KlomDark:
I use it myself, and feel safe doing so, especially as I implemented a lot of the security myself, very very carefully, as if I made an idiot mistake I would be held PERSONALLY liable. Kinda scary knowing how many billions of dollars are in that bank, and it's my ass if they get through. But I'd be very very surprised (and very respectful of the person) if anybody actually got through!
So you are telling us a bank trusted you as one individual to secure their systems which they put on the internet without audit by a trusted third party?
I have two problems with this:
1) The financial regulators would not approve this business, as it has not been audited
2) No-one in this dear green world is personally liable for the security of banking systems. We are talking about corporate security here, not firewalling some guys @home account.
The rest of your comment sounds believable, but I'm sorry... I don't swallow that bit.
As someone who has been involved in the regulatory hurdles involved in putting a financial site live in the developed world, I cannot accept some bank took your word for anything: they need to get it approved by the government.
The Sr. Sysadmin should be able to, in no uncertain terms, explain to the company the importace and *COST JUSTIFICATION* of proper security, and should also perform proper security audits, and instruct his staff accordingly.
In a regulated organisation like a bank, it is most definitely NOT the sys admins (whether senior or otherwise) who should be doing this: it's the Security Manager.
While I fully agree the sys admins should all be security minded , this should be backed up by clear directives (policies/standards) written/approved by a security manager, who has the time and the high-level clout to act.
Unfortunately for the customer, the fantastic on-line deals will cease when the shareholders start wanting returns on their investments (and I mean the corporate shareholders, not the day traders).
Most business models for the online banks work as follows:
Get customers to sign-up and use the services by offering interest on current accounts, little intial deposits, loss leading credit card accounts, and no/minimal banking charges
At some point these banks will have to start repaying investors by actually making money. At the moment every single one of them is still some distance from this goal.
They figure that if they can draw enough customers from the bricks & mortar banks, then eventually they will be able to turn a profit.
Unfortunately (which is the reason we are discussing this!) the average banking customer enjoys the warm feeling they get from actually a) visiting their financial instituions grand palaces, and b) the feeling of cash in the hand.
I think we may well see quite a few.com banks go under very quickly. By that I don't mean people will lose the cash in their deposit accounts, but that the banks will have to close their accounts and shift them back to the traditional outlets.
We built that system as impenetrable as we could. Extreme security, multi-level DMZ design, black IP, major intrusion detectors, dead-end fake IP subnets, quite a few traps and, uh, planted 'distraction', and of course 128-bit SSL. It's been running for almost two years now, and noone has come close to hacking it. The firewalls and intrusion detection software usually record several attempts per day, usually just script kiddies, once in a while a 'real' cracker. But nobody has ever got in, and if someone did, I would definitely be one of the first to know.
I was also involved recently in siging-off the architecture for a large UK-based website that offered financial services (but not online banking), and was in a similar situation:
I could easily sign-off the platform, but refused to sign-off the application (aka website).
You can build the best DMZ-oriented architecture in the world, but if the code looks like swiss cheese there's nothing the architecture/dmz/ids/firewalls can do to help you.
Needless to say the site went live anyway: the business "accepted the risk".... sigh
I have to take issue with some of your points:
There are several issues that make online banks easy targets:
1. Extreme conservitism - Oftentimes, their internal systems are quite old. While this tends to make their systems quite stable, it also means that they are generally insecure.
In actual fact, you will find most banks Core Banking Systems i.e. the bits that actually process banking transactions, whether online or offline, are extremely secure, and running on legacy mainframe platforms.
They do exactly the same thing as they have always done (i.e. move money about), and thus are not usually subject to massive development projects, or huge leaps in technology. Because they don't have to.
Online banking merely provides another interface to the core systems, and unfortunately it is the interfaces which are providing easy targets for malicious users. This happens because: a: The core system is written in something like COBOL or mainframe assembler, by 40 year old programmers who resist change and have many years of experience, using strong development methodologies b: The whizzy new web front-end was written by a group of 20 year old graduates who are shit-hot tech-wise, but lacking any discipline, and the whole development is being driven by eager managers who have to commit to the Bank's marketing department ("we wanna go oline NOW!!")
I have years of personal experience of working with Banking systems (as one of those un-disciplined twenty-somethings:-) and until strong web-development methodologies are implemented, including bomb-proof testing, this problem will continue.
Your comment:
3. browser ssl - it doesn't matter if the site's key is 128-bit; if the browser functions at 40-bit, then that's the key size used for encryption. This is a problem with all ssl-based connections.
is also flawed. Most new web servers incorporate "step-up" technology, which will "pull" the client crypto up to the level of the server (don't ask me how... I'm no Bruce Scheiner!)
Online Banking is a joke (Score:3)
by trog on Wednesday November 08, @12:14PM JST (#25)
(User #6564 Info)
There are several issues that make online banks easy targets:
1. Extreme conservitism - Oftentimes, their internal systems are quite old. While this tends to make their systems quite stable, it also means that they are generally insecure.
2. Sensitivity to bad press - online banking systems, when compromised, are often hushed up quickly, due to the fact that the publicity will scare clients away.
3. browser ssl - it doesn't matter if the site's key is 128-bit; if the browser functions at 40-bit, then that's the key size used for encryption. This is a problem with all ssl-based connections.
4. user passwords - people in general are dumb about choosing passwords. They often choose easy to guess passwords. It doesn't matter what security mechinisms you have in place; if a password can be compromised, the cracker has access.
Yes, but you can develop screening algorithms, which will force the user to use a god password. And if I find a bank with the old "answer this dumb-ass question to reset your password" option, then I'll walk away.
5. poor sysadmin training - this is the plague of the industry. Most sysadmins don't know much of anything about security. The one's that do are rare.
Exactly! Online banking systems need two things: 1) penetration testing, and 2) more penetration testing to ensure the site is *still* secure.
Unfortunately most institutions (not just banks) have an initial pen-test done to satisfy the financial regulators (as in the UK), and then presume their site will remain secure for ever!!
Anyway: enough rambling!
As I said earlier, most of this comes down to Bank development teams not testing their interfaces thoroughly. This can be proven by the timings of most security breaches: in the UK, it's almost always after a new code upgrade went in!!
Let's see a company is abusing bandwidth for their own personal gain, causing heart ache to sys admins everywhere, gee isn't this a low layer equivalent of spamming?
I hardly think this is causing poor sys admins to have nightmares. If your sys-admin breaks out in a sweat everytime someone ping-sweeps the network, I'd say it's time for a new sys admin!
So are we now boycotting Think Geek for commercially violating our address space? Or more to the point, isn't this actually an interesting visualisation of the virtual space we inhabit?
Call me a doctor! I think I'm gonna die laughing!!
You make an excellent point, wish I had some mod points still:)
Why thank you kind sir! I'm scared that I'm sounding like I am ranting and raving, I'm just trying to not be too paranoid.
If everyone had securely configured machines & networks, we could have avoided this mapping in the first place. However, it's only recently that security has finally surfaced as An Important Issue, and unfortunately the horse has already bolted!
Intreguingly enough, I find this discussion interesting in a forum opposed to security through obscurity:
many of those involved in this discussion are actively complaining that their privacy is being violated because their computer and/or the networks they traverse are releasing information about their computer. Surely this is truly open, and encourages those with the know-how to seek intelligent methods of avoiding this? In real-terms, the Internet is truly an "open" network!
Dial-up long distance to an ISP in a backwards country using a phone company you know don't support call-number forwarding, and get a telnet account on a old UNIX server in a country where the police force are not savvy enough to be able to read the dialup log files.
good: No-one will ever know where you live!
bad: Using the net will be a pain, and you won't be able to do anything usefull.
moral: It's all a trade-off between useability and personal space. You sacrifice one for the other.
Would the medieval version of slashdot be so concerned when boats roamed through the seas and produced those things you earth-people called "maps"... I don't think so!:-)
However, doing the same to provide unauthorized/unsolicted information on individuals should be highly illegal. It's about the same as calling everyone in the phone book and recording the way the phone is answered for resale (What reason someone would have for that I can't guess, but it's more to make a point)
NO!
It's akin to someone publishing a map of the world, with a cross-referenced index of how long it will take to get from one point to another.
doh! hang on... we've already got this! it's the City Guide A-Z
This is not really about personal privacy! It's using public protocols on a public network!
It's like having a postcode/zipcode, but not wanting people to know where you live... and no-one in their right mind who wants to recieve mail would stop this information!
I thought IP addresses were, in general, distributed geographically anyway. I get that, say, Ford Motor Company might have Class A 11.0.0.0 (or something) and their machines are all over the place, but aren't ISPs assigned IP addresses geographically? Or am I nuts?
Technically you are correct (e.g. Pacific rim gets the 202.x block, and all ISPs in that part of the world get a 202.x.x block). However, if you are a large company, and get allocated a block of addresses, then you can spew devices all over the place using those addresses, with one geographical gateway onto the net.
My experience shows the theory generally holds (i.e. you can have a good stab at where someone is actually located based on their IP_, but it's not a strong rule by any means.
So I can't answer the question on your "nuts"-ness;-)
so i don't even have a real ip address (sucks), and neither does anyone else on charter's cable network (at least in my area)...so i guess i'm safe
Safe from everything but your ISPs logfiles my friend;-)
In the UK, all the free/cheap ISPs (i.e. the ones most likely to DHCP your connection rather than give a static IP) will not allow you to connect to their service if you put "141" in front of the dialled number (which is meant to protect you from call-number forwarding). This means they get to log your phone number beside the IP address they have just allocated!
I'd much rather have a static IP (which I do) on dial-up which allows me to phone up anonymously. At least then I can delay proceedings while they prove it was me on the phone:-P
This comment
If you have a box connected to the Internet, you should expect to get pinged. Heck, way back when I first discovered pings, I pinged random IP addys for kicks
hits the nail right on the head.
The Internet is a public network, and part of that public protocol includes tools for mapping (traceroute) routes, and measuring the time it takes to traverse that route (ping).
If you spend $20000 dollars on an pukka Firewall and a good IDS, then don't start compaining when Ping packets are recieved! The reason you spent all that cash was to block them, which you are now doing.
I'm not convinced of the value of the data, and I'm even less sure about the intention of why they are doing it (I hate marketeers as much as the "next man"), but as I stress: the Internet is a public network, and if you get annoyed with people "walking by your house", then disconnect your machine from the net, or configure your server/router/firewall to block ICMP (which I generally do).
The security Incidents mailing lists are full of people complaining that some 3l337 kid in Korea is pinging their server, and they don't like it. Frankly who gives a damn? It's the guy who stealth maps your machine for the latest vulnerability that should be worrying, not someone openly knocking on the front door!
Hah!! Your "31337 firewall"! was easy! I broke through in seconds after examining the TCP fingerprint, discovered it gave access to an entire class C network , rooted the server in 5 seconds, and then destroyed the evidence of my visit with a trusty cd / ; rm -r !!
Now visit my haXor honeypot in my sig: it's the ultimate in Alien Tech!
struggles to get on-topic
What engine does Myst use? It it a variation of the Quake or Unreal ones? Reason I ask:
I wanna dreamcast port! I've given up trying to keep my PC "recent" at home, as I only use it for music... I just use my trusty company laptop for everything else, but it's got no 3d:-)
The Crusoe, I am convinced, is a great processor. Big companies are just incredibly wary of it because it comes from a tiny little company that is iconified by the hero of the open source movement. Given that the higher-ups are less than optomistic about the little guys, regardless how good their products are, this really shouldn't come as much as a surprise.
Explain: you are convinced it is great why?
1) It relied on vapourware and almost Blair-Witch-esque hype before it was released (remember those "uses Alien Technology" stories kids?!)
2) CPU power consumption is probably one of the lowest consuming elements of a laptop: those screens use the most
3) It has Linus on the payroll! Fantastic: it was already signed off for production when he joined.
Get over it people: it's just another processor. I agree whole-heartedly with it's aims of both code morphing and power saving, but it's nowhere near the revolution we were all promised. And it *was* televised:-)
Too bad for both IBM and Intel... they're both being overtaken by companies which seem to care about technology a little more than they do. Probably still care about money more though.
Who exactly are these companies who are "overtaking" IBM and Intel and care about technology?
1) Sun fights IBM at the middle/top end of the market. While I think Sun rocks, I don't think they are any better technology-wise
2) Most people suppose Intel sold their engineering soul to the devil when they went with Rambus. I genuinely think they saw technological merit with Rambus initially, but got caught out when Rambus seemingly became difficult to integrate.
I don't actually have (that) much respect for either IBM or Intel, but I'm not sure any other corporate in this dear green world gives a stuff about technology any more, except when they can make a fast buck from it
I guess they don't care about new technology, but care about the almighty buck and their relationship with Intel.
You can hardly accuse a company that has spend billions developing the PowerPC with Motorola, and spent years manufacturing customer processors for use in RS6000 machines to be scared of Intel.
Much more likely they cannot find any benefits in using Transmeta processors at this point in time, bearing in mind the extremely low margins in low-end kit (i.e. anything under workstation class machines).
I tend to agree that their laptops are not the fastest things in the world, but the agony I get from carrying around a Compaq brick makes me long for a light machine, not a fast one. SuSE doesn't seem to give much of a damn whether it can surf the net at 300MHz or 700MHz!
Imagine the consequences if you used your computer as a Sequencer for the Church Band, and the screensaver kicked in right as the Priest is saying communion!!
This is a shitty situation for people who already own older DVD players and payed more than 200$ for them yet see newer better faster ones come out all the time
So you don't actually own a home computer then? Otherwise you'll be shaking your fists in anger at those pesky kids down at AMD and Intel every time they up the MHz rating, or sticking your fingers down your throat when the new distro of SuSE comes out.
Get real! Your DVD player isn't a white-box item like a fridge, it's a computer in a box. Things move on... if you don't like it, don't subscribe to the bandwagon!
I got a DVD for the express purpose of being able to watch the Star Wars quadtology in widescreen with full DTS sound. Then I learned that this isn't going to happen until 2372 because George Lucas in a cry baby.
So now you're getting upset because you made the decision to buy the product based on either a) vapourware from Lucasarts, or b) false promises. Surely it would have been better to wait till the DVDs you wanted came out and then bought the hardware!
Anway: as to where's the content, I suggest you sit on your butt watching sh*tty films like U571, where the yanks cracked/stole the Enigma device while we British sat drinking Gin or something hahahahahahahaahah!!
Despite Connectix's legal wins regarding this matter, it's still on the books that reverse-engineering this stuff is illegal. Hmmm...
"Illegal" in the USA does not mean it's illegal everywhere else in the world. It may upset our western ideals of IP bigtime, but how is it any different from Bleem! which by all accounts appears to be very much welcomed by those who want to play PSX games on their Mac/PC/Dreamcast hardware.
Obviously Bleem! is a software-only solution. But at which point do you draw the line: actually producing their own hardware to run the emulation on is not very different from writing emulation software to run on someone elses hardware. My question here is that would this provoke the same reaction as an announcement that they were producing a PS emulator which was to run under [insert favourite OS here]?
I'm by no means proposing that this is A Good Thing, or indeed that emulation of other peoples ideas is wrong. I just think valued discussion is called for (which is what we're all doing on Slashdot, isn't it?:-)
No, don't! They'll just deprive you of your bodily fluids and you'll feel bad afterwards.
But after 10 double-vodka-redBulls I'll have such a bad hangover that it won't matter!
Anyway. As I was saying: 56k modems rock! What is it you earth people are calling ADSL? PLZ write to my phone masters at BT and tell them to give me some!
And another thing! Anyone who needs >128k reading gnus needs to be very carefull of the newsgroups they are reading....
Slashdot Mirror
KlomDark: I use it myself, and feel safe doing so, especially as I implemented a lot of the security myself, very very carefully, as if I made an idiot mistake I would be held PERSONALLY liable. Kinda scary knowing how many billions of dollars are in that bank, and it's my ass if they get through. But I'd be very very surprised (and very respectful of the person) if anybody actually got through!
... I don't swallow that bit.
So you are telling us a bank trusted you as one individual to secure their systems which they put on the internet without audit by a trusted third party?
I have two problems with this:
1) The financial regulators would not approve this business, as it has not been audited 2) No-one in this dear green world is personally liable for the security of banking systems. We are talking about corporate security here, not firewalling some guys @home account.
The rest of your comment sounds believable, but I'm sorry
As someone who has been involved in the regulatory hurdles involved in putting a financial site live in the developed world, I cannot accept some bank took your word for anything: they need to get it approved by the government.
The Sr. Sysadmin should be able to, in no uncertain terms, explain to the company the importace and *COST JUSTIFICATION* of proper security, and should also perform proper security audits, and instruct his staff accordingly.
.
In a regulated organisation like a bank, it is most definitely NOT the sys admins (whether senior or otherwise) who should be doing this: it's the Security Manager
While I fully agree the sys admins should all be security minded , this should be backed up by clear directives (policies/standards) written/approved by a security manager, who has the time and the high-level clout to act.
Unfortunately for the customer, the fantastic on-line deals will cease when the shareholders start wanting returns on their investments (and I mean the corporate shareholders, not the day traders).
Most business models for the online banks work as follows:
Get customers to sign-up and use the services by offering interest on current accounts, little intial deposits, loss leading credit card accounts, and no/minimal banking charges
At some point these banks will have to start repaying investors by actually making money. At the moment every single one of them is still some distance from this goal.
They figure that if they can draw enough customers from the bricks & mortar banks, then eventually they will be able to turn a profit.
Unfortunately (which is the reason we are discussing this!) the average banking customer enjoys the warm feeling they get from actually a) visiting their financial instituions grand palaces, and b) the feeling of cash in the hand.
I think we may well see quite a few
We built that system as impenetrable as we could. Extreme security, multi-level DMZ design, black IP, major intrusion detectors, dead-end fake IP subnets, quite a few traps and, uh, planted 'distraction', and of course 128-bit SSL. It's been running for almost two years now, and noone has come close to hacking it. The firewalls and intrusion detection software usually record several attempts per day, usually just script kiddies, once in a while a 'real' cracker. But nobody has ever got in, and if someone did, I would definitely be one of the first to know.
.... sigh
I was also involved recently in siging-off the architecture for a large UK-based website that offered financial services (but not online banking), and was in a similar situation:
I could easily sign-off the platform, but refused to sign-off the application (aka website).
You can build the best DMZ-oriented architecture in the world, but if the code looks like swiss cheese there's nothing the architecture/dmz/ids/firewalls can do to help you.
Needless to say the site went live anyway: the business "accepted the risk"
I have to take issue with some of your points: There are several issues that make online banks easy targets: 1. Extreme conservitism - Oftentimes, their internal systems are quite old. While this tends to make their systems quite stable, it also means that they are generally insecure.
:-) and until strong web-development methodologies are implemented, including bomb-proof testing, this problem will continue.
... I'm no Bruce Scheiner!)
In actual fact, you will find most banks Core Banking Systems i.e. the bits that actually process banking transactions, whether online or offline, are extremely secure, and running on legacy mainframe platforms.
They do exactly the same thing as they have always done (i.e. move money about), and thus are not usually subject to massive development projects, or huge leaps in technology. Because they don't have to. Online banking merely provides another interface to the core systems, and unfortunately it is the interfaces which are providing easy targets for malicious users.
This happens because:
a: The core system is written in something like COBOL or mainframe assembler, by 40 year old programmers who resist change and have many years of experience, using strong development methodologies
b: The whizzy new web front-end was written by a group of 20 year old graduates who are shit-hot tech-wise, but lacking any discipline, and the whole development is being driven by eager managers who have to commit to the Bank's marketing department ("we wanna go oline NOW!!")
I have years of personal experience of working with Banking systems (as one of those un-disciplined twenty-somethings
Your comment:
3. browser ssl - it doesn't matter if the site's key is 128-bit; if the browser functions at 40-bit, then that's the key size used for encryption. This is a problem with all ssl-based connections.
is also flawed. Most new web servers incorporate "step-up" technology, which will "pull" the client crypto up to the level of the server (don't ask me how
Online Banking is a joke (Score:3) by trog on Wednesday November 08, @12:14PM JST (#25) (User #6564 Info) There are several issues that make online banks easy targets: 1. Extreme conservitism - Oftentimes, their internal systems are quite old. While this tends to make their systems quite stable, it also means that they are generally insecure. 2. Sensitivity to bad press - online banking systems, when compromised, are often hushed up quickly, due to the fact that the publicity will scare clients away. 3. browser ssl - it doesn't matter if the site's key is 128-bit; if the browser functions at 40-bit, then that's the key size used for encryption. This is a problem with all ssl-based connections. 4. user passwords - people in general are dumb about choosing passwords. They often choose easy to guess passwords. It doesn't matter what security mechinisms you have in place; if a password can be compromised, the cracker has access.
Yes, but you can develop screening algorithms, which will force the user to use a god password. And if I find a bank with the old "answer this dumb-ass question to reset your password" option, then I'll walk away.
5. poor sysadmin training - this is the plague of the industry. Most sysadmins don't know much of anything about security. The one's that do are rare.
Exactly! Online banking systems need two things: 1) penetration testing, and 2) more penetration testing to ensure the site is *still* secure.
Unfortunately most institutions (not just banks) have an initial pen-test done to satisfy the financial regulators (as in the UK), and then presume their site will remain secure for ever!!
Anyway: enough rambling!
As I said earlier, most of this comes down to Bank development teams not testing their interfaces thoroughly. This can be proven by the timings of most security breaches: in the UK, it's almost always after a new code upgrade went in!!
See Here and here for some gory details!
Let's see a company is abusing bandwidth for their own personal gain, causing heart ache to sys admins everywhere, gee isn't this a low layer equivalent of spamming?
I hardly think this is causing poor sys admins to have nightmares. If your sys-admin breaks out in a sweat everytime someone ping-sweeps the network, I'd say it's time for a new sys admin!
I just refreshed this story, and what banner advert should fill my screen?
Think Geek advertising poster depicting Map of the Internet!
So are we now boycotting Think Geek for commercially violating our address space? Or more to the point, isn't this actually an interesting visualisation of the virtual space we inhabit?
Call me a doctor! I think I'm gonna die laughing!!
You make an excellent point, wish I had some mod points still :)
Why thank you kind sir! I'm scared that I'm sounding like I am ranting and raving, I'm just trying to not be too paranoid.
If everyone had securely configured machines & networks, we could have avoided this mapping in the first place. However, it's only recently that security has finally surfaced as An Important Issue, and unfortunately the horse has already bolted!
Intreguingly enough, I find this discussion interesting in a forum opposed to security through obscurity:
many of those involved in this discussion are actively complaining that their privacy is being violated because their computer and/or the networks they traverse are releasing information about their computer. Surely this is truly open, and encourages those with the know-how to seek intelligent methods of avoiding this? In real-terms, the Internet is truly an "open" network!
Dial-up long distance to an ISP in a backwards country using a phone company you know don't support call-number forwarding, and get a telnet account on a old UNIX server in a country where the police force are not savvy enough to be able to read the dialup log files.
... I don't think so! :-)
good: No-one will ever know where you live!
bad: Using the net will be a pain, and you won't be able to do anything usefull.
moral: It's all a trade-off between useability and personal space. You sacrifice one for the other.
Would the medieval version of slashdot be so concerned when boats roamed through the seas and produced those things you earth-people called "maps"
However, doing the same to provide unauthorized/unsolicted information on individuals should be highly illegal. It's about the same as calling everyone in the phone book and recording the way the phone is answered for resale (What reason someone would have for that I can't guess, but it's more to make a point)
... we've already got this! it's the City Guide A-Z
... and no-one in their right mind who wants to recieve mail would stop this information!
NO!
It's akin to someone publishing a map of the world, with a cross-referenced index of how long it will take to get from one point to another.
doh! hang on
This is not really about personal privacy! It's using public protocols on a public network!
It's like having a postcode/zipcode, but not wanting people to know where you live
I thought IP addresses were, in general, distributed geographically anyway. I get that, say, Ford Motor Company might have Class A 11.0.0.0 (or something) and their machines are all over the place, but aren't ISPs assigned IP addresses geographically? Or am I nuts?
;-)
Technically you are correct (e.g. Pacific rim gets the 202.x block, and all ISPs in that part of the world get a 202.x.x block). However, if you are a large company, and get allocated a block of addresses, then you can spew devices all over the place using those addresses, with one geographical gateway onto the net.
My experience shows the theory generally holds (i.e. you can have a good stab at where someone is actually located based on their IP_, but it's not a strong rule by any means.
So I can't answer the question on your "nuts"-ness
so i don't even have a real ip address (sucks), and neither does anyone else on charter's cable network (at least in my area)...so i guess i'm safe
;-)
:-P
Safe from everything but your ISPs logfiles my friend
In the UK, all the free/cheap ISPs (i.e. the ones most likely to DHCP your connection rather than give a static IP) will not allow you to connect to their service if you put "141" in front of the dialled number (which is meant to protect you from call-number forwarding). This means they get to log your phone number beside the IP address they have just allocated!
I'd much rather have a static IP (which I do) on dial-up which allows me to phone up anonymously. At least then I can delay proceedings while they prove it was me on the phone
This comment
If you have a box connected to the Internet, you should expect to get pinged. Heck, way back when I first discovered pings, I pinged random IP addys for kicks
hits the nail right on the head.
The Internet is a public network, and part of that public protocol includes tools for mapping (traceroute) routes, and measuring the time it takes to traverse that route (ping).
If you spend $20000 dollars on an pukka Firewall and a good IDS, then don't start compaining when Ping packets are recieved! The reason you spent all that cash was to block them, which you are now doing.
I'm not convinced of the value of the data, and I'm even less sure about the intention of why they are doing it (I hate marketeers as much as the "next man"), but as I stress: the Internet is a public network, and if you get annoyed with people "walking by your house", then disconnect your machine from the net, or configure your server/router/firewall to block ICMP (which I generally do).
The security Incidents mailing lists are full of people complaining that some 3l337 kid in Korea is pinging their server, and they don't like it. Frankly who gives a damn? It's the guy who stealth maps your machine for the latest vulnerability that should be worrying, not someone openly knocking on the front door!
Hah!! Your "31337 firewall"! was easy! I broke through in seconds after examining the TCP fingerprint, discovered it gave access to an entire class C network , rooted the server in 5 seconds, and then destroyed the evidence of my visit with a trusty cd / ; rm -r !!
... I just use my trusty company laptop for everything else, but it's got no 3d :-)
Now visit my haXor honeypot in my sig: it's the ultimate in Alien Tech!
struggles to get on-topic
What engine does Myst use? It it a variation of the Quake or Unreal ones? Reason I ask:
I wanna dreamcast port! I've given up trying to keep my PC "recent" at home, as I only use it for music
The Crusoe, I am convinced, is a great processor. Big companies are just incredibly wary of it because it comes from a tiny little company that is iconified by the hero of the open source movement. Given that the higher-ups are less than optomistic about the little guys, regardless how good their products are, this really shouldn't come as much as a surprise.
:-)
Explain: you are convinced it is great why?
1) It relied on vapourware and almost Blair-Witch-esque hype before it was released (remember those "uses Alien Technology" stories kids?!)
2) CPU power consumption is probably one of the lowest consuming elements of a laptop: those screens use the most
3) It has Linus on the payroll! Fantastic: it was already signed off for production when he joined.
Get over it people: it's just another processor. I agree whole-heartedly with it's aims of both code morphing and power saving, but it's nowhere near the revolution we were all promised. And it *was* televised
Too bad for both IBM and Intel... they're both being overtaken by companies which seem to care about technology a little more than they do. Probably still care about money more though.
Who exactly are these companies who are "overtaking" IBM and Intel and care about technology?
1) Sun fights IBM at the middle/top end of the market. While I think Sun rocks, I don't think they are any better technology-wise
2) Most people suppose Intel sold their engineering soul to the devil when they went with Rambus. I genuinely think they saw technological merit with Rambus initially, but got caught out when Rambus seemingly became difficult to integrate.
I don't actually have (that) much respect for either IBM or Intel, but I'm not sure any other corporate in this dear green world gives a stuff about technology any more, except when they can make a fast buck from it
I guess they don't care about new technology, but care about the almighty buck and their relationship with Intel.
You can hardly accuse a company that has spend billions developing the PowerPC with Motorola, and spent years manufacturing customer processors for use in RS6000 machines to be scared of Intel.
Much more likely they cannot find any benefits in using Transmeta processors at this point in time, bearing in mind the extremely low margins in low-end kit (i.e. anything under workstation class machines).
I tend to agree that their laptops are not the fastest things in the world, but the agony I get from carrying around a Compaq brick makes me long for a light machine, not a fast one. SuSE doesn't seem to give much of a damn whether it can surf the net at 300MHz or 700MHz!
It could be worse ....
Imagine the consequences if you used your computer as a Sequencer for the Church Band, and the screensaver kicked in right as the Priest is saying communion!!
This is a shitty situation for people who already own older DVD players and payed more than 200$ for them yet see newer better faster ones come out all the time
:-)
So you don't actually own a home computer then? Otherwise you'll be shaking your fists in anger at those pesky kids down at AMD and Intel every time they up the MHz rating, or sticking your fingers down your throat when the new distro of SuSE comes out.
Get real! Your DVD player isn't a white-box item like a fridge, it's a computer in a box. Things move on... if you don't like it, don't subscribe to the bandwagon!
I got a DVD for the express purpose of being able to watch the Star Wars quadtology in widescreen with full DTS sound. Then I learned that this isn't going to happen until 2372 because George Lucas in a cry baby.
So now you're getting upset because you made the decision to buy the product based on either a) vapourware from Lucasarts, or b) false promises.
Surely it would have been better to wait till the DVDs you wanted came out and then bought the hardware!
Anway: as to where's the content, I suggest you sit on your butt watching sh*tty films like U571, where the yanks cracked/stole the Enigma device while we British sat drinking Gin or something hahahahahahahaahah!!
Despite Connectix's legal wins regarding this matter, it's still on the books that reverse-engineering this stuff is illegal. Hmmm...
"Illegal" in the USA does not mean it's illegal everywhere else in the world. It may upset our western ideals of IP bigtime, but how is it any different from Bleem! which by all accounts appears to be very much welcomed by those who want to play PSX games on their Mac/PC/Dreamcast hardware.
Obviously Bleem! is a software-only solution. But at which point do you draw the line: actually producing their own hardware to run the emulation on is not very different from writing emulation software to run on someone elses hardware. My question here is that would this provoke the same reaction as an announcement that they were producing a PS emulator which was to run under [insert favourite OS here]?
I'm by no means proposing that this is A Good Thing, or indeed that emulation of other peoples ideas is wrong. I just think valued discussion is called for (which is what we're all doing on Slashdot, isn't it?
As to the question "Who'll own it?", I believe the last recieved message from Pioneer was:
;-)
"w3 tHe 5P4c3 B3Ez 0wN j00r ph33r5om3 pr0b3, suX0rs!"
You just can't keep those space-k1dz down
... and I forgot to add that although it is "just around the corner", it never comes! ;-)
doh! that'll teach me to hit the wrong button
"White Heat" to me means the leading edge of technology ... the cool new stuff we're always told is "just around the corner".
Best way to explain it is probably:
"White Heat technology generally applies to every Microsoft press-release"!
.... people still exist who are willing to take the time to build a balanced, subjective view on alleged "white heat" technology statements.
I should be out chasing "burdz"
....
No, don't! They'll just deprive you of your bodily fluids and you'll feel bad afterwards.
But after 10 double-vodka-redBulls I'll have such a bad hangover that it won't matter!
Anyway. As I was saying: 56k modems rock! What is it you earth people are calling ADSL? PLZ write to my phone masters at BT and tell them to give me some!
And another thing! Anyone who needs >128k reading gnus needs to be very carefull of the newsgroups they are reading