Cinea will invest several million dollars to make and distribute the DVD players to academy members and possibly to movie critics and other awards groups.
Your movie-ticket dollars at work.
Just give 'em a private streaming video website...
The likelihood (or eventuality) some of us are more concerned about is offenses committed by the regulators. HtH.
Powerful tools are a mixed blessing. When we have "protectors" that are further "above reproach" in their adherence to sweeping laws, and quit behaving as if all of their "employers" are potential mass killers until proven otherwise, I'd feel better about tools such as these existing and being made available... at each level of government.
I think it is safe to assume that such tags are as temporary as the current Paper ones that they attach to luggage or boxes.
I do, too - but we're hoping for the best. Other posts wrongly ASSume that all RFID tags within consumer goods will be as easily removed...
The potential for abuse is obviously greater than barcodes, which are (duh) visible. Many, many fears about this technology would be alleviated if the presence of RFID tags was not surrepitious. Instead of treating all customers like dolts, let's see our corporate overloads bend over backwards to inform us and dispel the misinformation... or (sigh) perhaps they should be forced to disclose this - at least in the case of soft goods such as deodorant and sweaters! - as display some prudence and respect for their prey.
when the Government mandates that all luggage travelling on planes require special 'government-approved' Travel tags
The way airlines are bending over for the Government in matters of data "sharing" - which perhaps they must, or should - and then proceed to lie about it in some cases, the transition from corporate overlord tag to Government tag may get blurrier before we know it...
As another poster sagely said, "The more you rely on a system like this, the more it can hurt when a wrinkle comes along." There have been some prettydishearteningcases this year where Gov'mint officials refused to doubt the accuracy of their databases.
It's disappointing to see geeks ridicule other geeks for even attempting to acknowledge the Law of Intended Consequences. The faith of some in the benevolence of corporations and bureaucracies - future ones as well, building on the things we tolerate today - is vast and, well, stupefying.
Re:The city was being reasonable, not Smirnoff
on
Reverse Graffiti
·
· Score: 1
I think my problem is shared by a lot of people ...and I'm not sure it's a problem, or that it really accounts for a preference for or against this strategically "cleaned" wall - but hey, you're not the only one ! I'll take natural "stochasticism" over mowed lawns and ordered (linear ?) arrangements of bric-a-brac, any day. And yeah, I hope it's some consolation that you're not the only one who's had a few arguments about said preference... (The old "if God wanted the grass to be shorter, it wouldn't grow so much/well/nicely" argument never flies here, either.)
<grrr>
Re:Depends on the kind of graffiti
on
Reverse Graffiti
·
· Score: 1
"Creative" is subjective.
But better yet - yeehaw, the ends justify the means.
Individuals have the choice to restrict (or not) themselves, government does not have the choice to restrict or advocate.
You wouldn't be writing this in the USA, would you? Oh, wait - I get it. You're in 1991, sending your/. post forward to the mysterious future. That's it.
Replace "does not" with "should not" in your statement, and your description more closely fits this timeline. HAND.
You're right. Unfortunately, though, a 'net without borders makes it difficult to do anything substantial about ads... so politicans go for the hollow gestures. Getting reelected is clearly the highest priority for some (most ?) of them.
My point is that many people would consider "ethical telemarketer" to be a bit of an oxymoron.
Thank you. I would've left out "a bit of", but to each their own.
The OP said "But no, I feel no shame for writing solid code for a legitimate business." - and his lack of shame isn't any real surprise. Activities much more disgusting have been coded by people with a sense of pride and satisfaction.
Growing up also requires that one give thought to the larger implications of what we create - the details above and beyond the shiny baubles that are dangled in front of us to motivate us.
Yep. "Legitimate" doesn't mean it's ethical. That's another concept that requires adult mentation, though.
Lots and lots of people agree with another poster that telemarketing is "antisocial and obnoxious," but those who approve of nonpassive marketing that steals people's time would probably say that we alllll just need to grow up.
Yup, they may not be saving the photos (uh, yet), their motives may be unimpeachable and the higher-ups in the police department don't care at all about the photos of non-criminals. Again, it's the unintended "audiences" not initially anticipated that concern me more. Digital data, once captured, is so much more easily stored and indexed... more easily copied, merged... Manipulated.
Are these photos in the public record? (Surely they're not all considered to be "work products of an investigation" ?!?) Will they ever become publicly available? Who can say? What industries might find them useful...?
We have no choice but to "trust" that a photo database has not been previously seeded with "false positives" to cast doubt upon it, and that the facial mapping algorithms or whatever are robust enough to make actual false positives rare (though what level of false accusation is acceptable, really, as a result of "B-but the computer says you're an escaped felon" ?) and that the people who just want to do their job and catch bad guys are not putting so much reliance on technology that they're "not seeing the forest for the trees". This guy was jailed for two weeks, even though the authorities previously had a quick and easy way to confirm the fingerprint mismatch in his case - and this poor guy spent two months in custody, supposedly because a judge maintained that "fingerprints don't lie" ! Such things happened before a fingerprint database (just as inexcusable - this is not a matter of "accidents will happen", it's hubris) but the more an automated pattern-matching is end-to-end, the less chance human expertise and empathy and nonlinear thinking can prevent awful things like this. Given our Bill of Rights (even post-PATRIOT Act) the risk of false imprisonment should be even more miniscule than it is - decreasing as technology increases, if we're careful...!
Rear-view mirrors don't lie, but that doesn't mean they can be trusted to reveal everything that's actually there.
Now, videotaped traffic stops are a pretty good comeback. People's images are captured without probable cause - even if the officer is helping with a flat tire. But I don't know of a place (yet!) that requires people in the promixity of that constantly-rolling camera to hold still (submit) so a good, clear image can be captured. If suspects are being forced to do that now ("stand right in front of the bumper and hold still - you're on tape"), then I guess those municipalities won't be getting any of my discretionary spending.
If the data exists, there's no way to prevent it from being stored. But if it never exists . .. (A weak analogy would be a file of credit-card numbers. Without a sufficiently powerful reason for keeping them in one "convenient" place, the risk of that information being stolen, exposed or altered will always exist, especially if they're on a net-attached server.)
A case can be made (and invariably will be made ??) that's it's a doggone "waste" to collect information with taxpayer dollars, such as these photos, and then just throw it away, duplicate some of the effort on subsequent contacts with the same citizen, etc. etc.
Wal-Mart, et al. - certainly there are many more photos being snapped daily (even of "us xenophobes") than we would care to know about. But no corporation (yet) has the profound, unique and immediate power over my freedom that peace officers do. A retailer which abuses their customers' trust will eventually be exposed, and hopefully will take a hit on the balance sheet as a result. A police department which is "bitten" by bad info (false positives) and/or negative publicity will either wise up or become known for their antics. I guess those who are sufficiently concerned about such things can move, or do more online shopping. And if this level of "cooperation"
I agree with a lot of what you said. Certainly the rollout of this app, as intended, is a useful tool. Perhaps it's even worth it despite the abuses which will occur (whether discovered or not) in any situation where humans are involved.
By throwing in all those specious "yets" I was thinking of two other things. I know of very, very few situations, where surveillance has permanently decreased. If there's a good reason to scan everybody entering a stadium or an airport or a mall... or scanning every license plate that passes by on the freeway - well, shoot, why not do it!? And in the analog age, I was more likely to agree with that. But that brings up my other concern - the Law of Unintended Consequences. Data gathered for one purpose is vulnerable to other uses - and like any data it can be stolen, copied (perhaps surreptitiously), altered or merged with other data in an attempt to achieve a completely different end. This is already part of the consequences of being arrested, true enough. But someone saying they have "cause to arrest" does not necessarily mean it's true. Why not go all the way and collect DNA samples from all people who are arrested? And then, really, why not get DNA from everyone who is detained? "Slippery slope" plus the undying nature of digital databases = big trouble, in the wrong hands. I really don't want to be present in any databases I can avoid. Part of the old order of things was that the powers-that-be wouldn't get to have my photo on file unless I was actually, uh, arrested (ignoring covert surveillance, just for the moment) or I provided it voluntarily (driver's license). The best-intentioned people can set up systems, collect data - and write laws - that are used to a more sinister effect later.
(It would be interesting to know if peace officers are generally permitted now, by law or agency policy, to snap photos of whomever they wish while on duty.)
All this to get to the last sentence of your post... and this may seem silly to you, but yeah, I can look back on interaction with the po-lice and remember a few times when I was ready to be arrested rather than allow an unwarranted search (this was obviously a while back!). And I'm not made of stone - it would probably depend on the circumstances, okay, and "probable cause" suer ain't what it used to be - but I'd rather be wrongly arrested than voluntarily be added to more databases. Doing what one believes to be right will get one in trouble sometimes. That's part of the deal. Living in the USA used to mean you still had the occasional choice about surrending your liberties.
Sheriff Everett Rice on Wednesday said his deputies are not [*] being instructed to search for criminals and that the photos would be taken only if there was "cause to arrest."...
Deputies are not [*] supposed to use the technology to take random pictures of people in public, said Rice....
"We don't [*] force people," he added.
You're right. It'll fly in the US. Unfortunately landfills "don't matter" (out of sight, out of mind) and the raw materials needed to make everything are thought to be inexhaustible.:(
The price point will make or break the popularity of these things...
I think they'll have to keep the retail price really really close to (if not lower than) the cost of a new-release daily rental at the large monolithic rental chain which edits movies on their own.
(There's a joke to be made about personal nitrogen-filled safes, but it probably wasn't that funny anyway.)
In every case where there has been a problem with Windows security, it's been AFTER they released a patch for the vulnerability. Every one!
- "Microsoft issued a software patch, MS03-032, on Aug. 20 that was supposed to fix the problem. However, that patch failed to close the hole on Windows machines running Internet Explorer Versions 5.01, 5.5 or 6.0. On Sept. 8, Microsoft acknowledged problems with the MS03-032 patch and promised to issue a fix as soon as possible. Since that time, no changes have been made to the MS03-032 patch. In the succeeding weeks, hackers moved quickly to take advantage of the company's slow response." ( Computerworld.com )
- "Two vulnerabilities have been reported in Internet Explorer, which in combination with other known issues can be exploited by malicious people to compromise a user's system. 1) A variant of the "Location:" local resource access vulnerability can be exploited via a specially crafted URL in the "Location:" HTTP header to open local files.... 2) A cross-zone scripting error can be exploited to execute files in the "Local Machine" security zone. Secunia has confirmed the vulnerabilities in a fully patched system with Internet Explorer 6.0. It has been reported that the preliminary SP2 prevents exploitation by denying access. Successful exploitation requires that a user can be tricked into following a link or view a malicious HTML document. NOTE: The vulnerabilities are actively being exploited in the wild to install adware on users' systems." ( Secunia )
- "The flaw, which is different from RPC DCOM flaw that spawned the Blaster and Nachi worms, makes Windows XP and 2000 servers vulnerable to denial-of-service attacks because of a multi-threaded race condition that exists. A remote attacker could crash the RPC service simply by sending multiple RPC requests. The vulnerability occurs if two threads process the same request, thereby corrupting memory. Microsoft still has not released a patch for the flaw, leaving nearly every Windows XP and 2000 system exposed to potential exploits. Microsoft may, however, be preparing an all-encompassing RPC patch that would address this issue and previous flaws surrounding the network service, said Gerhard Eschelbeck, chief technology officer with Qualys Inc., at RSA Conference 2004. RPC is a protocol that one program can use to request a service from another program located elsewhere on a network." - ( searchsecurity.com )
- "Attackers are taking advantage of a security hole in Internet Explorer not immediately patched by Microsoft Security experts have warned that a vulnerability that has apparently been left un-patched by Microsoft is being exploited by attackers "in the wild". The "object type" vulnerability, which was first acknowledged publicly by Microsoft on 20 August this year, allows an attacker to take control of a system by embedding malicious code in a Web-page. If the Web page is viewed by an Internet Explorer browser - even a fully patched browser - the malicious code embedded in the Web-page will execute, experts say. Despite Microsoft acknowledging the patch doesn't work, it evidently has not yet issued a working fix for the vulnerability. US-based information security company iDefense released a statement over the weekend claiming the vulnerability is being actively exploited "in the wild". "Whether you are patched or not, attackers can execute code on your computer at will when you visit a hostile website when using vulnerable versions of Internet Explorer," the statement read. The relevant Microsoft bulletin was issued on 20 August and last updated on 8 September." - ( ZDnet - but then again, you didn't say "...after
...Plus it seems odd to make somebody pay more money to overcome some limitations in the original product...
Here, buy our dictionary, it's better than those communal-effort dictionaries... Oh - and because so many shifty people are out there messing with the meaning and spelling of words, we very strongly recommend you also buy our dictionary integrity checker. Actually, you'll probably want this subscription to future integrity checker updates, or else your dictionary will become useless (or dangerous to other dictionary users). You're welcome.
Yet another "patriotic" manuever to watch out for.
The assertion that Northwest's motives in disclosing the information cannot be questioned... is bothersome, in a different way. But they blew it (again?) when they denied the information-"sharing" had occurred. Bad talking-head, no more business for your firm.
With your level of expertise and the number of posts, you dealt with the backup issue. If others didn't, whose fault is that? Maybe the ability to back up posts is a deciding factor when selecting a free weblogging service - and if not, the user's own priorities set the stage for later grief. A failure to plan ahead is not the fault of the free service provider, is it?)
(And yeah, as a last resort, if those 1,356 posts are important enough to you, you might brew a pot of coffee and 'File - Save As' the night away, capturing copies of them... but even that could be avoided up front by choosing a vendor wisely, and actually testing the backup/restore function before it was needed.
Hear hear. Talk about spinning out wild hypothetical situations (and modded +3, Insightful?)...
What the OP said was Why would you trust any hosting company to keep the only copy of your data, if it were all that important to you? And that's all they said.
No vendor should be trusted with the lone copy of irreplacable data. Period. Especially if you're renting storage space!
Terabytes of data residing anywhere, without a backup strategy in place beforehand, is "dispensable" almost by definition. Backup and recovery of data is not something to be done as an afterthought. If you can't afford to back it up (somehow), you have no business being responsible for it at all.
Slashdot Mirror
Cinea will invest several million dollars to make and distribute the DVD players to academy members and possibly to movie critics and other awards groups.
Your movie-ticket dollars at work.
Just give 'em a private streaming video website...
<grrr>
The likelihood (or eventuality) some of us are more concerned about is offenses committed by the regulators. HtH.
Powerful tools are a mixed blessing. When we have "protectors" that are further "above reproach" in their adherence to sweeping laws, and quit behaving as if all of their "employers" are potential mass killers until proven otherwise, I'd feel better about tools such as these existing and being made available... at each level of government.
<grrr>
I think it is safe to assume that such tags are as temporary as the current Paper ones that they attach to luggage or boxes.
I do, too - but we're hoping for the best. Other posts wrongly ASSume that all RFID tags within consumer goods will be as easily removed...
The potential for abuse is obviously greater than barcodes, which are (duh) visible. Many, many fears about this technology would be alleviated if the presence of RFID tags was not surrepitious. Instead of treating all customers like dolts, let's see our corporate overloads bend over backwards to inform us and dispel the misinformation... or (sigh) perhaps they should be forced to disclose this - at least in the case of soft goods such as deodorant and sweaters! - as display some prudence and respect for their prey.
when the Government mandates that all luggage travelling on planes require special 'government-approved' Travel tags
The way airlines are bending over for the Government in matters of data "sharing" - which perhaps they must, or should - and then proceed to lie about it in some cases, the transition from corporate overlord tag to Government tag may get blurrier before we know it...
As another poster sagely said, "The more you rely on a system like this, the more it can hurt when a wrinkle comes along." There have been some pretty disheartening cases this year where Gov'mint officials refused to doubt the accuracy of their databases.
It's disappointing to see geeks ridicule other geeks for even attempting to acknowledge the Law of Intended Consequences. The faith of some in the benevolence of corporations and bureaucracies - future ones as well, building on the things we tolerate today - is vast and, well, stupefying.
<grrr>
The "how to read a VIN" sidebar from USAToday has an error in it. I feel all fuzzy inside now.
<grrr>
Yikes. I forgot all about my paid subs to Parachutist and Skydiving 'til I read your post. Maybe I'm working too hard.
<grrr>
Scott -
they don't have to do "all this for free"! Tsk tsk.
As an AC already pointed out, they can charge fees for duplication - which has almost certainly been used to discourage large requests...
<grrr>
I think my problem is shared by a lot of people
...and I'm not sure it's a problem, or that it really accounts for a preference for or against this strategically "cleaned" wall - but hey, you're not the only one !
I'll take natural "stochasticism" over mowed lawns and ordered (linear ?) arrangements of bric-a-brac, any day.
And yeah, I hope it's some consolation that you're not the only one who's had a few arguments about said preference...
(The old "if God wanted the grass to be shorter, it wouldn't grow so much/well/nicely" argument never flies here, either.)
<grrr>
"Creative" is subjective.
But better yet - yeehaw, the ends justify the means.
Try again.
<grrr>
Individuals have the choice to restrict (or not) themselves, government does not have the choice to restrict or advocate.
/. post forward to the mysterious future. That's it.
You wouldn't be writing this in the USA, would you?
Oh, wait - I get it. You're in 1991, sending your
Replace "does not" with "should not" in your statement, and your description more closely fits this timeline. HAND.
<grrr>
You're right. Unfortunately, though, a 'net without borders makes it difficult to do anything substantial about ads... so politicans go for the hollow gestures. Getting reelected is clearly the highest priority for some (most ?) of them.
<grrr>
My point is that many people would consider "ethical telemarketer" to be a bit of an oxymoron.
Thank you. I would've left out "a bit of", but to each their own.
The OP said "But no, I feel no shame for writing solid code for a legitimate business." - and his lack of shame isn't any real surprise. Activities much more disgusting have been coded by people with a sense of pride and satisfaction.
Growing up also requires that one give thought to the larger implications of what we create - the details above and beyond the shiny baubles that are dangled in front of us to motivate us.
Yep. "Legitimate" doesn't mean it's ethical. That's another concept that requires adult mentation, though.
Lots and lots of people agree with another poster that telemarketing is "antisocial and obnoxious," but those who approve of nonpassive marketing that steals people's time would probably say that we alllll just need to grow up.
<grrr>
it had so much great potential. And he just pissed it away.
Not as quickly as thoroughly as Tormé - despite John Landis! - murdered Sliders...
<grrr>
Yup, they may not be saving the photos (uh, yet), their motives may be unimpeachable and the higher-ups in the police department don't care at all about the photos of non-criminals.
.
Again, it's the unintended "audiences" not initially anticipated that concern me more. Digital data, once captured, is so much more easily stored and indexed... more easily copied, merged...
Manipulated.
Are these photos in the public record? (Surely they're not all considered to be "work products of an investigation" ?!?)
Will they ever become publicly available? Who can say?
What industries might find them useful...?
We have no choice but to "trust" that a photo database has not been previously seeded with "false positives" to cast doubt upon it, and that the facial mapping algorithms or whatever are robust enough to make actual false positives rare (though what level of false accusation is acceptable, really, as a result of "B-but the computer says you're an escaped felon" ?) and that the people who just want to do their job and catch bad guys are not putting so much reliance on technology that they're "not seeing the forest for the trees".
This guy was jailed for two weeks, even though the authorities previously had a quick and easy way to confirm the fingerprint mismatch in his case - and this poor guy spent two months in custody, supposedly because a judge maintained that "fingerprints don't lie" !
Such things happened before a fingerprint database (just as inexcusable - this is not a matter of "accidents will happen", it's hubris) but the more an automated pattern-matching is end-to-end, the less chance human expertise and empathy and nonlinear thinking can prevent awful things like this. Given our Bill of Rights (even post-PATRIOT Act) the risk of false imprisonment should be even more miniscule than it is - decreasing as technology increases, if we're careful...!
Rear-view mirrors don't lie, but that doesn't mean they can be trusted to reveal everything that's actually there.
Now, videotaped traffic stops are a pretty good comeback. People's images are captured without probable cause - even if the officer is helping with a flat tire. But I don't know of a place (yet!) that requires people in the promixity of that constantly-rolling camera to hold still (submit) so a good, clear image can be captured. If suspects are being forced to do that now ("stand right in front of the bumper and hold still - you're on tape"), then I guess those municipalities won't be getting any of my discretionary spending.
If the data exists, there's no way to prevent it from being stored.
But if it never exists . .
(A weak analogy would be a file of credit-card numbers. Without a sufficiently powerful reason for keeping them in one "convenient" place, the risk of that information being stolen, exposed or altered will always exist, especially if they're on a net-attached server.)
A case can be made (and invariably will be made ??) that's it's a doggone "waste" to collect information with taxpayer dollars, such as these photos, and then just throw it away, duplicate some of the effort on subsequent contacts with the same citizen, etc. etc.
Wal-Mart, et al. - certainly there are many more photos being snapped daily (even of "us xenophobes") than we would care to know about. But no corporation (yet) has the profound, unique and immediate power over my freedom that peace officers do.
A retailer which abuses their customers' trust will eventually be exposed, and hopefully will take a hit on the balance sheet as a result. A police department which is "bitten" by bad info (false positives) and/or negative publicity will either wise up or become known for their antics. I guess those who are sufficiently concerned about such things can move, or do more online shopping.
And if this level of "cooperation"
I agree with a lot of what you said. Certainly the rollout of this app, as intended, is a useful tool. Perhaps it's even worth it despite the abuses which will occur (whether discovered or not) in any situation where humans are involved.
By throwing in all those specious "yets" I was thinking of two other things. I know of very, very few situations, where surveillance has permanently decreased.
If there's a good reason to scan everybody entering a stadium or an airport or a mall... or scanning every license plate that passes by on the freeway - well, shoot, why not do it!? And in the analog age, I was more likely to agree with that.
But that brings up my other concern - the Law of Unintended Consequences. Data gathered for one purpose is vulnerable to other uses - and like any data it can be stolen, copied (perhaps surreptitiously), altered or merged with other data in an attempt to achieve a completely different end.
This is already part of the consequences of being arrested, true enough. But someone saying they have "cause to arrest" does not necessarily mean it's true.
Why not go all the way and collect DNA samples from all people who are arrested? And then, really, why not get DNA from everyone who is detained?
"Slippery slope" plus the undying nature of digital databases = big trouble, in the wrong hands.
I really don't want to be present in any databases I can avoid. Part of the old order of things was that the powers-that-be wouldn't get to have my photo on file unless I was actually, uh, arrested (ignoring covert surveillance, just for the moment) or I provided it voluntarily (driver's license).
The best-intentioned people can set up systems, collect data - and write laws - that are used to a more sinister effect later.
(It would be interesting to know if peace officers are generally permitted now, by law or agency policy, to snap photos of whomever they wish while on duty.)
All this to get to the last sentence of your post... and this may seem silly to you, but yeah, I can look back on interaction with the po-lice and remember a few times when I was ready to be arrested rather than allow an unwarranted search (this was obviously a while back!).
And I'm not made of stone - it would probably depend on the circumstances, okay, and "probable cause" suer ain't what it used to be - but I'd rather be wrongly arrested than voluntarily be added to more databases. Doing what one believes to be right will get one in trouble sometimes. That's part of the deal.
Living in the USA used to mean you still had the occasional choice about surrending your liberties.
<grrr>
Sheriff Everett Rice on Wednesday said his deputies are not [*] being instructed to search for criminals and that the photos would be taken only if there was "cause to arrest." ... ...
Deputies are not [*] supposed to use the technology to take random pictures of people in public, said Rice.
"We don't [*] force people," he added.
* = yet
<grrr>
And late fees are subject to sales tax, here in the wonderful state of California...
<grrr>
You're right. It'll fly in the US. Unfortunately landfills "don't matter" (out of sight, out of mind) and the raw materials needed to make everything are thought to be inexhaustible. :(
The price point will make or break the popularity of these things...
I think they'll have to keep the retail price really really close to (if not lower than) the cost of a new-release daily rental at the large monolithic rental chain which edits movies on their own.
(There's a joke to be made about personal nitrogen-filled safes, but it probably wasn't that funny anyway.)
<grrr>
Aw, you say the nicest things...
(Gracias. I needed the laugh.)
<grrr>
Over?
Wow, you're an optimistic one, aren't ya?
<grrr>
In every case where there has been a problem with Windows security, it's been AFTER they released a patch for the vulnerability. Every one!
...
- "Microsoft issued a software patch, MS03-032, on Aug. 20 that was supposed to fix the problem. However, that patch failed to close the hole on Windows machines running Internet Explorer Versions 5.01, 5.5 or 6.0.
On Sept. 8, Microsoft acknowledged problems with the MS03-032 patch and promised to issue a fix as soon as possible. Since that time, no changes have been made to the MS03-032 patch. In the succeeding weeks, hackers moved quickly to take advantage of the company's slow response." ( Computerworld.com )
- "Two vulnerabilities have been reported in Internet Explorer, which in combination with other known issues can be exploited by malicious people to compromise a user's system.
1) A variant of the "Location:" local resource access vulnerability can be exploited via a specially crafted URL in the "Location:" HTTP header to open local files.
2) A cross-zone scripting error can be exploited to execute files in the "Local Machine" security zone.
Secunia has confirmed the vulnerabilities in a fully patched system with Internet Explorer 6.0. It has been reported that the preliminary SP2 prevents exploitation by denying access.
Successful exploitation requires that a user can be tricked into following a link or view a malicious HTML document.
NOTE: The vulnerabilities are actively being exploited in the wild to install adware on users' systems." ( Secunia )
- "The flaw, which is different from RPC DCOM flaw that spawned the Blaster and Nachi worms, makes Windows XP and 2000 servers vulnerable to denial-of-service attacks because of a multi-threaded race condition that exists. A remote attacker could crash the RPC service simply by sending multiple RPC requests. The vulnerability occurs if two threads process the same request, thereby corrupting memory.
Microsoft still has not released a patch for the flaw, leaving nearly every Windows XP and 2000 system exposed to potential exploits. Microsoft may, however, be preparing an all-encompassing RPC patch that would address this issue and previous flaws surrounding the network service, said Gerhard Eschelbeck, chief technology officer with Qualys Inc., at RSA Conference 2004. RPC is a protocol that one program can use to request a service from another program located elsewhere on a network." - ( searchsecurity.com )
- "Attackers are taking advantage of a security hole in Internet Explorer not immediately patched by Microsoft
Security experts have warned that a vulnerability that has apparently been left un-patched by Microsoft is being exploited by attackers "in the wild".
The "object type" vulnerability, which was first acknowledged publicly by Microsoft on 20 August this year, allows an attacker to take control of a system by embedding malicious code in a Web-page. If the Web page is viewed by an Internet Explorer browser - even a fully patched browser - the malicious code embedded in the Web-page will execute, experts say. Despite Microsoft acknowledging the patch doesn't work, it evidently has not yet issued a working fix for the vulnerability.
US-based information security company iDefense released a statement over the weekend claiming the vulnerability is being actively exploited "in the wild".
"Whether you are patched or not, attackers can execute code on your computer at will when you visit a hostile website when using vulnerable versions of Internet Explorer," the statement read.
The relevant Microsoft bulletin was issued on 20 August and last updated on 8 September." - ( ZDnet - but then again, you didn't say "...after
...Plus it seems odd to make somebody pay more money to overcome some limitations in the original product...
Here, buy our dictionary, it's better than those communal-effort dictionaries...
Oh - and because so many shifty people are out there messing with the meaning and spelling of words, we very strongly recommend you also buy our dictionary integrity checker. Actually, you'll probably want this subscription to future integrity checker updates, or else your dictionary will become useless (or dangerous to other dictionary users). You're welcome.
<grrr>
Thank you. Great catch.
Yet another "patriotic" manuever to watch out for.
The assertion that Northwest's motives in disclosing the information cannot be questioned... is bothersome, in a different way.
But they blew it (again?) when they denied the information-"sharing" had occurred. Bad talking-head, no more business for your firm.
<grrr>
Alright!
/. story...
Heh.
(Me, too. Not a blog, but after harping about backups here I've gotta go burn some additional copies of stuff...)
So something good did come out of this
<grrr>
With your level of expertise and the number of posts, you dealt with the backup issue. If others didn't, whose fault is that?
Maybe the ability to back up posts is a deciding factor when selecting a free weblogging service - and if not, the user's own priorities set the stage for later grief.
A failure to plan ahead is not the fault of the free service provider, is it?)
(And yeah, as a last resort, if those 1,356 posts are important enough to you, you might brew a pot of coffee and 'File - Save As' the night away, capturing copies of them... but even that could be avoided up front by choosing a vendor wisely, and actually testing the backup/restore function before it was needed.
<grrr>
Hear hear.
Talk about spinning out wild hypothetical situations (and modded +3, Insightful?)...
What the OP said was Why would you trust any hosting company to keep the only copy of your data, if it were all that important to you? And that's all they said.
No vendor should be trusted with the lone copy of irreplacable data. Period.
Especially if you're renting storage space!
Terabytes of data residing anywhere, without a backup strategy in place beforehand, is "dispensable" almost by definition.
Backup and recovery of data is not something to be done as an afterthought.
If you can't afford to back it up (somehow), you have no business being responsible for it at all.
<grrr>