Presumably it would be a little bit more difficult for an application to pull out your GUID than it would to get your actual machines MAC, so who cares? Besides, the only time this would really matter is if this information was going to be amassed and distributed. It's not as if it's a huge problem that if someone steals your hard drive out of your PC, they're going to know your MAC address as well..
Besides, there are tons of different numbers that could uniquely identify you on your PC already -- go poking around in your system registry. Also, who says you can't erase your GUID table and start anew? The only thing anyone would gain would be your MAC address.
I'm trying to avoid being OT as much as possible, although I'm sure I'm bound to fail and start a thread -- if anyone reads this, that is.
In my opinion, the reason Linux gets so much publicity is the bandwagon effect. I'm probably incredibly wrong, as always, but I imagine it was the first to surprise the media, and for lack of knowledge of other choices (not the supposed quality of other choices) people jump on with the Linux team.
Take a look at it from ORA's perspective for a moment: ORA wants money. If there are potentially tons of Linux people running the OS at home vs. many servers holding up various internet sites running FreeBSD, who is more likely to pull down documentation from a website and who is more likely to go out and buy a book? Being pro-BSD, and running it only as machines I classify as servers, I'm much more likely to go pull down documentation for something from the info pages, man pages, or the handbook where it's searchable and can be quickly made use of. If I were to stick a Linux machine on my desk, I'd probably run out and prefer a book simply because I could use that without having the machine turned on.
I'll try that one more time, because I'm sure that didn't make any sense. If I have a machine on my desk, I'm probably more likely to buy a book so I can read how to fix something with it if it's not working to pull down online docs. With FreeBSD having "the power to serve", I'd much more likely stick it on a server - and hence be able to draw on online sources quicker and easier than working from a book.
Maybe that's just a personal thing?
Again, on the driver front, is a server machine/OS likely to have Nvidia code for it, or a desktop OS?
Being an IRC Operator on EFnet, DDoS, or any type of DoS, is tossed around pretty frequently.
Being a network without services, EFnet is vulnerable to channel takeovers by 'removing' all channel members, or in some cases channel operators. Mostly this is done through the use of a DoS attack. Also, personal grudges between people may result in attacks as well, or an IRC operator may get attacked for placing a server-side ban on someone. Basically, it's the high-school bully principle extending to the online chat world. With what I do online, I experience and/or see the effects of such attacks almost daily.
As for the DDoS validity in the posts below, DDoS -is- real. Whether or not these large companies got attacked is up for speculation of any sort, as logs can be faked and it becomes a case of one persons word against another; it's hard to have concrete evidence in such a matter. However, again, seeing the effects of these attacks, and having been involved in the 'clean up' or preventitive aspects of these attacks, I have seen DDoS in action. I have even been logged into a machine which was (one of) the sources of such an attack. The vulnerabilities in IPv4 are real, whether or not the attacks on the major sites were. (Besides, why would they fake such a thing?)
What bothers me, is that this had been going on for a long while before hitting the media. When small companies or individuals undergo a denial of service, no one lifts a finger. As soon as a multi-million dollar company is involved, they call in the cavalry.
In my opinion, it should be legislated that internet service providers be responsible for the machines on their network or their client network. If the provider is notified about a possible server used in an attack, and it can be verified, it should be made *illegal* to keep that machine on their network. Perhaps even legislate the use of egress filters to prevent spoofed attacks.. we can hope. Will it happen? Doubtable until someone decides to nail the government with one of these.
When it comes down to it, I'm more than sure they're coming. We just haven't seen the government deem it necessary yet.
I'm betting that with the population of the US, having something to control copyright issues was priority one. With fewer people in Canada, and some of us living in areas where internet access is still not available, is it necessary yet?
Just wait until we see Jean Chretien's rendition of the law, that should be rather interesting.
To avoid being marked as offtopic, I'm only going to mention this once, but what the heck has the last reply to this about Slashdot's incompetency (and, I might add, quite a literary genius wrote that one), have to do with this thread? What we're arguing here is the basis of many MANY journalism debates, almost bordering on a holy war. The whole concept of editorials and journalism in general depends on someone, somewheres viewpoint. We can't expect someone to be totally and completely objective when it comes to an article. Why do you think we grew up being told "not to believe everything we read?" internet.com has no responsibility to do anything, they own the bandwidth, servers, and sometimes content, and they can do what they please. The correct answer here is that it is our responsibility as end-users of this content to judge for ourselves what to take as holy fact, and what to take as editorial advertising. To each his/her own.
I think people are mildly misinterpreting this. There was no bias mentioned against open-source software whatsoever, just the mention that many open source projects do not contain outlines and whatnot for what they'd like to achieve as a project, and without having goals set have no method to be gauged sa to how secure they really are. However, this is just as true for open-source as it is for closed-source projects, and what makes it even more scary is the fact that they may meet a standard outlines in their product, but with a closed-source solution you have no way to prove that it was implemented and designed in a secure method appropriately. Closed-source products already imply a level of trust when you run their software that most people don't consider -- certain applications can do whatever they like behind the scenes and you may not even know about it. I believe the makers of rz/sz z-modem transfer suite attempted to implement an accounting system to see who was using their code silently, and because it was open-source, this was caught and dealt with. Who knows what various Microsoft or other-vendor closed-source projects are doing behind the scenes?
Slashdot Mirror
You're rather missing the point on that one.
Presumably it would be a little bit more difficult for an application to pull out your GUID than it would to get your actual machines MAC, so who cares? Besides, the only time this would really matter is if this information was going to be amassed and distributed. It's not as if it's a huge problem that if someone steals your hard drive out of your PC, they're going to know your MAC address as well..
Besides, there are tons of different numbers that could uniquely identify you on your PC already -- go poking around in your system registry. Also, who says you can't erase your GUID table and start anew? The only thing anyone would gain would be your MAC address.
I'm trying to avoid being OT as much as possible, although I'm sure I'm bound to fail and start a thread -- if anyone reads this, that is.
In my opinion, the reason Linux gets so much publicity is the bandwagon effect. I'm probably incredibly wrong, as always, but I imagine it was the first to surprise the media, and for lack of knowledge of other choices (not the supposed quality of other choices) people jump on with the Linux team.
Take a look at it from ORA's perspective for a moment: ORA wants money. If there are potentially tons of Linux people running the OS at home vs. many servers holding up various internet sites running FreeBSD, who is more likely to pull down documentation from a website and who is more likely to go out and buy a book? Being pro-BSD, and running it only as machines I classify as servers, I'm much more likely to go pull down documentation for something from the info pages, man pages, or the handbook where it's searchable and can be quickly made use of. If I were to stick a Linux machine on my desk, I'd probably run out and prefer a book simply because I could use that without having the machine turned on.
I'll try that one more time, because I'm sure that didn't make any sense. If I have a machine on my desk, I'm probably more likely to buy a book so I can read how to fix something with it if it's not working to pull down online docs. With FreeBSD having "the power to serve", I'd much more likely stick it on a server - and hence be able to draw on online sources quicker and easier than working from a book.
Maybe that's just a personal thing?
Again, on the driver front, is a server machine/OS likely to have Nvidia code for it, or a desktop OS?
Being an IRC Operator on EFnet, DDoS, or any type of DoS, is tossed around pretty frequently.
.. we can hope. Will it happen? Doubtable until someone decides to nail the government with one of these.
Being a network without services, EFnet is vulnerable to channel takeovers by 'removing' all channel members, or in some cases channel operators. Mostly this is done through the use of a DoS attack. Also, personal grudges between people may result in attacks as well, or an IRC operator may get attacked for placing a server-side ban on someone. Basically, it's the high-school bully principle extending to the online chat world. With what I do online, I experience and/or see the effects of such attacks almost daily.
As for the DDoS validity in the posts below, DDoS -is- real. Whether or not these large companies got attacked is up for speculation of any sort, as logs can be faked and it becomes a case of one persons word against another; it's hard to have concrete evidence in such a matter. However, again, seeing the effects of these attacks, and having been involved in the 'clean up' or preventitive aspects of these attacks, I have seen DDoS in action. I have even been logged into a machine which was (one of) the sources of such an attack. The vulnerabilities in IPv4 are real, whether or not the attacks on the major sites were. (Besides, why would they fake such a thing?)
What bothers me, is that this had been going on for a long while before hitting the media. When small companies or individuals undergo a denial of service, no one lifts a finger. As soon as a multi-million dollar company is involved, they call in the cavalry.
In my opinion, it should be legislated that internet service providers be responsible for the machines on their network or their client network. If the provider is notified about a possible server used in an attack, and it can be verified, it should be made *illegal* to keep that machine on their network. Perhaps even legislate the use of egress filters to prevent spoofed attacks
When it comes down to it, I'm more than sure they're coming. We just haven't seen the government deem it necessary yet. I'm betting that with the population of the US, having something to control copyright issues was priority one. With fewer people in Canada, and some of us living in areas where internet access is still not available, is it necessary yet? Just wait until we see Jean Chretien's rendition of the law, that should be rather interesting.
To avoid being marked as offtopic, I'm only going to mention this once, but what the heck has the last reply to this about Slashdot's incompetency (and, I might add, quite a literary genius wrote that one), have to do with this thread? What we're arguing here is the basis of many MANY journalism debates, almost bordering on a holy war. The whole concept of editorials and journalism in general depends on someone, somewheres viewpoint. We can't expect someone to be totally and completely objective when it comes to an article. Why do you think we grew up being told "not to believe everything we read?" internet.com has no responsibility to do anything, they own the bandwidth, servers, and sometimes content, and they can do what they please. The correct answer here is that it is our responsibility as end-users of this content to judge for ourselves what to take as holy fact, and what to take as editorial advertising. To each his/her own.
-gnp