Since conventional media wisdom indicates the terrorists hate us because they're jealous of our wonderfully capitalist way of life, it should be no problem to find them exploiting all our capitalist society has to offer. No using cash for transactions for these guys... not when they have the "Islamic Jihad Gold Visa" from BankOne!
salon.com becomes even more politically-correct
on
4l-j4z333ra 0wn3d
·
· Score: 1
I notice Salon.com also ran a story on the site getting hacked, but they refused to put a link to the web site. I guess they figured it wasn't relevant.
Here are some of my favorites that may not be so obvious:
Nerd Movies
Office Space - Of course everyone here knows this movie. But it's amazing how many people haven't seen it.
Free Enterprise - someone else mentioned this and I agree
The Last Starfighter - A nerd's dream: playing a video game that turns into real life and takes you from a mundane existence to an intergalactic hero. Lots of fun.
Mosquito Coast - Harrison Ford plays a crazy inventor who moves to South America to pursue his dreams and runs into problems with Christian missionaries and the repurcussions of his dabbling with technology.
Music Movies
Crossroads (1986) - A brilliant movie with brilliant music. Even if you don't like Ralph Macchio, the plot and casting is great, and Ry Cooder and Steve Vai's guitar work in this movie are incredible.
Microsoft's university program is closely linked to its Trustworthy Computing initiative, its companywide focus on securing its products, which was launched early last year.
Hey, check it out. Early last year Microsoft decided it might me worthwhile to secure some of its products.
I hear some time in Summer 2014 Microsoft is going to launch its Memory Leak Awareness Program.
You underestimate the significance DESIGN plays in the ultimate performance of a project. This is a classic example of the new breed of computer programmers who rely more on the corporate feed trough of tools, complexity and ongoing jacked-up hourly support rates, than the inherent resourcefulness of humanity.
It's particularly bad with Oracle, because once I was on the DBA track with them, I realized it made the legal professions' "Bar" look shallow. Oracle DBAs are obsessive in their quest to make other people feel their technology is almost magical and incapable of mere non-Oraclephobes mundane understanding. Thus the legacy of the Oracle DBA getting uber rates continues.
Don't even get me started about Oracle. The problem with Oracle (and I know. I'm an architect of one of the most successful, complicated and highest-trafficked web sites on the net using their system) is the convolution of their support system. I don't know what kind of "Oracle" work you were doing. Maybe it was remedial and you could find a simple FAQ to tell you how to run a shell script, but when you get into the high end game on Oracle, lots of bugs and performance issues surface that you have to basically prove to them you're aware of before they'll admit it.
Let's see, I can pay $14,000+ for an Oracle license, which involves a deliberately convoluted array of hoops to jump through, "education points", maintenance contracts, and product module/pricing options that would make most long distance plans seem trivial. If I need support I have a plethora of options with cool names like "bronze", "silver" and "gold" which in effect give me a varying scale of hours or days in which I can wait to have issues resolved.
Or I can pay $300 for a MySQL commercial license and if I have any problems or additional functionality there are thousands of web sites with tons of free advice and code. And MySQL will blow the doors off of Oracle and other databases in terms of raw speed. Advanced options like data warehousing, replication, fancy triggers, rollbacks and other systems can be sometimes better-integrated on a hardware/os level so it's arguable as to whether MySQL's lack of some features is even a negative. You get more with less all around with MySQL: better support, more rapid bug/security patches, less hardware requirements, and more people in the online community who are willing to help without charging you by the hour because of their pretentious DBA title.
If I were them I would have simply updated the web site in such a way to thwart some automated robot, or blocked the IP blocks or something similar.
We had a client whose web site was crippled due to one of those price-comparison-robots hitting the server so fast, with so many simultaneous requests that it couldn't serve the public. I can see both sides of the story but it seems like a reasonable and fair idea to request permission before automating a process to scrape data from someone else's system for your own commercial gain. I'd categorize companies that do this (without permission) only a hair better than spammers on the scum scale.
I remember that to which you're referring... I never said there was not any copy protection, competing file formats - there were transgressions of virtually every type at every time in the history of personal computing, but early on they were the exception and not the standard now:
* Software sales used to be quality-driven, then it became advertising-driven, and now it is extortion/monopoly-driven
* The most pirated software in the early days of the PC was Lotus 1-2-3, which was also the biggest-selling software.
* Making hardware "open source" was primarily responsible for success: compare the Apple II or IBM PC to the TRS-80, TI99/4, Lisa, and other doomed systems that pushed to be proprietary at the expense of alienating their chance at grabbing substantive market share. (the only exception was Macintosh and that's only because a) they capitalized on Apple's early openness, and b) Microsoft has allowed them to exist in order to seem less monopolistic)
* The fact that there even were "word processor wars" where import/export paths wern't always consistent between competing products was still great for end-users, and also created a new market for conversion software. That doesn't exist now.
When if a product was well written and did its job, it would sell...
You could put a whole application on a 3.5" disk.
Printed manuals!
When you didn't need copy protection and activation screens. Piracy was more-or-less a marketing tactic more than something that cut into sales (and IMO it still is, but the software publishers don't want the public to know this)
Software companys generated revenue through customer loyalty (as opposed to customer extortion)
One software product had the audacity to recognize that other competing/complimentary products from other publishers did exist, and openly supported import/export functions
When most commercial software wasn't written in Pakastani or Indian programmer-warehouses.
Tech support telephone numbers weren't systemmatically hidden in a maze of FAQs, if at all, and they were 800 numbers.
You could install a software program without worrying if doing so would completely screw up your computer, other programs, or wipe out all your data.
When a "newer version" actually meant more features and functionality.
When the first version of a software package wasn't labelled "6.0"
When software was designed to work with the hardware and RAM you had installed in your machine, and didn't require you to upgrade to next generation crap in order to operate acceptably..... ahh the old days...
My mother gave me her Oyster blender about 20 years ago. It still works flawlessly today. She got it when she was young. It's one of those big stainless steel models that they now call "industrial" even though back then they were just the regular models.
I think this is an important issue. Generally speaking there is an inherent conflict of interests between the backbone providers and ISPs that profit from DDOS, spam and other unwelcome traffic and their customers. This is in my opinion why the backbones aren't that responsive. They actually profit from bandwidth-hogging activity, whether authorized or not.
In the case of Sprint, if you are hit with a DOS attack, they will not get involved unless your pipe with them is saturated. Their corporate policy (and I belive this is the same with many backbone providers) is that unless your connection is thoroughly congested, they will not filter or address DOS issues. They directly profit from crap traffic that you didn't invite.
For this reason, I think it is imperative that all bandwidth users begin holding their ISPs and backbone providers responsible for rogue traffic. This is the only way to motivate them to address the issue, otherwise they are quite content with an ever-increasing array of security, spam and other bandwidth problems. Now if your insecure server is compromised and is a party in the attack, that's your problem, but inbound DOS attacks, spam and other traffic that eats up bandwidth should be something the ISPs and backbone providers should have to eat!
99.9% of spammers are hijacking mail relays. Therefore they are committing crimes and exploiting innocent third-party resources in their promotional efforts. At least direct mail and telemarketers pay for the "bandwidth" they consume. Spammers steal two to three times the resources that they use.
Another fallacy is that spammers really make money - they aren't really engaging in a profitable venture, except their ability to steal other peoples' resources allow them to engage in ridiculously low-return, large-scale solicitations.
"Stopping spam at the termination point" is ultimately ineffective. It becomes a never-ending spy-vs-spy game that ultimately catches legitimate mail and continues to consume system resources and bandwidth while not addressing the true problem.
If spammers were unable to exploit third-party relays, things would change. Then they'd have to set up their own relays, pay for their own bandwidth, and execute more responsible marketing campaigns in order to avoid being globally blacklisted. The solution is amazingly simple and it has absolutely nothing to do with censorship or freedom of expression.
Good: ISPs are finally recognizing people hate spam and using it as a marketing tactic.
Bad: ISPs still are clueless. Filtering will never be effective. Until mail relay hijacking is globally criminalized and aggressively prosecuted, nobody will ever see any substantive reduction in spam.
This is an interesting idea. But I'm curious, if you're delaying the handshaking with the known spammer aren't you also tying up your own resources longer than necessary? How is this ultimately superior to the RBL scheme where you simply refuse to accept mail from blacklisted relays?
Yes, you slow down other servers, but at the expense of your own resources, unless there is some way where you can tie them up without sacrificing your own.
I still contend there is only one real way to deal with spam, and that's to make it illegal/criminal to exploit third-party relays and impose hefty civil fines that make it worthwhile for lawyers to go after the spammers. This will force spammers to set up their own relays, which can then be effectively blacklisted or tar-pitted. Until then, all other alternatives are useless wastes of resources, including but not limited to, the goofy idea of analyzing mail content in real time to ID spam.
I don't mind this scam a bit. I consider it intellectual natural selection. Any moron that is foolish enough to fall for this scam is doing everyone else a favor by being separated from his money in a most appropriate manner.
I have a theory. The same people who fall for this scam also spend money on plastic surgery, Lincoln Navigators, dog sweaters, high-end California Cabernet, Hootie and the Blowfish albums, Mike Tyson pay-per-views, Prozac for their children, and George Foreman grills. The Nigerians are inadvertently doing civilized society a favor.
I remember that at one point the system was so busy I had my hardcore users beg me to move the system to a pay system so they could get online and weed out the non-core audience. This was before any multi-line BBSes were around. When I went pay, my mailbox was overloaded with checks. My mother had no idea what was going on. To this day, some of my best and oldest friends I met while running my BBS.
In later years when the system was running on IBM, I also wrote a few Door programs, including one called "City Guides" which was a configurable database with restaurant and other listings. One of the major telephone companies eventually bought the software and used it as a prototype for their electronic yellow pages. The United Nations also adapted this software to serve as a database for monitoring environmental scenarios around the world and sharing information online.
I have very fond memories of the old BBS days. Fidonet and BBSes and their ability to distribute software gave many early Shareware authors the opportunity to get their products out to people and build businesses. As a result of this and the Shareware that my BBS and others helped distribute, I quit the corporate world more than 15 years ago and have never looked back. People like myself, Katz, McAffee, Button and many, many others owe their livelihood to the BBS phenomenon.
Also, a big shout out to the system of Hell in NYC (I don't know nuttin'), Alan Jennings of CompuChurch (first of its kind), Wes Mier in Walnut Creek (best download section on the planet for almost a decade), and Penn and Teller -- all pioneers in the history of BBSes.
I ran one of the earliest and longest running BBSes in the country. I'm wondering if anyone remembers it. It was called The DUNGEON. It was born in the early eighties and went through various incarnations of software and hardware (Health/Zenith proprietary, Apple Net-works, TRS-80 homebrew, and then tons of PC-based systems). My entry in the USBBS list was so young it didn't have a start date listed.
Those were the days. I was in school and in the early days didn't have an auto-answer modem. I had a system written in BASIC on my TRS 80 with a manual 300-baud modem and I'd flip the switch when the phone rang. When I finally upgraded to a more automated system, I had the BBS set to call me in the morning to wake me up.
I can think of no organization that is more active in protecting the base rights that most people in the tech community relish than the EFF, of which Barlow is a founder. Every member of Slashdot should also be a member of this organization. Among other things, the EFF is defending Fair Use Doctrine especially as it applies to digital content (an area where there seems to be lots of double standards), Internet Censorship, Government/Corporate surveillance and a lot more.
Shouldn't the patch system be able to automate all those messy instructions in the first place?
1. Identify where the application is installed (or have the user specify if there is more than one installation) 2. Designate a backup path or device and automatically make a backup copy of the critical files. 3. Install the patch 4. Provide a method by which the patch can be verified that it was installed correctly 5. Provide an option to "rollback" the patch by restoring the backup files from the designated path or device.
All those operations could be done by the program itself. What kind of programmers do these people have? The patch should have one command: "click here", and then go into an interactive menu.
I disagree about the difficulty in propagating the worm under IPv6. It might slow it down, but I was online when the worm hit and it was almost instant the way it consumed the backbones. I'd estimate that within 5-10 minutes the worm went from one end of the world to the other.
The scary thought for IPv6 to me is that it might slow down random IP propagation, but that would probably be inconsequential when compared with the increased number of spammers that would find new life and longevity in hiding amongst the exponentionally larger IP space.
The beauty of unix is that for 99% of the services you can patch the app and not interrupt OS uptime. That'll never, ever happen with any Microsoft OS.
Slashdot Mirror
Since conventional media wisdom indicates the terrorists hate us because they're jealous of our wonderfully capitalist way of life, it should be no problem to find them exploiting all our capitalist society has to offer. No using cash for transactions for these guys... not when they have the "Islamic Jihad Gold Visa" from BankOne!
I notice Salon.com also ran a story on the site getting hacked, but they refused to put a link to the web site. I guess they figured it wasn't relevant.
Nerd Movies
Music Movies
This is the same Dvorak that gave Network Solutions his Award for Technical Excellence. 'Nuff said!
Microsoft's university program is closely linked to its Trustworthy Computing initiative, its companywide focus on securing its products, which was launched early last year.
Hey, check it out. Early last year Microsoft decided it might me worthwhile to secure some of its products.
I hear some time in Summer 2014 Microsoft is going to launch its Memory Leak Awareness Program.
You underestimate the significance DESIGN plays in the ultimate performance of a project. This is a classic example of the new breed of computer programmers who rely more on the corporate feed trough of tools, complexity and ongoing jacked-up hourly support rates, than the inherent resourcefulness of humanity.
It's particularly bad with Oracle, because once I was on the DBA track with them, I realized it made the legal professions' "Bar" look shallow. Oracle DBAs are obsessive in their quest to make other people feel their technology is almost magical and incapable of mere non-Oraclephobes mundane understanding. Thus the legacy of the Oracle DBA getting uber rates continues.
Don't even get me started about Oracle. The problem with Oracle (and I know. I'm an architect of one of the most successful, complicated and highest-trafficked web sites on the net using their system) is the convolution of their support system. I don't know what kind of "Oracle" work you were doing. Maybe it was remedial and you could find a simple FAQ to tell you how to run a shell script, but when you get into the high end game on Oracle, lots of bugs and performance issues surface that you have to basically prove to them you're aware of before they'll admit it.
Oracle: security ?
Please.
I'm sorry. Call me old school, but "rollback" is a feature for people who don't idiot proof their input routines properly.
I think it's quite telling that for several years the biggest-selling and most popular application for Windows was what?
A screen saver! (After Dark)
Let's see, I can pay $14,000+ for an Oracle license, which involves a deliberately convoluted array of hoops to jump through, "education points", maintenance contracts, and product module/pricing options that would make most long distance plans seem trivial. If I need support I have a plethora of options with cool names like "bronze", "silver" and "gold" which in effect give me a varying scale of hours or days in which I can wait to have issues resolved.
Or I can pay $300 for a MySQL commercial license and if I have any problems or additional functionality there are thousands of web sites with tons of free advice and code. And MySQL will blow the doors off of Oracle and other databases in terms of raw speed. Advanced options like data warehousing, replication, fancy triggers, rollbacks and other systems can be sometimes better-integrated on a hardware/os level so it's arguable as to whether MySQL's lack of some features is even a negative. You get more with less all around with MySQL: better support, more rapid bug/security patches, less hardware requirements, and more people in the online community who are willing to help without charging you by the hour because of their pretentious DBA title.
Tough choice...
Nice to know that DARPA is now getting into the casino shuttle business.
If I were them I would have simply updated the web site in such a way to thwart some automated robot, or blocked the IP blocks or something similar.
We had a client whose web site was crippled due to one of those price-comparison-robots hitting the server so fast, with so many simultaneous requests that it couldn't serve the public. I can see both sides of the story but it seems like a reasonable and fair idea to request permission before automating a process to scrape data from someone else's system for your own commercial gain. I'd categorize companies that do this (without permission) only a hair better than spammers on the scum scale.
I remember that to which you're referring... I never said there was not any copy protection, competing file formats - there were transgressions of virtually every type at every time in the history of personal computing, but early on they were the exception and not the standard now:
* Software sales used to be quality-driven, then it became advertising-driven, and now it is extortion/monopoly-driven
* The most pirated software in the early days of the PC was Lotus 1-2-3, which was also the biggest-selling software.
* Making hardware "open source" was primarily responsible for success: compare the Apple II or IBM PC to the TRS-80, TI99/4, Lisa, and other doomed systems that pushed to be proprietary at the expense of alienating their chance at grabbing substantive market share. (the only exception was Macintosh and that's only because a) they capitalized on Apple's early openness, and b) Microsoft has allowed them to exist in order to seem less monopolistic)
* The fact that there even were "word processor wars" where import/export paths wern't always consistent between competing products was still great for end-users, and also created a new market for conversion software. That doesn't exist now.
I remember the old days...
.... ahh the old days...
When if a product was well written and did its job, it would sell...
You could put a whole application on a 3.5" disk.
Printed manuals!
When you didn't need copy protection and activation screens. Piracy was more-or-less a marketing tactic more than something that cut into sales (and IMO it still is, but the software publishers don't want the public to know this)
Software companys generated revenue through customer loyalty (as opposed to customer extortion)
One software product had the audacity to recognize that other competing/complimentary products from other publishers did exist, and openly supported import/export functions
When most commercial software wasn't written in Pakastani or Indian programmer-warehouses.
Tech support telephone numbers weren't systemmatically hidden in a maze of FAQs, if at all, and they were 800 numbers.
You could install a software program without worrying if doing so would completely screw up your computer, other programs, or wipe out all your data.
When a "newer version" actually meant more features and functionality.
When the first version of a software package wasn't labelled "6.0"
When software was designed to work with the hardware and RAM you had installed in your machine, and didn't require you to upgrade to next generation crap in order to operate acceptably.
My mother gave me her Oyster blender about 20 years ago. It still works flawlessly today. She got it when she was young. It's one of those big stainless steel models that they now call "industrial" even though back then they were just the regular models.
I think this is an important issue. Generally speaking there is an inherent conflict of interests between the backbone providers and ISPs that profit from DDOS, spam and other unwelcome traffic and their customers. This is in my opinion why the backbones aren't that responsive. They actually profit from bandwidth-hogging activity, whether authorized or not.
In the case of Sprint, if you are hit with a DOS attack, they will not get involved unless your pipe with them is saturated. Their corporate policy (and I belive this is the same with many backbone providers) is that unless your connection is thoroughly congested, they will not filter or address DOS issues. They directly profit from crap traffic that you didn't invite.
For this reason, I think it is imperative that all bandwidth users begin holding their ISPs and backbone providers responsible for rogue traffic. This is the only way to motivate them to address the issue, otherwise they are quite content with an ever-increasing array of security, spam and other bandwidth problems. Now if your insecure server is compromised and is a party in the attack, that's your problem, but inbound DOS attacks, spam and other traffic that eats up bandwidth should be something the ISPs and backbone providers should have to eat!
99.9% of spammers are hijacking mail relays. Therefore they are committing crimes and exploiting innocent third-party resources in their promotional efforts. At least direct mail and telemarketers pay for the "bandwidth" they consume. Spammers steal two to three times the resources that they use.
Another fallacy is that spammers really make money - they aren't really engaging in a profitable venture, except their ability to steal other peoples' resources allow them to engage in ridiculously low-return, large-scale solicitations.
"Stopping spam at the termination point" is ultimately ineffective. It becomes a never-ending spy-vs-spy game that ultimately catches legitimate mail and continues to consume system resources and bandwidth while not addressing the true problem.
If spammers were unable to exploit third-party relays, things would change. Then they'd have to set up their own relays, pay for their own bandwidth, and execute more responsible marketing campaigns in order to avoid being globally blacklisted. The solution is amazingly simple and it has absolutely nothing to do with censorship or freedom of expression.
Good: ISPs are finally recognizing people hate spam and using it as a marketing tactic.
Bad: ISPs still are clueless. Filtering will never be effective. Until mail relay hijacking is globally criminalized and aggressively prosecuted, nobody will ever see any substantive reduction in spam.
This is an interesting idea. But I'm curious, if you're delaying the handshaking with the known spammer aren't you also tying up your own resources longer than necessary? How is this ultimately superior to the RBL scheme where you simply refuse to accept mail from blacklisted relays?
Yes, you slow down other servers, but at the expense of your own resources, unless there is some way where you can tie them up without sacrificing your own.
I still contend there is only one real way to deal with spam, and that's to make it illegal/criminal to exploit third-party relays and impose hefty civil fines that make it worthwhile for lawyers to go after the spammers. This will force spammers to set up their own relays, which can then be effectively blacklisted or tar-pitted. Until then, all other alternatives are useless wastes of resources, including but not limited to, the goofy idea of analyzing mail content in real time to ID spam.
I don't mind this scam a bit. I consider it intellectual natural selection. Any moron that is foolish enough to fall for this scam is doing everyone else a favor by being separated from his money in a most appropriate manner.
I have a theory. The same people who fall for this scam also spend money on plastic surgery, Lincoln Navigators, dog sweaters, high-end California Cabernet, Hootie and the Blowfish albums, Mike Tyson pay-per-views, Prozac for their children, and George Foreman grills. The Nigerians are inadvertently doing civilized society a favor.
I remember that at one point the system was so busy I had my hardcore users beg me to move the system to a pay system so they could get online and weed out the non-core audience. This was before any multi-line BBSes were around. When I went pay, my mailbox was overloaded with checks. My mother had no idea what was going on. To this day, some of my best and oldest friends I met while running my BBS.
In later years when the system was running on IBM, I also wrote a few Door programs, including one called "City Guides" which was a configurable database with restaurant and other listings. One of the major telephone companies eventually bought the software and used it as a prototype for their electronic yellow pages. The United Nations also adapted this software to serve as a database for monitoring environmental scenarios around the world and sharing information online.
I have very fond memories of the old BBS days. Fidonet and BBSes and their ability to distribute software gave many early Shareware authors the opportunity to get their products out to people and build businesses. As a result of this and the Shareware that my BBS and others helped distribute, I quit the corporate world more than 15 years ago and have never looked back. People like myself, Katz, McAffee, Button and many, many others owe their livelihood to the BBS phenomenon.
Also, a big shout out to the system of Hell in NYC (I don't know nuttin'), Alan Jennings of CompuChurch (first of its kind), Wes Mier in Walnut Creek (best download section on the planet for almost a decade), and Penn and Teller -- all pioneers in the history of BBSes.
I ran one of the earliest and longest running BBSes in the country. I'm wondering if anyone remembers it. It was called The DUNGEON. It was born in the early eighties and went through various incarnations of software and hardware (Health/Zenith proprietary, Apple Net-works, TRS-80 homebrew, and then tons of PC-based systems). My entry in the USBBS list was so young it didn't have a start date listed.
Those were the days. I was in school and in the early days didn't have an auto-answer modem. I had a system written in BASIC on my TRS 80 with a manual 300-baud modem and I'd flip the switch when the phone rang. When I finally upgraded to a more automated system, I had the BBS set to call me in the morning to wake me up.
I can think of no organization that is more active in protecting the base rights that most people in the tech community relish than the EFF, of which Barlow is a founder. Every member of Slashdot should also be a member of this organization. Among other things, the EFF is defending Fair Use Doctrine especially as it applies to digital content (an area where there seems to be lots of double standards), Internet Censorship, Government/Corporate surveillance and a lot more.
Shouldn't the patch system be able to automate all those messy instructions in the first place?
1. Identify where the application is installed (or have the user specify if there is more than one installation)
2. Designate a backup path or device and automatically make a backup copy of the critical files.
3. Install the patch
4. Provide a method by which the patch can be verified that it was installed correctly
5. Provide an option to "rollback" the patch by restoring the backup files from the designated path or device.
All those operations could be done by the program itself. What kind of programmers do these people have? The patch should have one command: "click here", and then go into an interactive menu.
I disagree about the difficulty in propagating the worm under IPv6. It might slow it down, but I was online when the worm hit and it was almost instant the way it consumed the backbones. I'd estimate that within 5-10 minutes the worm went from one end of the world to the other.
The scary thought for IPv6 to me is that it might slow down random IP propagation, but that would probably be inconsequential when compared with the increased number of spammers that would find new life and longevity in hiding amongst the exponentionally larger IP space.
The beauty of unix is that for 99% of the services you can patch the app and not interrupt OS uptime. That'll never, ever happen with any Microsoft OS.