The article is also bung. The blog post, that is. Using your neighbour's WiFi is stealing, every single one of the vast array of arguments the blogger puts forward is either shallow, misdirected, based on false assumptions, predicated on absurd analogy, plain stupid, or some combination thereof.
If you're on a WiFi that you don't have reasonable grounds to conclude was intended by the owner to be free, then it is stealing. End of story. Now, can we stop it with the absurd excuses? It's even more disingenuous than the proposition that copying movies is not stealing. It is, people just do it anyway. Let's stop retroactively justifying ourselves.
Using your neighbor's wifi without permission would be unauthorized access, which is a completely different crime than stealing. Copying movies is also a far cry from stealing. The crime you're thinking of there is called copyright infringement, and it has far more severe consequences than simple theft. People who are caught copying a movie illegally only wish they were punished as lightly as someone caught stealing a DVD from a shop.
It sounds like you might have some misguided assumptions about open wifi networks. IIRC, in the early days of wifi that was one of the proposed long-term benefits of this new wireless technology. The idea that eventually open wifi access points would be so commonplace that people would have free convenient access to the internet while away from home.
If an AP is broadcasting itself as being open, and the DHCP server is granting IP addresses to anyone who requests one, then what would indicate that the owner does not want them using it? The average non-technical user might not even realize that they connected to it, since some operating systems will automatically connect to open access points by default. I've met many non-technical people who admit to leaving the default settings on their AP with the intention of allowing others to use it for free. So, while a default SSID may be a sign that the owner hasn't bothered to completely configure the AP, it does not mean that the owner had no intention to share it with the public. If someone has an open AP and is granting IPs to anyone who requests them, but they really don't want anyone else to use it, then it's clearly a misconfiguration issue on their end that needs to be corrected. Similar to someone who uploads files to an indexed directory on their publicly accessible website, but doesn't want anyone else to download them. The appropriate way to handle situations like those is to politely inform the owner of the mistake, rather than outlaw a completely legitimate use of the technology.
There's nothing wrong with making use of an open access point. That's what they are intended for, to provide convenient internet access to the public. Of course, taking advantage of the owner's generosity by using it for P2P file sharing, or anything else that would cause a disproportional load on the network, is definitely a dick move and some people may need to be made aware of that.
At any rate people shouldn't have truly open access points to begin with. I know that with PF you can set things up to redirect to a log in page that has them agree to the rules.
I have a router serving as an open access point for public use. No registration required. In fact, a registration page like you suggest probably wouldn't work so well for embedded devices with wifi, like handheld game consoles. (One of the motivating factors for setting it up was to allow a family member to use their Nintendo DS online, which only supports WEP encryption.) I just use iptables to drop traffic from the public network destined for anything on the private network, or the AP/router itself (with exceptions for DHCP and DNS), and also mark the traffic so that it goes to a lower-priority queue for traffic shaping.
Why should I not be doing this?
I had to read that a couple of times before I understood/believed it: they uncensored a game and you were unhappy with that? You wanted the censored version of the game back?
And if you consider that many of these so-called 'independent' studies are in fact paid for by fringe anti-science groups, then perhaps their results are aren't as unbiased as they would have you believe.
That seems strange - I'm having trouble imaging what an anti-science directed study would consist of. And how unbiased would they have you believe their study is, if it's anti-science by definition? It seems like they would want to show off their own maximizing of bias if it's really anti-science.
I doubt that.. It's more like they can route anything they want to through it easily, splitting a stream copy. Yes I imagine they can monitor and search a large number of streams looking for something, it's the monitor everything part that I doubt. And in a small room in San Francisco.. You would need incredible storage capacity to save even 10 minutes of all the internet traffic on just AT&T's network.
They're not re-routing traffic through the NSA's secret room. If they were, the increase in latency alone would enable people to detect it. They are passively mirroring the circuits running through that facility, so that the communications are duplicated into the NSA's secret room. I would agree that it's not practical to store everything going into that room, but only certain people with the right authorization would know exactly what is being done with it at that point.
The NSA has probably captured additional communications related to the attack, aside from what went through Google's network. I'd imagine they generally have far more extensive resources and experience than Google, when it comes to capturing/analyzing communications.
Wow...that was right up there with "I know you are but what am I?"
I think he was trying to say that you'd have to be pretty stupid to go around illegally accessing systems, or other people's personal information, for the sole purpose of bragging about it later.
If you see a fault in that observation, please share it.
I think Stallman would be the deity who created the universe (GNU Project/GPL), while Linus is the one who joined the universe and quickly worked to fill the gaps for it run on it's own.
There does seem to be a lot of diversity among the followers of this kind of pagan religion. They seem to like having the freedom to pick and choose to get exactly what they want. Some may choose not to worship the deity who refers to himself as St. IGNUcius of the Church of Emacs: http://www.youtube.com/watch?v=S76pHIYx3ik
An operating system is more than just the kernel. An operating system is the software which provides the basis for everything else that will run in that environment - at least that is the way I perceive it. Given this description Android is an operating system, since it provides the base environment for everything else to run.
So by that definition Kubuntu is a different OS than Ubuntu. Because if not, Android is the same OS as either of them.
-B
Yes, that sounds right. Kubuntu is a technically a different OS than Ubuntu, even though they have a lot in common. Just like Windows XP Home could also be referred to as being a different OS than Windows XP Professional. Although, in both cases the relationship between the two operating systems is so close that they are usually referred to as different versions of the same OS. I think the proper distinguishing factor would be whether or not it was intended to be a separate OS or just another version of the same OS.
In the case of Android, though, it is a very different OS than Ubuntu or Kubuntu; even if they do use some of the same code. Even Windows has some code in it from FreeBSD.
I don't think using Tor to access private information will provide any more security than accessing the same information directly from a public wifi hotspot. It could be less secure, depending on where your traffic exits the Tor network. For someone looking to eavesdrop on sensitive traffic, their tools/techniques will be the same whether they sit near a cafe with wifi to target those few users, or they run a Tor exit node and target those numerous users. Tor is designed for anonymity not security, and there are people who try to undermine the anonymity of users on Tor by sniffing traffic at exit nodes looking for private or identifiable information.
I think the reason the word "IT" rubs this guy the wrong way is it is a catch all phrase, but as far as I know it has always been, but that is why most are not JUST an "IT Guy" but a programmer, engineer, or guys like me that actually do "fix windoze". Oh yeah and bite me on the fix windoze remark. I'd love to see this turkey spend some time trying to get rid of a seriously nasty infection where he can NOT wipe the thing because they have data shotgunned all over the damned drive, or get to see a nasty pron bug that spews crap like bukkake all over the damned screen be the first thing HE had to look at first thing in the morning. You know, nobody respects the plumber either until their toilet is clogged. May your family get rootkitted!
Simple, you make an image of the drive before you wipe it. Then once you've re-installed everything from a trusted source, they can pick through the old filesystem to recover the important files that weren't backed up.
If you're familiar with rootkits, then you should be aware of the irony in relying on software running on a compromised system to successfully identify all of the known malware on itself. Sure, you can mount the drive on an trusted host to run software for scanning the filesystem and identifying known malware, but even then how sure can you be that there isn't any malware on the system that wasn't identified? Seems like a big waste of time, when in the end you still can't trust the system on that disk to be secure until you have rebuilt it from a trusted source.
I think I really appreciate the "fix Windoze" people (if they know what they are doing), because I sure wouldn't want to do it.
I'd love to, I just don't think the users would love me back. My solution to "fix windoze" is "Reformat, and take an image and backups this time so it isn't as traumatic the next time."
I tell people pretty much the same thing whenever they ask me to "fix windows". Although, I prefer to just guide them in the right direction so they can clean up their own mess rather than have them depend on me to do it for them.
I hereby challenge the free and open source community to make a serials of software tutorials for various Windows operating systems, Windows software, web sites, etc and provide those videos free via downloads or web site streaming to engage and or challenge the Video Professor company, and provide free alternatives that people on Slashdot and other technical web sites can refer to our friends and relatives who might get taken in via Video Professor, and instead we can redirect them to the FOSS web site of software tutorial videos or download them and burn our own FOSS Software Professor CD-R disks and give them to them for free.
For a FOSS project to succeed, you need people driving it. If you have an idea for a project, you need to at least get it going before you'll have much success recruiting people to keep it alive. Also, you will still need to find other interested people who have the time and motivation to contribute.
However, since there are so many video tutorials for just about everything all over the web for free, you may want to refine your plan a bit first.
A few quick searches on youtube show over 3,000 video tutorials on excel, 137,000 video tutorials on photoshop, 87,000 on windows, etc. Get them using google, and they can find even more.
You can do this on most modern linux distros with compiz fusion and one of the zoom plugins. http://www.youtube.com/watch?v=Jq1-k5XZ0_I
Just go to ubuntu.com, download a livecd, burn it and boot. Install the restricted drivers for your video card (if necessary) and compiz-config manager, then play around with it. Set it up for my parents a couple years ago, and now they're using the computer more than they ever did before. They haven't needed me to fix anything yet, either.
Wait.. eight hours a day? Add in eight hours to sleep and eight hours to work, where are these average people fitting in time to eat and poop (hopefully not combining the two)?
When I have to poop, I usually take one of my computers with me so I don't have to stop whatever I'm doing. Sometimes I'll stay there even after I'm done so that I won't have to get up again for the next excretion of bodily waste. I also like to watch shows when I'm eating. Is there something wrong with eating lunch while watching a TV show on your laptop and pooping?
Mmh, I did miss that. I usually don't think of it, so yeah.
But I rather do like the idea of a dedicated device handling that.
yea, its pretty easy to miss that one, i never think of it. someone should write an article about that type of setup, especially since i hear windows 7 has that functionality built right in. then someone could post that article on slashdot and we could all discuss it.
That functionality has been built right in and accessible in basically the same place since Win9x. Just go to Add/Remove Programs, windows components, select Networking(or maybe it's labelled TCP/IP... I'm not sure. haven't used Windows in awhile) and click Details. Then check the box for Internet Connection Sharing and hit ok. You can configure the settings through a control panel applet, and there's also wizard. (if that's your thing)
I prefer to just leave my IM client running 24/7 and my status always available (or always away) with the automatic away/idle features disabled. If someone messages me and I don't feel like talking, then I just ignore it. Depending on the message/sender, I may respond later on when I don't mind taking the time to talk.
This way I'm available to receive messages/information without broadcasting when I'm actually at my computer. If there's something urgent and they need to make sure I see it, they can simply call me.
I haven't personally found a use for Twitter, since I generally agree I don't feel like relaying how many bowel movements I've had today or giving every single detail out to the public. I guess I could see a use if you like following celebrities or some special groups that have started using it, like the LA Fire Department, but otherwise it's not my thing.
Personally, I have no issue letting everyone know when I'm pooping. I've called and SMSed people from the can on multiple occasions simply to tell them that I was pooping. That would probably be the only thing I would use twitter for, if I were to use it at all.
I'm calling it again, Microsoft' press team is playing out a carefully orchestrated agenda to beat open source software.
WTF does that even MEAN? How exactly would one go about "beating" open-source software? Barring legal idiocy like making non-MS code illegal, people will always be writing open-source code. The fact that a multibillion dollar company even feels a need to "fight" a bunch of loosely organized hobbyists says more about the hazards facing the company than anything else.
Who said anything about making open-source software illegal? What the GP is referring to is called marketing, and it's everywhere. It has little to do with fighting a bunch of loosely organized hobbyists to get installed on an individual user's machine, and more to do with competing against Red Hat, Novell, or Sun for the business of large corporations who need much more than just thousands of Windows and Office licenses.
Your post seemed pretty hostile towards the GP's observation. I wonder why... Too bad you posted as an anonymous coward.
So Gmail tells me that someone's tried to guess my password - so what? What am I supposed to do with this information? Which part of a hacker would be intimidated by the fact that the IP address of the proxy(s) they are using is logged somewhere?
The part that doesn't want to give their victim the benefits of a warning or notification that their email is being read by said hacker.
Slashdot Mirror
The article is also bung. The blog post, that is. Using your neighbour's WiFi is stealing, every single one of the vast array of arguments the blogger puts forward is either shallow, misdirected, based on false assumptions, predicated on absurd analogy, plain stupid, or some combination thereof.
If you're on a WiFi that you don't have reasonable grounds to conclude was intended by the owner to be free, then it is stealing. End of story. Now, can we stop it with the absurd excuses? It's even more disingenuous than the proposition that copying movies is not stealing. It is, people just do it anyway. Let's stop retroactively justifying ourselves.
Using your neighbor's wifi without permission would be unauthorized access, which is a completely different crime than stealing. Copying movies is also a far cry from stealing. The crime you're thinking of there is called copyright infringement, and it has far more severe consequences than simple theft. People who are caught copying a movie illegally only wish they were punished as lightly as someone caught stealing a DVD from a shop.
It sounds like you might have some misguided assumptions about open wifi networks. IIRC, in the early days of wifi that was one of the proposed long-term benefits of this new wireless technology. The idea that eventually open wifi access points would be so commonplace that people would have free convenient access to the internet while away from home.
If an AP is broadcasting itself as being open, and the DHCP server is granting IP addresses to anyone who requests one, then what would indicate that the owner does not want them using it? The average non-technical user might not even realize that they connected to it, since some operating systems will automatically connect to open access points by default. I've met many non-technical people who admit to leaving the default settings on their AP with the intention of allowing others to use it for free. So, while a default SSID may be a sign that the owner hasn't bothered to completely configure the AP, it does not mean that the owner had no intention to share it with the public. If someone has an open AP and is granting IPs to anyone who requests them, but they really don't want anyone else to use it, then it's clearly a misconfiguration issue on their end that needs to be corrected. Similar to someone who uploads files to an indexed directory on their publicly accessible website, but doesn't want anyone else to download them. The appropriate way to handle situations like those is to politely inform the owner of the mistake, rather than outlaw a completely legitimate use of the technology.
There's nothing wrong with making use of an open access point. That's what they are intended for, to provide convenient internet access to the public. Of course, taking advantage of the owner's generosity by using it for P2P file sharing, or anything else that would cause a disproportional load on the network, is definitely a dick move and some people may need to be made aware of that.
At any rate people shouldn't have truly open access points to begin with. I know that with PF you can set things up to redirect to a log in page that has them agree to the rules.
I have a router serving as an open access point for public use. No registration required. In fact, a registration page like you suggest probably wouldn't work so well for embedded devices with wifi, like handheld game consoles. (One of the motivating factors for setting it up was to allow a family member to use their Nintendo DS online, which only supports WEP encryption.) I just use iptables to drop traffic from the public network destined for anything on the private network, or the AP/router itself (with exceptions for DHCP and DNS), and also mark the traffic so that it goes to a lower-priority queue for traffic shaping. Why should I not be doing this?
I had to read that a couple of times before I understood/believed it: they uncensored a game and you were unhappy with that? You wanted the censored version of the game back?
I wonder what game he's talking about.
s/routers..."/routers".../
"You're telling me that Crisco makes delicious pie crusts AND hi-end networking equipment? Sold!"
I've seen support requests emailed in from network admins needing assistance with their "Sysco routers..."
Are they really women?
Everyone knows there are no girls on the internet. Only 35-year-old men, living in their mother's basement, who pretend to be girls...
And if you consider that many of these so-called 'independent' studies are in fact paid for by fringe anti-science groups, then perhaps their results are aren't as unbiased as they would have you believe.
That seems strange - I'm having trouble imaging what an anti-science directed study would consist of. And how unbiased would they have you believe their study is, if it's anti-science by definition? It seems like they would want to show off their own maximizing of bias if it's really anti-science.
Check with the people behind these sites for some excellent examples:
http://www.creationstudies.org/
http://www.creationbiology.org/
http://www.icr.org/
http://theflatearthsociety.org/
I doubt that.. It's more like they can route anything they want to through it easily, splitting a stream copy. Yes I imagine they can monitor and search a large number of streams looking for something, it's the monitor everything part that I doubt. And in a small room in San Francisco.. You would need incredible storage capacity to save even 10 minutes of all the internet traffic on just AT&T's network.
They're not re-routing traffic through the NSA's secret room. If they were, the increase in latency alone would enable people to detect it. They are passively mirroring the circuits running through that facility, so that the communications are duplicated into the NSA's secret room. I would agree that it's not practical to store everything going into that room, but only certain people with the right authorization would know exactly what is being done with it at that point.
The NSA has probably captured additional communications related to the attack, aside from what went through Google's network. I'd imagine they generally have far more extensive resources and experience than Google, when it comes to capturing/analyzing communications.
The subject of the article did not even allow the journalist to use his real name, and there wasn't any mention of a handle. Where is the bragging?
From the first line of the article:
With a few quick keystrokes, a computer hacker who goes by the code name Majia calls up a screen displaying his latest victims.
Wow...that was right up there with "I know you are but what am I?"
I think he was trying to say that you'd have to be pretty stupid to go around illegally accessing systems, or other people's personal information, for the sole purpose of bragging about it later. If you see a fault in that observation, please share it.
I think Stallman would be the deity who created the universe (GNU Project/GPL), while Linus is the one who joined the universe and quickly worked to fill the gaps for it run on it's own.
There does seem to be a lot of diversity among the followers of this kind of pagan religion. They seem to like having the freedom to pick and choose to get exactly what they want. Some may choose not to worship the deity who refers to himself as St. IGNUcius of the Church of Emacs: http://www.youtube.com/watch?v=S76pHIYx3ik
An operating system is more than just the kernel. An operating system is the software which provides the basis for everything else that will run in that environment - at least that is the way I perceive it. Given this description Android is an operating system, since it provides the base environment for everything else to run. So by that definition Kubuntu is a different OS than Ubuntu. Because if not, Android is the same OS as either of them. -B
Yes, that sounds right. Kubuntu is a technically a different OS than Ubuntu, even though they have a lot in common. Just like Windows XP Home could also be referred to as being a different OS than Windows XP Professional. Although, in both cases the relationship between the two operating systems is so close that they are usually referred to as different versions of the same OS. I think the proper distinguishing factor would be whether or not it was intended to be a separate OS or just another version of the same OS.
In the case of Android, though, it is a very different OS than Ubuntu or Kubuntu; even if they do use some of the same code. Even Windows has some code in it from FreeBSD.
1. Use TOR.
I don't think using Tor to access private information will provide any more security than accessing the same information directly from a public wifi hotspot. It could be less secure, depending on where your traffic exits the Tor network. For someone looking to eavesdrop on sensitive traffic, their tools/techniques will be the same whether they sit near a cafe with wifi to target those few users, or they run a Tor exit node and target those numerous users. Tor is designed for anonymity not security, and there are people who try to undermine the anonymity of users on Tor by sniffing traffic at exit nodes looking for private or identifiable information.
I think the reason the word "IT" rubs this guy the wrong way is it is a catch all phrase, but as far as I know it has always been, but that is why most are not JUST an "IT Guy" but a programmer, engineer, or guys like me that actually do "fix windoze". Oh yeah and bite me on the fix windoze remark. I'd love to see this turkey spend some time trying to get rid of a seriously nasty infection where he can NOT wipe the thing because they have data shotgunned all over the damned drive, or get to see a nasty pron bug that spews crap like bukkake all over the damned screen be the first thing HE had to look at first thing in the morning. You know, nobody respects the plumber either until their toilet is clogged. May your family get rootkitted!
Simple, you make an image of the drive before you wipe it. Then once you've re-installed everything from a trusted source, they can pick through the old filesystem to recover the important files that weren't backed up.
If you're familiar with rootkits, then you should be aware of the irony in relying on software running on a compromised system to successfully identify all of the known malware on itself. Sure, you can mount the drive on an trusted host to run software for scanning the filesystem and identifying known malware, but even then how sure can you be that there isn't any malware on the system that wasn't identified? Seems like a big waste of time, when in the end you still can't trust the system on that disk to be secure until you have rebuilt it from a trusted source.
I think I really appreciate the "fix Windoze" people (if they know what they are doing), because I sure wouldn't want to do it.
I'd love to, I just don't think the users would love me back. My solution to "fix windoze" is "Reformat, and take an image and backups this time so it isn't as traumatic the next time."
I tell people pretty much the same thing whenever they ask me to "fix windows". Although, I prefer to just guide them in the right direction so they can clean up their own mess rather than have them depend on me to do it for them.
I hereby challenge the free and open source community to make a serials of software tutorials for various Windows operating systems, Windows software, web sites, etc and provide those videos free via downloads or web site streaming to engage and or challenge the Video Professor company, and provide free alternatives that people on Slashdot and other technical web sites can refer to our friends and relatives who might get taken in via Video Professor, and instead we can redirect them to the FOSS web site of software tutorial videos or download them and burn our own FOSS Software Professor CD-R disks and give them to them for free.
For a FOSS project to succeed, you need people driving it. If you have an idea for a project, you need to at least get it going before you'll have much success recruiting people to keep it alive. Also, you will still need to find other interested people who have the time and motivation to contribute. However, since there are so many video tutorials for just about everything all over the web for free, you may want to refine your plan a bit first.
A few quick searches on youtube show over 3,000 video tutorials on excel, 137,000 video tutorials on photoshop, 87,000 on windows, etc. Get them using google, and they can find even more.
You can do this on most modern linux distros with compiz fusion and one of the zoom plugins.
http://www.youtube.com/watch?v=Jq1-k5XZ0_I
Just go to ubuntu.com, download a livecd, burn it and boot. Install the restricted drivers for your video card (if necessary) and compiz-config manager, then play around with it. Set it up for my parents a couple years ago, and now they're using the computer more than they ever did before. They haven't needed me to fix anything yet, either.
Wait.. eight hours a day? Add in eight hours to sleep and eight hours to work, where are these average people fitting in time to eat and poop (hopefully not combining the two)?
When I have to poop, I usually take one of my computers with me so I don't have to stop whatever I'm doing. Sometimes I'll stay there even after I'm done so that I won't have to get up again for the next excretion of bodily waste. I also like to watch shows when I'm eating. Is there something wrong with eating lunch while watching a TV show on your laptop and pooping?
Mmh, I did miss that. I usually don't think of it, so yeah. But I rather do like the idea of a dedicated device handling that.
yea, its pretty easy to miss that one, i never think of it. someone should write an article about that type of setup, especially since i hear windows 7 has that functionality built right in. then someone could post that article on slashdot and we could all discuss it.
That functionality has been built right in and accessible in basically the same place since Win9x. Just go to Add/Remove Programs, windows components, select Networking(or maybe it's labelled TCP/IP... I'm not sure. haven't used Windows in awhile) and click Details. Then check the box for Internet Connection Sharing and hit ok. You can configure the settings through a control panel applet, and there's also wizard. (if that's your thing)
I prefer to just leave my IM client running 24/7 and my status always available (or always away) with the automatic away/idle features disabled. If someone messages me and I don't feel like talking, then I just ignore it. Depending on the message/sender, I may respond later on when I don't mind taking the time to talk.
This way I'm available to receive messages/information without broadcasting when I'm actually at my computer. If there's something urgent and they need to make sure I see it, they can simply call me.
I haven't personally found a use for Twitter, since I generally agree I don't feel like relaying how many bowel movements I've had today or giving every single detail out to the public. I guess I could see a use if you like following celebrities or some special groups that have started using it, like the LA Fire Department, but otherwise it's not my thing.
Personally, I have no issue letting everyone know when I'm pooping. I've called and SMSed people from the can on multiple occasions simply to tell them that I was pooping. That would probably be the only thing I would use twitter for, if I were to use it at all.
I'm calling it again, Microsoft' press team is playing out a carefully orchestrated agenda to beat open source software.
WTF does that even MEAN? How exactly would one go about "beating" open-source software? Barring legal idiocy like making non-MS code illegal, people will always be writing open-source code. The fact that a multibillion dollar company even feels a need to "fight" a bunch of loosely organized hobbyists says more about the hazards facing the company than anything else.
Who said anything about making open-source software illegal? What the GP is referring to is called marketing, and it's everywhere. It has little to do with fighting a bunch of loosely organized hobbyists to get installed on an individual user's machine, and more to do with competing against Red Hat, Novell, or Sun for the business of large corporations who need much more than just thousands of Windows and Office licenses.
Your post seemed pretty hostile towards the GP's observation. I wonder why... Too bad you posted as an anonymous coward.
Voltage is not the same as power.
That doesn't appear to be the only glaring mistake in this article:
Milan, whose hero is the inventor Thomas Eddison, [...]
So Gmail tells me that someone's tried to guess my password - so what? What am I supposed to do with this information? Which part of a hacker would be intimidated by the fact that the IP address of the proxy(s) they are using is logged somewhere?
The part that doesn't want to give their victim the benefits of a warning or notification that their email is being read by said hacker.