I was speaking about major companies. The kind that are processing dozens if not hundreds of resumes per day. You are correct in that most small firms are going to be reading your resume in either a nice printed format or in Office, so it might be logical for them to ask for it in Word.
Large companies, on the other hand, can't afford to do this with every applicant. Resumes are stored in a database in textual form, and when some group within the company needs a particular skill set, the resumes are searched, pulled and delivered, all in a standard format. This facilitates quick and easy comparisons of skills. When you're at this level, they could really care less how presentable your resume looks. They're interested in the contents.
I for one wouldn't mind seeing an XML resume format. One that had enough flexibility so as to be searchable by skills, past experience, and with the ability to be styled via XSL or CSS so that it can be printed and look just as good as if it were done professionally in Word.
You're making the assumption that the person doing the tracking automatically knows the identity of the person doing the reading. The only thing these "bugs" can tell the "bugger" is the IP address of the person reading the document. I guess you can insert some sort of unique ID into the resume so that you can tell what version of the document they're reading (sending a slightly different version of the document to each person you originally send it to). Could be good for detecting information leaks, but isn't very useful for figuring out the identity of the person actually reading the document, unless you have the ability of going to the ISP and retrieving the identity from them, or if perhaps you have some cookies already set up with identifying information. Either way, that's a lot of if's.
Generally speaking, downloading a Word document from the web only nets the malicious user your IP address and/or hostname, nothing more than what they would get if you browsed an "evil" web page at their web site.
Most people (I would hope) would send their resumes in formats their potential employer suggests and/or states that they accept. If they don't specify, fax and/or mail it. If they say "electronic", I'd e-mail them a text copy with a URL to an HTML copy. If they say "Word" (and some do), Word is what they'll get.
Major companies nowadays are requesting only textual resumes. This way they are light on space, can be easily searched and easily integrated in the company's internal resume system (assuming they have one), and people within the company looking for applicants have to do less work and can deal with a standardized document format. It's rare that a company will request a Word format, but it happens.
If someone is blindly sending you a resume in Word, there are other reasons to reject it that don't necessarily have anything to do with the applicant's skills at system security.
It came installed with something you installed on your system. If you're the type that habitually ignores license screens and just blindly clicks Next when you install stuff, you deserve what you get.
Are you really that concerned that this piece of software is contacting an updates server? Do you have any idea how much software nowadays does this sort of thing? Why is it everyone considers a piece of software that, behind the scenes, checks to see if there are updates of itself an "evil" piece of privacy-invading software? It just seems silly to go through the effort of setting up things like firewall filters just because you don't "trust" what this piece of software is doing. If you really don't trust it, why the hell are you installing it? If you're going to say, "But I didn't know I was installing it!", something else you apparently do trust did install it, so perhaps some trust relationships there need to be looked at.
Unfortunately we don't have the luxury of assuming there's a better means of communicating that an advanced society would use over radio. We can't just play the part of the indians and assume neighboring tribes have advanced beyond the point of smoke signals, so we should give up looking for them and sending out our own.
We have to assume that our view of physics and technology is correct and work off of that assumption. If we wish to detect neighboring civilizations or be detected by them, our best (and, really, only) means for doing so is by radio waves.
Can you imagine trying to think about anything, especially code, in a big room where everyone is busy talking to their computer?
Agreed, but that doesn't mean it's not useful in a home setting, for instance, or a private office. Naturally office etiquette would prohibit the regular use of such things in shared areas.
And even if you are coding away at your latest application, I would think it's more efficient to pause for a moment and say, "Computer, when's my next appointment?" than it would be to move out of your development app into a calendar of some sort, and then go back. Even in a public area, this level of occasional voice control is probably acceptable. *shrug*..
I totally agree, though, keyed input will still be primary for most industrious work, but simple tasks in a more intimate setting would be so much more efficient if they could be done effectively by voice. Just think, you could browse the web, update your calendar, compose a few e-mails while cooking yourself dinner, or cleaning house. After a long day at the office, that level of ease-of-use would be spectacular.
I'm a big advocate of "behind-the-scenes" computing, where the PC is hidden and unintrusive (and today's paradigm largely unneeded).
"You'll communicate with the PC primarily with your voice... "
This should make university computer labs interesting, especially for people writing code.
Obviously it will be nearly impossible to write code without using a keyboard, but most computer users are not writing code: They're sending e-mails, writing papers and looking up information on the Web. With suitably advanced software (10 years is a long time, and in many areas we're already there), this can all be done vocally, but there will always be need for a keyboard.
Be careful when drumming your fingers.
With a full desk top of space to work with, I imagine I'd be keeping my critical triggers away from the areas I'd rest my hands.:) With that much space there's room to have some of it empty when you're not working with it.
Ok in the transcripts they learnt something.How to mount..see disk space.Over the years they may mature and write exploit scripts.Is n't this possible?
What they learned her is totally irrelevant and completely unrelated to their attacks/compromises. They could/should/probably would have learned this same bit of information if they'd installed Linux at home and decided to goof around with it.
Well for me how a script kiddie differs from an expert hacker (or whatever we may choose to call him ) is education.
I agree, just as a convicted arsonist serving the last few months of his prison sentence differs from a highly paid explosives expert only by the education he's undertaken while in the slammer and by the experience and training he hopes to receive after he gets out.
If I really wanted to keep Evil Burgler out of my home, I would put in bulletproof glass, steel doors, thousands of dollars of security systems and probably a few armed patrols. Realistically, this isn't feasible for my lowly home. It might be for some areas that desperately need to be secured, but *I* can't afford it. So, I'm acknowledging the fact that an evil visitor could kick down my door and remove the contents of my home, but I've taken what I consider are relatively reasonable precautions to reduce that risk. Sure, I could spend more and reduce the risk even further, but would it be worth it?
Similarly, you can spend millions of dollars for state-of-the-art hardware, 5 levels of firewalls, intrusion detection software and a staff of IT folks constantly patrolling network traffic looking for any sign of attack or intrusion. For major IT companies, even this may be excessive, but for the lowly server-in-the-garage type, it's obscenely unrealistic.
Not everyone that wants/needs a server can or will a) get a degree in computer engineering just so he can know enough to properly secure his systems and networks; or b) hire a staff to do the same job
There's no such thing as a perfectly secure machine. It all comes down to what the administrator is willing to spend (in time, resources and money) to support and maintain his setup, weighed against the risk involved.
Please explain to me how any stereotypical script kiddie attack/compromise nets them ANY knowledge WHATSOEVER.
ANYONE can download a script/root kit from the 'Net and use it to compromise a variety of Unix flavors. Script kiddies do not need to learn anything about networking or system administration to utilize these tools.
From a script kiddie's introduction to the world through his eventual departure, any knowledge gained from these compromises is negligible. They're not getting their "start" here. They're installing Linux at home, maybe learning a little here and there about Unix, and then immediately letting that go to their head (nobody else at school can do this, so I must be smarter than all of them, which means I'm smarter than most everyone in the world!), and they strive to let the world know this. So they attack systems, break in to networks, rack up the numbers and then share their conquests with their l33t-0 IRC friends so everyone else can see what a l33t hax0r they are.
It has nothing at all to do with learning or self-education and everything to do with adolescent aggression.
I'm not denying that a certain percentage of these kids will indeed mature, grow up, get educated and get a real job in a similar field. I don't, however, think that this percentage is significantly higher than any other computer-literate group. Script kiddies are just a subset of the "high school computer geek" crowd, and I'd bet you'd find a percentage of any high school computer geek crowd finding a respectable IT job is probably the same across the board.
It was the CIA that screwed up. The moment the information left the CIA's control, it should be assumed that "the enemy" (whoever they might be) has the information. If the New York Times knows how to keep secrets, why doesn't the military hand over all the records from Area 51, and ask them to only publish the parts that should be printed?
I agree that, realistically, the CIA is at fault here. Not only did they goof and release information to the NYT that they should not have, but they did not adequately review what NYT ended up publishing.
If I were the CIA, I would have re-released to the NYT a document without the references I wanted removed. I would not rely on the NYT to do this deletion for me.
As far as the NYT being "trustworthy," nobody is saying that they were. The CIA offered information to the NYT, and then they said, "Oops, we goofed, would you mind destroying that last bit?" The NYT could either say, "Sure, Fred, just send me an updated copy, we all make mistakes," or, "Hell no, you evil capitalist swine! I shall sell this document to the highest bidder, THEN print it! Ah hahaha!" One of these two responses results in continued information flow, a continued job, continued freedom and quite a bit of gratitude on the part of the U.S. government. The other does not. If the NYT reporter refused or disclosed that information to other parties, the CIA would never share information with him (and perhaps the paper) again. It doesn't make good business sense.
So the NYT isn't so much trustworthy as they are realistic. Don't bite the hand that feeds you.
That may have actually been his goal, though, so your impression may not have been mistaken at all.
In order to reach that goal, though, he heard about and began investigating amateur radio as a means to that goal, which isn't quite appropriate, but isn't a bad thing at all if he doesn't mind using it strictly in a hobby capacity (not using it with live, potentially regulation-breaking content).
(Mainly for the benefit of others reading your comment.) The idea behind amateur radio is that it's a hobby, and meant for experimentation and for trying new things, learning, etc. It's not meant to do the job of something you can find commercially.
So generally speaking every signal you send over amateur frequencies must be things that a) you're perfectly comfortable sharing with the rest of the amateur radio community (thus the rest of the world); and b) aren't things that should probably be sent via some existing, equivalent (probably commercialized) route.
In this case, the guy's having fun trying to learn how microwave transmissions work, and what better way to learn how to do these things than to get an amateur license and actually build the darn thing? But the regulations say if he wants to use this link for anything but completely open, completely personal use, he needs to pursue a commercial license (or use a non-amateur product).
For this reason you will not find amateur digital links directly connected to the Internet for any Joe Schmoe to (perhaps inadvertantly) send anything violating FCC regulations over amateur radio frequencies. Things like porn, advertisements and commercial activities do not belong on amateur radio frequencies, and nowadays the web is full of it. In a way, this also hinders a lot of amateur radio digital activities, since we're effectively limited to e-mails and other communications between HAMs.
But this is just one area of digital amateur radio. We've got several satellites in orbit, some capable of doing digital work, and we have new cool things like APRS for instant world-wide messaging (even via satellite if you're in the boonies) and GPS positioning. You could build a home-made LoJack out of something like this.
Cabs do not use HAM (Amateur) radios. They use radios and frequencies specifically leased and licensed to them by the FCC for this commercial purpose. Amateur radio is totally different.
Of COURSE scale and quality matters. I see posts here trying to literally compare the act of 1 unauthorized copy to MURDER for God's sake.
I can't believe we have people here a) saying making a tape for your friend of a few choice songs is just as evil; or b) letting people download millions of copies of high-quality digital albums is "ok" and even "right".
You people clearly do not understand the way the world works here.. The original poster explained it best by saying there *are* gray areas DEFINED by scale and quality. Murder OBVIOUSLY is not one of them.
However, in practice, we have incompetant admins, ignorant management, and underpowered hardware. In many backbone cases, ingress/egress filtering (or, indeed, most any kind of filtering) of these types of IP addresses isn't an option, due to the volume of data that these routers handle. They wouldn't be able to handle it. So, unfortunately, we must rely on ISP's on a more local scale to not only block these packets from coming in to the network (and likely on to their customers), but block them from leaving their network (or, perhaps, keep their customers from introducing them).
Along a similar line, these filters could/should be expanded to include the list of IP addresses that that network services. If done correctly (and down to an appropriate level of granularity), not only will all IP spoofing be eliminated, but anyone attempting to do so can be tracked down rather easily.
The fact that IP spoofing still shows absolutely no signs of abating is proof enough that few ISP's are filtering a damn thing.
I don't quite know if you're asking these questions because you're legitimately trying to learn something about security or if you just think you have all the answers and are considering the universities that teach this stuff and the highly trained corporate IT departments to be idiots..
I totally agree that systems need to be individually secured against obvious problems. In any production setting you have to safeguard at least a bit against unauthorized access (even if from your own network). Firewalls just allow that to be done in a single layer, with a single access policy and set of rules.
It's a lot easier to set up a firewall (perhaps composed of multiple systems for redundancy and load management, perhaps even built into the very routers you're using) that's been designed for this task than it is to go through and audit every system individually.
What if you don't want systems to be reachable from the outside world at all? Your solution would be to use ipchains/whatever and just block all of the ports with that?
Are you aware that there are regularly discovered stack flaws that allow people to disable or crash a system where they have a direct network path like this? What about OS fingerprinting? I would be very uncomfortable if my servers could be touched at all by packets originating from the Internet. Firewalls not only keep people from accessing what may be potentially insecure systems, but it keeps them from doing *anything at all* to them that isn't explicitely allowed. By putting this functionality into a firewall, you have only one type of system (by "type" I mean "firewall" versus "web server" versus "NFS server" or "database server") seen by the outside world, and no critically vulnerable services that they can even *see* much less get to. If you were to put the load of network security onto the individual hosts, there are tons of things somebody can do, even if the service itself is secure, network threats are still quite serious.
If you legitimately are curious about actual network setups and why things like firewalls are necessary and aren't just trying to be an ignorant troll, I'd suggest you take some networking classes at your local university. Depending on their setup, they may have a lab for people to play around with various types of setups, even to the point of letting you simulate your own DDoS attacks and hacking into your own systems. Fun stuff.
And for those thinking of commenting about how Replay is intending to use this information to figure out what other shows you might be interested in, this is simply a local extension to the technology. I mean if the system's already built to keep track of some of the things you like to watch, even if it doesn't relay this information, it's only natural to think about using it for your own entertainment.
If you're really worried about the evil set-top boxes sending details about the porn you watch, why don't you just keep from plugging it into the phone line?
Again, this is not evil Big Brother tracking technology here. It's pretty clear that it's being done on a volunteer basis.
They are a company that takes volunteers and asks them to report on their TV watching habits. Some times this takes the form of transient "diaries", other times it's in the form of a permanent "box". This information is used to determine what a complete cross-section of America is watching at any given time.
The only thing they're doing in this case is working with Replay to figure out a way to adapt this system for their time-delayed product, where real-time ratings don't quite mean as much. At the moment, they're just ignoring the Replay market, but as this has the potential to affect the way we watch TV, and as shows we might ordinarily miss are now within our viewing abilities, it affects the show's ratings as well.
This is a typical YRO article. Someone shouts "tracking habits!" and Slashdot authors pick it up, frothing at the mouth.
Come on, people, do you really think a VCR-like device is going to SELL when it dials up every night and reports your every TV watching habit? This is utter BULLSHIT, and I'm quite sick of it. There is certainly a privacy angle to this, but I would THINK that anybody volunteering to report on the shows they watch would be aware of these issues in the first place.
PLEASE do a bit of research on your own, and DO NOT take the word of these YRO "authors" as gospel. They are quite frequently WRONG in their assessment of the situation, in many cases negligently so.
Did you even read the article? Do you have any idea who Nielson is?
They're talking about adapting their hardware/software so that VOLUNTEERS are able to more accurately participate in the Nielson ratings programs. There's no way in hell they're going to get these surruptitiously installed and relaying data against your wishes. Think about it. How are they going to do this? Do you really think a Replay device that dials up and reports your every TV/commercial habit every night will SELL?
They usually approach potential volunteers to help out with the ratings system and offer them some sort of minor compensation.
Personally, I think it's damn cool, because I'm effectively representing like 100,000 viewers, so the shows *I* like have a better chance of staying around if I'm careful to watch it religiously.
The only place in this article that remotely approached the idea of selling this information to advertisers was talking about a related TiVo deal a while back, and while we certainly need to be careful this is done correctly, respecting our privacy, there's been absolutely no indication that they intend on violating it in the first place.
Anyways if you are in a metropolitan area sprint pcs works well,
..and are indoors.:)
Seriously, I work in downtown St. Louis, on the 15th floor of a building, in a window office, and signal quality here is very poor on my Sprint phone. At home, still in the smack middle of the St. Louis metro area (though on the western extreme of the city proper), the phone is all but unusable indoors.
I miss my Nokia with AT&T Wireless. Too bad their St. Louis service plans are horribly more expensive with horribly less coverage than what I was used to in Texas.
As another poster mentioned, this isn't a "call". Just because a device is capable of features X and Y does not necessarily mean laws about X usage apply to feature Y.
It's like trying to apply the same "cell phone" laws to Palm Pilots with telephony, or your PC with its own modem.
And then what happens with people that set up cellphone aliases.. e.g. jondoe@cellphone.example.com which redirects to 5105551234@whatever. Are the senders responsible for the legal implications of spamming a cellphone then? How could they know?
Of course, spamming sucks one way or the other, and if I had my way, it would all be banned entirely..
Slashdot Mirror
I was speaking about major companies. The kind that are processing dozens if not hundreds of resumes per day. You are correct in that most small firms are going to be reading your resume in either a nice printed format or in Office, so it might be logical for them to ask for it in Word.
Large companies, on the other hand, can't afford to do this with every applicant. Resumes are stored in a database in textual form, and when some group within the company needs a particular skill set, the resumes are searched, pulled and delivered, all in a standard format. This facilitates quick and easy comparisons of skills. When you're at this level, they could really care less how presentable your resume looks. They're interested in the contents.
I for one wouldn't mind seeing an XML resume format. One that had enough flexibility so as to be searchable by skills, past experience, and with the ability to be styled via XSL or CSS so that it can be printed and look just as good as if it were done professionally in Word.
Are you REALLY sure that that 'updates' server is only there to 'update' the software on your computer?
Again, if you do not trust the software you're running on your computer, why did you install it in the first place?
You're making the assumption that the person doing the tracking automatically knows the identity of the person doing the reading. The only thing these "bugs" can tell the "bugger" is the IP address of the person reading the document. I guess you can insert some sort of unique ID into the resume so that you can tell what version of the document they're reading (sending a slightly different version of the document to each person you originally send it to). Could be good for detecting information leaks, but isn't very useful for figuring out the identity of the person actually reading the document, unless you have the ability of going to the ISP and retrieving the identity from them, or if perhaps you have some cookies already set up with identifying information. Either way, that's a lot of if's.
Generally speaking, downloading a Word document from the web only nets the malicious user your IP address and/or hostname, nothing more than what they would get if you browsed an "evil" web page at their web site.
Most people (I would hope) would send their resumes in formats their potential employer suggests and/or states that they accept. If they don't specify, fax and/or mail it. If they say "electronic", I'd e-mail them a text copy with a URL to an HTML copy. If they say "Word" (and some do), Word is what they'll get.
Major companies nowadays are requesting only textual resumes. This way they are light on space, can be easily searched and easily integrated in the company's internal resume system (assuming they have one), and people within the company looking for applicants have to do less work and can deal with a standardized document format. It's rare that a company will request a Word format, but it happens.
If someone is blindly sending you a resume in Word, there are other reasons to reject it that don't necessarily have anything to do with the applicant's skills at system security.
Umm, what's the big deal?
It came installed with something you installed on your system. If you're the type that habitually ignores license screens and just blindly clicks Next when you install stuff, you deserve what you get.
Are you really that concerned that this piece of software is contacting an updates server? Do you have any idea how much software nowadays does this sort of thing? Why is it everyone considers a piece of software that, behind the scenes, checks to see if there are updates of itself an "evil" piece of privacy-invading software? It just seems silly to go through the effort of setting up things like firewall filters just because you don't "trust" what this piece of software is doing. If you really don't trust it, why the hell are you installing it? If you're going to say, "But I didn't know I was installing it!", something else you apparently do trust did install it, so perhaps some trust relationships there need to be looked at.
Unfortunately we don't have the luxury of assuming there's a better means of communicating that an advanced society would use over radio. We can't just play the part of the indians and assume neighboring tribes have advanced beyond the point of smoke signals, so we should give up looking for them and sending out our own.
We have to assume that our view of physics and technology is correct and work off of that assumption. If we wish to detect neighboring civilizations or be detected by them, our best (and, really, only) means for doing so is by radio waves.
Can you imagine trying to think about anything, especially code, in a big room where everyone is busy talking to their computer?
Agreed, but that doesn't mean it's not useful in a home setting, for instance, or a private office. Naturally office etiquette would prohibit the regular use of such things in shared areas.
And even if you are coding away at your latest application, I would think it's more efficient to pause for a moment and say, "Computer, when's my next appointment?" than it would be to move out of your development app into a calendar of some sort, and then go back. Even in a public area, this level of occasional voice control is probably acceptable. *shrug*..
I totally agree, though, keyed input will still be primary for most industrious work, but simple tasks in a more intimate setting would be so much more efficient if they could be done effectively by voice. Just think, you could browse the web, update your calendar, compose a few e-mails while cooking yourself dinner, or cleaning house. After a long day at the office, that level of ease-of-use would be spectacular.
I'm a big advocate of "behind-the-scenes" computing, where the PC is hidden and unintrusive (and today's paradigm largely unneeded).
"You'll communicate with the PC primarily with your voice... "
:) With that much space there's room to have some of it empty when you're not working with it.
This should make university computer labs interesting, especially for people writing code.
Obviously it will be nearly impossible to write code without using a keyboard, but most computer users are not writing code: They're sending e-mails, writing papers and looking up information on the Web. With suitably advanced software (10 years is a long time, and in many areas we're already there), this can all be done vocally, but there will always be need for a keyboard.
Be careful when drumming your fingers.
With a full desk top of space to work with, I imagine I'd be keeping my critical triggers away from the areas I'd rest my hands.
Ok in the transcripts they learnt something.How to mount ..see disk space.Over the years they may mature and write exploit scripts.Is n't this possible?
What they learned her is totally irrelevant and completely unrelated to their attacks/compromises. They could/should/probably would have learned this same bit of information if they'd installed Linux at home and decided to goof around with it.
Well for me how a script kiddie differs from an expert hacker (or whatever we may choose to call him ) is education.
I agree, just as a convicted arsonist serving the last few months of his prison sentence differs from a highly paid explosives expert only by the education he's undertaken while in the slammer and by the experience and training he hopes to receive after he gets out.
It's all about costs vs. risks.
If I really wanted to keep Evil Burgler out of my home, I would put in bulletproof glass, steel doors, thousands of dollars of security systems and probably a few armed patrols. Realistically, this isn't feasible for my lowly home. It might be for some areas that desperately need to be secured, but *I* can't afford it. So, I'm acknowledging the fact that an evil visitor could kick down my door and remove the contents of my home, but I've taken what I consider are relatively reasonable precautions to reduce that risk. Sure, I could spend more and reduce the risk even further, but would it be worth it?
Similarly, you can spend millions of dollars for state-of-the-art hardware, 5 levels of firewalls, intrusion detection software and a staff of IT folks constantly patrolling network traffic looking for any sign of attack or intrusion. For major IT companies, even this may be excessive, but for the lowly server-in-the-garage type, it's obscenely unrealistic.
Not everyone that wants/needs a server can or will a) get a degree in computer engineering just so he can know enough to properly secure his systems and networks; or b) hire a staff to do the same job
There's no such thing as a perfectly secure machine. It all comes down to what the administrator is willing to spend (in time, resources and money) to support and maintain his setup, weighed against the risk involved.
Please explain to me how any stereotypical script kiddie attack/compromise nets them ANY knowledge WHATSOEVER.
ANYONE can download a script/root kit from the 'Net and use it to compromise a variety of Unix flavors. Script kiddies do not need to learn anything about networking or system administration to utilize these tools.
From a script kiddie's introduction to the world through his eventual departure, any knowledge gained from these compromises is negligible. They're not getting their "start" here. They're installing Linux at home, maybe learning a little here and there about Unix, and then immediately letting that go to their head (nobody else at school can do this, so I must be smarter than all of them, which means I'm smarter than most everyone in the world!), and they strive to let the world know this. So they attack systems, break in to networks, rack up the numbers and then share their conquests with their l33t-0 IRC friends so everyone else can see what a l33t hax0r they are.
It has nothing at all to do with learning or self-education and everything to do with adolescent aggression.
I'm not denying that a certain percentage of these kids will indeed mature, grow up, get educated and get a real job in a similar field. I don't, however, think that this percentage is significantly higher than any other computer-literate group. Script kiddies are just a subset of the "high school computer geek" crowd, and I'd bet you'd find a percentage of any high school computer geek crowd finding a respectable IT job is probably the same across the board.
It was the CIA that screwed up. The moment the information left the CIA's control, it should be assumed that "the enemy" (whoever they might be) has the information. If the New York Times knows how to keep secrets, why doesn't the military hand over all the records from Area 51, and ask them to only publish the parts that should be printed?
I agree that, realistically, the CIA is at fault here. Not only did they goof and release information to the NYT that they should not have, but they did not adequately review what NYT ended up publishing.
If I were the CIA, I would have re-released to the NYT a document without the references I wanted removed. I would not rely on the NYT to do this deletion for me.
As far as the NYT being "trustworthy," nobody is saying that they were. The CIA offered information to the NYT, and then they said, "Oops, we goofed, would you mind destroying that last bit?" The NYT could either say, "Sure, Fred, just send me an updated copy, we all make mistakes," or, "Hell no, you evil capitalist swine! I shall sell this document to the highest bidder, THEN print it! Ah hahaha!" One of these two responses results in continued information flow, a continued job, continued freedom and quite a bit of gratitude on the part of the U.S. government. The other does not. If the NYT reporter refused or disclosed that information to other parties, the CIA would never share information with him (and perhaps the paper) again. It doesn't make good business sense.
So the NYT isn't so much trustworthy as they are realistic. Don't bite the hand that feeds you.
That may have actually been his goal, though, so your impression may not have been mistaken at all.
In order to reach that goal, though, he heard about and began investigating amateur radio as a means to that goal, which isn't quite appropriate, but isn't a bad thing at all if he doesn't mind using it strictly in a hobby capacity (not using it with live, potentially regulation-breaking content).
(Mainly for the benefit of others reading your comment.) The idea behind amateur radio is that it's a hobby, and meant for experimentation and for trying new things, learning, etc. It's not meant to do the job of something you can find commercially.
So generally speaking every signal you send over amateur frequencies must be things that a) you're perfectly comfortable sharing with the rest of the amateur radio community (thus the rest of the world); and b) aren't things that should probably be sent via some existing, equivalent (probably commercialized) route.
In this case, the guy's having fun trying to learn how microwave transmissions work, and what better way to learn how to do these things than to get an amateur license and actually build the darn thing? But the regulations say if he wants to use this link for anything but completely open, completely personal use, he needs to pursue a commercial license (or use a non-amateur product).
For this reason you will not find amateur digital links directly connected to the Internet for any Joe Schmoe to (perhaps inadvertantly) send anything violating FCC regulations over amateur radio frequencies. Things like porn, advertisements and commercial activities do not belong on amateur radio frequencies, and nowadays the web is full of it. In a way, this also hinders a lot of amateur radio digital activities, since we're effectively limited to e-mails and other communications between HAMs.
But this is just one area of digital amateur radio. We've got several satellites in orbit, some capable of doing digital work, and we have new cool things like APRS for instant world-wide messaging (even via satellite if you're in the boonies) and GPS positioning. You could build a home-made LoJack out of something like this.
Dave, WL7RO
Cabs do not use HAM (Amateur) radios. They use radios and frequencies specifically leased and licensed to them by the FCC for this commercial purpose. Amateur radio is totally different.
The . at the end of the name should have tipped you folks off.
These would be pretty useless to browse the web, though... AFAIK, they're just for relaying messages.
Of COURSE scale and quality matters. I see posts here trying to literally compare the act of 1 unauthorized copy to MURDER for God's sake.
I can't believe we have people here a) saying making a tape for your friend of a few choice songs is just as evil; or b) letting people download millions of copies of high-quality digital albums is "ok" and even "right".
You people clearly do not understand the way the world works here.. The original poster explained it best by saying there *are* gray areas DEFINED by scale and quality. Murder OBVIOUSLY is not one of them.
In theory, this is correct.
However, in practice, we have incompetant admins, ignorant management, and underpowered hardware. In many backbone cases, ingress/egress filtering (or, indeed, most any kind of filtering) of these types of IP addresses isn't an option, due to the volume of data that these routers handle. They wouldn't be able to handle it. So, unfortunately, we must rely on ISP's on a more local scale to not only block these packets from coming in to the network (and likely on to their customers), but block them from leaving their network (or, perhaps, keep their customers from introducing them).
Along a similar line, these filters could/should be expanded to include the list of IP addresses that that network services. If done correctly (and down to an appropriate level of granularity), not only will all IP spoofing be eliminated, but anyone attempting to do so can be tracked down rather easily.
The fact that IP spoofing still shows absolutely no signs of abating is proof enough that few ISP's are filtering a damn thing.
I don't quite know if you're asking these questions because you're legitimately trying to learn something about security or if you just think you have all the answers and are considering the universities that teach this stuff and the highly trained corporate IT departments to be idiots..
I totally agree that systems need to be individually secured against obvious problems. In any production setting you have to safeguard at least a bit against unauthorized access (even if from your own network). Firewalls just allow that to be done in a single layer, with a single access policy and set of rules.
It's a lot easier to set up a firewall (perhaps composed of multiple systems for redundancy and load management, perhaps even built into the very routers you're using) that's been designed for this task than it is to go through and audit every system individually.
What if you don't want systems to be reachable from the outside world at all? Your solution would be to use ipchains/whatever and just block all of the ports with that?
Are you aware that there are regularly discovered stack flaws that allow people to disable or crash a system where they have a direct network path like this? What about OS fingerprinting? I would be very uncomfortable if my servers could be touched at all by packets originating from the Internet. Firewalls not only keep people from accessing what may be potentially insecure systems, but it keeps them from doing *anything at all* to them that isn't explicitely allowed. By putting this functionality into a firewall, you have only one type of system (by "type" I mean "firewall" versus "web server" versus "NFS server" or "database server") seen by the outside world, and no critically vulnerable services that they can even *see* much less get to. If you were to put the load of network security onto the individual hosts, there are tons of things somebody can do, even if the service itself is secure, network threats are still quite serious.
If you legitimately are curious about actual network setups and why things like firewalls are necessary and aren't just trying to be an ignorant troll, I'd suggest you take some networking classes at your local university. Depending on their setup, they may have a lab for people to play around with various types of setups, even to the point of letting you simulate your own DDoS attacks and hacking into your own systems. Fun stuff.
And for those thinking of commenting about how Replay is intending to use this information to figure out what other shows you might be interested in, this is simply a local extension to the technology. I mean if the system's already built to keep track of some of the things you like to watch, even if it doesn't relay this information, it's only natural to think about using it for your own entertainment.
If you're really worried about the evil set-top boxes sending details about the porn you watch, why don't you just keep from plugging it into the phone line?
Again, this is not evil Big Brother tracking technology here. It's pretty clear that it's being done on a volunteer basis.
Do you people even know who Nielson is?
They are a company that takes volunteers and asks them to report on their TV watching habits. Some times this takes the form of transient "diaries", other times it's in the form of a permanent "box". This information is used to determine what a complete cross-section of America is watching at any given time.
The only thing they're doing in this case is working with Replay to figure out a way to adapt this system for their time-delayed product, where real-time ratings don't quite mean as much. At the moment, they're just ignoring the Replay market, but as this has the potential to affect the way we watch TV, and as shows we might ordinarily miss are now within our viewing abilities, it affects the show's ratings as well.
This is a typical YRO article. Someone shouts "tracking habits!" and Slashdot authors pick it up, frothing at the mouth.
Come on, people, do you really think a VCR-like device is going to SELL when it dials up every night and reports your every TV watching habit? This is utter BULLSHIT, and I'm quite sick of it. There is certainly a privacy angle to this, but I would THINK that anybody volunteering to report on the shows they watch would be aware of these issues in the first place.
PLEASE do a bit of research on your own, and DO NOT take the word of these YRO "authors" as gospel. They are quite frequently WRONG in their assessment of the situation, in many cases negligently so.
Did you even read the article? Do you have any idea who Nielson is?
They're talking about adapting their hardware/software so that VOLUNTEERS are able to more accurately participate in the Nielson ratings programs. There's no way in hell they're going to get these surruptitiously installed and relaying data against your wishes. Think about it. How are they going to do this? Do you really think a Replay device that dials up and reports your every TV/commercial habit every night will SELL?
They usually approach potential volunteers to help out with the ratings system and offer them some sort of minor compensation.
Personally, I think it's damn cool, because I'm effectively representing like 100,000 viewers, so the shows *I* like have a better chance of staying around if I'm careful to watch it religiously.
The only place in this article that remotely approached the idea of selling this information to advertisers was talking about a related TiVo deal a while back, and while we certainly need to be careful this is done correctly, respecting our privacy, there's been absolutely no indication that they intend on violating it in the first place.
Anyways if you are in a metropolitan area sprint pcs works well,
:)
..and are indoors.
Seriously, I work in downtown St. Louis, on the 15th floor of a building, in a window office, and signal quality here is very poor on my Sprint phone. At home, still in the smack middle of the St. Louis metro area (though on the western extreme of the city proper), the phone is all but unusable indoors.
I miss my Nokia with AT&T Wireless. Too bad their St. Louis service plans are horribly more expensive with horribly less coverage than what I was used to in Texas.
As another poster mentioned, this isn't a "call". Just because a device is capable of features X and Y does not necessarily mean laws about X usage apply to feature Y.
It's like trying to apply the same "cell phone" laws to Palm Pilots with telephony, or your PC with its own modem.
And then what happens with people that set up cellphone aliases.. e.g. jondoe@cellphone.example.com which redirects to 5105551234@whatever. Are the senders responsible for the legal implications of spamming a cellphone then? How could they know?
Of course, spamming sucks one way or the other, and if I had my way, it would all be banned entirely..