We can find that out by trial. If they die after we throw them off a very high cliff, burn them to a crisp, chop them up, or drown them, then they were spammers. If not, then we apologize profusely and ask them not to destroy our civilization.
I still have my 386SX and the 0.99.?? boot floppy that I used to boot it with on what used to be a 200MB hard drive (100MB dedicated to Linux). No ethernet back then, though, so it was only using a modem. I'll have to try that boot floppy on one of these P4s around here.
I don't want bluetooth as a wireless standard for talking between computers, but I would love to have it for having minor accessories talk to a central hub computer, such as the Anoto pen. What with all this talk about 802.11b being so unsecure, there should be room for another standard in the mix.
Oh, how the semantics rip us apart. My preference now is to stop calling it "Linux" and refer to it as "The rusty nail in the ass of that troll, Richard Stallman". The last thing Linux needs is to be further splintered, especially by something so self-serving as this. I don't see most packages built with GNU tools (count the tools at the GNU site and then count the infinite number of potential apps that could be built with GNU tools) calling themselves GNU Blah, so I don't expect anyone to give this any credibility. Here's your credit Stallman: yes, GNU tools are used to make the Linux kernel...so long and thanks for all the tools. Everything ever done on this planet is on the shoulders of someone else. Again, it's semantics that distract us from the real work.
Re:Deja Vu all over again
on
$1200 Cheap!
·
· Score: 1
However, I think there is an interesting point to be made about an acute failure of capitalism illustrated in this example. Those with the most money are most able to change pulic opinion about their products and competitors' products. I don't believe Adam Smith's "The Invisible Hand" took proper account of this.
I'm not sure I care about someone's pet economic rules being applied to this creature comfort stuff. There are more important economies of bread and medicine to consider whether or not they are fair.
It doesn't matter what we do, because we're so transient, and information is infinite. Whatever roadblocks we put in place at this time, the information will be free at a later time and place. What we do now is not eternal.
I'm not so sure I care whether the tools that make the information are free, so long as the information flows freely. The more information that is out there, the more intelligent and wise citizens of the world will be - I know, we'll always have the ones that choose to be stupid, but that's their free choice. The more intelligent reasoning we have in the world, the less violence we'll have, and once that distraction is out of the way we can generate more information. Everyone will be more productive and better off in the long run, leading humanity to progress and not stall on the things that don't matter.
I don't want any of the ads, so I use Bugnosis to detect the web bugs and the free WebWasher proxy with IE to scrub out the cruft, which is somehow available for free on Linux, though I'm told that Squid and Junkbusters can do the same. AdSubtract is another alternative that comes packages with the ZoneAlarm firewall these days, but I found it to not be as flexible as WebWasher. Unfortunately there are a few sites that do not work with WebWasher, most notably EBay and no matter how I tell it not to touch EBay's cookies and content, it still blocks something that keeps that site from working.
What is needed is some sort of plugin that works directly with the browser, sets all pages and cookies to be filtered out by default, and which lets you just right click on a page to tell it this site is OK to not filter and remember to let these cookies through. All browsers have the cookie feature, but management is usually a pain with what they provide and often left up to third party tools like all of the above. Sounds like Mozilla has some of this built it, so I'll give it a try...it may be time to make a switch. IE6 is supposed to have some of this cookie control, though I'm not sure if it's to that level of convenience.
I haven't seen an ad or a web bug on pages since I've made that change. I look forward to being popup/under and ad free in the future.
I think that if people are willing to accept the limited amount of info about the inner workings of commercial software that companies like Microsoft provide, they should be happy with nothing more than an explanation of "here is the latest update, apply it". Even ISC.org is getting to a point where they will limit the info they give out immediately on fixes for BIND because the admins couldn't get the fixes in place in time before the hackers got word and started breaking into numerous sites. IIS administration would devolve into applying the patch of the week...oh, never mind it already has.
If you don't demand more from their software, you deserve less. In all honesty, there are heaps of people who compile and install Apache and barely know what the code is really up to, making them no better than script kiddies. However, if you so choose to see what the inner workings of Apache are, it's no trade secret. The difference between the blind Microsoft installers and the blind Apache installers is that the Apache developers swarmed to fix the trouble when they got hit, where Microsoft wonders how many people noticed the bug to see if it's worth their royal while to fix it. True, the patch for this problem had been out a while, but many complained that it did not do the trick for them, and more is surely on the way.
The world is a cold, demon-haunted place nowadays. It sickens me to be a citizen of this country that so hypocritically prides itself on being free.
Yet it would sicken you more to be a citizen of a country that did not even attempt to claim free speech and jailed you for discussing the very things you are talking about. It would sicken you to the point of not being able to eat their jail food or deal with the goons from the cell next door that beat the crap out of you every day. You are freer here than anywhere else; this is just a minor setback that will correct over time.
His mistake was using his real name at this time, but no one should ever be afraid of using their real name in the face of these companies. They may yet be his masters, but in the long run they will not succeed so long as people like Ferguson and Skylarov cnotinue their efforts no matter what the consequences. So much for the huddled masses, though. That this one thing could for a moment make people think that coming to the US from another country is a frightening thing ranks right up there with Prohibition and the Red Scares.
Sounds like he should pick up a good hacker-type alias (no one ever figures out who these folks are), and post to Freenet. That's sure to boost Freenet's usage if it is only centrally released there and the alias would protect him if he ever decides to transit through an American airport lest they pull a Skylarov on him. Surely there's enough anonymity tools out there to mask his identity?
What about all the "hidden" servers, those that are behind firewalls, and not out there on the net where money is to be made, less likely to be "paid for" by an expensive Microsoft license. Those can't be counted and I'm betting are more likely to be Apache.
Re:But what happens *after* the exploit?
on
Windows in 2020
·
· Score: 2
"Inside Internet Security" by Jeff Crume is a free book being given away by IBM that covers a lot of security topics in a really good way. They get into a lot of white-hat/black-hat discussion, which is sometimes really a distraction from talking about good policies, but it's still good overall. Get a free copy here instead of paying $30 for it, and you can even spamgourmet the address so you make sure you don't hear from them after signing up.
Remember, security is a process, not a package you buy in a store. The best tech won't help if someone is loaning their keychain with security keyfob to their girlfriend or lets their cousin use their corporate PPP account to browse the web from his home.
I use Red Hat, but have my own set of web server tarballs for running Apache that are precompiled for what I need. Since I don't use Linux for desktops, I'm not concerned about the Gnome-KDE-whatever desktop du jour.
I've thought about this. You want to be anonymous, but at the same time you want to make sure the person that just joined up isn't a narc waiting to bust your mp3 sharing ring. Can't have both. Would you trust that blank certificate? You basically have to resort to the ignorance of not knowing what it is you are carrying and letting the folks who encrypted it and put portions of it on your server worry about who they talk to.
Back to the stoneage of that 56k modem chirp? No way, not me. All the cable and DSL providers are blocking port 80, so they're starting to get that axe ready for the knees. I'll go find something else to do.
I don't think they realize the headaches that they give their customers are going to leave a sour taste in their mouth when they think Internet, meaning ecommmerce takes a hit.
An individual doing it is accountable, a mob doing it is diminished blame, a society doing it is a culture. Once people using Freenet are doing it, who are they going to finger?
I wonder how much of that power goes wasted into the regular administration of the site, idle time, everyone's web and email traffic, and storing employees' pr0n pix and mp3s, instead of the science it is intended for. It is my experience in a corporate environment that no one ever cleans up disk or mail boxes and they don't consider the impact of running non-essential processes on compute servers.
Also, what are they doing to protect and backup that much data?
We've gone from writing words on huge tablets of stone to etching microscopic paths on electrically charged (albeit purer) stones. Not all that far off, it's just that the infrastrucure they're putting in place is radically new. You have to really love books to bend that far over and give up your rights for the publishing industry. Somehow that goatse.cx guy is appropriate here.
I wish I had my Aeron chair again. We used to work in one of those HQ Global rent-an-office places where they provided every office with an Aeron. Once we got our own office space, the folks put in charge of facilities cheaped out and got some standard swiveling chairs that provide no back support. That Aeron was sooooo adjustable. It goes to show what you get when you work at a place that knows what the customers want versus a place that is trying to pinch a penny and doesn't give a crap about how you feel.
For my firewall needs, I went with Darrel Reed's IPFilter on an old Sparc5. As a single purpose box, it more than fills the need to protect my Windows desktop machines at home. Here in the office, I went with Netscreen, a relatively cheap, but powerful firewall, VPN, and remote access solution.
The problem with having the service centralized is that there was a single place to go sue if the company wanted to continue spamming. If a decentralized scheme can be put in place, no one can get sued, no one will be thought of as the big bad mail nazis, and it will all be controlled by individual sites, as it should be.
The downside is that admins would have to go through these lists of domains to see which they want to allow through that are currently blocked. It would also take some time to propagate through the network of hosters, some of which may not care to push the database to other, only to pull it down for their own use. An upside is that you could quickly control the list locally to allow a customer/client through instead of waiting for a central authority to wade through the huge list of adds/changes/removes to get to your request. You could also insert a domain into the web of trust that would start propagating through the net that moment rather than waiting for a central authority to wade through the huge list of adds/changes/removes to get to your request. Sense a theme? =)
OK, since this is all really DNS, we need a way to update an RBL domain back and forth between sites in a trusted fashion. The new versions of named have authentication built in, so a web of trust could be started now. If the updating could be set up in a ring or a web of trust fasion that would update the next site and take from another peer site only meant to update your site (and maybe one other), then it could be closed to a known trusted group of people. A ring scheme has the property of being interruptible like a token ring network, but a web of trust is a more reliable model unfortunately prone to being harder to follow/debug. This way changes are done by someone you know or known by someone you know and a little more familiar.
This way, as an admin for a company, I am blocking a site personally as a representative of the company, rather than as a group making decisions for a large number of individuals/companies whose interests are wholly unknown to you. These rings/webs could be set up to be totally disconnected from each other so that people with special interests can get mailings they don't consider spam, yet block that which they do.
What are the chances that some sort of driver could be devised that would let MSWin machines share according to something that Samba would be compatible with and still be able to authenticate against AD or the domain AND still be fast? Knowing MS, that would be listed as a bad driver and excluded from being loaded into the machine.
Of course, for those of us using NetApps, Snap Appliances, and Maxtor MaxAttach units, the technology is updated with any patches the companies release. If they do this, they're going to alienate a lot of companies that do Samba-like products. But life will find a way around this, too.
Slashdot Mirror
See SpamGourmet. Does what you want it to do.
We can find that out by trial. If they die after we throw them off a very high cliff, burn them to a crisp, chop them up, or drown them, then they were spammers. If not, then we apologize profusely and ask them not to destroy our civilization.
I still have my 386SX and the 0.99.?? boot floppy that I used to boot it with on what used to be a 200MB hard drive (100MB dedicated to Linux). No ethernet back then, though, so it was only using a modem. I'll have to try that boot floppy on one of these P4s around here.
I don't want bluetooth as a wireless standard for talking between computers, but I would love to have it for having minor accessories talk to a central hub computer, such as the Anoto pen. What with all this talk about 802.11b being so unsecure, there should be room for another standard in the mix.
Oh, how the semantics rip us apart. My preference now is to stop calling it "Linux" and refer to it as "The rusty nail in the ass of that troll, Richard Stallman". The last thing Linux needs is to be further splintered, especially by something so self-serving as this. I don't see most packages built with GNU tools (count the tools at the GNU site and then count the infinite number of potential apps that could be built with GNU tools) calling themselves GNU Blah, so I don't expect anyone to give this any credibility. Here's your credit Stallman: yes, GNU tools are used to make the Linux kernel...so long and thanks for all the tools. Everything ever done on this planet is on the shoulders of someone else. Again, it's semantics that distract us from the real work.
However, I think there is an interesting point to be made about an acute failure of capitalism illustrated in this example. Those with the most money are most able to change pulic opinion about their products and competitors' products. I don't believe Adam Smith's "The Invisible Hand" took proper account of this.
I'm not sure I care about someone's pet economic rules being applied to this creature comfort stuff. There are more important economies of bread and medicine to consider whether or not they are fair.
It doesn't matter what we do, because we're so transient, and information is infinite. Whatever roadblocks we put in place at this time, the information will be free at a later time and place. What we do now is not eternal.
I'm not so sure I care whether the tools that make the information are free, so long as the information flows freely. The more information that is out there, the more intelligent and wise citizens of the world will be - I know, we'll always have the ones that choose to be stupid, but that's their free choice. The more intelligent reasoning we have in the world, the less violence we'll have, and once that distraction is out of the way we can generate more information. Everyone will be more productive and better off in the long run, leading humanity to progress and not stall on the things that don't matter.
I don't want any of the ads, so I use Bugnosis to detect the web bugs and the free WebWasher proxy with IE to scrub out the cruft, which is somehow available for free on Linux, though I'm told that Squid and Junkbusters can do the same. AdSubtract is another alternative that comes packages with the ZoneAlarm firewall these days, but I found it to not be as flexible as WebWasher. Unfortunately there are a few sites that do not work with WebWasher, most notably EBay and no matter how I tell it not to touch EBay's cookies and content, it still blocks something that keeps that site from working.
What is needed is some sort of plugin that works directly with the browser, sets all pages and cookies to be filtered out by default, and which lets you just right click on a page to tell it this site is OK to not filter and remember to let these cookies through. All browsers have the cookie feature, but management is usually a pain with what they provide and often left up to third party tools like all of the above. Sounds like Mozilla has some of this built it, so I'll give it a try...it may be time to make a switch. IE6 is supposed to have some of this cookie control, though I'm not sure if it's to that level of convenience.
I haven't seen an ad or a web bug on pages since I've made that change. I look forward to being popup/under and ad free in the future.
I think that if people are willing to accept the limited amount of info about the inner workings of commercial software that companies like Microsoft provide, they should be happy with nothing more than an explanation of "here is the latest update, apply it". Even ISC.org is getting to a point where they will limit the info they give out immediately on fixes for BIND because the admins couldn't get the fixes in place in time before the hackers got word and started breaking into numerous sites. IIS administration would devolve into applying the patch of the week...oh, never mind it already has.
If you don't demand more from their software, you deserve less. In all honesty, there are heaps of people who compile and install Apache and barely know what the code is really up to, making them no better than script kiddies. However, if you so choose to see what the inner workings of Apache are, it's no trade secret. The difference between the blind Microsoft installers and the blind Apache installers is that the Apache developers swarmed to fix the trouble when they got hit, where Microsoft wonders how many people noticed the bug to see if it's worth their royal while to fix it. True, the patch for this problem had been out a while, but many complained that it did not do the trick for them, and more is surely on the way.
Go...Yaffa!
The world is a cold, demon-haunted place nowadays. It sickens me to be a citizen of this country that so hypocritically prides itself on being free.
Yet it would sicken you more to be a citizen of a country that did not even attempt to claim free speech and jailed you for discussing the very things you are talking about. It would sicken you to the point of not being able to eat their jail food or deal with the goons from the cell next door that beat the crap out of you every day. You are freer here than anywhere else; this is just a minor setback that will correct over time.
His mistake was using his real name at this time, but no one should ever be afraid of using their real name in the face of these companies. They may yet be his masters, but in the long run they will not succeed so long as people like Ferguson and Skylarov cnotinue their efforts no matter what the consequences. So much for the huddled masses, though. That this one thing could for a moment make people think that coming to the US from another country is a frightening thing ranks right up there with Prohibition and the Red Scares.
Sounds like he should pick up a good hacker-type alias (no one ever figures out who these folks are), and post to Freenet. That's sure to boost Freenet's usage if it is only centrally released there and the alias would protect him if he ever decides to transit through an American airport lest they pull a Skylarov on him. Surely there's enough anonymity tools out there to mask his identity?
What about all the "hidden" servers, those that are behind firewalls, and not out there on the net where money is to be made, less likely to be "paid for" by an expensive Microsoft license. Those can't be counted and I'm betting are more likely to be Apache.
"Inside Internet Security" by Jeff Crume is a free book being given away by IBM that covers a lot of security topics in a really good way. They get into a lot of white-hat/black-hat discussion, which is sometimes really a distraction from talking about good policies, but it's still good overall. Get a free copy here instead of paying $30 for it, and you can even spamgourmet the address so you make sure you don't hear from them after signing up.
Remember, security is a process, not a package you buy in a store. The best tech won't help if someone is loaning their keychain with security keyfob to their girlfriend or lets their cousin use their corporate PPP account to browse the web from his home.
I use Red Hat, but have my own set of web server tarballs for running Apache that are precompiled for what I need. Since I don't use Linux for desktops, I'm not concerned about the Gnome-KDE-whatever desktop du jour.
I've thought about this. You want to be anonymous, but at the same time you want to make sure the person that just joined up isn't a narc waiting to bust your mp3 sharing ring. Can't have both. Would you trust that blank certificate? You basically have to resort to the ignorance of not knowing what it is you are carrying and letting the folks who encrypted it and put portions of it on your server worry about who they talk to.
Back to the stoneage of that 56k modem chirp? No way, not me. All the cable and DSL providers are blocking port 80, so they're starting to get that axe ready for the knees. I'll go find something else to do.
I don't think they realize the headaches that they give their customers are going to leave a sour taste in their mouth when they think Internet, meaning ecommmerce takes a hit.
An individual doing it is accountable, a mob doing it is diminished blame, a society doing it is a culture. Once people using Freenet are doing it, who are they going to finger?
Do it only with a very few people you know and do it over an encrypted pipe, storing into an encrypted filesystem.
I wonder how much of that power goes wasted into the regular administration of the site, idle time, everyone's web and email traffic, and storing employees' pr0n pix and mp3s, instead of the science it is intended for. It is my experience in a corporate environment that no one ever cleans up disk or mail boxes and they don't consider the impact of running non-essential processes on compute servers.
Also, what are they doing to protect and backup that much data?
We've gone from writing words on huge tablets of stone to etching microscopic paths on electrically charged (albeit purer) stones. Not all that far off, it's just that the infrastrucure they're putting in place is radically new. You have to really love books to bend that far over and give up your rights for the publishing industry. Somehow that goatse.cx guy is appropriate here.
I wish I had my Aeron chair again. We used to work in one of those HQ Global rent-an-office places where they provided every office with an Aeron. Once we got our own office space, the folks put in charge of facilities cheaped out and got some standard swiveling chairs that provide no back support. That Aeron was sooooo adjustable. It goes to show what you get when you work at a place that knows what the customers want versus a place that is trying to pinch a penny and doesn't give a crap about how you feel.
For my firewall needs, I went with Darrel Reed's IPFilter on an old Sparc5. As a single purpose box, it more than fills the need to protect my Windows desktop machines at home. Here in the office, I went with Netscreen, a relatively cheap, but powerful firewall, VPN, and remote access solution.
The problem with having the service centralized is that there was a single place to go sue if the company wanted to continue spamming. If a decentralized scheme can be put in place, no one can get sued, no one will be thought of as the big bad mail nazis, and it will all be controlled by individual sites, as it should be.
The downside is that admins would have to go through these lists of domains to see which they want to allow through that are currently blocked. It would also take some time to propagate through the network of hosters, some of which may not care to push the database to other, only to pull it down for their own use. An upside is that you could quickly control the list locally to allow a customer/client through instead of waiting for a central authority to wade through the huge list of adds/changes/removes to get to your request. You could also insert a domain into the web of trust that would start propagating through the net that moment rather than waiting for a central authority to wade through the huge list of adds/changes/removes to get to your request. Sense a theme? =)
OK, since this is all really DNS, we need a way to update an RBL domain back and forth between sites in a trusted fashion. The new versions of named have authentication built in, so a web of trust could be started now. If the updating could be set up in a ring or a web of trust fasion that would update the next site and take from another peer site only meant to update your site (and maybe one other), then it could be closed to a known trusted group of people. A ring scheme has the property of being interruptible like a token ring network, but a web of trust is a more reliable model unfortunately prone to being harder to follow/debug. This way changes are done by someone you know or known by someone you know and a little more familiar.
This way, as an admin for a company, I am blocking a site personally as a representative of the company, rather than as a group making decisions for a large number of individuals/companies whose interests are wholly unknown to you. These rings/webs could be set up to be totally disconnected from each other so that people with special interests can get mailings they don't consider spam, yet block that which they do.
Bastards were bound to do it eventually.
What are the chances that some sort of driver could be devised that would let MSWin machines share according to something that Samba would be compatible with and still be able to authenticate against AD or the domain AND still be fast? Knowing MS, that would be listed as a bad driver and excluded from being loaded into the machine.
Of course, for those of us using NetApps, Snap Appliances, and Maxtor MaxAttach units, the technology is updated with any patches the companies release. If they do this, they're going to alienate a lot of companies that do Samba-like products. But life will find a way around this, too.