Darl McBride says he sometimes carries a gun because his enemies are out to kill him. He checks into hotels under assumed names. An armed body guard protected him at Harvard Law School when he gave a speech last month
In classic Butch Cassidy style, McBride must bring a gun to a fist fight...
McBride says he and his company have become targets of both physical and virtual aggression. A man allegedly called his office to challenge him to a fistfight, he says. When McBride's secretary called back to get time and place, and the guy said he was just kidding.
If he thinks he's such a tough guy, why does he need a firearm? Open Source Ninja Assassins (OSNA) out to get him?
Unfortunately a lot of the music other people listen to sucks.
I always see people with the earbud type headphones on the underground. When I can hear their music, that means it's too loud. When I'm standing five feet away on a crowded bus and I can hear your music through a 1 cm speaker pushed into your ear... my guess is you're going to have hearing problems in the future. Now I don't really mind because it's not like a boombox blaring, but at the same time, my experience with those kinds of headphones has been when you turn the volume up that loud, they sound worse.
In Outlook 2002 (aka Outlook XP, aka Outlook 10) and later, you can disable the automatic display of any kind of non-text content by forcing Outlook to render all email as plain text. This is a huge improvement over normal Outlook behavior; besides making Outlook much less dangerous, it spares you annoying markup of all kinds.
Create the Registry key
HKCU\Software\Microsoft\Office\10.0\Outlook\Opti on s\Mail\READASPLAIN
Triumph: Spoilers? I've got some spoilers for you! (StarWars nerds starts to look a little more curious and alert) Triumph: You will die ALONE!
Supernerd: <Darth Vader Impersonation> Triumph: That's perfect... but you're not breathing heavily? Supernerd: No. Triumph: Just imagine you've run ten feet, and you're out of breath.
This is not offshoring jobs, it's technology making certain jobs redundent. Since this technology will be cheaper than labour it will win. Jobs are great and all, but people need to be "net productive", at least in theory
You're getting at the capital-labor ratio... in "rich" countries where labor is expensive, labor will be replaced with capital as long as the replacement lowers cost. If Walmart believes replacing cashiers with RFID tags/scanners is cheaper, they will do so. RFID (at least for check out purposes) is probably not necessary in a place where labor is far less expensive.
Of course I wouldn't expect a biaed site like/. to bother even considering MS's arguement.
Here's the problem though... Microsoft is trying to say, "When we release a patch, we're giving hackers shortcuts to exploiting the vulnerabilities." This might be translated as, "If we didn't release patches, the hackers would still figure out the exploits, but it would take them longer, and fewer would have the expertise to do so." Yet this is not very comforting to those supporting Microsoft products, as it still means exploits will be in the wild. I'm not sure what Microsoft hopes to get from a statement like that... it just makes them look disorganized and out of touch with reality -- there will be exploits and there will be attacks... whether that attack is tomorrow or next year is not as important as whether or not a patch is available.
And to quote a sig a read a while back... if/. wasn't slanted, it'd be |.
My memory is a bit hazy on this, I'd say it was last June or July... but I do recall the US Army informing Microsoft of a flaw in their systems *after* the Army had been hacked.
Probably should've gone to Google first, but it was the WebDAV exploit...
Security experts are characterizing the incident as a rare example of a "0-day" exploit, referring to an exploit that takes advantage of a vulnerability nobody is aware of and for which there is no available patch. However, Microsoft issued a fix yesterday for the vulnerability (see story). Security vendors are also advising users that there are work-arounds that can be implemented immediately to reduce vulnerability.
(Microsoft released the patch a week after the discovery of the exploit)
That's a direct contradiction of the statement, "We have never had vulnerabilities exploited before the patch was known", unless Microsoft already knew about the flaw but didn't bother to release a patch.
1) Identify known, 'in the wild' virii, that took advantage of a Microsoft vulnerability before MS announced a patch.
Wasn't one of the recent "big" exploits found by the US Army after their systems had been hacked? IIRC that led to one of the recent mass worm attacks (after the patch?). My memory is a bit hazy on this, I'd say it was last June or July... but I do recall the US Army informing Microsoft of a flaw in their systems *after* the Army had been hacked.
RIAA hamsters cost $17 each and you're not allowed to let them out of their cages.
And SCO will claim ownership of any offspring (as derivative works) should your hamsters have any offspring. May Darl have mercy on your soul if those offspring should produce their own music (derivatives of derivatives)...
Look at it this way: It *everybody* had one of these on their cars then muggers/rapists/murderers/etc will know that anybody they see entering their car will be a sitting duck for 30 seconds.
Is the 30 seconds the amount of time you have as a driver to perform the test after attempting to start the engine? If that's the case, then you jump in the car, turn the key, perform the test, and the engine starts. Granted, this still isn't a great option, but if you're being attacked in your car, you're probably breathing heavily to begin with...
I've seen speculation that some authors do it so their previous work won't clobber whatever their new project is. It might also be useful to get around certain automated anti-virus tactics.
Are you sure it's not a form of one-up-manship or rival crime gangs trying to control the most massive armada of PCs ever assembled... one with a denial of service/spam power beyond your wildest dreams?
Anyone who could co-opt the MyDoom infected PCs (and then uninfect them) could pull the rug out from it's original creators. But who would benefit most from this?
America's Army is a grenade fest. The only thing to do is launch nades.
Learn to snipe with the M16. Mountain Pass is a lot of fun when you can snipe with the M16, well out of range of grenades. Also, learning how to move and how not to be seen will keep you from getting tagged by a grenade. Learn to listen for grenades and cook off the ones you throw.
And here's a quick guide I wrote on defending the Weapons Cache map... it contains some suggestions that you might find useful for other maps.
But other posters are right... AA has a steep learning curve; if you give it time you'll find it very rewarding.
set up a LAN game filled with some bots while you bring yourself up to speed with the games
This is a good idea, but the bots are too predictable after a while. To offset this, slowly turn up the game speed and bot difficulty as you improve your skills. You should be using the bots to improve your reaction times and "fundamentals". In Unreal Tournament, if you can win the matches with the bots at 150% game speed and the higher levels of difficulty, you'll do fine when you play online at 100% gamespeed. On Unreal Tournament, play this way on the Instagib and you'll be a pro in no time.
It also suggests complaining to the securities and exchange commission, which you're entitled to do if you've lost investment money as a result of any wrongdoing that SCO might have committed.
If my trade costs weren't so high, it'd be worth losing a dollar or so and then calling up the SEC. Best of all, you can use the loss to offset your gains during the year!
SCO is claiming they have fullfilled their legal obligations ahead of the 30 day deadline by delivering 1 million sheets of paper to IBM.
In a lucky turn of events for SCO, these pages were stacked neatly in boxes, which were further subdivided into reams of 500 pages. Strangely enough, these millions of pages of evidence had been sitting for months on the shelves of local Office Depot and Staples retail stores. Boies was able to arrange for drop shipment of this evidence to directly IBM's legal team. Boies was quoted as saying, "these pages contain our mountains of evidence against IBM," but IBM was unable to find any offending material on any of the pages. Boies was unavailable for further comment.
I see recommendations here on/. to take a phrase, such as "News For Nerds. Stuff That Matters." and convert this into a password using the first (or last) letter. So you might end up with: "N4n.stM." and this is a "good" password.
Why not just use the whole phrase? It's easy to remember a sentence, such as "I wish I could remember these long passwords." Sure, that's a lot to type, but it's easily long enough to avoid brute force attacks, and while there are whole words in it, there are far more combinations of words than just characters (how many words are in the English language). Even if you just count words that one might use in a day (let's say 1000), there are far more combinations of those words than could be achieved by letters and numbers alone.
Granted, you need an operating system that supports longer passwords, but Linux and Windows (and MacOS X?) support this, so I would guess that most Slashdot readers are covered.
The attacker simply finds a frequently used account such as 'guest' and guesses a few passwords on it. This is classic account/password compromise, nothing more.
This is 90% correct. It's important to understand the function of the "Guest" account in Windows. It allows any user, using any login name, and any password, to authenticate. Enabling the "Guest" account does not allow the username "Guest" to login specifically, it enables any username, which does not match an existing user in Active Directory or the local SAM to authenticate.
Clearly this is a security vulnerability, and why the Guest account ships in the disabled state. It would be very nice if Windows would warn you when you enabled it, and made an attempt to explain the implications of doing so.
With regards to attempts at guessing SMTP AUTH passwords, this has been happening lately. One caveat is that one a Linux box it can be difficult to enumerate the usernames, while on a Windows box (AD/NT/workstation) it is usually quite easy <insert obligatory firewall statement here>.
Are they? They have got a lot of headlines, but do suicide bombings actually achieve anything other than convince the target that the terrorists cannot be negotiated with, only eliminated?
While some may say reloaded is about reloading the Matrix....note that the Matrix never did get reloaded....but something the architect says makes me think different. And it explains Neo's sudden ability to interact with the machine world outside of the Matrix.
I haven't seen episode three yet, but I'm interested in what you're suggesting... so correct me if this is not what you meant.
Neo visits the Architect and they have a nice chat. The Architect says, "You have a choice," when he really doesn't have a choice; either option leads to reloading the Matrix. Either the Matrix is reloaded "properly" or when Neo walks out the Trinity door, he is essentially reinserted into the Matrix, so after Neo leaves the Architect, the Matrix has already been reloaded; everything the audience sees is now within the realm of the newly reloaded Matrix (thus Neo's supernatural powers in the "real world").
In other words, the beginning of each Matrix is the war between the humans and the machines (as this would make sense considering how the Matrix's origins were described by Morpheus).
But that still implies a multi-levelled Matrix; the "top" level is rebooted, but the lower levels remain intact because the humans do not know about them; thus while Neo has powers in the "real world," and while Zion exists in the "real world," it still seems to imply that there's another "layer" and the humans who think they are free are not, yet a simulated victory against the machines (if that's what happens) would be sufficient to reset the "anomolies."
This would also jive with Morpheus's description of the first "battery" to wake up in the Matrix and lead others to Zion (which must have existed already -- it is far too advanced to be built by so few people).
Slashdot Mirror
In classic Butch Cassidy style, McBride must bring a gun to a fist fight...
From: http://www.internetweek.com/story/showArticle.jht
If he thinks he's such a tough guy, why does he need a firearm? Open Source Ninja Assassins (OSNA) out to get him?
Unfortunately a lot of the music other people listen to sucks.
I always see people with the earbud type headphones on the underground. When I can hear their music, that means it's too loud. When I'm standing five feet away on a crowded bus and I can hear your music through a 1 cm speaker pushed into your ear... my guess is you're going to have hearing problems in the future. Now I don't really mind because it's not like a boombox blaring, but at the same time, my experience with those kinds of headphones has been when you turn the volume up that loud, they sound worse.
Triumph: Spoilers? I've got some spoilers for you!
:)
(StarWars nerds starts to look a little more curious and alert)
Triumph: You will die ALONE!
Supernerd: <Darth Vader Impersonation>
Triumph: That's perfect... but you're not breathing heavily?
Supernerd: No.
Triumph: Just imagine you've run ten feet, and you're out of breath.
By the way, best Triumph sketch ever.
This is not offshoring jobs, it's technology making certain jobs redundent. Since this technology will be cheaper than labour it will win. Jobs are great and all, but people need to be "net productive", at least in theory
You're getting at the capital-labor ratio... in "rich" countries where labor is expensive, labor will be replaced with capital as long as the replacement lowers cost. If Walmart believes replacing cashiers with RFID tags/scanners is cheaper, they will do so. RFID (at least for check out purposes) is probably not necessary in a place where labor is far less expensive.
Of course I wouldn't expect a biaed site like /. to bother even considering MS's arguement.
/. wasn't slanted, it'd be |.
Here's the problem though... Microsoft is trying to say, "When we release a patch, we're giving hackers shortcuts to exploiting the vulnerabilities." This might be translated as, "If we didn't release patches, the hackers would still figure out the exploits, but it would take them longer, and fewer would have the expertise to do so." Yet this is not very comforting to those supporting Microsoft products, as it still means exploits will be in the wild. I'm not sure what Microsoft hopes to get from a statement like that... it just makes them look disorganized and out of touch with reality -- there will be exploits and there will be attacks... whether that attack is tomorrow or next year is not as important as whether or not a patch is available.
And to quote a sig a read a while back... if
Probably should've gone to Google first, but it was the WebDAV exploit...
US Army hacked via IIS hole
U.S. Army Web Servers Hacked
From the Frame4 article:
(Microsoft released the patch a week after the discovery of the exploit)
That's a direct contradiction of the statement, "We have never had vulnerabilities exploited before the patch was known", unless Microsoft already knew about the flaw but didn't bother to release a patch.
1) Identify known, 'in the wild' virii, that took advantage of a Microsoft vulnerability before MS announced a patch.
Wasn't one of the recent "big" exploits found by the US Army after their systems had been hacked? IIRC that led to one of the recent mass worm attacks (after the patch?). My memory is a bit hazy on this, I'd say it was last June or July... but I do recall the US Army informing Microsoft of a flaw in their systems *after* the Army had been hacked.
Especially if the buffer is their banking account.
Your account might profit too, if your account is next in sequence after AMD's...
RIAA hamsters cost $17 each and you're not allowed to let them out of their cages.
And SCO will claim ownership of any offspring (as derivative works) should your hamsters have any offspring. May Darl have mercy on your soul if those offspring should produce their own music (derivatives of derivatives)...
Look at it this way: It *everybody* had one of these on their cars then muggers/rapists/murderers/etc will know that anybody they see entering their car will be a sitting duck for 30 seconds.
Is the 30 seconds the amount of time you have as a driver to perform the test after attempting to start the engine? If that's the case, then you jump in the car, turn the key, perform the test, and the engine starts. Granted, this still isn't a great option, but if you're being attacked in your car, you're probably breathing heavily to begin with...
I've seen speculation that some authors do it so their previous work won't clobber whatever their new project is. It might also be useful to get around certain automated anti-virus tactics.
Are you sure it's not a form of one-up-manship or rival crime gangs trying to control the most massive armada of PCs ever assembled... one with a denial of service/spam power beyond your wildest dreams?
Anyone who could co-opt the MyDoom infected PCs (and then uninfect them) could pull the rug out from it's original creators. But who would benefit most from this?
America's Army is a grenade fest. The only thing to do is launch nades.
Learn to snipe with the M16. Mountain Pass is a lot of fun when you can snipe with the M16, well out of range of grenades. Also, learning how to move and how not to be seen will keep you from getting tagged by a grenade. Learn to listen for grenades and cook off the ones you throw.
And here's a quick guide I wrote on defending the Weapons Cache map... it contains some suggestions that you might find useful for other maps.
But other posters are right... AA has a steep learning curve; if you give it time you'll find it very rewarding.
set up a LAN game filled with some bots while you bring yourself up to speed with the games
This is a good idea, but the bots are too predictable after a while. To offset this, slowly turn up the game speed and bot difficulty as you improve your skills. You should be using the bots to improve your reaction times and "fundamentals". In Unreal Tournament, if you can win the matches with the bots at 150% game speed and the higher levels of difficulty, you'll do fine when you play online at 100% gamespeed. On Unreal Tournament, play this way on the Instagib and you'll be a pro in no time.
Wasn't one of the hallmarks of a doomed .com company the fact that they tried to get people to pay for something they usually got for free?
Like SCO's "Linux license"?
Anyone else get bit by the Linux will reboot with CRTL-ALT-DEL, but Win NT 4-XP will ask for Logon?
/etc/inittab, but I just wish the Debian installer would ask you if you wanted CAD enabled.
If you run Linux on non-x86 hardware, the CAD combo still reboots the box... which can be a bit wierd on Apple or Sun boxes, for example.
I always comment out the CAD in
Here's one that IBM is waiting for...
SCO's stolen code in Linux
No wonder SCO is asking IBM to product their source code.
It also suggests complaining to the securities and exchange commission, which you're entitled to do if you've lost investment money as a result of any wrongdoing that SCO might have committed.
If my trade costs weren't so high, it'd be worth losing a dollar or so and then calling up the SEC. Best of all, you can use the loss to offset your gains during the year!
SCO is claiming they have fullfilled their legal obligations ahead of the 30 day deadline by delivering 1 million sheets of paper to IBM.
In a lucky turn of events for SCO, these pages were stacked neatly in boxes, which were further subdivided into reams of 500 pages. Strangely enough, these millions of pages of evidence had been sitting for months on the shelves of local Office Depot and Staples retail stores. Boies was able to arrange for drop shipment of this evidence to directly IBM's legal team. Boies was quoted as saying, "these pages contain our mountains of evidence against IBM," but IBM was unable to find any offending material on any of the pages. Boies was unavailable for further comment.
I see recommendations here on /. to take a phrase, such as "News For Nerds. Stuff That Matters." and convert this into a password using the first (or last) letter. So you might end up with: "N4n.stM." and this is a "good" password.
Why not just use the whole phrase? It's easy to remember a sentence, such as "I wish I could remember these long passwords." Sure, that's a lot to type, but it's easily long enough to avoid brute force attacks, and while there are whole words in it, there are far more combinations of words than just characters (how many words are in the English language). Even if you just count words that one might use in a day (let's say 1000), there are far more combinations of those words than could be achieved by letters and numbers alone.
Granted, you need an operating system that supports longer passwords, but Linux and Windows (and MacOS X?) support this, so I would guess that most Slashdot readers are covered.
What will be the next step after we detect a signal?
/. them into oblivion!
Clearly, we will
I believe the typical strategy is to run up your credit cards, mortgage your house, and borrow from relatives.
Exactly... I guess the original poster expected all the reward without the risk! Welcome to the wonderful world of competitive business!
Lesson 1: Those who take the risk will also take the reward.
The attacker simply finds a frequently used account such as 'guest' and guesses a few passwords on it. This is classic account/password compromise, nothing more.
This is 90% correct. It's important to understand the function of the "Guest" account in Windows. It allows any user, using any login name, and any password, to authenticate. Enabling the "Guest" account does not allow the username "Guest" to login specifically, it enables any username, which does not match an existing user in Active Directory or the local SAM to authenticate.
Clearly this is a security vulnerability, and why the Guest account ships in the disabled state. It would be very nice if Windows would warn you when you enabled it, and made an attempt to explain the implications of doing so.
With regards to attempts at guessing SMTP AUTH passwords, this has been happening lately. One caveat is that one a Linux box it can be difficult to enumerate the usernames, while on a Windows box (AD/NT/workstation) it is usually quite easy <insert obligatory firewall statement here>.
Are they? They have got a lot of headlines, but do suicide bombings actually achieve anything other than convince the target that the terrorists cannot be negotiated with, only eliminated?
It seemed to have worked in Algeria.
While some may say reloaded is about reloading the Matrix....note that the Matrix never did get reloaded....but something the architect says makes me think different. And it explains Neo's sudden ability to interact with the machine world outside of the Matrix.
I haven't seen episode three yet, but I'm interested in what you're suggesting... so correct me if this is not what you meant.
Neo visits the Architect and they have a nice chat. The Architect says, "You have a choice," when he really doesn't have a choice; either option leads to reloading the Matrix. Either the Matrix is reloaded "properly" or when Neo walks out the Trinity door, he is essentially reinserted into the Matrix, so after Neo leaves the Architect, the Matrix has already been reloaded; everything the audience sees is now within the realm of the newly reloaded Matrix (thus Neo's supernatural powers in the "real world").
In other words, the beginning of each Matrix is the war between the humans and the machines (as this would make sense considering how the Matrix's origins were described by Morpheus).
But that still implies a multi-levelled Matrix; the "top" level is rebooted, but the lower levels remain intact because the humans do not know about them; thus while Neo has powers in the "real world," and while Zion exists in the "real world," it still seems to imply that there's another "layer" and the humans who think they are free are not, yet a simulated victory against the machines (if that's what happens) would be sufficient to reset the "anomolies."
This would also jive with Morpheus's description of the first "battery" to wake up in the Matrix and lead others to Zion (which must have existed already -- it is far too advanced to be built by so few people).