"by hiding your ip address" they claim that this is not exploitable?
Somone scans a network of cables users, and sends them all the packet and command to delete boot.ini. How does 'hiding' your IP address help?
If they have the feature in for automatic updates (unsigned), then clearly they expect to be able to connect to it using, what else, an IP ADDRESS, "hidden" or not.
Hard to beleive they have 15 million folks on at the same time.
Don't do it. Start with a fixed rate deal, and then if they start wanting all sorts of stuff do hourly rate. But a fixed rate lets you spend the time you want where you want. If you do hourly, they are much more likely to pay attention to how you spend your time. Don't ask for rediculous amounts, $5k is a good starting number. Get enough to live. The fact is, you would do this work for FREE:)
Thanks, that is an excellent link and example of exactly what I am talking about. It's interesting that there is so much interest in digital, without corresponding experiments with different and higher frame rates.
The question is what is the frame rate. At 60 fps (i) they may have experienced nausea from that. If it was 60 fps progressive that would be something very nice.
I'm starting to wish they would shoot movies at 60fps.
One problem with a lot of computers is that BIOS on and power up events suck up seconds, so even a 10 second linux load is still 15 seconds overall. If we can get linux down to 3 seconds, we are at an 8 second overall load.
I see there are already a ton of linux fanboys and girls posting about the incredible uptime of their linux boxes, and claiming that a) boot time doesn't matter because linux doesn't go down or b) linux boots very fast.
They are wrong. Boot time matters.
It matters for perception. Boot time is one of the periods where a user spends the most time looking at a screen not being able to do anything (even if that happens rarely). A faster boot time leads to a sense that the whole system is faster, because it is a first impression, and a significant impression. If linux bliped on from a cold start in 5 seconds, I'd be studies would show it appeared faster.
Boot time matters because not everyone (in fact, very few people) leave their systems on all the time. Slashdot fan boys living at home may not agree, but they are wrong.
Think about business systems. At my place of work, everyone turns their computer off at the end of the day, and on at the beginning of the next. My mother doesn't leave her computer running 24/7, she turns it OFF when she is done using it. My roomates do the same thing. Even I do it sometimes.
Boot time matters because power management is still evolving under linux. As power management requires the cooperation of a number of pieces of a system, power management is still a work in progress. Once power management with every peripheral is flawless, then we can start to dial back boot time worries (only a little).
Boot time matters server side too. I know folks are going to complain that I focus on the user too much. But boot time matters server side as well. We have UPS units on our servers. They have however a limited lifetime. So when the power drops for a few minutes (which it does here somewhat often) automatic shutdown process starts.
When the power comes back on, people power up their computers. These being Windows XP machines they actually start pretty quickly (or never went off if on a UPS). If folks were in the middle of something, they expect that with the power their logon and other services will be back in action. Then all the individual computers start timing out / locking up, generating help calls.
On the server side, if there was an emergency security patch, or we were coming up from a power outage, the faster the boot time the better, if I can beat out even 20% of the client connect attempts.
Boot time matters, a big bravo to the folks working to improve this.
I agree with this posters comments completely. Rights apply to everyone, even those we don't like. I have been a long time ACLU member for precisely this reason.
However, my opinion was of CI Host as a an organization. Before treating the organization as a hero, I think it is important to look at its total record, not just a single event. With CI Host its record is poor in my opinion, so would caution folks who would hail them as heros.
I should note I also happen to disagree with their lawsuit.
Good point though.
What happens if a patent firm that does nothing but stifle innovation is in turn sued by another patent firm. Does one defend the first patent firm becuase they are now being unfairly sued? My sense is I'd be glad they were getting a taste of their own medicine, and would focus the resources I do have on the small firms that are sued and don't have the resources to fight back. I'd feel ethically comfortable with such a decision as well.
Stay anonymous. Do the COST-BENEFIT analysis (seriously).
In this climate, you have everything to loose and very VERY LITTLE to gain no matter how cool you think it is.
The school must follow no laws but it's own and can expell you, and I PROMISE you that somewhere somehow you violated their AUP or TOS.
The vendor can sue you, and even if you beat them you are stuck with a HUGE legal bill.
You can get some overzealous local DA trying to move up the ladder to take you on. If you don't have a lot of money you are a tempting target for obvious reasons.
You need to understand the DMCA (and companies who file suit under it) claiming that attempts at circumvention are illegal.
And what would you gain? I think you'd be surprised at how very little unless you want to work for a security company, and even then that is tough. Folks with hacking pasts are often radioactive in the IT world, and with big companies especially so. You'll have a very hard time getting a background clearance.
I'd notify the vendor and some lists 100% anonymously (and not just spoofing an email). If they don't act in the reasonable time frame full disclosure and it will be sure to get fixed. You've done your part, with none of the baggage.
You need to think through how limited the upside is. College kids love the challenge, and want to feel proud for doing the right thing. Commercial companies hate to be embarrassed, and will sic their lawyers on you if given half a chance.
Blackboard already went down this route I think with some kid they sued to convince him that he hadn't found a vulnerability. Much of the business world does not particularly care about right and wrong, what they do care about is $$ and lawyers.
College is wonderful, don't let it fool you.
And frankly, given that the industry has forced through so many rediculous laws (UCITA anyone?), give them a fair 30 days but then go full-disclosure. What goes around comes around.
Spot on, I think sometimes folks are a bit idealistic about our system, including our legal one. Big $$$ are PROVEN to shape criminal court outcomes. They have an influence. Period.
I'm hoping IBM is laying low to prepare for their all out assult on SCO should they deceide they aren't going to get what they need the usual way. Big companies tend to be risk averse however, they have too much to lose if things go badly.
But SCO are masters at the reality distortion field effect. If you say it must be true enough times sometimes it becomes true (dot com bubble comes to mind).
Recognize this is not a perfect world or system. A jury is reviewing the case and sees that lots of people are willing to pay SCO for their "property" but RedHat and friends don't seem to want to. SCO has tried to enter into "good faith" negotiations repeatedly (watch the paper trail they are creating). Even if NONE of this matches reality, guided by David Boise there is no doubt this could confuse the issue.
It's called framing the debate. They're trying to move past the "did we infringe" to the "what is the cost, solutions, global settlement". You'd be surprised how easy it is to move folks who are not that informed along by simply acting as if everything is going your way (even if nothing has been shown / deceided).
The issue with the legal agreements is that you give SCO a stick to beat you with (ie, you upgrade to 2.6 without a new higher priced license).
We agree their claims appear groundless. If they actually wanted to stop the "theft" of their secrets they'd simply disclose the code at issue and it would be gone in a week, AT THE MOST.
No, they are playing a game of legal extortion, and trying to lay a record in paper (no matter how much nonsense there is) that will help them. For example, keep an eye out for endless discussions of "good faith". This has no legal bearing per se, but folks are human and a judge or clueless jury looking at the record (with the help of David Boise) may read about all the "good faith" discussions SCO has tried to have and come to the wrong result.
What they are doing is setting up an enviroment where things look like a done deal. Folks shouldn't underestimate this.
Given the fact that IBM has been relatively silent if a judge looks at a future SCO case they have 600 people licensing software from them, that judge is simply going to have a harder time "giving it away for free" to the linux guys.
Now I hope to GOD people read these licenses with a very fine tooth comb. Their is an adge that you NEVER want to sign a contract with a company like SCO, because a contract gives them real power to make your life miserable. Realize that they initially went after their OWN licensees (AIX etc) and it was because those folks had signed contracts. Be careful!
Statements RedHat could make would include "It's time for SCO to put up or shut up." Would love to hear some other suggestions.
Irrespective of the legal merits of the case (SCO is the kind of company you never want to sign a contract with.), Redhat needs to go for a more aggressive stance in their public statements. SCO has been off the wall with theirs, and Redhat needs to call them on it (the idea that running linux now before anything has been show open one to liability just on the sayso of a company out for bucks is rediculous for example).
With a group like SCO they probably need to have the mindset of "go for the jugular". They need to hire an aggressive set of lawyers, get a pool of folks together to front serious money (get things to $5 million or so) and then sit back and prepare to grind it out.
The problem nowadays is if you make wild enough statements repeatedly enough, they are given more credit then they deserve.
Wasn't too impressed, crazy that the O'Reilly people picked them of all folks, looked to me like the author had some connection with the service. Bad form.
Yes, I have reviewed their website. Strange they would take out $10 million in insurance after raising $5 million for the purse with the expectation that the next $5 million would be in by 1999. Perhaps they took it out for the remainder.
You would also expect that the expense of such an insurance policy would appear on their financials. They have a $120,000 annual expense for "Risk Insurance" which might be high enough to cover this, though I'm surpised a company would issue it that inexpensively. They may also have partners involved, there are a lot of different ways these things can be structured. However, the more complicated it is the more important the transparency bit is.
This "Risk Insurance" might also be D&O type stuff in case they got sued if something goes wrong with competition (ie, someone rushes to relaunch and cuts corners on safety).
I'll put in a request to them during the workweek for some clarification, it may be as easy as a FAQ update.
I'm curious about the X-Prize Foundations finances.
They filed their last Form 990 for 2001 late, and their 2002 990 hasn't shown up yet so I'm assuming they requested an extention for the last year as well. As a confidence builder the fact that they can't close their books by March or so for the previous year is not super postiive.
In 1998 we had this quote: "The X PRIZE Foundation already has raised more than half of the $10 million purse and anticipates having the remaining funds within a year."
According to their 2001 990 at the end of the year they had $3,000 in cash and $1,000,000 in liabilities.
If someone has already looked into the situation (ie, status of insurance, supporting organization holding funds etc) do let me know, otherwise I'll work to pull together some relevant information.
As I get it I'll stick relevant info up at http://augustz.com/xprize. [Nothing up at the moment and maybe nothing will ever show up...:)]
The innovation around these projects is so cool however. Looking forward to the results!
Seriously, this is what worked for me. Being a perfectionist (but a procrastinator) what would do wonders is to just sit down, and get started. If it's a paper, I'd start by putting down my name and the date, and then put down one - three sentences, and after that I would be off.
Coding, write the first class (that actually does something so you can see it take effect) and same thing.
Sometimes about halfway through hit a dead spot and get distracted by slashdot etc. The trick there was to have started things at least a day earlier so I could just hit the sack when I found producivity going down.
Unless you start, it won't get finished, so the trick for me was to just start:)
I think your experience mirrors that of many around spews.
If an ISP ignores / cans complaints they can get the runaround trying to get off. Once an ISP's abuse dept has developed and ongoing working relationship with net-abuse and a timely response to complaints things usually go much more smoothly.
The folks at spews are agressive no question (I happen to be blacklisted currently through zero fault of my own, netblock block). And some of the folks reporting (not spews admins) can describe things with a bit too much hyperbole. But in terms of evidence to back up blocks, and a group that largely gets it right and which some folks voluntarily use, spews does a neat job, and the heavy handed approach is surprisingly effective.
I also happen to like ordb and friends which do realtime automated testing that stirs up less of the personal stuff.
Please remember that the service is beta and will start charging for advanced features once it is out of beta. As usual, worth waiting to see if it goes totally commercial. Looks like they plan to charge to allow listing multiple "trusted" servers.
A fair number of the spams I submitted came from servers that had already been voted on as TRUSTED by other users. In other words, my credability went down by reporting them as spammers.
http://www.trustic.com/ip/219.94.114.6 for example and I've got a fair number of others. Folks are either polluting the space intentionally or being very very sloppy in reporting trusted servers.
Groups like spews have a very nice evidence file, and it gets reviewed by a person. I've generally been impressed with the real community blacklist sites.
Technically the site works great and is super fast. But wouldn't follow the O'Reilly recommendation and pick it as my primary blacklist just yet (even through the guy doing the site worked with the author of the article to make changes.)
As you no doubt know GPL'ed software is protected by copyright, though that copyright is used in a somewhat unusual manner.
Has the FBI ever gone after someone who has misused GPL software? Has their ever been a felony copyright arrest for open source software license or copyright violation?
Given discovery of large scale, knowing violation of that copyright does the FBI approach the violators in the same way it does those who are involved in other forms of IP theft?
How might the usual lack of direct costs (MSRP) for open source software effect any prosecution for GPL violations?
GPL'ed and other open source software seems especially deserving of protection. Open source software is generally developed by smaller developers or those with fewer legal resources. It would be interesting to hear of the role the FBI might play on behalf of the people generally. From the Adobe case we are aware that you are very aggressive in going after individuals, including those who expose flaws and the very misleading marketing of some of the bigger for profit companies.
Should our system of copyright and patents be designed to make people rich by government enforced monopoly or should they be designed with a focus first on spurring innovation and improving the general good. How does retroactive copyright extension do this? It seems on its face that the material was already developed under the older incentive plan.
Hear hear... There was a fellow who was trying to push 60fps and I remember a reviewer commenting on how rock steady everything seemed, including the pans. It just looked very REAL. I'd love it if they added the hi-fi spec. Bump the framerate up to 45fps if they can't make it to 60fps and some excellent resolution.
Only two contracts for $8 million. That seems to indicate that the Microsoft payment was pretty significant. That whole amount may be MS, the unamed second contract could certainly just be cover.
This is going to be interesting. From the corporate perspective they have message that business are sensitive to, this whole illegal, tainted, corrupted, unwarantied language they are using. Blah. Will be good to see code in question.
Without contract rights with Linux itself it seems the folks who've worked with them in the past will be the ones getting burned.
Linux and the lack of a contracting entity serves as a bit of a firewall perhaps, end user liability absent a contract seems a bit weak.
Have a meeting to go to, look forward to catching up on some more interesting questions.
Slashdot Mirror
"by hiding your ip address" they claim that this is not exploitable?
Somone scans a network of cables users, and sends them all the packet and command to delete boot.ini. How does 'hiding' your IP address help?
If they have the feature in for automatic updates (unsigned), then clearly they expect to be able to connect to it using, what else, an IP ADDRESS, "hidden" or not.
Hard to beleive they have 15 million folks on at the same time.
Wow, a lot of folks love charging hourly rates.
:)
Don't do it. Start with a fixed rate deal, and then if they start wanting all sorts of stuff do hourly rate. But a fixed rate lets you spend the time you want where you want. If you do hourly, they are much more likely to pay attention to how you spend your time. Don't ask for rediculous amounts, $5k is a good starting number. Get enough to live. The fact is, you would do this work for FREE
Thanks, that is an excellent link and example of exactly what I am talking about. It's interesting that there is so much interest in digital, without corresponding experiments with different and higher frame rates.
The question is what is the frame rate. At 60 fps (i) they may have experienced nausea from that. If it was 60 fps progressive that would be something very nice.
I'm starting to wish they would shoot movies at 60fps.
Oops.
One problem with a lot of computers is that BIOS on and power up events suck up seconds, so even a 10 second linux load is still 15 seconds overall. If we can get linux down to 3 seconds, we are at an 8 second overall load.
I see there are already a ton of linux fanboys and girls posting about the incredible uptime of their linux boxes, and claiming that a) boot time doesn't matter because linux doesn't go down or b) linux boots very fast.
They are wrong. Boot time matters.
It matters for perception. Boot time is one of the periods where a user spends the most time looking at a screen not being able to do anything (even if that happens rarely). A faster boot time leads to a sense that the whole system is faster, because it is a first impression, and a significant impression. If linux bliped on from a cold start in 5 seconds, I'd be studies would show it appeared faster.
Boot time matters because not everyone (in fact, very few people) leave their systems on all the time. Slashdot fan boys living at home may not agree, but they are wrong.
Think about business systems. At my place of work, everyone turns their computer off at the end of the day, and on at the beginning of the next. My mother doesn't leave her computer running 24/7, she turns it OFF when she is done using it. My roomates do the same thing. Even I do it sometimes.
Boot time matters because power management is still evolving under linux. As power management requires the cooperation of a number of pieces of a system, power management is still a work in progress. Once power management with every peripheral is flawless, then we can start to dial back boot time worries (only a little).
Boot time matters server side too. I know folks are going to complain that I focus on the user too much. But boot time matters server side as well. We have UPS units on our servers. They have however a limited lifetime. So when the power drops for a few minutes (which it does here somewhat often) automatic shutdown process starts.
When the power comes back on, people power up their computers. These being Windows XP machines they actually start pretty quickly (or never went off if on a UPS). If folks were in the middle of something, they expect that with the power their logon and other services will be back in action. Then all the individual computers start timing out / locking up, generating help calls.
On the server side, if there was an emergency security patch, or we were coming up from a power outage, the faster the boot time the better, if I can beat out even 20% of the client connect attempts.
Boot time matters, a big bravo to the folks working to improve this.
They attempted to mislead in their denials of participating in the CAPS II program. Period.
I'd encourage folks to express their opinions to customer service, reservaction agents, speak up cards on jetblue planes etc.
Remind folks that we are people, and when we lie to each other we undermine our communities.
I agree with this posters comments completely. Rights apply to everyone, even those we don't like. I have been a long time ACLU member for precisely this reason.
However, my opinion was of CI Host as a an organization. Before treating the organization as a hero, I think it is important to look at its total record, not just a single event. With CI Host its record is poor in my opinion, so would caution folks who would hail them as heros.
I should note I also happen to disagree with their lawsuit.
Good point though.
What happens if a patent firm that does nothing but stifle innovation is in turn sued by another patent firm. Does one defend the first patent firm becuase they are now being unfairly sued? My sense is I'd be glad they were getting a taste of their own medicine, and would focus the resources I do have on the small firms that are sued and don't have the resources to fight back. I'd feel ethically comfortable with such a decision as well.
Don't be to quick to defend them.
0 27 3.html is another link.
http://www.forumhosts.com/cihost.htm for a taste of what these guys are like.
http://www.stevemaas.com/selbstbild/archives/00
Let's hope to god the EFF's and Timothy don't fall for their lawsuit stuff.
More of AOL's anti-spam zealotry is a good thing (I speak as someone who has had something like 10,000 emails blocked by them in the past few weeks).
Stay anonymous. Do the COST-BENEFIT analysis (seriously).
In this climate, you have everything to loose and very VERY LITTLE to gain no matter how cool you think it is.
The school must follow no laws but it's own and can expell you, and I PROMISE you that somewhere somehow you violated their AUP or TOS.
The vendor can sue you, and even if you beat them you are stuck with a HUGE legal bill.
You can get some overzealous local DA trying to move up the ladder to take you on. If you don't have a lot of money you are a tempting target for obvious reasons.
You need to understand the DMCA (and companies who file suit under it) claiming that attempts at circumvention are illegal.
And what would you gain? I think you'd be surprised at how very little unless you want to work for a security company, and even then that is tough. Folks with hacking pasts are often radioactive in the IT world, and with big companies especially so. You'll have a very hard time getting a background clearance.
I'd notify the vendor and some lists 100% anonymously (and not just spoofing an email). If they don't act in the reasonable time frame full disclosure and it will be sure to get fixed. You've done your part, with none of the baggage.
You need to think through how limited the upside is. College kids love the challenge, and want to feel proud for doing the right thing. Commercial companies hate to be embarrassed, and will sic their lawyers on you if given half a chance.
Blackboard already went down this route I think with some kid they sued to convince him that he hadn't found a vulnerability. Much of the business world does not particularly care about right and wrong, what they do care about is $$ and lawyers.
College is wonderful, don't let it fool you.
And frankly, given that the industry has forced through so many rediculous laws (UCITA anyone?), give them a fair 30 days but then go full-disclosure. What goes around comes around.
Spot on, I think sometimes folks are a bit idealistic about our system, including our legal one. Big $$$ are PROVEN to shape criminal court outcomes. They have an influence. Period.
I'm hoping IBM is laying low to prepare for their all out assult on SCO should they deceide they aren't going to get what they need the usual way. Big companies tend to be risk averse however, they have too much to lose if things go badly.
We agree, it should have no legal impact.
But SCO are masters at the reality distortion field effect. If you say it must be true enough times sometimes it becomes true (dot com bubble comes to mind).
Recognize this is not a perfect world or system. A jury is reviewing the case and sees that lots of people are willing to pay SCO for their "property" but RedHat and friends don't seem to want to. SCO has tried to enter into "good faith" negotiations repeatedly (watch the paper trail they are creating). Even if NONE of this matches reality, guided by David Boise there is no doubt this could confuse the issue.
It's called framing the debate. They're trying to move past the "did we infringe" to the "what is the cost, solutions, global settlement". You'd be surprised how easy it is to move folks who are not that informed along by simply acting as if everything is going your way (even if nothing has been shown / deceided).
The issue with the legal agreements is that you give SCO a stick to beat you with (ie, you upgrade to 2.6 without a new higher priced license).
We agree their claims appear groundless. If they actually wanted to stop the "theft" of their secrets they'd simply disclose the code at issue and it would be gone in a week, AT THE MOST.
No, they are playing a game of legal extortion, and trying to lay a record in paper (no matter how much nonsense there is) that will help them. For example, keep an eye out for endless discussions of "good faith". This has no legal bearing per se, but folks are human and a judge or clueless jury looking at the record (with the help of David Boise) may read about all the "good faith" discussions SCO has tried to have and come to the wrong result.
What they are doing is setting up an enviroment where things look like a done deal. Folks shouldn't underestimate this.
Given the fact that IBM has been relatively silent if a judge looks at a future SCO case they have 600 people licensing software from them, that judge is simply going to have a harder time "giving it away for free" to the linux guys.
Now I hope to GOD people read these licenses with a very fine tooth comb. Their is an adge that you NEVER want to sign a contract with a company like SCO, because a contract gives them real power to make your life miserable. Realize that they initially went after their OWN licensees (AIX etc) and it was because those folks had signed contracts. Be careful!
Statements RedHat could make would include "It's time for SCO to put up or shut up." Would love to hear some other suggestions.
Irrespective of the legal merits of the case (SCO is the kind of company you never want to sign a contract with.), Redhat needs to go for a more aggressive stance in their public statements. SCO has been off the wall with theirs, and Redhat needs to call them on it (the idea that running linux now before anything has been show open one to liability just on the sayso of a company out for bucks is rediculous for example).
With a group like SCO they probably need to have the mindset of "go for the jugular". They need to hire an aggressive set of lawyers, get a pool of folks together to front serious money (get things to $5 million or so) and then sit back and prepare to grind it out.
The problem nowadays is if you make wild enough statements repeatedly enough, they are given more credit then they deserve.
Interesting, see my earlier post about them.2 483
http://slashdot.org/comments.pl?sid=72548&cid=654
Wasn't too impressed, crazy that the O'Reilly people picked them of all folks, looked to me like the author had some connection with the service. Bad form.
Yes, I have reviewed their website. Strange they would take out $10 million in insurance after raising $5 million for the purse with the expectation that the next $5 million would be in by 1999. Perhaps they took it out for the remainder.
You would also expect that the expense of such an insurance policy would appear on their financials. They have a $120,000 annual expense for "Risk Insurance" which might be high enough to cover this, though I'm surpised a company would issue it that inexpensively. They may also have partners involved, there are a lot of different ways these things can be structured. However, the more complicated it is the more important the transparency bit is.
This "Risk Insurance" might also be D&O type stuff in case they got sued if something goes wrong with competition (ie, someone rushes to relaunch and cuts corners on safety).
I'll put in a request to them during the workweek for some clarification, it may be as easy as a FAQ update.
I'm curious about the X-Prize Foundations finances.
:)]
They filed their last Form 990 for 2001 late, and their 2002 990 hasn't shown up yet so I'm assuming they requested an extention for the last year as well. As a confidence builder the fact that they can't close their books by March or so for the previous year is not super postiive.
In 1998 we had this quote:
"The X PRIZE Foundation already has raised more than half of the $10 million purse and anticipates having the remaining funds within a year."
According to their 2001 990 at the end of the year they had $3,000 in cash and $1,000,000 in liabilities.
If someone has already looked into the situation (ie, status of insurance, supporting organization holding funds etc) do let me know, otherwise I'll work to pull together some relevant information.
As I get it I'll stick relevant info up at http://augustz.com/xprize. [Nothing up at the moment and maybe nothing will ever show up...
The innovation around these projects is so cool however. Looking forward to the results!
Seriously, this is what worked for me. Being a perfectionist (but a procrastinator) what would do wonders is to just sit down, and get started. If it's a paper, I'd start by putting down my name and the date, and then put down one - three sentences, and after that I would be off.
:)
Coding, write the first class (that actually does something so you can see it take effect) and same thing.
Sometimes about halfway through hit a dead spot and get distracted by slashdot etc. The trick there was to have started things at least a day earlier so I could just hit the sack when I found producivity going down.
Unless you start, it won't get finished, so the trick for me was to just start
I think your experience mirrors that of many around spews.
If an ISP ignores / cans complaints they can get the runaround trying to get off. Once an ISP's abuse dept has developed and ongoing working relationship with net-abuse and a timely response to complaints things usually go much more smoothly.
The folks at spews are agressive no question (I happen to be blacklisted currently through zero fault of my own, netblock block). And some of the folks reporting (not spews admins) can describe things with a bit too much hyperbole. But in terms of evidence to back up blocks, and a group that largely gets it right and which some folks voluntarily use, spews does a neat job, and the heavy handed approach is surprisingly effective.
I also happen to like ordb and friends which do realtime automated testing that stirs up less of the personal stuff.
Trustic I'm not sold on yet.
Please remember that the service is beta and will start charging for advanced features once it is out of beta. As usual, worth waiting to see if it goes totally commercial. Looks like they plan to charge to allow listing multiple "trusted" servers.
A fair number of the spams I submitted came from servers that had already been voted on as TRUSTED by other users. In other words, my credability went down by reporting them as spammers.
http://www.trustic.com/ip/219.94.114.6 for example and I've got a fair number of others. Folks are either polluting the space intentionally or being very very sloppy in reporting trusted servers.
Groups like spews have a very nice evidence file, and it gets reviewed by a person. I've generally been impressed with the real community blacklist sites.
Technically the site works great and is super fast. But wouldn't follow the O'Reilly recommendation and pick it as my primary blacklist just yet (even through the guy doing the site worked with the author of the article to make changes.)
My two cents.
As you no doubt know GPL'ed software is protected by copyright, though that copyright is used in a somewhat unusual manner.
Has the FBI ever gone after someone who has misused GPL software? Has their ever been a felony copyright arrest for open source software license or copyright violation?
Given discovery of large scale, knowing violation of that copyright does the FBI approach the violators in the same way it does those who are involved in other forms of IP theft?
How might the usual lack of direct costs (MSRP) for open source software effect any prosecution for GPL violations?
GPL'ed and other open source software seems especially deserving of protection. Open source software is generally developed by smaller developers or those with fewer legal resources. It would be interesting to hear of the role the FBI might play on behalf of the people generally. From the Adobe case we are aware that you are very aggressive in going after individuals, including those who expose flaws and the very misleading marketing of some of the bigger for profit companies.
Should our system of copyright and patents be designed to make people rich by government enforced monopoly or should they be designed with a focus first on spurring innovation and improving the general good. How does retroactive copyright extension do this? It seems on its face that the material was already developed under the older incentive plan.
Hear hear... There was a fellow who was trying to push 60fps and I remember a reviewer commenting on how rock steady everything seemed, including the pans. It just looked very REAL. I'd love it if they added the hi-fi spec. Bump the framerate up to 45fps if they can't make it to 60fps and some excellent resolution.
Only two contracts for $8 million. That seems to indicate that the Microsoft payment was pretty significant. That whole amount may be MS, the unamed second contract could certainly just be cover.
This is going to be interesting. From the corporate perspective they have message that business are sensitive to, this whole illegal, tainted, corrupted, unwarantied language they are using. Blah. Will be good to see code in question.
Without contract rights with Linux itself it seems the folks who've worked with them in the past will be the ones getting burned.
Linux and the lack of a contracting entity serves as a bit of a firewall perhaps, end user liability absent a contract seems a bit weak.
Have a meeting to go to, look forward to catching up on some more interesting questions.
I checked the number again, maybe they are using more then one code.
1 00 93
http://ir.sco.com/ReleaseDetail.cfm?ReleaseID=1
728441 seems to have gotten me in.