wow, they must have really cleaned it up from a few months ago then, cause back then it had a security flaw so super-basic that it showed that they didn't really understand a single thing about web security, and I decided at that point to never use it, who knows what else they were forgetting. (the flaw was that if someone clicked a link on an incoming message, and the url of that message got passed to your referrer log, you could go to that url and you'd be intheir mail, with full access to their mailbox. The worst example of session-tracking I have ever seen).
Uh, where is the discussion of the Apple suing Freetype magic missing link? If you're going to have a Slashback, for god's sake actually discuss the biggest screwup of the week. It's the story which generated the most discussion of slashdot already.
pretty unbelievable that noone has broken in yet, yeah. I mean, with master hackers like you who can grab a login prompt and paste it into slashdot, my god, he's lucky his car even still works. What's next, posting his whois info in a display of master hax0ry?
Before I post some spam-related links, allow me to explain why spam is bad, since I'm sure noone who reads Slashdot knows: The true cost of spam is that
I'm curious at to why Metcalf's law would apply to desktop environments really. I guess I can see some points where it makes some sense, but I don't see the "law" applying to Gnome/KDE anywhere close to how it applies to something like instant messenging systems, OSes or that sort of thing.
Your argument that placing ads is bad for business is rendered null and void by you listing other companies who take this "bad" business route: NBC, A&E, etc, are not hurting because you don't like their ads, and the websites with ads won't either.
I can't believe how many people are just re-iterating what the RBL does, in case we didn't read the article (like them) and don't know. Slashdot discussion is the worst, everyone's an expert, without even having read the story.
!!!!!!!!!!!!!! Wait, a slashdot employee is accusing other people of being likely to write articles that are "long on pointing and laughing but short on details."? ????????????? !!!!! This is insane. Please tell me the hackers posted this absolute gem of over-the-top irony.
Michael: I am sure Slashdot will get treated better by the news media than Microsoft would get treated by Slashdot if their website was hacked. If they don't print many details, I wouldn't be too worried, since there aren't any right now publicly available apparently, and at least when they print their articles noone is going to be able to go "wait, your website already covered that story a week ago. DAMNIT HEMOS!"
The hackers are obviously still posting stories, because this one is actually somewhat interesting, and has nothing to do with napster, cuecat, intellectual property or DeCss.
Message to hackers: Do not give slashdot back, please.
ContentZone calculates their page views slightly differently thanm other advertisers. It's a bit tough to explain, but if you don't set up enough unique page codes or whatever they call them, you won't make as much money, it's true (and they say so I think on their page).
Engage on the other hand, may credit you for more ads, but DO NOT USE THEM. flycast used to make me 30 bucks a day, then Engage came in and I now make 10 bucks a day on TWICE the traffic. They can't sell even 25% of my ad inventory and their pay is pitifiul on what they do pay. Incidentally, i get about the same amount of hits as you, so really, engage will probably equal 10 bucks a day for you. They blow hard.
Why would anyone reading CNN need the source, unless they actually knew how to read it, in which case, they can probably find it themselves. even slashdot didn't link the.c file.
I don't see how this is proof of anything. I can invent a new kind of sex doll that does everything my old sex doll does, but that doesn't prove that my old sex doll made me dinner. I don't get that at all.
Anyway, as a PR stunt, I say BRAVO DEVELOPERS, you have quite possibly succeeded in convincing open source enthusiasts that Carnivore is bad. You know how many of them are so into Carnivore! Now we finally have a free alternative. blah blah. this is lame.
HA! exactly! if you read this as a mockery of the average whiny, paranoid, i'd-join-a-militia-if-they-only-had-DSL slashdot reader it's hilarious, but it obviously was meant to be serious.
Hmm, not a bad idea though, since there are less big ISPs in canada, and those ISPs could certainly drum up business by carrying TV this way. That would probably take care of all the immediate legal loose ends (although bordercontrol might too), and allow the company to work on something even more difficult: finding a way to make a decent profit from this.
Here is what confuses me: I have an account on my friend's box running RH6.2 , but rpc is not in inetd.conf and inetd is not even running (no use for it), but you can still telnet to port 111 from any host. I don't understand how to turn it off, what's up with that?
don't be surprised, Greg Knauss has pretty much made a career lately of writing articles that are guaranteed to be linked from slashdot (ensuring readership), and this story submission was so obviously posted by him. Go back and read it, it's blatant.
I'm not a fan of lame DOS attacks, etc, they're stupid and wasteful and cost people a lot of time and money for no good reason.
Having said that, fuck Harris. Someone make a client that attacks Harris with HTTP requests and let's get everyone to just run it. Enough is enough. As long as we make a DDOS client that is no more illegal or unethical than the way Harris does business we should be well in the clear.
They want less rules on the internet? They want ISPs to sit back and do nothing when people are fucking around? Good. It works both ways.
Me like transmeta just like slashdot do. me always know that transmeta was absolutely fabless, now the people, they tell me it has been proofed!
sig:
open source security - time to re-evaluate?
on
Bob Metcalfe On NPR
·
· Score: 2
I know that many slashdot readers hold the "open source == more secure" idea to heart, but i think it would be interesting once and for all to do a completely thorough re-evaluation of this theory.
I count "the most secure" OS not as which one theoretically should be more secure, but which one I am more likely to be rooted using. I LOVE linux and I am not into microsoft, but I think it is MORE than fair to say that in the year 1999, you were far, far more likely to be compromised if you were using a Unix-like OS than using NT. I am not saying you could not secure any OS to be virtually intrusion-proof, but it really does seem now that there are many more exploits being discovered for *nix.
Now, don't get me wrong, I know that Microsoft probably has lots of un-found vulnerabilities, but that is my point: they are un-found, and unexploited. I know what you'll say next: "But Happystink, when they ARE found, they take months to be patched"... Is this really true? Microsoft respond very quickly now, just as fast as Redhat, Mandrake or whoever else.
So enough theory about which source model is more secure in a perfect world, let's re-evaluate and see which model works in the real world before we start posting comments like "I don't know who this Metcalfe guy is but he must be new to computers cause I've been using Linux 4 months and never ain't gotten rooted yet!" ok?
as I think we all know, IRC is a magnet for annoying people. I used to work at an ISP who got DOSed all the time because they let a customer run an irc server from an old machine there. Once they just got rid of the irc server they went forever without a single attack.
It's nice to say "you can't blame a protocol for these problems", but when 99% of the protocol's users are annoying 12 yr olds, then I do.
Well, listening to Guy Kawasaki on how to drive your competition nuts is about as useful as listening to me on how to have hot lesbian sex: the track record shows that that person just has no clue.
Maybe ask Bill Gates how to drive the competition nuts (or out of business), precedent has proved he's the one who actually knows.
Yes, exactly! Everyone is saying "well the facts do jibe with what my personal opinion is, that MS products suck", and the facts may even be true, but I think the odds of thie guys knowing (if he's real) are low.
MS is a huge huge corporation (duh) and to assume that any one employee knows everything about it, and that his opinion on their technology is the definitive word on it is just silly. But as you said, the internet is not exactly the land of the critical thinkers.
Slashdot Mirror
sig:
sig:
sig:
sig:
sig:
sig:
Oh wait, I already have 50 karma, nevermind.
sig:
sig:
sig:
sig:
Michael: I am sure Slashdot will get treated better by the news media than Microsoft would get treated by Slashdot if their website was hacked. If they don't print many details, I wouldn't be too worried, since there aren't any right now publicly available apparently, and at least when they print their articles noone is going to be able to go "wait, your website already covered that story a week ago. DAMNIT HEMOS!"
sig:
sig:
sig:
sig:
sig:
sig:
sig:
sig:
sig:
Having said that, fuck Harris. Someone make a client that attacks Harris with HTTP requests and let's get everyone to just run it. Enough is enough. As long as we make a DDOS client that is no more illegal or unethical than the way Harris does business we should be well in the clear.
They want less rules on the internet? They want ISPs to sit back and do nothing when people are fucking around? Good. It works both ways.
sig:
sig:
I count "the most secure" OS not as which one theoretically should be more secure, but which one I am more likely to be rooted using. I LOVE linux and I am not into microsoft, but I think it is MORE than fair to say that in the year 1999, you were far, far more likely to be compromised if you were using a Unix-like OS than using NT. I am not saying you could not secure any OS to be virtually intrusion-proof, but it really does seem now that there are many more exploits being discovered for *nix.
Now, don't get me wrong, I know that Microsoft probably has lots of un-found vulnerabilities, but that is my point: they are un-found, and unexploited. I know what you'll say next: "But Happystink, when they ARE found, they take months to be patched"... Is this really true? Microsoft respond very quickly now, just as fast as Redhat, Mandrake or whoever else.
So enough theory about which source model is more secure in a perfect world, let's re-evaluate and see which model works in the real world before we start posting comments like "I don't know who this Metcalfe guy is but he must be new to computers cause I've been using Linux 4 months and never ain't gotten rooted yet!" ok?
sig:
It's nice to say "you can't blame a protocol for these problems", but when 99% of the protocol's users are annoying 12 yr olds, then I do.
sig:
Maybe ask Bill Gates how to drive the competition nuts (or out of business), precedent has proved he's the one who actually knows.
sig:
MS is a huge huge corporation (duh) and to assume that any one employee knows everything about it, and that his opinion on their technology is the definitive word on it is just silly. But as you said, the internet is not exactly the land of the critical thinkers.
sig: