But, if I do not have the right to hack it (whatever form it is) or do not have the right to redistribute my hack, then then it is not free and should not be included in a "free" distribution.
For me, "free" means it doesn't cost anything. "Open" is what I use for anything where I can poke at the code and submit my own changes back, etc.
By the way, I've never figured out what "free as in beer" really means. If you take turns buying rounds, you're just deferring payment.
For knowing that there are a large number of customers who are engaging in continuing infringements of copyright by using media-sized shipping box technology.
I think the tag's fine. I still can't plug in any hard drive I want to the USB port and have it download content to it. It'll read my content, but won't let me add the stuff I buy online. I have to spend tons of money on an official 360 drive that I then have to swap out for my current one, rendering it obsolete, if I want more space.
It's got intentional limitations placed on me that have no need to be there. It's defective. By design.
It's less likely your fingers will get hacked off and taken by criminals trying to get past scanners, if this is used. Although I suspect criminals will find a way to flash-freeze fingers, seal the ends, and then warm up in water before using in the same situations where they could get away with severed fingers for fingerprints (remote access, etc.)
I wonder why lack of continued trademark-ability was used to say the design is now open. Did Lego not patent the design? Maybe they did, so long ago that it fell back out again?
>They've already found wreckage [bloomberg.com], so this is basically a sure thing
Having actually searched for, and found, missing persons and aircraft wreckage on the ground in that general location in the Sierras, I can tell you that there are many more undiscovered crash sites than you might believe. The odds are good that it could be any of dozens of aircraft that have gone missing in recent years, including the one that carried Fossett, but not good enough to be a 'sure thing'. This is why they have to go in and make sure.
It could have been done over weeks or months, some time ago. This story doesn't say. I have had no notice from Monster about the breach in security, yet. Good thing I'm already in the middle of a round of interviews with a great company this week, for which I submitted a resume directly. I look forward to being able to delete my resumes and other information from Monster very soon.
Let's start by having you cancel your internet connection. Bingo! An extra $10 (possibly upwards of $40) per month in your pocket. Welcome to not being broke...
I moved back in with my parents after I got laid off, and use their connection, you anonymously insensitive clod!
Cool, they canceled Opie & Anthony. I don't listen to talk radio. It's useless to me. I'm serious -- maybe they can shove bandwidth back towards music channels.
Too bad they can't dump Oprah, as well, and a bunch of other stuff.
What bugs me about the way it's configured is that it looks like these will all be static images, only changing when you need a language change. I want to see bitmap graphics on this thing. I want to see programs changing these on the fly.
No, really, imagine taking some animated ANSI graphics from the BBS days, like the guys kicking soccer balls to each other, and sticking that on the keyboard when the computer is idle as a sort of "keyboard saver.":)
I suspect most loss is due to teenage or twentysomething clerks taking them out the back door. If you have a corrupt clerk with friends as partners, he or she is just as capable of activating the chip for a stack of discs before letting friends walk out, too.
You could also build it into an anti-personnel mine for battlefield use.
Imagine it sitting there quietly until people come across it. If it thinks it's not discovered, it's dormant, unless someone gets right up on it. But if someone looks while nearby, the element of surprise is blown anyway, so booooom. In fact, you could adapt it to make imagery like glinting metal with a tiny projector, when they're nearby, so they're drawn to it.
Hey... it's no worse than making bomblets that look like kids' toys. Though I'm sure if they do this, someone will have the projector pump out little happy cartoon characters.
(the following is speculation. TJMaxx, don't sue me, I'm not claiming to know what really went on, or real details of your network. This is just my impression from reading the story)
Yes, WEP is insecure for real stuff. It's like the little latch on a high school display case. It's to keep honest people honest. It shouldn't be used in a commercial network as the only encryption.
But what the heck kind of network design allows IPs from local stores direct access to central databases? The big issue here isn't that a few dozen or hundreds of cards were snagged by being sent through WEP -- we don't know, maybe the company ran a tunnel across that WEP link for those transactions, and they didn't get anything locally. The big issue is that it looks like the company was storing historical data on transactions online, and in databases that apparently were accessible from that link. WEP was a weak entry point to the network. But where was the security inside the network?
It sounds like possibly either the designers of the overall network hadn't limited access sufficiently to just IPs/MACs from their account department, on a secure network, or the hackers managed to break through security layers in between, perhaps by knocking over a server that was straddling networks or something. If they designed in layers, with firewalls as gatekeepers between layers and IDS and IPS monitoring, I don't think they would have servers straddling, to start. IDS and IPS would also help them notice, for example, if someone spoofed an email from a store to an accounting department person, included a trojan, and attempted to gain access that way.
I'm saying this not so much just to point out what sound like potential design issues with this company's networks, but to get people thinking about their own networks, instead of blowing this off as a WEP issue. If you administer a small network, and haven't had training on how to set it up and maintain it securely, you ought to look into Cisco's SAFE blueprint at bare minimum. It's free and the lessons can be applied to almost any brand of networking gear out there. It basically builds the network up from modules, which are easy to figure out. If you're administering a large network, well, as someone with CCSP training, I'd suggest you hire someone who's been properly trained, obviously. Cisco's track or someone else's. At the very least, everyone should consider thinking in terms of layers, like an onion, and discreet modules residing in, but not crossing, those layers. You should be really wary of any packets from across any WAN link to your core systems, obviously, but you should also set up security policies so that you know which administrative departments have access to which internal networks, too. Ask yourself, if an attacker can get into my network, what can he or she do?
One last thing: network security can't just be set up and left. It has to be monitored and maintained, both to respond to immediate attacks, and to see when people are just poking around, doing reconnaissance.
I think one has to shut up for a while, I usually get them after a vacation. Never got any mod points, then suddenly after a week of absence, there they were. He's not talking about mod points going away because he refreshes too often or talks too much -- both items mentioned in the FAQ as exclusionary. He's referring to a specific event that happened years ago, and the fallout from that event.
Nope, sorry, the results tantrum over the troll post is still in place. I know because I don't get mod points. Many of us early folks were. I got in on the very tail end of the discussion, too, when it was pretty public knowledge what was going on. I must admit I did think, "I'll post about it and see if it happens to me, too," because I didn't think I would.
Interestingly, my alternate/. identity, created in response to this restriction, also has excellent karma, gets mod points every couple of weeks, and has at least one editor as a fan. Just goes to show how lame it all continues to be.
Slashdot Mirror
For me, "free" means it doesn't cost anything. "Open" is what I use for anything where I can poke at the code and submit my own changes back, etc.
By the way, I've never figured out what "free as in beer" really means. If you take turns buying rounds, you're just deferring payment.
Doesn't the PS3 allow you to connect any drive and save to it? I thought so, but I don't have one so I can't be sure.
For knowing that there are a large number of customers who are engaging in continuing infringements of copyright by using media-sized shipping box technology.
I think the tag's fine. I still can't plug in any hard drive I want to the USB port and have it download content to it. It'll read my content, but won't let me add the stuff I buy online. I have to spend tons of money on an official 360 drive that I then have to swap out for my current one, rendering it obsolete, if I want more space.
It's got intentional limitations placed on me that have no need to be there. It's defective. By design.
It's less likely your fingers will get hacked off and taken by criminals trying to get past scanners, if this is used. Although I suspect criminals will find a way to flash-freeze fingers, seal the ends, and then warm up in water before using in the same situations where they could get away with severed fingers for fingerprints (remote access, etc.)
I wonder why lack of continued trademark-ability was used to say the design is now open. Did Lego not patent the design? Maybe they did, so long ago that it fell back out again?
The patent involves patenting things previously protected by trade secret, right? Wouldn't that mean conscious concealment of prior art is required?
>They've already found wreckage [bloomberg.com], so this is basically a sure thing
Having actually searched for, and found, missing persons and aircraft wreckage on the ground in that general location in the Sierras, I can tell you that there are many more undiscovered crash sites than you might believe. The odds are good that it could be any of dozens of aircraft that have gone missing in recent years, including the one that carried Fossett, but not good enough to be a 'sure thing'. This is why they have to go in and make sure.
The tail number matches.
Even more expensive than that 'cos they've faked the wreckage of a small plane near where the other stuff was found.
And the fake plane has his tail number on it, it was confirmed by the sheriff late last night.
"hoax!" - fool :)
It could have been done over weeks or months, some time ago. This story doesn't say. I have had no notice from Monster about the breach in security, yet. Good thing I'm already in the middle of a round of interviews with a great company this week, for which I submitted a resume directly. I look forward to being able to delete my resumes and other information from Monster very soon.
Actually, I suspect the consumers get last place in the line of creditors when these ventures fail, as many will. So some of them may not care much.
Well, give yourself a hand.
I moved back in with my parents after I got laid off, and use their connection, you anonymously insensitive clod!
I'm broke; give me money :)
Cool, they canceled Opie & Anthony. I don't listen to talk radio. It's useless to me. I'm serious -- maybe they can shove bandwidth back towards music channels.
Too bad they can't dump Oprah, as well, and a bunch of other stuff.
What bugs me about the way it's configured is that it looks like these will all be static images, only changing when you need a language change.
:)
I want to see bitmap graphics on this thing. I want to see programs changing these on the fly.
No, really, imagine taking some animated ANSI graphics from the BBS days, like the guys kicking soccer balls to each other, and sticking that on the keyboard when the computer is idle as a sort of "keyboard saver."
I think the bigger concern with their image is in comparing it to this.
Sorry, I'm obviously new here. Please explain how this is actually a hack.
I suspect most loss is due to teenage or twentysomething clerks taking them out the back door. If you have a corrupt clerk with friends as partners, he or she is just as capable of activating the chip for a stack of discs before letting friends walk out, too.
You could also build it into an anti-personnel mine for battlefield use.
Imagine it sitting there quietly until people come across it. If it thinks it's not discovered, it's dormant, unless someone gets right up on it. But if someone looks while nearby, the element of surprise is blown anyway, so booooom. In fact, you could adapt it to make imagery like glinting metal with a tiny projector, when they're nearby, so they're drawn to it.
Hey... it's no worse than making bomblets that look like kids' toys. Though I'm sure if they do this, someone will have the projector pump out little happy cartoon characters.
Maybe I can make the line for a 192-bit or 256-bit integer?
Many credit card companies now allow you to generate temporary card numbers with user-set caps on spending, on their websites.
(the following is speculation. TJMaxx, don't sue me, I'm not claiming to know what really went on, or real details of your network. This is just my impression from reading the story)
Yes, WEP is insecure for real stuff. It's like the little latch on a high school display case. It's to keep honest people honest. It shouldn't be used in a commercial network as the only encryption.
But what the heck kind of network design allows IPs from local stores direct access to central databases? The big issue here isn't that a few dozen or hundreds of cards were snagged by being sent through WEP -- we don't know, maybe the company ran a tunnel across that WEP link for those transactions, and they didn't get anything locally. The big issue is that it looks like the company was storing historical data on transactions online, and in databases that apparently were accessible from that link. WEP was a weak entry point to the network. But where was the security inside the network?
It sounds like possibly either the designers of the overall network hadn't limited access sufficiently to just IPs/MACs from their account department, on a secure network, or the hackers managed to break through security layers in between, perhaps by knocking over a server that was straddling networks or something. If they designed in layers, with firewalls as gatekeepers between layers and IDS and IPS monitoring, I don't think they would have servers straddling, to start. IDS and IPS would also help them notice, for example, if someone spoofed an email from a store to an accounting department person, included a trojan, and attempted to gain access that way.
I'm saying this not so much just to point out what sound like potential design issues with this company's networks, but to get people thinking about their own networks, instead of blowing this off as a WEP issue. If you administer a small network, and haven't had training on how to set it up and maintain it securely, you ought to look into Cisco's SAFE blueprint at bare minimum. It's free and the lessons can be applied to almost any brand of networking gear out there. It basically builds the network up from modules, which are easy to figure out. If you're administering a large network, well, as someone with CCSP training, I'd suggest you hire someone who's been properly trained, obviously. Cisco's track or someone else's. At the very least, everyone should consider thinking in terms of layers, like an onion, and discreet modules residing in, but not crossing, those layers. You should be really wary of any packets from across any WAN link to your core systems, obviously, but you should also set up security policies so that you know which administrative departments have access to which internal networks, too. Ask yourself, if an attacker can get into my network, what can he or she do?
One last thing: network security can't just be set up and left. It has to be monitored and maintained, both to respond to immediate attacks, and to see when people are just poking around, doing reconnaissance.
Interestingly, my alternate