If they said "Oh - what's the password to the admin account for server X", you'll know it wasn't a "random survey")
Oooh - I pity their webhosts then. The redirect to port 19638 and/webhost/rollout shows that the site is running the Ensim control panel software which only mails our bandwidth warnings - it doesn't automatically suspend high bandwidth sites or provide other methods of throttling. This means that that shared server (which is the common enviornment for Ensim to run in) is probably waaay overloaded at this moment and many many many customers are suffering.
Ditto, the house I'm living in is "quite new" at only being 60 years old and I moved out of my even new parents house (40 years old) 2 years ago. In Britain, most house less than 100 years old are regarded as "new"...
Just change the data input system so it tries to generate an appopriate lengthed random number - if it hits a duplicate, regenerate and retry. I'd guess the maximum number of retries would be likely to be around 5 as if there (as other posters have said) around 1billion possible combinations, I doubt that the likelyhood of a random number of that length being chosen is quite slim.
One "smallish" code change and that's it...
Apart from the fact that the guy in question (whose last name was Bond btw) was a Brit and hence didn't have an SSN in the first place. However, I seem to recall a "not so publically disclosed" piece of info that the criminal actually managed to find the guys passport number and use that with the guys name + DOB: dunno how he did it though (of course, this fact would have probably got in the way of a 'stupid fbi' story...)
Mainly logging stuff. If I'm demoing it on another computer remotely (but on the same site) and something goes tits up, I can just key in the URL and see what was going on at that point: failing that, I'd have to walk all the way back to the building and look at the log files on the machine itself (where I could, since I have physical access, make all the appropriate changes).
Of course, it's all protected on an internal network by a firewall as well and you do need to have at least authenticated with the system beforehand before it'll let you use the "backdoor": which poses the question - what exactly is a backdoor?
I've put in small backdoors which will only work on certain machine names (i.e. my developmental machine was called 'Alice' therefore the code wouldn't work on the live server called "Bob"), that required access from a set range of IPs (our internal LAN) AND required knowledge of the URL and additional password. Ideal for testing and development purposes, but once the system goes live the backdoors are usless.
And on the microfilm is printed the source code of MS WickerBasket(tm) which the BSA wanted to arrest you for using for to make your own Wicker Basket?
I'll hate to shatter an illusion, but.com ,.net and.org ARE international domains (along with.int) - the USA has.us as it's country code. Ok, it might not be widely used, but it IS there.
Well, I don't normally use DC anyway (I'm more KazaaLite orientated) and I share over 60Gb of files anyway (sometimes up to 70Gb but that means I'm practically out of disc space). But I suppose it's a still a good idea if you find the one hub that has the file you are after but you are _just_ that little bit short of the requirements. If I had larger hard drives, I'll share more but alas...
On my Windows machine, I've got all my shared files under D:/shared/ , I've also set up (using subst) the virtual drive S: which points towards D:/shared/ . Share both D:/shared/ and S: and I've "doubled" my available file list...
Agreed, I run Windows 2000 which doesn't have DOS as an underlying operating system - but I'm glad it's still got the command line functionality. There's just some things that you need a command line for...
I do a similar thing using MailWasher on Windows. The confirmation email comes in, I "preview" the message and then I tell MailWasher to delete the email and bounce it back to the originator whilst also blocking the address (or domain) it came from.
Or print a Hilary Rosen of your own - that'll be fun, watching them both argue in court about which one is the copy. And what happens when one of them loses - will "disposing" of the duplicate be murder? Of course, that implies that the RIAA hasn't already added murder to it's marketing policy...
I usually have a debug function in my program which uses a global variable to keep track of it's "depth". Other functions call it with things like debug(enterfunction,"function name") or debug(variable,"change x to 53") and the global variable helps every become nicely indented in the output. Skim down to the bottom of the output and work your way backup and you get to see where the problem is, under what conditions etc.
Add in a few more parameters to the debug function and you can then start to specify whether it produces a debug log or not (yes on development machines, no on others), what items to put in the log etc etc.
Probably to reduce the slashdot effect. I've known of this site for a month or so and it's only really now "making the rounds" roung the "blog community" - but I don't think they anticipiated such a large influx in 48 hours. Hence, to try and reduce the server load, why not temporarily point people "away" to somewhere else?
Catching the latter would be easy: if the mail is received from the external internet (i.e. the mail server sending is not from the Hotmail netblock) but it is an Envelope from @hotmail.com - then block it. Chance of it being legitimate is extremely low (I doubt many people have configured their mail client to actually use their Hotmail account AND configured it to use their ISPs mailserver).
That's one of the things that's stopped me getting a PVR. If my VCR goes on the blink, at the most I've lost 6 hours of recordings (one 3 hour tape recorded on LP). PVR goes on the blink and I've lost many many many more hours than that - and if the PVR has DRM which blocks me from swopping the hard drives with another then I've got no chance of recovering the data (hey - with the tape you could borrow a film 'splicer' machine and cut down the lose to a few minutes if the tape is chewed).
Slashdot Mirror
Last I heard he was one of the richest people on the planet.. Just shows what automating your house can do for you!
Ah, 24million lines were just "*/ comment: WTF? How's this meant to work? To be fixed later */"
Nah, it's all part of a master plan. You see - there's a common misconception that geeks like games. If slashdot has a garish games section that hardly gets any visits (because people can't stand the colour scheme) and slashdot is one of the leading geek sites: it'll prove that geeks really don't like games (or else they'll visit the game section). :)
Totally logical you see!
True, how can people really scream "Spoiler" since they already know how the series ends?
Shock news: Luke is Darth Vader's son!
But that'll be discriminating against PORGs (people of restrictive growth) and that'll be illegal.
Ok, ok, instead of porgs put "those little funny dwarf people that you throw in pub games around Europe".
I was shocked to find out you were right about the original Harry Potter movie, but the second one (Chamber of Secrets) is already available on DVD-rip via FastTrackMovies (a very good site btw!)
Actually, that'll be something I'd do. Give them a no good password (such as "t3st") to collect the pen and during audit logs, keep an eye out for usage of that password.
Of course, a password alone isn't much good. I could give them one of my many real passwords, yet without knowing the user name associated with the password and which system it's for - the password is as good as useless (If they said "Oh - what's the password to the admin account for server X", you'll know it wasn't a "random survey")
Oooh - I pity their webhosts then. The redirect to port 19638 and /webhost/rollout shows that the site is running the Ensim control panel software which only mails our bandwidth warnings - it doesn't automatically suspend high bandwidth sites or provide other methods of throttling. This means that that shared server (which is the common enviornment for Ensim to run in) is probably waaay overloaded at this moment and many many many customers are suffering.
Ditto, the house I'm living in is "quite new" at only being 60 years old and I moved out of my even new parents house (40 years old) 2 years ago. In Britain, most house less than 100 years old are regarded as "new"...
Just change the data input system so it tries to generate an appopriate lengthed random number - if it hits a duplicate, regenerate and retry. I'd guess the maximum number of retries would be likely to be around 5 as if there (as other posters have said) around 1billion possible combinations, I doubt that the likelyhood of a random number of that length being chosen is quite slim.
One "smallish" code change and that's it...
Apart from the fact that the guy in question (whose last name was Bond btw) was a Brit and hence didn't have an SSN in the first place. However, I seem to recall a "not so publically disclosed" piece of info that the criminal actually managed to find the guys passport number and use that with the guys name + DOB: dunno how he did it though (of course, this fact would have probably got in the way of a 'stupid fbi' story...)
Mainly logging stuff. If I'm demoing it on another computer remotely (but on the same site) and something goes tits up, I can just key in the URL and see what was going on at that point: failing that, I'd have to walk all the way back to the building and look at the log files on the machine itself (where I could, since I have physical access, make all the appropriate changes).
Of course, it's all protected on an internal network by a firewall as well and you do need to have at least authenticated with the system beforehand before it'll let you use the "backdoor": which poses the question - what exactly is a backdoor?
I've put in small backdoors which will only work on certain machine names (i.e. my developmental machine was called 'Alice' therefore the code wouldn't work on the live server called "Bob"), that required access from a set range of IPs (our internal LAN) AND required knowledge of the URL and additional password. Ideal for testing and development purposes, but once the system goes live the backdoors are usless.
And on the microfilm is printed the source code of MS WickerBasket(tm) which the BSA wanted to arrest you for using for to make your own Wicker Basket?
I'm getting more enjoyment out of imagining what will happen to that post when it is taken out-of-context for meta-mod...
I'll hate to shatter an illusion, but .com , .net and .org ARE international domains (along with .int) - the USA has .us as it's country code. Ok, it might not be widely used, but it IS there.
Well, I don't normally use DC anyway (I'm more KazaaLite orientated) and I share over 60Gb of files anyway (sometimes up to 70Gb but that means I'm practically out of disc space). But I suppose it's a still a good idea if you find the one hub that has the file you are after but you are _just_ that little bit short of the requirements. If I had larger hard drives, I'll share more but alas...
On my Windows machine, I've got all my shared files under D:/shared/ , I've also set up (using subst) the virtual drive S: which points towards D:/shared/ . Share both D:/shared/ and S: and I've "doubled" my available file list...
Agreed, I run Windows 2000 which doesn't have DOS as an underlying operating system - but I'm glad it's still got the command line functionality. There's just some things that you need a command line for...
I do a similar thing using MailWasher on Windows. The confirmation email comes in, I "preview" the message and then I tell MailWasher to delete the email and bounce it back to the originator whilst also blocking the address (or domain) it came from.
Or print a Hilary Rosen of your own - that'll be fun, watching them both argue in court about which one is the copy. And what happens when one of them loses - will "disposing" of the duplicate be murder? Of course, that implies that the RIAA hasn't already added murder to it's marketing policy...
I usually have a debug function in my program which uses a global variable to keep track of it's "depth". Other functions call it with things like debug(enterfunction,"function name") or debug(variable,"change x to 53") and the global variable helps every become nicely indented in the output. Skim down to the bottom of the output and work your way backup and you get to see where the problem is, under what conditions etc.
Add in a few more parameters to the debug function and you can then start to specify whether it produces a debug log or not (yes on development machines, no on others), what items to put in the log etc etc.
Probably to reduce the slashdot effect. I've known of this site for a month or so and it's only really now "making the rounds" roung the "blog community" - but I don't think they anticipiated such a large influx in 48 hours. Hence, to try and reduce the server load, why not temporarily point people "away" to somewhere else?
Catching the latter would be easy: if the mail is received from the external internet (i.e. the mail server sending is not from the Hotmail netblock) but it is an Envelope from @hotmail.com - then block it. Chance of it being legitimate is extremely low (I doubt many people have configured their mail client to actually use their Hotmail account AND configured it to use their ISPs mailserver).
That's one of the things that's stopped me getting a PVR. If my VCR goes on the blink, at the most I've lost 6 hours of recordings (one 3 hour tape recorded on LP). PVR goes on the blink and I've lost many many many more hours than that - and if the PVR has DRM which blocks me from swopping the hard drives with another then I've got no chance of recovering the data (hey - with the tape you could borrow a film 'splicer' machine and cut down the lose to a few minutes if the tape is chewed).