I just noticed a new phenomenon (at least for me)today. My Gnutella searches for certain items got a bunch of responses "SPAM GNUTELLA." Given the dispersed nature of Gnutella, polluting the stream like this and furnishing phoney files may be the only defense that can be mounted. It'll be interesting to see if the RIAA or its agents tries this.
Senator Orrin Hatch of Utah was commiserating with his "fellow musician" Lars, expressing his concern that Hatch's music could be pirated too. I just did Napster and Gnutella searches for his name. What a surprise, nothing found. Puhleeze. I've heard some of his stuff - you'd have to pay me to pirate it.
E.g. if I'm chatting through ICQ with a friend, the connection used by the two clients would be automatically encrypted.
Freedom from ZeroKnowledge Systems can do this for you, although to get the full benefit, both of you have to be using it. I agree that it would be nice if these features came built-in, but one difficulty up to now was the export controls the U.S. put on strong encryption products. No U.S. vendor wanted to be excluded from the rest of the world by building this into their products. There was also, to be honest about it, not much of a demand for it, either.
. With SSH you can scramble any connection. So, why not scramble the traffic between mailservers?
This works until the FBI (enabled by congressional legislation) gets around to establishing a system of "black boxes" like Britain's, where all the email traffic in the ISP gets routed through the government's hardware. Only end-to-end encryption can be relied on.
I'm not sure the FBI are the right people to be holding this information, but someone ought to.
Now this is frightening. You're actually willing to have some agency keep track of your private communications so that they can be examined for thought crimes. People who are so willing to give up their freedoms for some perceived 'higher good' just amaze me.
The current Presidential administration shows the folly of saying 'I'm not a criminal, so who cares?". How would you like your every email to be archived in your FBI file and then subject to exploitation by your political opponents? "Candidate Jones once made a joke about black people being shiftless. It's here in this email he sent to his sister in 1998."
I'm continually alarmed by the people who think anything the authorities want to do is ok, because they're 'helping' us. My personal correspondence belongs to me not anyone else, and I shouldn't have to wonder about who is reading it besides those I want to. The Constitution requires warrants to be issued for very good reasons, and those reasons apply here.
Sure the users could enter into a class-action lawsuit against ToysMart, but think about what happpens if you win: you become another creditor of a bankrupt company, and your info has still gotten away. What's that bought you? And where are you going to find a contingency-fee attorney to take on the battle for what will probably amount to no money? Perhaps a lawyer can comment, but as far as I know, class-action suits are only for monetary damages, and there are none to be had here. I think what you really want is injunctive relief based on breach of contract (part of the terms they're in breach of were that they would never release your personal info). I'd think a temporary restraining order would be relatively easy to get. Then the battle becomes the attempt to get a permanent injunction, which probably won't be cheap if they (in the form of their bankruptcy trustee and creditors) decide to fight it.
Re:Easy solution - ban DNA cross referencing
on
Walk-By DNA Testing
·
· Score: 2
simply BAN the cross referencing of a DNA database with public info, like for instance, your social security number.
It's too late. We in the US (and to an even greater extent, Great Britain) are already taking DNA samples from arrestees. If history is any indication, it will soon be required, much as fingerprints are, from police applicants, military, civil service employees, people registering a gun, etc. The attraction of this technology to a government bent on 'helping' us will make its adoption inevitable.
What if I sprinkle you with coke in an elevator? If this dystopia were to really come about, how are you going to get on that elevator with that coke? Every public building will have a monitor, so you won't be able to enter. Even if you could, how would you avoid getting it on yourself?
Ok, paranoia aside, there was an interesting program some years back in which paper currency was to be tested for cocaine residue. The theory was that if residue was detected, whoever was passing that currency was likely engaged in the drug trade. The trouble was that, when they actually tested the currency, virtally all of it had cocaine residue. I suspect that any monitoring program would have some of the same vulnerabilities; any 'bad stuff' they're looking for already permeates the environment to such an extent that the alarm bells would go off constantly. How do they know that these are your skin flakes? Since they 're everywhere, other people's are presumably also all over you. It may be a while, if ever, before we get to the point where these monitors are practical. At least, let's hope so.
Actually, I've had a vendor (not WRS) bring out the source code and help me on one occasion, when there was no other out. Certainly, having the source code to Linux would let me continue debugging down into the OS, but it's generally not an effective use of my time. It's better to have someone who has immersed him/herself in the bowels of the OS and knows it well rather than trying to get to that level of understanding myself, just so that I can then fix my problem. Our developments are generally under the gun, schedule-wise, so we trade our money for time, and consider it well-spent. When schedule isn't as important, I can understand the attraction of not having to rely on third-parties for support.
The bulk of my career has been spent constructing realtime embedded apps, and I'd have some concerns in using Linux. Support is crucial when you're trying to determine whether a bug is yours or the OS's. I'd have a difficult time telling my customer that "we'll just post a question on Usenet if we have any problems." I've had vendors come out and spend days with me trying to isolate some weird difficulty (the best ever was when the hardware vendor had forgotten to program the MACs into their Ethernet controllers). I'd only consider using embedded Linux if there were vendors out there who will offer that degeree of support. And in that case, what does using Linux get me as opposed to, say, Wind River? The cost of the OS is generally much less important than reliability and being able to get someone on the phone right now. Perhaps others have different priorities.
The downside of this is that spammers will frequently forge return addresses, some of which may go to real people. If you sign up with me@privacy.net, pretty soon joeblow@aol.com is getting the autoresponses meant for the spammers. It's hardly fair to solve your own problem by creating one for someone else. You're better off creating a free account on Yahoo or Hotmail and letting the spammers send their crap there. You can just abandon it and then no one is inconvenienced (well, ok, sorry Yahoo and Hotmail. You pay the small price of having people sign up for accounts they have no intention of using. Better you than me.)
Have you tried posting articles on Usenet with this email address as the "reply-to"? When I first got on the net, that's what got me all sorts of spam. Another thing you can do is create an EBay account with that email address. I get stuff that way. Someone must have set up an auto-troll program to cull email addresses off of EBay somehow. Third thing to try: create some web pages with mailto: links for this address. Make sure you submit the pages to search engines so that the spammers can find you. Lastly, subscribe to some email lists and submit items so that your reply address is visible. Spammers get email addresses this way as well.
Incidentally you might want to create a more generic address. If I were a spammer, I'd be figuring that any address that had the string 'spam' in it is a diversion, and I'd code my script to either ignore it or attempt to derive the 'real' address from it. It's also possible that spammers figure anyone living in Czechoslovakia isn't going to be a good candidate for musical toilet seats or whatever they're peddling. Consider using an address in the.com domain.
Re:Let's channel this energy against NSI instead
on
Pirate DNS?
·
· Score: 1
...hmm....NSI hurt you? so they're responsible for all the wrongs in the world, i see..
Well, let's look at the recent record. NSI suddenly unilaterally alters its agreements to declare that the domains registered thru them are actually the property of NSI and are subject to revocation on whatever arbitrary basis they feel like applying. Then they decide that expired domains will not necessarily be put back in the available pool, but could instead be auctioned off to the highest bidder. Nothing in their original charter gave them these powers, they simply decided to create them. And the reason they can get away with it, at least for now, is that they and only they run the root DNS database. Even other registrars have to pay NSI a fee to update the database with domains registered by them. So, yes, NSI is harming me as well as every other party who registers a domain through them. NSI has become increasingly arrogant and it's about time to put a stop to it. I for one have done so by getting my domain out of their hands and placing it with another registrar. This is only a partial solution as long as they can continue to make the rules on the database, however. I'd advocate creating a nonprofit organization separate from NSI to administer it. There might be a problem, though, if what I heard was correct: NSI claims ownership of the database itself and that it can't be taken away from them. If this is true and is upheld, we could be truely screwed.
You know, in the present climate I bet Id has already launched a passel of 'remove this infringing material from your site' letters to geocities. Not to mention Coke, Foster's, Gordon's Gin, People for the Ethical Treatment of Animals, Mothers Against Yorkshire Terriers, etc.
Re:Let's channel this energy against NSI instead
on
Pirate DNS?
·
· Score: 1
I wonder if it could be a decentralized node list instead of a central directory
It could be, but this would lead to an extra layer or layers (i.e., johnsDNSnode:sammys.god). If enough people wanted to participate, you'd have to organize these nodes in some sort of heirarchy. Pretty soon it would be the DNS equivalent of Amateur Packet Radio, where you have to specify the exact path, node by node, your packet must take to get to the destination. Just thinking about this makes my hair hurt.
Let's channel this energy against NSI instead
on
Pirate DNS?
·
· Score: 3
You'd still be faced with the same problem that caused the creation of NSI in the first place: who is ultimately in charge of the database? Some entity somewhere has to have the final say in what's in there, otherwise you have chaos. Not to mention trying to persuade overworked network administrators to add your alternative DNS to their name servers, some of whom wouldn't do so simply because they wouldn't like the idea of, for example, a.guns domain.
I think we're stuck with the present system, so our energies ought to be brought to bear against NSI and its increasingly fascist policies. Where's a tobacco lawyer when you need one?
I think the reason many people (including myself) are wary of experimentation like this is the "oh fuck" factor. Genetics is like the nuclear bomb of medicine. There's a line that, at some point, someone's gonna cross and what next?....."OH FUCK!"
Unfortunately, if something can be done, it will be done. The developers of the atomic bomb thought that there was a possibility (admittedly remote) that the bomb might ignite a Nitrogen Cycle and burn up the earth's atmosphere. They detonated the thing anyway. There's always going to be someone who's going to be willing 'take that risk' for you.
picture storing data in mice There was a science fiction story about exactly this. The alien race who created life on earth left messages in our genetic code. The scientists who recognized and decoded them found all sorts of interesting stuff, like antigravity, faster-than-light travel, etc. Unfortunately, they also found some super-weapons like a beamer that could slice through the plant like a ripe tomato. Humans being what they are, naturally someone decided to give it a try... poof, race extinct. It was a built-in test to see if we were too dangerous to let loose on the galaxy. So, how many GB will your average mouse chromosome hold, anyway? Can the data be copyrighted? If so, can I copyright my own genes and sue anyone attempting to give me a blood test under the Digital Millenium Copyright Act? Would cloning a copyrighted mouse be infringement? Would examining my genes for hereditary disease be considered reverse engineering?
Unfortunately, Jose forgot to go after the storm troopers who apparently are forcing people at gunpoint to consume corporatist comestibles.
Has it ever occurred to anti-corporatists that these establishments are successful because they meet a demand? Who appointed them the guardians of what goods and services should be available? From 1945-1989 we had several great examples of the 'benefits' of a command-control economic policy. Thanks, but no thanks, I'll take the market.
P.S. My family owned a small television-appliance store that went out of business because of the large electronics retailiers. We moved on and found other means of earning a living, and I buy my electroncs from those same large retailers and enjoy the variety and prices. Life is Darwinian. Deal with it.
The carrying capacity of available frequencies is effectively infinite if properly handled. The purpose of commmunications is to get information from one place to another, and if one uses excess power to do so, it's wasted and is a potential source of interference for those wanting to use the same frequency, who could otherwise use it to carry their own information. A good example of a system that limits power and reuses frequencies is the the cellular phone network. The cells reuse the same set of frequencies over and over, so their carrying capacity is multiplied manyfold. There are now radios in use that employ spread-spectrum and adaptive power-limitation to use just the bare minimum necessary to carry the information. I was told by one user that he had set up a 10-mile comm link that used only 1/1000 of a watt. If we were to use such techniques on all of our radio communication, we would have a vast amount of capacity available to us. I'm optimistic that we're heading that way already.
If Napster 'sells out' to the extent that its usefulness is compromised, other services will step in. The protocol is already implemented in third-party products, and there are even Napster-like third-party directory servers operating. Not to mention other file-sharing paradigms like Gnutella, Freenet, et al. The desire for this service is essentially a force of nature, and will find an outlet regardless of what transpires between RIAA and Napster.
What if you haven't 'forgotten' to pay for it, but intend for it to lapse? I don't recall my agreement with NSI saying that I'm authorizing them to keep the domain alive past the amount of time for which I initially paid. It should be thrown back into the pool for whoever wants to register it next, if anyone. How long is this 'auction' process going to keep the domain off the market?
Slashdot Mirror
I just noticed a new phenomenon (at least for me)today. My Gnutella searches for certain items got a bunch of responses "SPAM GNUTELLA." Given the dispersed nature of Gnutella, polluting the stream like this and furnishing phoney files may be the only defense that can be mounted. It'll be interesting to see if the RIAA or its agents tries this.
Senator Orrin Hatch of Utah was commiserating with his "fellow musician" Lars, expressing his concern that Hatch's music could be pirated too. I just did Napster and Gnutella searches for his name. What a surprise, nothing found. Puhleeze. I've heard some of his stuff - you'd have to pay me to pirate it.
E.g. if I'm chatting through ICQ with a friend, the connection used by the two clients would be automatically encrypted.
Freedom from ZeroKnowledge Systems can do this for you, although to get the full benefit, both of you have to be using it. I agree that it would be nice if these features came built-in, but one difficulty up to now was the export controls the U.S. put on strong encryption products. No U.S. vendor wanted to be excluded from the rest of the world by building this into their products. There was also, to be honest about it, not much of a demand for it, either.
. With SSH you can scramble any connection. So, why not scramble the traffic between mailservers?
This works until the FBI (enabled by congressional legislation) gets around to establishing a system of "black boxes" like Britain's, where all the email traffic in the ISP gets routed through the government's hardware. Only end-to-end encryption can be relied on.
I'm not sure the FBI are the right people to be holding this information, but someone ought to.
Now this is frightening. You're actually willing to have some agency keep track of your private communications so that they can be examined for thought crimes. People who are so willing to give up their freedoms for some perceived 'higher good' just amaze me.
The current Presidential administration shows the folly of saying 'I'm not a criminal, so who cares?". How would you like your every email to be archived in your FBI file and then subject to exploitation by your political opponents? "Candidate Jones once made a joke about black people being shiftless. It's here in this email he sent to his sister in 1998."
I'm continually alarmed by the people who think anything the authorities want to do is ok, because they're 'helping' us. My personal correspondence belongs to me not anyone else, and I shouldn't have to wonder about who is reading it besides those I want to. The Constitution requires warrants to be issued for very good reasons, and those reasons apply here.
Sure the users could enter into a class-action lawsuit against ToysMart, but think about what happpens if you win: you become another creditor of a bankrupt company, and your info has still gotten away. What's that bought you? And where are you going to find a contingency-fee attorney to take on the battle for what will probably amount to no money? Perhaps a lawyer can comment, but as far as I know, class-action suits are only for monetary damages, and there are none to be had here. I think what you really want is injunctive relief based on breach of contract (part of the terms they're in breach of were that they would never release your personal info). I'd think a temporary restraining order would be relatively easy to get. Then the battle becomes the attempt to get a permanent injunction, which probably won't be cheap if they (in the form of their bankruptcy trustee and creditors) decide to fight it.
simply BAN the cross referencing of a DNA database with public info, like for instance, your social security number.
It's too late. We in the US (and to an even greater extent, Great Britain) are already taking DNA samples from arrestees. If history is any indication, it will soon be required, much as fingerprints are, from police applicants, military, civil service employees, people registering a gun, etc. The attraction of this technology to a government bent on 'helping' us will make its adoption inevitable.
What if I sprinkle you with coke in an elevator?
If this dystopia were to really come about, how are you going to get on that elevator with that coke? Every public building will have a monitor, so you won't be able to enter. Even if you could, how would you avoid getting it on yourself?
Ok, paranoia aside, there was an interesting program some years back in which paper currency was to be tested for cocaine residue. The theory was that if residue was detected, whoever was passing that currency was likely engaged in the drug trade. The trouble was that, when they actually tested the currency, virtally all of it had cocaine residue. I suspect that any monitoring program would have some of the same vulnerabilities; any 'bad stuff' they're looking for already permeates the environment to such an extent that the alarm bells would go off constantly. How do they know that these are your skin flakes? Since they 're everywhere, other people's are presumably also all over you. It may be a while, if ever, before we get to the point where these monitors are practical. At least, let's hope so.
Actually, I've had a vendor (not WRS) bring out the source code and help me on one occasion, when there was no other out. Certainly, having the source code to Linux would let me continue debugging down into the OS, but it's generally not an effective use of my time. It's better to have someone who has immersed him/herself in the bowels of the OS and knows it well rather than trying to get to that level of understanding myself, just so that I can then fix my problem. Our developments are generally under the gun, schedule-wise, so we trade our money for time, and consider it well-spent. When schedule isn't as important, I can understand the attraction of not having to rely on third-parties for support.
The bulk of my career has been spent constructing realtime embedded apps, and I'd have some concerns in using Linux. Support is crucial when you're trying to determine whether a bug is yours or the OS's. I'd have a difficult time telling my customer that "we'll just post a question on Usenet if we have any problems." I've had vendors come out and spend days with me trying to isolate some weird difficulty (the best ever was when the hardware vendor had forgotten to program the MACs into their Ethernet controllers). I'd only consider using embedded Linux if there were vendors out there who will offer that degeree of support. And in that case, what does using Linux get me as opposed to, say, Wind River? The cost of the OS is generally much less important than reliability and being able to get someone on the phone right now. Perhaps others have different priorities.
And I thought I was creative using 'president@whitehouse.gov' all this time.
I did this for a while and then started thinking, "Hmmm, I wonder if the Secret Service has a sense of humor."
The downside of this is that spammers will frequently forge return addresses, some of which may go to real people. If you sign up with me@privacy.net, pretty soon joeblow@aol.com is getting the autoresponses meant for the spammers. It's hardly fair to solve your own problem by creating one for someone else. You're better off creating a free account on Yahoo or Hotmail and letting the spammers send their crap there. You can just abandon it and then no one is inconvenienced (well, ok, sorry Yahoo and Hotmail. You pay the small price of having people sign up for accounts they have no intention of using. Better you than me.)
The first shot is a 2 liter Diet Coke bottle.
but they can't look at your private email even if you access it from their equipment.
So how do they know it's your private email until they've looked at it?
Have you tried posting articles on Usenet with this email address as the "reply-to"? When I first got on the net, that's what got me all sorts of spam. Another thing you can do is create an EBay account with that email address. I get stuff that way. Someone must have set up an auto-troll program to cull email addresses off of EBay somehow. Third thing to try: create some web pages with mailto: links for this address. Make sure you submit the pages to search engines so that the spammers can find you. Lastly, subscribe to some email lists and submit items so that your reply address is visible. Spammers get email addresses this way as well.
.com domain.
Incidentally you might want to create a more generic address. If I were a spammer, I'd be figuring that any address that had the string 'spam' in it is a diversion, and I'd code my script to either ignore it or attempt to derive the 'real' address from it. It's also possible that spammers figure anyone living in Czechoslovakia isn't going to be a good candidate for musical toilet seats or whatever they're peddling. Consider using an address in the
...hmm....NSI hurt you? so they're responsible for all the wrongs in the world, i see..
Well, let's look at the recent record. NSI suddenly unilaterally alters its agreements to declare that the domains registered thru them are actually the property of NSI and are subject to revocation on whatever arbitrary basis they feel like applying. Then they decide that expired domains will not necessarily be put back in the available pool, but could instead be auctioned off to the highest bidder. Nothing in their original charter gave them these powers, they simply decided to create them. And the reason they can get away with it, at least for now, is that they and only they run the root DNS database. Even other registrars have to pay NSI a fee to update the database with domains registered by them. So, yes, NSI is harming me as well as every other party who registers a domain through them. NSI has become increasingly arrogant and it's about time to put a stop to it. I for one have done so by getting my domain out of their hands and placing it with another registrar. This is only a partial solution as long as they can continue to make the rules on the database, however. I'd advocate creating a nonprofit organization separate from NSI to administer it. There might be a problem, though, if what I heard was correct: NSI claims ownership of the database itself and that it can't be taken away from them. If this is true and is upheld, we could be truely screwed.
You know, in the present climate I bet Id has already launched a passel of 'remove this infringing material from your site' letters to geocities. Not to mention Coke, Foster's, Gordon's Gin, People for the Ethical Treatment of Animals, Mothers Against Yorkshire Terriers, etc.
I wonder if it could be a decentralized node list instead of a central directory
It could be, but this would lead to an extra layer or layers (i.e., johnsDNSnode:sammys.god). If enough people wanted to participate, you'd have to organize these nodes in some sort of heirarchy. Pretty soon it would be the DNS equivalent of Amateur Packet Radio, where you have to specify the exact path, node by node, your packet must take to get to the destination. Just thinking about this makes my hair hurt.
You'd still be faced with the same problem that caused the creation of NSI in the first place: who is ultimately in charge of the database? Some entity somewhere has to have the final say in what's in there, otherwise you have chaos. Not to mention trying to persuade overworked network administrators to add your alternative DNS to their name servers, some of whom wouldn't do so simply because they wouldn't like the idea of, for example, a .guns domain.
I think we're stuck with the present system, so our energies ought to be brought to bear against NSI and its increasingly fascist policies. Where's a tobacco lawyer when you need one?
I think the reason many people (including myself) are wary of experimentation like this is the "oh fuck" factor. Genetics is like the nuclear bomb of medicine. There's a line that, at some point, someone's gonna cross and what next?....."OH FUCK!"
Unfortunately, if something can be done, it will be done. The developers of the atomic bomb thought that there was a possibility (admittedly remote) that the bomb might ignite a Nitrogen Cycle and burn up the earth's atmosphere. They detonated the thing anyway. There's always going to be someone who's going to be willing 'take that risk' for you.
picture storing data in mice There was a science fiction story about exactly this. The alien race who created life on earth left messages in our genetic code. The scientists who recognized and decoded them found all sorts of interesting stuff, like antigravity, faster-than-light travel, etc. Unfortunately, they also found some super-weapons like a beamer that could slice through the plant like a ripe tomato. Humans being what they are, naturally someone decided to give it a try ... poof, race extinct. It was a built-in test to see if we were too dangerous to let loose on the galaxy. So, how many GB will your average mouse chromosome hold, anyway? Can the data be copyrighted? If so, can I copyright my own genes and sue anyone attempting to give me a blood test under the Digital Millenium Copyright Act? Would cloning a copyrighted mouse be infringement? Would examining my genes for hereditary disease be considered reverse engineering?
Unfortunately, Jose forgot to go after the storm troopers who apparently are forcing people at gunpoint to consume corporatist comestibles.
Has it ever occurred to anti-corporatists that these establishments are successful because they meet a demand? Who appointed them the guardians of what goods and services should be available? From 1945-1989 we had several great examples of the 'benefits' of a command-control economic policy. Thanks, but no thanks, I'll take the market.
P.S. My family owned a small television-appliance store that went out of business because of the large electronics retailiers. We moved on and found other means of earning a living, and I buy my electroncs from those same large retailers and enjoy the variety and prices. Life is Darwinian. Deal with it.
The carrying capacity of available frequencies is effectively infinite if properly handled. The purpose of commmunications is to get information from one place to another, and if one uses excess power to do so, it's wasted and is a potential source of interference for those wanting to use the same frequency, who could otherwise use it to carry their own information. A good example of a system that limits power and reuses frequencies is the the cellular phone network. The cells reuse the same set of frequencies over and over, so their carrying capacity is multiplied manyfold. There are now radios in use that employ spread-spectrum and adaptive power-limitation to use just the bare minimum necessary to carry the information. I was told by one user that he had set up a 10-mile comm link that used only 1/1000 of a watt. If we were to use such techniques on all of our radio communication, we would have a vast amount of capacity available to us. I'm optimistic that we're heading that way already.
If Napster 'sells out' to the extent that its usefulness is compromised, other services will step in. The protocol is already implemented in third-party products, and there are even Napster-like third-party directory servers operating. Not to mention other file-sharing paradigms like Gnutella, Freenet, et al. The desire for this service is essentially a force of nature, and will find an outlet regardless of what transpires between RIAA and Napster.
What if you haven't 'forgotten' to pay for it, but intend for it to lapse? I don't recall my agreement with NSI saying that I'm authorizing them to keep the domain alive past the amount of time for which I initially paid. It should be thrown back into the pool for whoever wants to register it next, if anyone. How long is this 'auction' process going to keep the domain off the market?