If parents would take responsibility for raising their kids, then these types of laws wouldn't be necessary (or "as" necessary). However, since people are content with allowing the government to decide for them, then hey, it sounds like a great law. [This obviously isn't meant for every parent, but there are plenty who fit the bill.]
Today more than ever we are ready to trade our privacy for security (or the appearance of security), so why not let the government decide what's best for our kids as well. A nibble here, a nibble there.
Who knows, maybe at least it will make it harder for parents to sue gaming companies because their kids commit terrible acts of violence while the parents claim ignorance.
Your joking right?!?! I totally made up those exact words when replying. I can't believe they have been used before. Damn, I might have violated some copyright law by saying those words without the express prior consent of Comedy Central and As If Productions.
I think the only thing "lacking" here is your sense of humor. Get over it... Of course I knew it was a South Park transcipt. And I could care less about trying to "impress" a feable mind such as yours. I could use my Jedi mind tricks instead.
Johnny Cochrane: It does not make sense. Look at me. I'm a lawyer defending a major record company and I'm talkin' about Chewbacca. Does that make sense? Ladies and Gentlemen I'm am not making any sense. None of this makes sense. And so you have to remember when you're in that jury room deliberating and conjugating the Emancipation Proclamation, does it make sense? No. Ladies and Gentlemen of this deposed jury it does not make sense. If Chewbacca lives on Endor you must acquit. The defense rests.
I wonder what the source of their Earthquake data is? And I wonder what magnitude(s) would have been recorded?
I did not see any "believed" Earthquakes with 26 and 19 second differences (respectively) listed on either day at the National Earthquake Information Center. I'm sure it's possible they weren't recorded by NEIC, although I suspect it would/should be. From reading the Professor's web page, it appears the data would have been taken from the source above, yet I didn't see it there. (Who know's, maybe I just missed it)
The story still seems suspect to me although Dr. Eugene Harris does appear to be focused on exactly this type of research.
I think more details are necessary to please the/. crowd.
I'm sure this has been suggested before, but I'm curious why SlashDot does not have a caching mechanism for the stories it's about to post? It has become common for a link posted in a SlashDot article to become unavailable within a few minutes of the article being posted. As a result, most readers can only speculate on what the writer is actually talking about.
I'm not sure what resources would be needed to cache the links, but since there aren't that many articles per day, I would imagine that it is reasonable.
After checking their site, I couldn't find the software on it anymore, they must have taken it down. If you are interested in the software or AUP, send me an email and I will try to track em down.
Here's just a handful of security issues that arise. Some of these are easy to address, others may be more tough:
AirSnort or similar wireless packet capturing tool to capture inbound/outbound traffic.
Hacking/port scanning the Net -- You could hack and go virtually undetected. Sure they can trace your MAC address, but there are ways around this using virtual MAC addresses, etc.
Hacking/port scanning others in the theater -- HackerA finds an open share on VictimB's Windows laptop. Or HackerA is able to hack it because VictimB doesn't have the latest patches. HackerA now has the potential to get VictimB's entire hardrive, including Temporary Internet Files, cookies (chocolate chip of course), tax/financial data, cached passwords, and any other personal information that is stored on it. I'm sure this could create liability issues here for the theater (see site below).
These are just a few potential problems, I am sure someone more creative than myself could come up with a bunch more.
There are plenty of "open" wireless initiatives out there. You can check out NYC Wireless for some suggestions on how best to secure an "open" wireless network. They have some good suggestions and even free software you can download and use on your wireless gateway (*nix NAT box) which will require the users to agree to an AUP prior to using the service.
But these types of open wireless environments still rely heavily on the users being innocent for the most part.
What if one day, you invest a lot of money in a company called Enron that you think will make you more money. Or at the very least, be a sound investment. You figure worst case scenario: you lose some of the money you invest, but certainly not all.
You think this because a company that size must be solid and existing regulations must protect the executives from taking all the money and running or mismanaging the company in to non-existence.
Maybe a poor analogy, but the point is this; yeah it could happen, you could be screwed, it has happened to some and it will happen to more.
If you use a cc, you are somewhat protected. If you link to your checking account, you have the weight of the bank to help if they care. If they dont care, find a new bank.
People should use common sense when buying something over the net.
Another bad analogy...
Would you give a stranger money on the street to have them go somewhere unknown to you and buy you something? Probably not. But you might give a friend (ie trusted source) the money. And if you never got the product, you might hold your friend somewhat responsible (even if he didnt do it).
If your other friends get screwed over as well, or if it happens again, you stop trusting your friend.
PayPal realizes that it's in their best interest to prevent these types of things from happening.
Unfortunately (or maybe fortunately), it is not nearly as easy to setup an account. They send you information that you are required to return (with a voided check) to activate the service.
This is even true if you have a Citibank account and not a third party account.
I haven't actually returned my paperwork yet, so I don't know how easy or convenient the service is.
If you believe the threat is serious enough, you should turn off sshd until you are able to patch the daemon.
You won't know, and shouldn't assume, that an exploit script will be created that looks for SSH running on port 22 only. So having it run on an unknown port will really only provide you with the illusion that you have some how bought time to fix the problem.
The OpenSSH Website does not make mention of this exploit and the need for users to upgrade.
They do mention the release of 3.1 (3/7/02), but it never says that it addresses security issues.
Although, I am much happier to see a patch than an updated website.:)
Slashdot Mirror
Theo de Raadt Version 2.0
...
... A deja vu is usually a glitch in the Matrix"
"FreeBSD Core Developer Guy: A black cat went past us, and then another that looked just
FreeBSD Core Developer Girl: How much
like it, was it the same cat?
Theo de Raadt Version 2.0
Snowdog
If parents would take responsibility for raising their kids, then these types of laws wouldn't be necessary (or "as" necessary). However, since people are content with allowing the government to decide for them, then hey, it sounds like a great law. [This obviously isn't meant for every parent, but there are plenty who fit the bill.]
Today more than ever we are ready to trade our privacy for security (or the appearance of security), so why not let the government decide what's best for our kids as well. A nibble here, a nibble there.
Who knows, maybe at least it will make it harder for parents to sue gaming companies because their kids commit terrible acts of violence while the parents claim ignorance.
Snowdog
Your joking right?!?! I totally made up those exact words when replying. I can't believe they have been used before. Damn, I might have violated some copyright law by saying those words without the express prior consent of Comedy Central and As If Productions.
I think the only thing "lacking" here is your sense of humor. Get over it... Of course I knew it was a South Park transcipt. And I could care less about trying to "impress" a feable mind such as yours. I could use my Jedi mind tricks instead.
All too easy...
Snowdog
Johnny Cochrane: It does not make sense. Look at me. I'm a lawyer defending a major record company and I'm talkin' about Chewbacca. Does that make sense? Ladies and Gentlemen I'm am not making any sense. None of this makes sense. And so you have to remember when you're in that jury room deliberating and conjugating the Emancipation Proclamation, does it make sense? No. Ladies and Gentlemen of this deposed jury it does not make sense. If Chewbacca lives on Endor you must acquit. The defense rests.
Also of interest may be the "Oh My God Particle" from 1991. The research on this seems to be quite extensive, and pretty damn funny too.
Check it out at:
Oh My God Particle
Snowdog
I did not see any "believed" Earthquakes with 26 and 19 second differences (respectively) listed on either day at the National Earthquake Information Center. I'm sure it's possible they weren't recorded by NEIC, although I suspect it would/should be. From reading the Professor's web page, it appears the data would have been taken from the source above, yet I didn't see it there. (Who know's, maybe I just missed it)
The story still seems suspect to me although Dr. Eugene Harris does appear to be focused on exactly this type of research.
I think more details are necessary to please the /. crowd.
Snowdog
I'm sure this has been suggested before, but I'm curious why SlashDot does not have a caching mechanism for the stories it's about to post? It has become common for a link posted in a SlashDot article to become unavailable within a few minutes of the article being posted. As a result, most readers can only speculate on what the writer is actually talking about.
I'm not sure what resources would be needed to cache the links, but since there aren't that many articles per day, I would imagine that it is reasonable.
Just my $0.02.
Snowdog
After checking their site, I couldn't find the software on it anymore, they must have taken it down. If you are interested in the software or AUP, send me an email and I will try to track em down.
Snowdog
AirSnort or similar wireless packet capturing tool to capture inbound/outbound traffic.
Hacking/port scanning the Net -- You could hack and go virtually undetected. Sure they can trace your MAC address, but there are ways around this using virtual MAC addresses, etc.
Hacking/port scanning others in the theater -- HackerA finds an open share on VictimB's Windows laptop. Or HackerA is able to hack it because VictimB doesn't have the latest patches. HackerA now has the potential to get VictimB's entire hardrive, including Temporary Internet Files, cookies (chocolate chip of course), tax/financial data, cached passwords, and any other personal information that is stored on it. I'm sure this could create liability issues here for the theater (see site below).
These are just a few potential problems, I am sure someone more creative than myself could come up with a bunch more.
There are plenty of "open" wireless initiatives out there. You can check out NYC Wireless for some suggestions on how best to secure an "open" wireless network. They have some good suggestions and even free software you can download and use on your wireless gateway (*nix NAT box) which will require the users to agree to an AUP prior to using the service.
But these types of open wireless environments still rely heavily on the users being innocent for the most part.
Snowdog
He can use the Chewbacca Defense...
"It does not make sense... look at the monkey..."
Snowdog
What if one day, you invest a lot of money in a company called Enron that you think will make you more money. Or at the very least, be a sound investment. You figure worst case scenario: you lose some of the money you invest, but certainly not all.
You think this because a company that size must be solid and existing regulations must protect the executives from taking all the money and running or mismanaging the company in to non-existence.
Maybe a poor analogy, but the point is this; yeah it could happen, you could be screwed, it has happened to some and it will happen to more.
If you use a cc, you are somewhat protected. If you link to your checking account, you have the weight of the bank to help if they care. If they dont care, find a new bank.
People should use common sense when buying something over the net.
Another bad analogy...
Would you give a stranger money on the street to have them go somewhere unknown to you and buy you something? Probably not. But you might give a friend (ie trusted source) the money. And if you never got the product, you might hold your friend somewhat responsible (even if he didnt do it).
If your other friends get screwed over as well, or if it happens again, you stop trusting your friend.
PayPal realizes that it's in their best interest to prevent these types of things from happening.
Just my $.02
Snowdog
Citibank does offer some of the services that PayPal does. Particularly, sending money via email. Check out:
https://www.c2it.com/C2IT/Login
Unfortunately (or maybe fortunately), it is not nearly as easy to setup an account. They send you information that you are required to return (with a voided check) to activate the service.
This is even true if you have a Citibank account and not a third party account.
I haven't actually returned my paperwork yet, so I don't know how easy or convenient the service is.
Snowdog
I can't wait for my Slashdot Reply Button
0 a")'
"One-Click Patent" gets approved.
Then you will all have to pay me to reply to these messages.
Sweet...
Sean
--
perl -e 'print pack("H*","736e6f77646f6740626967666f6f742e636f6d
Security through obscurity?
If you believe the threat is serious enough, you should turn off sshd until you are able to patch the daemon.
You won't know, and shouldn't assume, that an exploit script will be created that looks for SSH running on port 22 only. So having it run on an unknown port will really only provide you with the illusion that you have some how bought time to fix the problem.
Snowdog
The OpenSSH Website does not make mention of this exploit and the need for users to upgrade. :)
They do mention the release of 3.1 (3/7/02), but it never says that it addresses security issues.
Although, I am much happier to see a patch than an updated website.
Snowdog
SSH Communications has it's own security issues.
Check out: SSH Advisories
I wonder if they produced a fix as fast as OpenSSH did.
Snowdog