I've bought some itunes music (before I recognized they're DRMed... oops) because i thought the price is right, thinking that I can put it on a different mp3 player if I wanted to. It was worth it because some of the music that I like takes non-trivial effort to get - online sources tends to have pop music, and I don't really listen to those anymore. So it was easier for me to buy it from iTunes. However, upon finding that I can't move this music that I had paid for to a different, non-apple mp3 (even though I don't have one), or the fact that there is no known iTunes in Linux and I won't be able to play it if I don't do something to the DRM, the whole prospect all of a sudden looks a lot less appealing. They just need to wake up and figure that DRM will piss off their customer base no matter what. It locks people into platforms that they don't necessarily use, and the bought content becomes utterly useless.
Comparing what the average administors would do only reveals how little they're trained in security; hence, their test shows little in how secure a particular OS is, but how lazy/inept/ignorant an average administrator is towards security. Besides, it isn't necessary that they have to wait for RH to patch the software, they could always get the source and recompile if they feel the exploit is important to be patched now.
Re:Let me be the first to say...
on
SHA-1 Broken
·
· Score: 1
That would just be like cracking a MD5 sum and then a SHA-1 sum, and then do some manipulation together. Assuming there are easy methods to generate collision on the fly, any algebraic expression would have little effect. It's just like trying to write a pseudo-random generator without knowing any of the requirements or techniques to get there. The results just aren't right.
Quit thinking OBSD as something to replace the current enterprise OS. OBSD focuses on issues that many systems aren't as focused on. It works great for firewalls, and anything that you don't want someone to break into. If you want to have SMP capability, and yet the security when you hook up that box on the Internet, perhaps you should consider use a smaller box with OBSD as a firewall for the SMP machine running something else, perhaps Linux or FreeBSD. On the sidenote, I dislike the sentiment that people introduce buggy features - developeers want a feature to be implemented, but yet, we're all human and anything new are prone to bugs. It's not like OBSD developement team are perfect angels, they do make mistakes here and there, but due to their focus, OBSD has become much more secure and much more specialized towards that.
Ok I'm dumbfounded on this one. Why would a mainly personal sanitary product manufacturer needs like 1/2 milllion of these tags? What the hell are they going to do with this?
"...that when they do things like this, it proved that THEY HAVE LOST." No doubt... especially when people like me would just stick it in the computer and make a copy as the first then I do. It can even turn to stone and I wouldn't care less by then.
I used to have a C&C:TS site, and there were many people who commented that my site loads like lightning comparing to other sites. Guess what kind of compression I used?
Well they can always use the reply reciept method, but then you can always deny the reciept.. Guess lawmakers are out of their minds again. Why do they keep making laws on things that they're not knowledgable in?
Although you didn't mention on your post, I fought someone proved that the Hindenburg was basically coated in Thermite or some other very fast burning solid fuel on the canvas covering. That's the reason it burned very spectacularly. Note the Space Shuttle uses H2 for fuel and the flames are much different.
I think H2 explodes quite well, is it all that safe to have it replace jet fuel?
Well said.
How can a company restrict the availibility to software vulnerabilities to members that the general public can't join? That's the most ridiculous idea I've ever heard and many of us are sure there will be a crackfest when a "root" exploit is found, since the information would not be available for the non-members, the public.
I see it rather like a good option for those mac lovers who are buying new computers, but from what I heard, It won't be (performance wise) good on older macs. I don't see linux as threaten, even if it's released x86.
It comes down to support of the users, I mean, I wouldn't really shift to Linux even OS X is available because I like the way I do things in Linux. Besides I don't want too much fancy GUIs, it just hogs performance =)
Just my opinions and not intended to bash anyone.
Note: I'm not blaming owners, but I'm blaming the sysadmins. They're the guys who maintains the servers and should not have allowed root access over telnet whatsoever. It may be the easiest way to maintain the server with root access with telnet, but that's the easiest way for some script kiddie to get in and f^&* around with the computers, and launch DDoS around and think they're the top of the world.
If the server owners are the sysadmins, then yes I would say they're f&(*ing morons because if they don't know how to maintain a server properly, then don't start a freaking ISP.
When my dualbooter is in linux, I could maintain it basically anywhere around the world, but would you think I would be that stupid to use telnet? At least use something that actually puts a better fight against those script kiddies and use SSH. Afterall some ISP do use *nix and could have assign certain users with more permissions than others (like sudo), at least it would not be that obvious to some script kiddie to say, hey this box is wide open and let f&(* around.
I do not see IRC as being stale or it was IRC's fault (by being IRC) that lead to this attack.
As noted by the post, it was a DDos attack, which the cracker took over an ISP using telnet and rooted it, then took control over more computers.
Anyone who've read a security computer book (or even just a couple of related articles) would know that telnet is just a big freaking can of worm, and any ISP that got rooted by it should be also held responsible. I don't see there's any need to use telnet myself, even if it's needed there are better alternatives (ie SSH). Although not without its exploits, I believe its better built against such attacks.
I don't run a true full time server with linux, but I have block out such vulnerable services, at least all but local access.
It's sad that IRC is in trouble dued to a bunch of stupid sysadmin in an ISP that allow crackers to root them.
I don't see there's any reason that an ISP should allow telnet access, even if it's needed, there's a better alternative (ie SSH). Any computer enthusiast who have read a couple of security articles would know that telnet access is a huge can of worms, and frankly, the ISP who got rooted by telnet should be also partly responsible. I don't know if the sysadmins are incompetent, but they're sure stupid not to lock down such a big security hole.
Actually Filthy's review matched pretty well...
I liked U-571 and he didn't exactly have a super bad review, comparing to other movies. I just find this superhero crap on movie is too ridiculous and tiring.
I think if the terms does not list anything about mp3, then the knowledgable should try to circumvent such bots that are destroying works that are original to the owner of the site, afterall there's no copyright violation, and therefore ISP should be responsible for destroying private properties. I think that DJ should sue the ISP for that.
When did Journalism stop being researched fact and become ignorant IMO???
Journalism (except for special cases) had always been an ignorant IMO from the writer, at least it that been that way when I was born 17 years ago.
I'm using a Debian system, after trying to get BrowseX going, it seems that Netscape is actually has a smaller footprint than this "lightweight" browser. by running both browser on the same page (/.) and toping it, netscape used a combined of 7% or so of my memory, while BrowseX took up 12%. The performance isn't great either, loading/. with Netscape is way faster than BrowseX, and the fact of lacking JavaScript or Java just drive me nuts, can you tell me that any big pages out there that doesn't use a bit of javascript?
One thing that I need to ask the author of the project, why bother trying to write a "lightweight" browser with an interpreted language? Although it's portable, it's not lightweight. One should write a lightweight browser from assembly, not an interpreted language. I'm disappointed on it's performance and the resource management.
It's great that these hackers (i shouldn't use crackers because they fixed up the hole) exploited and sealed the compromise. In computing Utopia, all hackers should do this, then we won't have security compromises.
Thumbs up for those 2.
Self taught people tends to learn the stuff thoroughly because they have to depend on themselves.
But the cannon one was cool, I liked it. If the enginners didn't use that tail thing , instead maybe try a corkscrewing bleeder on the cylinder, they might have spinned it. I wish I could build a cannon out of junk =)
Anyways, the show is cool and can't wait them to air..
But SRAM would not make sense for its performance that you've described. Remember that SRAM was used to make external cache in older generation machines like mine. (Pentium-133)
I was reading a memory article a while ago and it explained the difference between SRAM and DRAM (normal memory) in detail. But I'm afraid I've lost it. Check it in Tom's hardware and the like.
Calyth
Slashdot Mirror
I've bought some itunes music (before I recognized they're DRMed... oops) because i thought the price is right, thinking that I can put it on a different mp3 player if I wanted to. It was worth it because some of the music that I like takes non-trivial effort to get - online sources tends to have pop music, and I don't really listen to those anymore.
So it was easier for me to buy it from iTunes. However, upon finding that I can't move this music that I had paid for to a different, non-apple mp3 (even though I don't have one), or the fact that there is no known iTunes in Linux and I won't be able to play it if I don't do something to the DRM, the whole prospect all of a sudden looks a lot less appealing.
They just need to wake up and figure that DRM will piss off their customer base no matter what. It locks people into platforms that they don't necessarily use, and the bought content becomes utterly useless.
Comparing what the average administors would do only reveals how little they're trained in security; hence, their test shows little in how secure a particular OS is, but how lazy/inept/ignorant an average administrator is towards security.
Besides, it isn't necessary that they have to wait for RH to patch the software, they could always get the source and recompile if they feel the exploit is important to be patched now.
That would just be like cracking a MD5 sum and then a SHA-1 sum, and then do some manipulation together. Assuming there are easy methods to generate collision on the fly, any algebraic expression would have little effect.
It's just like trying to write a pseudo-random generator without knowing any of the requirements or techniques to get there. The results just aren't right.
Well at least you get to clone yourself to get some specific agents to kill them. Kinda like one of the first bonds with the multiple Blofelds.
Quit thinking OBSD as something to replace the current enterprise OS. OBSD focuses on issues that many systems aren't as focused on. It works great for firewalls, and anything that you don't want someone to break into.
If you want to have SMP capability, and yet the security when you hook up that box on the Internet, perhaps you should consider use a smaller box with OBSD as a firewall for the SMP machine running something else, perhaps Linux or FreeBSD.
On the sidenote, I dislike the sentiment that people introduce buggy features - developeers want a feature to be implemented, but yet, we're all human and anything new are prone to bugs. It's not like OBSD developement team are perfect angels, they do make mistakes here and there, but due to their focus, OBSD has become much more secure and much more specialized towards that.
Didn't come true?
Watch the government rhetoric and their action and you know that this IS the future.
Ok I'm dumbfounded on this one. Why would a mainly personal sanitary product manufacturer needs like 1/2 milllion of these tags?
What the hell are they going to do with this?
"...that when they do things like this, it proved that THEY HAVE LOST."
No doubt... especially when people like me would just stick it in the computer and make a copy as the first then I do. It can even turn to stone and I wouldn't care less by then.
*dons russian accent* Propanganda
I used to have a C&C:TS site, and there were many people who commented that my site loads like lightning comparing to other sites. Guess what kind of compression I used?
Well they can always use the reply reciept method, but then you can always deny the reciept..
Guess lawmakers are out of their minds again. Why do they keep making laws on things that they're not knowledgable in?
Although you didn't mention on your post, I fought someone proved that the Hindenburg was basically coated in Thermite or some other very fast burning solid fuel on the canvas covering. That's the reason it burned very spectacularly. Note the Space Shuttle uses H2 for fuel and the flames are much different.
I think H2 explodes quite well, is it all that safe to have it replace jet fuel?
Well said.
How can a company restrict the availibility to software vulnerabilities to members that the general public can't join? That's the most ridiculous idea I've ever heard and many of us are sure there will be a crackfest when a "root" exploit is found, since the information would not be available for the non-members, the public.
I see it rather like a good option for those mac lovers who are buying new computers, but from what I heard, It won't be (performance wise) good on older macs. I don't see linux as threaten, even if it's released x86.
It comes down to support of the users, I mean, I wouldn't really shift to Linux even OS X is available because I like the way I do things in Linux. Besides I don't want too much fancy GUIs, it just hogs performance =) Just my opinions and not intended to bash anyone.
Note: I'm not blaming owners, but I'm blaming the sysadmins. They're the guys who maintains the servers and should not have allowed root access over telnet whatsoever. It may be the easiest way to maintain the server with root access with telnet, but that's the easiest way for some script kiddie to get in and f^&* around with the computers, and launch DDoS around and think they're the top of the world.
If the server owners are the sysadmins, then yes I would say they're f&(*ing morons because if they don't know how to maintain a server properly, then don't start a freaking ISP.
When my dualbooter is in linux, I could maintain it basically anywhere around the world, but would you think I would be that stupid to use telnet? At least use something that actually puts a better fight against those script kiddies and use SSH. Afterall some ISP do use *nix and could have assign certain users with more permissions than others (like sudo), at least it would not be that obvious to some script kiddie to say, hey this box is wide open and let f&(* around.
I do not see IRC as being stale or it was IRC's fault (by being IRC) that lead to this attack.
As noted by the post, it was a DDos attack, which the cracker took over an ISP using telnet and rooted it, then took control over more computers.
Anyone who've read a security computer book (or even just a couple of related articles) would know that telnet is just a big freaking can of worm, and any ISP that got rooted by it should be also held responsible. I don't see there's any need to use telnet myself, even if it's needed there are better alternatives (ie SSH). Although not without its exploits, I believe its better built against such attacks.
I don't run a true full time server with linux, but I have block out such vulnerable services, at least all but local access.
It's sad that IRC is in trouble dued to a bunch of stupid sysadmin in an ISP that allow crackers to root them.
I don't see there's any reason that an ISP should allow telnet access, even if it's needed, there's a better alternative (ie SSH). Any computer enthusiast who have read a couple of security articles would know that telnet access is a huge can of worms, and frankly, the ISP who got rooted by telnet should be also partly responsible. I don't know if the sysadmins are incompetent, but they're sure stupid not to lock down such a big security hole.
Actually Filthy's review matched pretty well... I liked U-571 and he didn't exactly have a super bad review, comparing to other movies. I just find this superhero crap on movie is too ridiculous and tiring.
I think if the terms does not list anything about mp3, then the knowledgable should try to circumvent such bots that are destroying works that are original to the owner of the site, afterall there's no copyright violation, and therefore ISP should be responsible for destroying private properties. I think that DJ should sue the ISP for that.
When did Journalism stop being researched fact and become ignorant IMO???
Journalism (except for special cases) had always been an ignorant IMO from the writer, at least it that been that way when I was born 17 years ago.
Calyth
I'm using a Debian system, after trying to get BrowseX going, it seems that Netscape is actually has a smaller footprint than this "lightweight" browser. by running both browser on the same page (/.) and toping it, netscape used a combined of 7% or so of my memory, while BrowseX took up 12%. The performance isn't great either, loading /. with Netscape is way faster than BrowseX, and the fact of lacking JavaScript or Java just drive me nuts, can you tell me that any big pages out there that doesn't use a bit of javascript?
One thing that I need to ask the author of the project, why bother trying to write a "lightweight" browser with an interpreted language? Although it's portable, it's not lightweight. One should write a lightweight browser from assembly, not an interpreted language. I'm disappointed on it's performance and the resource management.
It's great that these hackers (i shouldn't use crackers because they fixed up the hole) exploited and sealed the compromise. In computing Utopia, all hackers should do this, then we won't have security compromises. Thumbs up for those 2.
I would like to tab 1% of the resources.
Self taught people tends to learn the stuff thoroughly because they have to depend on themselves. But the cannon one was cool, I liked it. If the enginners didn't use that tail thing , instead maybe try a corkscrewing bleeder on the cylinder, they might have spinned it. I wish I could build a cannon out of junk =) Anyways, the show is cool and can't wait them to air..
But SRAM would not make sense for its performance that you've described. Remember that SRAM was used to make external cache in older generation machines like mine. (Pentium-133)
I was reading a memory article a while ago and it explained the difference between SRAM and DRAM (normal memory) in detail. But I'm afraid I've lost it. Check it in Tom's hardware and the like. Calyth