Visa and MasterCard reiterate every quarter that neither one has traced a single instance of credit card fraud to online interception or acquisition of a credit card number.
Wow, what are the odds that the first guy it happens to is Novell's CEO? It's a good thing he has a plan to make sure it doesn't happen to anyone else! Phew!
Sounds to me like the second case of stealing money over the net is being propogated by Eric Schmidt himself!
... is if this is installed on a developer/tester's workstation in an e-commerce/web design shop.
What kind of information could be gleamed from them by the record of all thier internal urls?
The software only sends them info when you hit a cometcursor aware site (with special cometcursor tags in it). Your own internal urls are safe and sound.
Sorry guy, but this isn't illegal in the UK. To address your points one by one:
What laws are they breaking?
For starters, there's the Data Protection Act (amended 1998). This requires all databases to be registered, along with a list of their structure, so that people upon whom information is held can serve a data disclosure notice on the database owners and find out what is being said about them. I believe there's also a requirement to notify the subjects that information about them is being stored.
(Violation: up to two years in prison and a honking great fine, although it's very rare for infractions to get as far as a prosecution.)
This applies to companies in the UK. This company is based in New York, and their databases ae based in New York. Just because someone from the UK accesses it doesn't mean the company has to register the database they're accessing with UK authorities. Secondarily, do you have any evidence at all that they don't have their databases registered, or is this an ipso-facto "they're evil, so they're breaking laws, and therefore they're evil" mentality?
Next: Computer Misuse Act (1994). This act has teeth -- it was introduced as an anti-hacking measure and it would seem that if they're tampering with or using a computer in the UK for any purpose without the consent of the owner they could be liable for five years as a guest in one of Her Majesty's hotels. It is a criminal offense to run software on a computer without the owner's permission, or to cause software to be run (ditto), or indeed to do anything with a computer without permission from its owner. Oh, and you can be guilty even if you're not in the UK (but meddling with a UK-based computer), or if the computer's not in the UK (but you are).
They have the user's permission. The user has to agree to a terms of service before the software is installed and they say that it transmits GUID information in those terms of service. They didn't hide anything.
Finally there's the EU declaration of human rights which, implemented in law, has an explicit right of privacy. The EU recently disseminated some directives on data security -- specifically banning the export of personal information from jurisdictions with strict privacy laws to other jurisdictions with weaker protection -- that means this company is violating the law, right across the EU.
Slashdot gathers more information about you than Comet cursor does. Are they violating human rights? The fact is that Comet's not doing anything they didn't explicitly say they do, and if you're concerned with privacy you should take the time to read the privacy policies of the software you're installing. This article, along with yesterday's Quake 3 article, is an example of the knee-jerk holier-than-corp litigiousness that's become rampant with the linux crowd recently. It's about time that we investigate what's going on before calling red alert, and drawing distinctions between gathering anonymous marketing data in a legal and open manner and ilicit hacking into computers.
They explain the information they collect, which is good (and probably makes it legal even in the UK) but they also explain that the code might auto-update with bugfixes or new functionality without any notification at all.
This is dangerous, as someone forging an address could conceivably deposit executable code on your computer and callit however they wanted to. While some other software (MacOS 9 and Quicktime 4 come to mind) have this functionality, they always ask you before downloading new code, and you can turn the feature off, while here it's just an invisible process.
Also, as a side note, they claim their data-collection doesn't violate the user's privacy because their GUIDs have never been correlated to any user-identifiable data. It's not to say that they couldn't though. Cross-referencing their logs with a site's logs (with the site's own guid that is correlated to a profile) could open the door for tracking where else that person's gone.
On the brighter side, they have a link for a 'cleaner' program that will wipe Comet Cursor off your computer.
While they have evolved from the Hermes and Fido BBSes of old, there are still a bunch out there and some have successfully migrated their paradigm to the internet.
My favorite examples are FirstClass systems. They have real forum areas, real chat, the ability to 'yell' at other people who are online right now, their own internal email systems, file upload and downloads, and they work seamlessly with dialups and TCP connections at the same time.
check out PlanetMUG, the evolutionary step of the Berkeley Mac User's Group, as an example. You can take a look at a slideshow tour at http://www.bmug.org/planet. Please don't spam about commercialism. I'm just citing it as a societal example, not hawking on/. .
They're out there, but they don't have the viral growth potential of usenet or mailing lists, which is why, for better or worse, they've largely fallen to the wayside.
Today 11/19/1999 is also a prime day (as noted earlier) but not the last in the near future.
11/23/1999 and 11/29/1999 will also be prime days, but they'll be the last we'll see until 2/2/2003. Of course there will be a slew of them in 2003, but then no more until 2011, then 2017.
Enjoy the prime days while they last, especially this last odd one!
It doesn't seem to give permission to modify the book and pass it along, but also isn't being placed in the public domain, so I'd say it's more accurately labeled as the first instance of freeware.
Besides the constant talk about trying to add new top level domains, I really hope such talk includes placing restrictions on those domains. Things such as
.net may only be distributed to ISPs and other network service providers. .org may only be distributed to non-profit organizations .com or.baz may be only distributed to companies and businesses.
And what about ordinary individuals with web sites? Too late to start enforcing that beyond the.edu.gov and.mil restrictions already in place, I'm afraid...
I can't wait to see what happens to the stock market on Monday. The monopoly power Microsoft has on the industry can be reflected in the number of companies whose stock may get a shot in the arm on Monday. Basically, any company whose product has been stifled by Microsoft's (perceived or otherwise) anti-competitive practices has a real shot at a stock boost tomorrow.
Examples: Apple Real Networks (even in the face of the twin GUID and DVD fiascos) Allaire Corel (Linux, WordPerfect, *and* Draw!) Adobe (like they need any more help!) AOL (too late for Netscape? Maybe not) Red Hat Caldera Logitech Kensington
To a lesser extent: Sun SGI
Anyone else care to fill in those I've missed? I know some of the small caps I don't know about could really shoot forward as well...
I predict they'll send you another letter accusing you of diluting their brand by using the phrase "... for dummies" 12 times in your email reply to them.
...it might make sense to move launch sites from Florida (good equatorial boost) to Colorado (smaller boost, but launch track at 8000'-10000') except for the small problem of dropping empty tanks on Kansas.
What problem is that? I'm sure they'd accept it as a sign from God. Slap a Pizza Hut logo on the side of the tank and they'd start setting up franchises in church...
So say you somehow got past all the other problems of melting while exiting the atmosphere or creating an all-metal probe so the killer g-forces wouldn't be a problem, all you've done is make something that could launch a projectile.
Without creating a gun that could reach close to escape velocity, you could only achieve orbit by performing an OMS burn at the apogee, in other words, circularize the orbit so the probe doesn't just crash down ala Newton.
The problem here is thaqt the size of the OMS burn needed is directly proportional to how vertical the launch was. If you shoot straight up, you need a strong enough burn to accellerate the craft to orbital speeds (17Kmph) which is a lot of fuel and kind of wrecks the point. Also, the lower the metal-nonmetal ratio, the less acceleration there will be on the craft.
So you have to launch at an angle, slicing through a serious cut of atmosphere to make for a projectile moving closer to paralelling the orbit it's trying to get into. This would of course mean a huge slowdown from drag.
So either way, you're toast, unless you're building a gun powerful enough to launch something so fast that even after the parachute that is Earth's atmosphere, it's still going 7 miles per second (and I'd LOVE to see one of these going up. The plasma trail would be quite a sight!) or you've got a gun that's really good at throwing rocks at other people. Metal rocks, mind you. I wouldn't even want to think of the implications of trying to construct a nuclear (or even worse, a biological) weapon that could survive those g-forces and remain intact and functioning.
The Sagan idea doesn't work with this. Even if the Earth became a black hole, there would be evidence of humans having existed. Earth would be a black hole with the same gravitational pull as it has now, just no size and an accessible event horizon.
Actually, in this scenario, the Sagan principle still works. As long as the destruction transmutes a civilization from an entity or object discernable as such (ie cities, a planet giving off a star's radio energy, etc) to one not decernable as such by the target civilization (ie us), then it has for all intents been destroyed.
Now if at some future point we as a people became more astute at recognizing fallen civilizations (destroyed by nuclear war, black holes, CmdrTaco, what have you), then Sagan's principle would no longer be valid, because there would be no civilizations that could disappear after being formed.
So I took a look at the 'grader' program mentioned in the article. They have a demonstration where they give you a topic and you can write an essay, or submit one of three previously written essays and see the results.
Anyhow, take sample essay 1. Unmodified, it scores a 9 out of ten, with blah blah blah analysis on content, sentence length, and so forth. Go back, submit the same essay after negating every sentence (Billy did NOT show signs of abandonment, etc...) and submit it again, and it still gets a 9 and is still a 'great' paper, though being totally and utterly incorrect.
Is there a script to do this without xwindows? I'd love to have something that transposed through a tty.
Then again, if you had this running on your physical machine, then performed the permutation again through your telnet session, you'd end up typing in a double cipher that uses the QWERTY and DVORAK mappings as encryption keys!
Actually both altitude and horizon would be important for this particular application:
Altitude, becase by exoatmospheric I assume they mean an altitude in excess of 200 miles, or outside of the Earth's atmosphere. At that height, g(antimissile) is 0.907g(surface_of_earth), which would make a huge impact on vector calculations.
Horizon, because they have to know what vector that 0.907g is coming from.
Also, on the subject of navication by 4 stars, this would be useless for navigation on such a small scale, as that fourth star used for position on the plane would apear as stationary to the most sophisticated sensors available unless you're talking about a translation of nearly a million miles (and the surface of the sun is too inconstant to use it as a closer source).
Also, GPS couldn't be used reliably for navigation because it could conceivably be jammed.
William Tanksley sends us a story that Bernstein, who's case against the United States resulted in a three judge panel over-turning the US laws regarding exportation of cryptography software.
umm, that Bernstein what? shouldn't write posts early on a Saturday morning?:)
What with Dvorak being as fast as dvorak and what's your favorite 'protocol,' it looks like proffreading doesn't fall under the umbrella of 'stuff that matters.'
What I noticed (and makes me wish they actually had a technical paper linked to the article to appease my methodological curiosity) is that the 'random background noise' was exactly the same for each word in a given round of testing.
If they were training by those samples, the entire story is bogus because the pure, unmasked original word could be extrapolated by taking one sample, inverting the wave, and adding a second sample.
to put it another way, the net wouldn't be learning how to interpret the word "no" or "fire" in a crowd. It would be learning how to understand that particular soundbyte of cocktail party babble and be able to distinguish in what way the original cocktail party sound was modified.
This is completely useless because you'll never have a need (or the opportunity) to have two (or four) differnt words masked over the exact same soundwave. The background noise will always be different from sample to sample in a real world test.
The point is that Eschelon wouldn't have to have 99% accuracy to be devastatingly effective. Even if it only got 10% of the words, it could still generate a pattern of conversational content, and tag that line for human analysis.
More useful than tracking who says what is simply tracking who calls who and just a fet bits of extra information, such as whether the tone was serious or humorous and the duration of the call.
This in and of itself could be formed into a neural net that would give devastatingly accurate insights into how information is flowing, and easily light up potential security risks.
The government does this now, as is noted in a 8/26/99 story in the San Jose Mercury News.
It's not the specific capabilities of science that'll change the world, it's the pervasiveness of it.
Actually, this article is a prime example of the new Beowulf/Dvorak proofreader.
Each machine in the cluster is given a word and has to say "Yes, this word is right" or "No, this word is incorrect." This kind of innovative massive paralellism allows the machines to check for validity without ever actually checking for validity.
I believe he's 'interned' at the cathedral in Florence. Personally, I'd rather father my own children, but if they find out where the daughter was buried...
Slashdot Mirror
Visa and MasterCard reiterate every quarter that neither one has traced a single instance of credit card fraud to online interception or acquisition of a credit card number.
Wow, what are the odds that the first guy it happens to is Novell's CEO? It's a good thing he has a plan to make sure it doesn't happen to anyone else! Phew!
Sounds to me like the second case of stealing money over the net is being propogated by Eric Schmidt himself!
Kevin Fox
www.fury.com
What kind of information could be gleamed from them by the record of all thier internal urls?
The software only sends them info when you hit a cometcursor aware site (with special cometcursor tags in it). Your own internal urls are safe and sound.
Kevin Fox
www.fury.com
What laws are they breaking?
For starters, there's the Data Protection Act (amended 1998). This requires all databases to be registered, along with a list of their structure, so that people upon whom information is held can serve a data disclosure notice on the database owners and find out what is being said about them. I believe there's also a requirement to notify the subjects that information about them is being stored.
(Violation: up to two years in prison and a honking great fine, although it's very rare for infractions to get as far as a prosecution.)
This applies to companies in the UK. This company is based in New York, and their databases ae based in New York. Just because someone from the UK accesses it doesn't mean the company has to register the database they're accessing with UK authorities. Secondarily, do you have any evidence at all that they don't have their databases registered, or is this an ipso-facto "they're evil, so they're breaking laws, and therefore they're evil" mentality?
Next: Computer Misuse Act (1994). This act has teeth -- it was introduced as an anti-hacking measure and it would seem that if they're tampering with or using a computer in the UK for any purpose without the consent of the owner they could be liable for five years as a guest in one of Her Majesty's hotels. It is a criminal offense to run software on a computer without the owner's permission, or to cause software to be run (ditto), or indeed to do anything with a computer without permission from its owner. Oh, and you can be guilty even if you're not in the UK (but meddling with a UK-based computer), or if the computer's not in the UK (but you are).
They have the user's permission. The user has to agree to a terms of service before the software is installed and they say that it transmits GUID information in those terms of service. They didn't hide anything.
Finally there's the EU declaration of human rights which, implemented in law, has an explicit right of privacy. The EU recently disseminated some directives on data security -- specifically banning the export of personal information from jurisdictions with strict privacy laws to other jurisdictions with weaker protection -- that means this company is violating the law, right across the EU.
Slashdot gathers more information about you than Comet cursor does. Are they violating human rights? The fact is that Comet's not doing anything they didn't explicitly say they do, and if you're concerned with privacy you should take the time to read the privacy policies of the software you're installing. This article, along with yesterday's Quake 3 article, is an example of the knee-jerk holier-than-corp litigiousness that's become rampant with the linux crowd recently. It's about time that we investigate what's going on before calling red alert, and drawing distinctions between gathering anonymous marketing data in a legal and open manner and ilicit hacking into computers.
Kevin Fox
www.fury.com
They explain the information they collect, which is good (and probably makes it legal even in the UK) but they also explain that the code might auto-update with bugfixes or new functionality without any notification at all.
This is dangerous, as someone forging an address could conceivably deposit executable code on your computer and callit however they wanted to. While some other software (MacOS 9 and Quicktime 4 come to mind) have this functionality, they always ask you before downloading new code, and you can turn the feature off, while here it's just an invisible process.
Also, as a side note, they claim their data-collection doesn't violate the user's privacy because their GUIDs have never been correlated to any user-identifiable data. It's not to say that they couldn't though. Cross-referencing their logs with a site's logs (with the site's own guid that is correlated to a profile) could open the door for tracking where else that person's gone.
On the brighter side, they have a link for a 'cleaner' program that will wipe Comet Cursor off your computer.
Share and Enjoy,
Kevin
www.fury.com
While they have evolved from the Hermes and Fido BBSes of old, there are still a bunch out there and some have successfully migrated their paradigm to the internet.
/. .
My favorite examples are FirstClass systems. They have real forum areas, real chat, the ability to 'yell' at other people who are online right now, their own internal email systems, file upload and downloads, and they work seamlessly with dialups and TCP connections at the same time.
check out PlanetMUG, the evolutionary step of the Berkeley Mac User's Group, as an example. You can take a look at a slideshow tour at http://www.bmug.org/planet. Please don't spam about commercialism. I'm just citing it as a societal example, not hawking on
They're out there, but they don't have the viral growth potential of usenet or mailing lists, which is why, for better or worse, they've largely fallen to the wayside.
Kevin Fox
www.fury.com
Today 11/19/1999 is also a prime day (as noted earlier) but not the last in the near future.
11/23/1999 and 11/29/1999 will also be prime days, but they'll be the last we'll see until 2/2/2003. Of course there will be a slew of them in 2003, but then no more until 2011, then 2017.
Enjoy the prime days while they last, especially this last odd one!
Kevin
www.fury.com
It doesn't seem to give permission to modify the book and pass it along, but also isn't being placed in the public domain, so I'd say it's more accurately labeled as the first instance of freeware.
Kevin Fox
Besides the constant talk about trying to add new top level domains, I really hope such talk includes placing restrictions on those domains. Things such as
.net may only be distributed to ISPs and other network service providers.
.org may only be distributed to non-profit organizations
.com or
And what about ordinary individuals with web sites? Too late to start enforcing that beyond the
I can't wait to see what happens to the stock market on Monday. The monopoly power Microsoft has on the industry can be reflected in the number of companies whose stock may get a shot in the arm on Monday. Basically, any company whose product has been stifled by Microsoft's (perceived or otherwise) anti-competitive practices has a real shot at a stock boost tomorrow.
Examples:
Apple
Real Networks (even in the face of the twin GUID and DVD fiascos)
Allaire
Corel (Linux, WordPerfect, *and* Draw!)
Adobe (like they need any more help!)
AOL (too late for Netscape? Maybe not)
Red Hat
Caldera
Logitech
Kensington
To a lesser extent:
Sun
SGI
Anyone else care to fill in those I've missed? I know some of the small caps I don't know about could really shoot forward as well...
Kevin Fox
www.fury.com
I predict they'll send you another letter accusing you of diluting their brand by using the phrase "... for dummies" 12 times in your email reply to them.
I can't wait until Hemos gets the same letter.
KFury
Actually, it's fine to get demographics from people under 18. It's under 13 that you need parental consent.
-Kevin
What problem is that? I'm sure they'd accept it as a sign from God. Slap a Pizza Hut logo on the side of the tank and they'd start setting up franchises in church...
Without creating a gun that could reach close to escape velocity, you could only achieve orbit by performing an OMS burn at the apogee, in other words, circularize the orbit so the probe doesn't just crash down ala Newton.
The problem here is thaqt the size of the OMS burn needed is directly proportional to how vertical the launch was. If you shoot straight up, you need a strong enough burn to accellerate the craft to orbital speeds (17Kmph) which is a lot of fuel and kind of wrecks the point. Also, the lower the metal-nonmetal ratio, the less acceleration there will be on the craft.
So you have to launch at an angle, slicing through a serious cut of atmosphere to make for a projectile moving closer to paralelling the orbit it's trying to get into. This would of course mean a huge slowdown from drag.
So either way, you're toast, unless you're building a gun powerful enough to launch something so fast that even after the parachute that is Earth's atmosphere, it's still going 7 miles per second (and I'd LOVE to see one of these going up. The plasma trail would be quite a sight!) or you've got a gun that's really good at throwing rocks at other people. Metal rocks, mind you. I wouldn't even want to think of the implications of trying to construct a nuclear (or even worse, a biological) weapon that could survive those g-forces and remain intact and functioning.
Makes Pegasus and moon bases seem simple...
www.fury.com
Actually, in this scenario, the Sagan principle still works. As long as the destruction transmutes a civilization from an entity or object discernable as such (ie cities, a planet giving off a star's radio energy, etc) to one not decernable as such by the target civilization (ie us), then it has for all intents been destroyed.
Now if at some future point we as a people became more astute at recognizing fallen civilizations (destroyed by nuclear war, black holes, CmdrTaco, what have you), then Sagan's principle would no longer be valid, because there would be no civilizations that could disappear after being formed.
(Incidentally, Knowledge Technologies is hosted on computers at Colorado University)
Anyhow, take sample essay 1. Unmodified, it scores a 9 out of ten, with blah blah blah analysis on content, sentence length, and so forth. Go back, submit the same essay after negating every sentence (Billy did NOT show signs of abandonment, etc...) and submit it again, and it still gets a 9 and is still a 'great' paper, though being totally and utterly incorrect.
Is there a script to do this without xwindows? I'd love to have something that transposed through a tty.
Then again, if you had this running on your physical machine, then performed the permutation again through your telnet session, you'd end up typing in a double cipher that uses the QWERTY and DVORAK mappings as encryption keys!
I wonder how much faster/slower *that* is...
I thought it was Dr. Evil's "Laser" on a moon base I like to call a "Death Star."
Actually both altitude and horizon would be important for this particular application:
Altitude, becase by exoatmospheric I assume they mean an altitude in excess of 200 miles, or outside of the Earth's atmosphere. At that height, g(antimissile) is 0.907g(surface_of_earth), which would make a huge impact on vector calculations.
Horizon, because they have to know what vector that 0.907g is coming from.
Also, on the subject of navication by 4 stars, this would be useless for navigation on such a small scale, as that fourth star used for position on the plane would apear as stationary to the most sophisticated sensors available unless you're talking about a translation of nearly a million miles (and the surface of the sun is too inconstant to use it as a closer source).
Also, GPS couldn't be used reliably for navigation because it could conceivably be jammed.
-Kevin
"All typos are my own fault. I'm not proud."
We don't seem to have a complete first sentence:
:)
William Tanksley sends us a story that Bernstein, who's case against the United States resulted in a three judge panel over-turning the US laws regarding exportation of cryptography software.
umm, that Bernstein what? shouldn't write posts early on a Saturday morning?
What with Dvorak being as fast as dvorak and what's your favorite 'protocol,' it looks like proffreading doesn't fall under the umbrella of 'stuff that matters.'
All very good points.
What I noticed (and makes me wish they actually had a technical paper linked to the article to appease my methodological curiosity) is that the 'random background noise' was exactly the same for each word in a given round of testing.
If they were training by those samples, the entire story is bogus because the pure, unmasked original word could be extrapolated by taking one sample, inverting the wave, and adding a second sample.
to put it another way, the net wouldn't be learning how to interpret the word "no" or "fire" in a crowd. It would be learning how to understand that particular soundbyte of cocktail party babble and be able to distinguish in what way the original cocktail party sound was modified.
This is completely useless because you'll never have a need (or the opportunity) to have two (or four) differnt words masked over the exact same soundwave. The background noise will always be different from sample to sample in a real world test.
The point is that Eschelon wouldn't have to have 99% accuracy to be devastatingly effective. Even if it only got 10% of the words, it could still generate a pattern of conversational content, and tag that line for human analysis.
More useful than tracking who says what is simply tracking who calls who and just a fet bits of extra information, such as whether the tone was serious or humorous and the duration of the call.
This in and of itself could be formed into a neural net that would give devastatingly accurate insights into how information is flowing, and easily light up potential security risks.
The government does this now, as is noted in a 8/26/99 story in the San Jose Mercury News.
It's not the specific capabilities of science that'll change the world, it's the pervasiveness of it.
Actually, this article is a prime example of the new Beowulf/Dvorak proofreader.
Each machine in the cluster is given a word and has to say "Yes, this word is right" or "No, this word is incorrect." This kind of innovative massive paralellism allows the machines to check for validity without ever actually checking for validity.
Sure, passit along and I'll post it on my site. URL to follow.
Does anyone know of a version of this in an electronic book format? anyone interested in compiling one?
I believe he's 'interned' at the cathedral in Florence. Personally, I'd rather father my own children, but if they find out where the daughter was buried...