I am sorry if I somehow offended you. I did mean criminal virus writers.
People who work in a safe environment (without an external connection to the internet) can write all the virus like code they want as long as they practice safe computing. Although, I'd caution them that doing this and talking about it in today's world may put them in a spotlight that they would be better off avoiding!
One of my favorite work-place stories: I used to work for a PC manufactuerer and was tasked with teaching the Tech Support team a class on viruses. In this class I wanted to use a real but reasonably benign virus to demonstrate how to find it and how to remove it. The Training Director okayed this as long as I did not put the PC on the network. So I needed to find a virus that would meet these needs. I found out one of the BIOS engineers was rumored to keep a "zoo" of viruses (everyone needs a hobby I guess) so I approached him to see if he had one that would meet my needs. His answer was classic. He said: "No I quit keeping my zoo but, if you can wait a couple of minutes, I can whip something up." I said "Thanks but no thanks" and found the virus from another source. Think of the damage someone so knowlegeable about BIOS code could be if he wanted to write a virus to exploit that!
Anyway, not everyone who buys over-the-counter cold tablets uses them to make meth and not everyone who writes self-replicating code uses it for malicious purposes so I get your point and am sorry if I offended you I really only was talking about the criminals.
Gee, I knew what most of these posts were going to say before I even read them. Most of them say that this is just a marketing ploy by Microsoft to deflect criticism, that Microsoft's poorly written code is what is really the cause, and Microsoft this and Microsoft that and oh, by the way Linux rules.
Let's put all of that aside for a minute. I'm not going to be pro-Microsoft or Pro-anything here. I am going to be Anti-virus writer though.
Cyber-crime be it scams, viruses, trojans, worms, password/identity theft, carding or whatever affects all of us personally. It does because it casts things like the internet, ecommerce, and technology in a poor light. It causes "big money" to think twice before they invest in technology, it causes things like e-voting to come more slowly to the forefront and, it forces companies to take sometimes extreme security measures.
In a sense, the 'net hasn't matured yet. It can be compared to the Wild West where crooks didn't have to run very far or hide very long or even worry very much about getting caught. I have no doubt that over time we will see the net change and cyber-criminals and other scumbags will have more to fear. But right now, a wanted poster with a reward is appropriate. It is what Wells-Fargo did to catch outlaws way back when and it will work as well today.
Novell is a "big name" that has lost market share to it's competition (Microsoft). They aren't as powerful or as profitable as they once were but they still have an asset that can make them a lot of money: Their name. They have a brand name that is recognized and respected by many people both inside and outside of the industry. They have little hope of staying in their niche and regaining any sort of dominance in the market yet they are a hungry and competitive company and are no doubt looking for a way to turn things around.
Novell knows better than most who "likes" Microsoft and who "hates" Microsoft. There are big players in other parts of the industry who hate Microsoft almost as much as Novell. For instance: If I were a PC manufacturer I would be upset that Microsoft makes as much or more profit from a PC as I do. Imagine Novell talking with these people in the back rooms at trade shows, conferences, and wherever they run into each other. I'm sure that if Novell approached them offering a much lower cost O/S with advanced features and the Novell name attached, they would listen.
The Novell name is important to marketing a non-Windows O/S in a big name over the counter PC. It is a marketable brand with name recognition that helps to level the playing field. In the case of Novell, this is even goes further, in to the high-end server market. IS executives are willing to risk something with a name like Novell where they would be less willing with a name like SuSe.
Novell is getting ready, they are positioning themselves for war against Microsoft. They are going after not just the back room but the desktop as well. They are going to offer a secure solution for the office. If they play their cards right, they can offer the O/S, applications, and support and go head-to-head against Microsoft in the market that really counts - the OEM market. Everyone except for Microsoft can come out a winner on this. It means lower costs for the manufacturer, these lowered costs mean that they can pass on some of the savings to consumers and this means the manufacturers can sell more boxes! Novell will gain market share and win back their position in the market place.
It will be fun to sit back and watch. This is like watching a "Hail Mary" pass or an on-side kick where the underdog stands a chance of stealing the game away from the bigger, more powerful competition.
I don't like spyware anymore than the next guy but it has been around far longer than computers in one guize or a another.
Telemarketing surveys - they call you and ask you questions, you don't need to answer but somehow feel either privliged or obliged to do so.
New product registrations that ask you all sorts of questions.
Targeted coupons - those coupons that you get in the grocery store that are printed out at the same time as you purchase.
The quick customer survery that gives you a coupon if you complete it when you check out.
All of these things are like brick-and-mortar versions of spyware yet we really do not complain about them but they can all track us.
What makes computer/internet based spyware worse is it's insidiousness and how inexpensive it is. As a society, we must find a way to make it too unprofitable be a functional method of advertising.
Here are some suggestions:
1. Start a movement where publishers of software are boycotted unless their products sport a "spyware free" label.
2. Collect a small sum from tens of thousands of people and hire lawyers to lobby against spyware and sue companies that violate any laws anywhere.
3. Hyper-flood the spyware servers from bots that will effectivly kill their service.
I guess it is time to coin a new term, one that nobody can argue with. My proposal is to lump Adware, Spyware, Trojans, Worms, Viruses, and other less than savory software into something called unwelcomeware. I want the definition to be clear and understandable yet broad enough so that it encompasses everything that people don't want on their computers. I think Unwelcomeware does that.
In my book, this even covers pop-ups, pop-unders, and URL Hijackers.
You were using company property and company bandwith for personal use, discussing a slashdot story. In some companys they would have flogged you, in others fired you.
I know I am taking it far, but the real truth here is that you really don't have a lot to say about how a company uses it's equipment and if you don't like it your options are limited, put up with it or leave.
It may not seem right but perhaps that is because we feel freedom should extend into our jobs but the reality of it is that we sell some of our freedom when we accept a paycheck. We all know this and have to somehow accept it and live with it.
In the past week or two I have "noticed" a dramatic increase in the amount of spam in my inboxes (even the accounts that I never use except for between family and friends). This tells me that there is another relationship between virus/worm writers and spammers. When a worm sends emails from tens of thousands of address books, a savy spammer can harvest hundreds of thousands of previously unknown email addresses! I'm thinking that some of the worms that have made it around recently may have been written with that idea in mind.
I have not protected myself with anything special but I have created a couple of pretty basic filters that have done an adequate job of filtering much of the spam (who ever besides a spammer sends email with the words viagra or penis for instance). But still a lot of spam makes it past the filters and it is an amazing annoyance. But everyone knows that right?
I'm sure that for some developers this will be great on the desktop but I'm thinking backroom, server side stuff. A second concurant OS running inside of the same hardware gives some redundancy so that when Server 2003 crashes, you simply switch over to the second instance on the same box and reboot the first instance. Kinda instant recovery for software caused problems.
Or how about using these things in control systems where O/S one can do the real time work and the second one can audit it?
State and federal laws will not eliminate spam. It is nice to have these guys on our side but spam is bigger than the federal or state gevernments. The bad buys will just move off shore to avoid the laws if they are enacted.
Like it or not, the internet is anarchistic in nature and it allows both good and bad things to happen because if that nature. Spam to me is like pollution, it will take the cooperation of many nations to bring it under control and it is doubtfull that even if that cooperation happens that it will be eliminated.
I don't think that the internet is ready to hae a real but virtual government although a set of virtual laws regulating spam and other criminal behavior that could be enforced across international boundaries would be nice it would also be restrictive. The politics would ruin the potential of the internet and it would be a nightmare to make fair for everyone.
For the time being, yes we should have local, state, and federal laws passed that regulate spam but some of the responsibility should be put on the user's end. The laws could require ISP's to filter UCE and they could require tools be built into email clients that would allow recipients to submit (report) the UCE that they recieve to a central repository that the ISP's could draw their filter info from. This would be analagous to the reqirements put on automakers to prevent pollution. As motorists, we are required to purchase unleaded gas and to have catalytic converters.
Google searches use unique and proprietary algorithms to find the most useful information for the search terms. We all know this, it is their "page rank" system. But perhaps the page rank system is driven by more modifiers than we are aware of. For instance, In Minnesota, Twins and Vikings mean a couple of sports teams, in Norway, they probably mean something entirely different so perhaps "Page Rank" does some regionalization. In the same vein, it may be possible that if I refine my search from Minnesota by adding the word "Gopher" to the Twins and Vikings, I may get more, rather than fewer results while perhaps in Norway I'd get no results!
In addition to possibly regionalizing searches, perhaps Google's servers are not updated with the latest code at the same time. Maybe the code is distributed over time to servers so that if a problem were discovered it could be more easily rolled back. It is possible that the load balancing on these servers uses some component of the IP address or somehow regionalizes the incomming requests so that it is likely that the same user usually gets to server A but sometimes goes to server B while their co-surfer neighbor usually goes to server B but sometimes goes to server C. Meanwhile, a couple of states away, another user usually connects to server W but sometimes connects to server X. This could explain why they usually but not always get the same results but someone else gets different results.
The story is always the same, it is just the technologies that differ.
The telephone put the telegraph operator and telegraph messenger out of business.
The airplane and automobile ruined the passenger train business.
The train put the pony express out of business.
The computer put an army of bookkeepers out of business.
Yes, each of these technologies represented an increase in efficiency and each of them at least initially was a costly enough investment so that it cost too much for the little guy to get involved in so it helped the rich-get-richer. But life is that way, you need to keep moving or, you will get run over. Several times in my life I've had things change and I've found my world terribly different. I have been automated out of a job and I've seen a company fail to change and watched helplessly as they faded into oblivion.
The lessons I've learned is that you have to accept and adapt to change. Nobody said you have to like it. I do think though that it helps if you don't fight it. Not all change is good but the normal reason to change something is to make it better therefore most change is good. It just doesn't feel that way all the time.
Good out weighs the bad but...
on
NYT on RFID
·
· Score: 1
RFID tags can help control inventory, improve product safety, and help business manage the flow of goods. All of these things end up being good for the consumer because it all helps to control costs. Yet RFID could be used to invade the privacy of individuals. I do not think you could drive past someone's house and determine what kind of appliances they have, the output is too low for that but, you could scan them and inventory them as they walked through a door or other checkpoint.
I think this means that there have to be regulations in place to assure individual's privacy. There is too much potential for abuse to allow this industry to self-regulate.
Still, I'd love to see RFID track items like food. That way if a recall were made, the items could be pulled from the shelves and even if they are missed there, an alarm would sound at the register. It would make it much harder for potentially harmful products to make it into the kitchen.
Re:The Taguchi method in user interface design?
on
Building Better Spam
·
· Score: 1
It sounds like something that could work well. Not just with the interface design but also with the underlying features. Perhaps, even with elements of the software design itself.
Someone should really explore this. Designing to spec's that really mean something rather than just throw in everything including the kitchen sink could speed up design & development, improve the robustness of the product, and bring it to release faster.
I've never responded to a Slashdot post without first reading the article and a number of comments before but this time I am just climbing straight up on my soapbox!
I know this is outlandish but I propose we outlaw knives because they can be used to kill someone. History shows us how dangerous the knife is; For generations, the knife in various forms has been used to kill and maim people. Therefore, I think we should outlaw it. While we are at it, lets outlaw hammers, candle sticks, and rope since they have all been used to kill people.
My point is that tools sometimes have to be dangerous in order to do their jobs. It is not the hammers fault if someone decides to use it to bash someone's head in! The same is true for the knife. Software "hacker's tools" are tools, just like hammers and knives. They can be used for good (and usually are) or bad (and sometimes are) but that does not mean they should be outlawed.
You know those "emergency hammers" that they sell to break car windows with? My guess is that more of them are sold to car-burgulars than are sold for their legitimate purpose. They are easy to conceal and break windows with a minimum of noise and fuss. Crooks use them every day. Why hasn't there been a cry to have those things outlawed, regulated, or controlled? It is because they are a tool, that the tool has a legitimate purpose, and that the crooks would simply use something else if it were made unavailable to them. I guess I'd rather have them carrying these hammers than a hatchett. Of course, I would rather see the crook in jail where he would have neither.
I doubt your question was serious (and I do see the humor) but I want to give a serious answer.
The answer is; "No." The battery memory problem is an issue only with NiCad batteries where dendrites build up around the cathode increasing resistance causing the battery to seem to loose capacity. Li-Ion and Ni-MiH batteries simply do not have this problem.
These newer batteries can still have problems that cause them to lose capacity (they can still "die") but it is not as frequent or as fast as the memory problem associated with NiCad.
Okay, I'll admit it, I have a thing against these upper-crust schools. But a school like MIT should employ people who know better, less destructive ways of dealing with worms and viruses! It is after all, perhaps the most highly respected technology school in the country. If they are requiring this, they are teaching their students to always use heavy handed overkill.
It would be like Harvard teaching it's doctors to always amputate a foot to treat an ingrown toe nail. Sure it fixed the complaint but look how many other problems you introduce!
In my case, I guess I'll continue to look at these schools like I always have. But I hope that it has caused a few others to wake up and see that an education from a "good" school is not much better than an education from the school down the street. It just has more "snob" appeal.
I can't help but agree with you. But didn't Windows 3.1 and 95 include a desktop link to AOL? Wasn't that in essence an advertisment for AOL? As I recall Prodigy got in on that act too. So, they have already done that and then they came up with MSN and tried to take that business as well...
Face it, the Slashdot crowd will find fault with almost anything that Microsoft does (and frequently there is justification for doing so). In a sense, Slashdot is the ultimate Microsoft hater's club and Microsoft bashing is one of the reasons they come here.
I don't like Microsoft as a business, and I think their products are good but could be better (especially security-wise) but I fall far short of being a died in the wool M$ hater I guess.
I like the concept of open source but see the weakness of it's "business model" and support anyone who finds a way of making that model a little stronger.
Going off on a little tangent here: I suspect that open source currently has a "window of opportunity" that is not being exploited. With the recent MS-Blast worm and SoBig.F virus attacks most people are very aware of the vunerabilities of M$ operating systems. If Open-Source had a healthy war chest they could have been poised to say "We have the solution, please try this..." and could have really exploited the situation. But the money simply hasn't been there to do that.
With recent innovations, like the Knoppix CD, I can see where a "product" could be developed that could be used to fix virus/worm infestations that could also be used to bring open source software a greater audience and perhaps also give a company some free advertising.
Imagine hearing that a free fix CD is available at your local computer store. You go pick up the modified Knoppix CD and boot it. You get a message that says something like "You have just used Linux to remove the MSBlastxxx worm. Press enter for a preview of the Linux Operating System or press F1 to eject the CD and then reboot your computer to return to the Windows Operating System."
If they hit enter, a modified Knoppix launches that promotes the store (and if they have broadband could actually show the weeks specials).
People will see how easy Linux and open source is to use and they will be left with a very good feeling because Open Souce just helped them fix their computer! They will also have some loyalty to the company that provided them with the free CD that fixed their problem and will be impressed with all the features and functionality.
I wish I had the time, skill and, energy to develop this but I don't. I really think it could go somewhere.
Mandrake has every right to sell advertisments. If it bothers you then you have every right to choose another distro (or "fix" the Mandrake distro).
Frankly, this may be one way to make open source projects actually profitable. Of course, ads are like seasoning, you want to serve up something that isn't too sweet, too salty, too hot... I suspect that Mandrake is well aware that too much will hurt more then help and that this will not be a problem. I also suspect that they are aware of what will be appropriate for their product so you won't get hit with ads for penis enlargment or Microsoft Office.
If this is a success, and part of me hopes it will be, there is a real chance that other projects floundering for lack of financing will do the same thing. This could be a real boost in the arm for open source. I can see games sponsored by McDonalds or an office suite sponsored by Staples but I can't see an MP3 player supported by the RIAA (or at least I wouldn't trust it).
We all know Linux is robust enough to go head to head against Microsoft but Linux lacks a sizeable war chest. Advertising inside of a free operating system could help this in two ways. First is the income. Second is the advertisers desire to see the product successful. This influence could be a great advantage because the sponsor can push the product too!
Imagine Best Buy advertising on a special distro and then making it available free or next to free in all of their stores. The user gets a free O/S and Best Buy has a desktop filled with the latest weekly specials! I suppose Best Buy sells too much MS software for that to happen but you get the picture.
Over the years we have had many new things come and go. It seems to me that the ones that stick around are the ones that are more productive in nature. The CB radio didn't exactly stick around but the cel-phone has. The digital watch is okay but it sure hasn't replaced the analog watch. The 8-track tape lost out to the cassette and VHS beat Beta-max (still don't quite understand that). Technologies have changed and replaced other things that seemed that they would be around forever, the LP is all but gone, replaced by the CD.
For new tech to work, the consumer seems to need to see an obvious benefit but the manufacturer has to see an obvious profit. Without buy-in from both sides, a new tech will not fly. It is pretty simple. In some cases, the manufacturers have enough clout to throw a technology down our throats. This pretty much happened with the CD.
Another thing that I have noticed is that a lot of what they said would free us has acted more as a chain. The cel phone and pager are two obvious examples. I can no longer really get away from work and I can not get away from my personal things either. There is no such thing as getting away anymore. Sure it is nice bing available but I have been called into work while I was in the boat fishing. I've been camping and had my mother-in-law call me with computer questions. In the eveing at home, I can pull out the laptop and do some work... We no longer have the clear work/home family/profession lines that used to divide our time and responsibilities. This has the effect of attaching us rather than freeing us.
Ever since the term was coined, I've felt that multi-media lacked something. I never could quite put my finger on it. To me, multi-media means a combination of different types of sources coming together to create a single more impressive product. Yet almost every multi-media project that I have ever seen fell far short of my expectations. Typically the products have seemed rushed and lacked depth or are missing elements that I had expected to be there.
The application that would define what multi-media is never really came along. Perhaps some games have come close but I don't really know since I no longer game.
Frankly, I don't blame a newspaper for trying a CD-ROM. I can't think of a business that needs to look at changing how it does business in response to the computer and the internet more than the dead-tree based newspaper. They need to change or they will be left in the dust. Like blacksmiths, saddle makers, and buggy whip companies. Newspapers have huge investments in printing presses, delivery methods, and other things that the internet could simply kill. It probably already has to some degree.
If I were a newspaper publisher, I can see how I would think a CD-ROM could be a useful adjunct to the tree based edition of my product. I'd see it as a bridge to moving away from paper and on to something different. If I were sitting in that seat, I think I would see the internet and computers as being a double-edged axe. If I moved towards internet publishing I could reduce costs but would also risk alienating a significant number of my subscribers. That is where the bridge would need to come into play. You could gradually get the readership used to it and as the profitability of the paper portion of the newspaper started to decline you reduce the size of it and put more of your efforts twords the CD and online versions. Eventually you reduce depencance on the CD and get everything online. This weaning process could take a decade or longer or may never have to happen. I'm sure newspapers suffered with the advent of radio and TV but they have weathered both rather nicely.
Media-blitz acomming FBI are heros (NOT)
on
Blaster Writer Caught
·
· Score: 2, Interesting
On tonight's TV news and in tomorrows newspapers we will see and hear headlines that tell us that the blaster author has been caught and that he faces a lengthy prison sentence. This is what most people will hear and understand. The few who dig deeper will learn that this kid took the worm and created a variant of it.
What the kid allegidly did is wrong, if he did it, he deserves to be arrested, arraigned and go through the process and ultimately be punnished.
I smell a smoke screen here. It seems to me like the FBI is making this arrest and getting the publicity here for their own purposes. By making an arrest and getting publicity, they are doing something for themselves. People will think the FBI actually caught the guy that did it. That isn't true. They caught a stupid individual who took the code, changed it, and re-released it.
Now that the pressure is off, I doubt that the FBI will be able to afford many resources to keep hunting down the original author. They will keep some people on the case but the reality is that they will task most of the agents to other higher priority things now that this is going to the back burner.
To me, the FBI has achieved their goal - to divert publicity away from themselves but, they have not achieved justice which is what I would expect of them.
One of the things that I fear the most is an actual terrorist attack using viruses to completely disrupt our financial system. It could be pretty simple and still be successful simply because the countries that have the money are the same countries that the terrorists are targeting! While countries like Iran would be "hit" they would not suffer nearly the damage that countries like the U.S. and Great Britan would. Because of this possibility, I think it is very important that the free countries of the world take immediate steps to harden themselves against computer based terrorisim, worms, viruses, and other security issues.
I think that there is poor security designed into Windows. Microsoft knows how to design adequate security, as proof of that look at the X-box. It is quite secure. This probably means that a future generation operating system is going to take the "lessons learned" from the X-box and apply them to that new O/S. This will be the PR story at least. The truth will be closer to MS obtaining a software monopoly on the Windows platform. They will control licenses for it and will require your source code for evaluation before you get the key that will allow installation.
Perhaps poor security is better than the alternative that M$ will dream up. They are driven by profit (every company is) and will take full advantage of any opportunity that they control (as they have already demonstrated).
After the past couple of weeks, it is obvious that there is a business opportunity out there for someone OTHER THAN MICROSOFT to offer a product for Windows that is a full featured security system for desktops (and servers).
I'm wondering what this kind of system would entail? How could you provide exceptional security to everything from a home PC to an enterprise level network? There are some obvious things like firewalls, anti-virus protection, automated patches, controls for security and permissions, and so on. But there are other things that could be done too. How about a key system for executing software? If the key does not exist then the software (exe, process, driver whatever) simply does not get permission to run. What about software that monitors network traffic and when certain limits are set human intervention is required of the PC is taken off line?
I am also wodering about the ethical issues associated with all of this. If Ford puts a car on the road that they know is insecure and an accident happens, they have liability. If I drive a car knowing that it is unsafe, I have liability. If the state allows a road to go unrepaired, they have liability. Isn't the same thing true for a software product? In today's world, in this litigious society, isn't M$ opening themselves up to a great deal of liability when their software is a swiss cheese of vunerabilities?
I would design the equipment to be a simple user interface, as much like a pen and paper ballot system as possible except that you could make changes without ruining the ballot. To prevent fraud, I'd use a mag-stripe, bar-code, or chip system that would allow for only one ballot cast per code. These codes would be designed so as to not be able to be traced to the individual voter. Perhaps they could get a random one from an election judge in exchange for their registration reciept.
Once the vote is cast, the data could go to a secure database on a locked and sealed laptop. The data would have to also be written to a non-volitile media (ie: burned on a CD). Once the polls close the PC could be unlocked and the seals broken (in front of election judges) taken to a central location for "counting" and "verification" allowing for rapid certification of the count. Auditing could be done later using the original database to veryfy the count.
This would assure the secrecy of the ballot and would not force many changes on the system that already works fairly well. This would help it gain acceptance and credibility.
I know this is low-tech. No internet, no VPN, minimal investment, almost nothing to go wrong. But that is just what is needed. Anything more opens the door to fraud.
Usually something like this would make the hairs on the back of my neck stand on end. I feel very strongly about keeping the government out of people's business and see efforts like this as a pure invasion of privacy.
I also happen to have a brother who is homeless more often than not. He is an alcoholic, he is mentally ill and he has burned most of his bridges. He is a burden on the family, he is a burden on the system. He is in and out of detox, jail, treatment, halfway houses and whatever else he can find more often than you could imagine.
If this system is built so that medical professionals, cops, detox centers, and other places could have a kind of roving profile of him maybe it would be good. Maybe then he could get the long-term help he needs. If they can do that it would be a blessing. Even if it cost him a little bit of his privacy. Hell, he has no self-esteem and he is costing us tax-payers thousands of dollars a year. If it can help with that then hell yeah, I'm all for it.
Having spent many hours cleaning up this mess I have to say that we are actually pretty fortunate.
If this worm had been a little better written (not a lot, a little) and had targeted the financial infrastructure, the free world could be in serious financial trouble right now.
As it is, this worm has cost millions and millions of dollars. Imagine what would have happened if it had targeted financial transaction institutions rather than Microsoft!
Slashdot Mirror
I am sorry if I somehow offended you. I did mean criminal virus writers.
People who work in a safe environment (without an external connection to the internet) can write all the virus like code they want as long as they practice safe computing. Although, I'd caution them that doing this and talking about it in today's world may put them in a spotlight that they would be better off avoiding!
One of my favorite work-place stories: I used to work for a PC manufactuerer and was tasked with teaching the Tech Support team a class on viruses. In this class I wanted to use a real but reasonably benign virus to demonstrate how to find it and how to remove it. The Training Director okayed this as long as I did not put the PC on the network. So I needed to find a virus that would meet these needs. I found out one of the BIOS engineers was rumored to keep a "zoo" of viruses (everyone needs a hobby I guess) so I approached him to see if he had one that would meet my needs. His answer was classic. He said: "No I quit keeping my zoo but, if you can wait a couple of minutes, I can whip something up." I said "Thanks but no thanks" and found the virus from another source. Think of the damage someone so knowlegeable about BIOS code could be if he wanted to write a virus to exploit that!
Anyway, not everyone who buys over-the-counter cold tablets uses them to make meth and not everyone who writes self-replicating code uses it for malicious purposes so I get your point and am sorry if I offended you I really only was talking about the criminals.
Gee, I knew what most of these posts were going to say before I even read them. Most of them say that this is just a marketing ploy by Microsoft to deflect criticism, that Microsoft's poorly written code is what is really the cause, and Microsoft this and Microsoft that and oh, by the way Linux rules.
Let's put all of that aside for a minute. I'm not going to be pro-Microsoft or Pro-anything here. I am going to be Anti-virus writer though.
Cyber-crime be it scams, viruses, trojans, worms, password/identity theft, carding or whatever affects all of us personally. It does because it casts things like the internet, ecommerce, and technology in a poor light. It causes "big money" to think twice before they invest in technology, it causes things like e-voting to come more slowly to the forefront and, it forces companies to take sometimes extreme security measures.
In a sense, the 'net hasn't matured yet. It can be compared to the Wild West where crooks didn't have to run very far or hide very long or even worry very much about getting caught. I have no doubt that over time we will see the net change and cyber-criminals and other scumbags will have more to fear. But right now, a wanted poster with a reward is appropriate. It is what Wells-Fargo did to catch outlaws way back when and it will work as well today.
Novell is a "big name" that has lost market share to it's competition (Microsoft). They aren't as powerful or as profitable as they once were but they still have an asset that can make them a lot of money: Their name. They have a brand name that is recognized and respected by many people both inside and outside of the industry. They have little hope of staying in their niche and regaining any sort of dominance in the market yet they are a hungry and competitive company and are no doubt looking for a way to turn things around.
Novell knows better than most who "likes" Microsoft and who "hates" Microsoft. There are big players in other parts of the industry who hate Microsoft almost as much as Novell. For instance: If I were a PC manufacturer I would be upset that Microsoft makes as much or more profit from a PC as I do. Imagine Novell talking with these people in the back rooms at trade shows, conferences, and wherever they run into each other. I'm sure that if Novell approached them offering a much lower cost O/S with advanced features and the Novell name attached, they would listen.
The Novell name is important to marketing a non-Windows O/S in a big name over the counter PC. It is a marketable brand with name recognition that helps to level the playing field. In the case of Novell, this is even goes further, in to the high-end server market. IS executives are willing to risk something with a name like Novell where they would be less willing with a name like SuSe.
Novell is getting ready, they are positioning themselves for war against Microsoft. They are going after not just the back room but the desktop as well. They are going to offer a secure solution for the office. If they play their cards right, they can offer the O/S, applications, and support and go head-to-head against Microsoft in the market that really counts - the OEM market. Everyone except for Microsoft can come out a winner on this. It means lower costs for the manufacturer, these lowered costs mean that they can pass on some of the savings to consumers and this means the manufacturers can sell more boxes! Novell will gain market share and win back their position in the market place.
It will be fun to sit back and watch. This is like watching a "Hail Mary" pass or an on-side kick where the underdog stands a chance of stealing the game away from the bigger, more powerful competition.
I don't like spyware anymore than the next guy but it has been around far longer than computers in one guize or a another.
Telemarketing surveys - they call you and ask you questions, you don't need to answer but somehow feel either privliged or obliged to do so.
New product registrations that ask you all sorts of questions.
Targeted coupons - those coupons that you get in the grocery store that are printed out at the same time as you purchase.
The quick customer survery that gives you a coupon if you complete it when you check out.
All of these things are like brick-and-mortar versions of spyware yet we really do not complain about them but they can all track us.
What makes computer/internet based spyware worse is it's insidiousness and how inexpensive it is. As a society, we must find a way to make it too unprofitable be a functional method of advertising.
Here are some suggestions:
1. Start a movement where publishers of software are boycotted unless their products sport a "spyware free" label.
2. Collect a small sum from tens of thousands of people and hire lawyers to lobby against spyware and sue companies that violate any laws anywhere.
3. Hyper-flood the spyware servers from bots that will effectivly kill their service.
I guess it is time to coin a new term, one that nobody can argue with. My proposal is to lump Adware, Spyware, Trojans, Worms, Viruses, and other less than savory software into something called unwelcomeware. I want the definition to be clear and understandable yet broad enough so that it encompasses everything that people don't want on their computers. I think Unwelcomeware does that.
In my book, this even covers pop-ups, pop-unders, and URL Hijackers.
You were using company property and company bandwith for personal use, discussing a slashdot story. In some companys they would have flogged you, in others fired you.
I know I am taking it far, but the real truth here is that you really don't have a lot to say about how a company uses it's equipment and if you don't like it your options are limited, put up with it or leave.
It may not seem right but perhaps that is because we feel freedom should extend into our jobs but the reality of it is that we sell some of our freedom when we accept a paycheck. We all know this and have to somehow accept it and live with it.
In the past week or two I have "noticed" a dramatic increase in the amount of spam in my inboxes (even the accounts that I never use except for between family and friends). This tells me that there is another relationship between virus/worm writers and spammers. When a worm sends emails from tens of thousands of address books, a savy spammer can harvest hundreds of thousands of previously unknown email addresses! I'm thinking that some of the worms that have made it around recently may have been written with that idea in mind.
I have not protected myself with anything special but I have created a couple of pretty basic filters that have done an adequate job of filtering much of the spam (who ever besides a spammer sends email with the words viagra or penis for instance). But still a lot of spam makes it past the filters and it is an amazing annoyance. But everyone knows that right?
I'm sure that for some developers this will be great on the desktop but I'm thinking backroom, server side stuff. A second concurant OS running inside of the same hardware gives some redundancy so that when Server 2003 crashes, you simply switch over to the second instance on the same box and reboot the first instance. Kinda instant recovery for software caused problems.
Or how about using these things in control systems where O/S one can do the real time work and the second one can audit it?
State and federal laws will not eliminate spam. It is nice to have these guys on our side but spam is bigger than the federal or state gevernments. The bad buys will just move off shore to avoid the laws if they are enacted.
Like it or not, the internet is anarchistic in nature and it allows both good and bad things to happen because if that nature. Spam to me is like pollution, it will take the cooperation of many nations to bring it under control and it is doubtfull that even if that cooperation happens that it will be eliminated.
I don't think that the internet is ready to hae a real but virtual government although a set of virtual laws regulating spam and other criminal behavior that could be enforced across international boundaries would be nice it would also be restrictive. The politics would ruin the potential of the internet and it would be a nightmare to make fair for everyone.
For the time being, yes we should have local, state, and federal laws passed that regulate spam but some of the responsibility should be put on the user's end. The laws could require ISP's to filter UCE and they could require tools be built into email clients that would allow recipients to submit (report) the UCE that they recieve to a central repository that the ISP's could draw their filter info from. This would be analagous to the reqirements put on automakers to prevent pollution. As motorists, we are required to purchase unleaded gas and to have catalytic converters.
Google searches use unique and proprietary algorithms to find the most useful information for the search terms. We all know this, it is their "page rank" system. But perhaps the page rank system is driven by more modifiers than we are aware of. For instance, In Minnesota, Twins and Vikings mean a couple of sports teams, in Norway, they probably mean something entirely different so perhaps "Page Rank" does some regionalization. In the same vein, it may be possible that if I refine my search from Minnesota by adding the word "Gopher" to the Twins and Vikings, I may get more, rather than fewer results while perhaps in Norway I'd get no results!
In addition to possibly regionalizing searches, perhaps Google's servers are not updated with the latest code at the same time. Maybe the code is distributed over time to servers so that if a problem were discovered it could be more easily rolled back. It is possible that the load balancing on these servers uses some component of the IP address or somehow regionalizes the incomming requests so that it is likely that the same user usually gets to server A but sometimes goes to server B while their co-surfer neighbor usually goes to server B but sometimes goes to server C. Meanwhile, a couple of states away, another user usually connects to server W but sometimes connects to server X. This could explain why they usually but not always get the same results but someone else gets different results.
The story is always the same, it is just the technologies that differ.
The telephone put the telegraph operator and telegraph messenger out of business.
The airplane and automobile ruined the passenger train business.
The train put the pony express out of business.
The computer put an army of bookkeepers out of business.
Yes, each of these technologies represented an increase in efficiency and each of them at least initially was a costly enough investment so that it cost too much for the little guy to get involved in so it helped the rich-get-richer. But life is that way, you need to keep moving or, you will get run over. Several times in my life I've had things change and I've found my world terribly different. I have been automated out of a job and I've seen a company fail to change and watched helplessly as they faded into oblivion.
The lessons I've learned is that you have to accept and adapt to change. Nobody said you have to like it. I do think though that it helps if you don't fight it. Not all change is good but the normal reason to change something is to make it better therefore most change is good. It just doesn't feel that way all the time.
RFID tags can help control inventory, improve product safety, and help business manage the flow of goods. All of these things end up being good for the consumer because it all helps to control costs. Yet RFID could be used to invade the privacy of individuals. I do not think you could drive past someone's house and determine what kind of appliances they have, the output is too low for that but, you could scan them and inventory them as they walked through a door or other checkpoint.
I think this means that there have to be regulations in place to assure individual's privacy. There is too much potential for abuse to allow this industry to self-regulate.
Still, I'd love to see RFID track items like food. That way if a recall were made, the items could be pulled from the shelves and even if they are missed there, an alarm would sound at the register. It would make it much harder for potentially harmful products to make it into the kitchen.
It sounds like something that could work well. Not just with the interface design but also with the underlying features. Perhaps, even with elements of the software design itself.
Someone should really explore this. Designing to spec's that really mean something rather than just throw in everything including the kitchen sink could speed up design & development, improve the robustness of the product, and bring it to release faster.
I've never responded to a Slashdot post without first reading the article and a number of comments before but this time I am just climbing straight up on my soapbox!
I know this is outlandish but I propose we outlaw knives because they can be used to kill someone. History shows us how dangerous the knife is; For generations, the knife in various forms has been used to kill and maim people. Therefore, I think we should outlaw it. While we are at it, lets outlaw hammers, candle sticks, and rope since they have all been used to kill people.
My point is that tools sometimes have to be dangerous in order to do their jobs. It is not the hammers fault if someone decides to use it to bash someone's head in! The same is true for the knife. Software "hacker's tools" are tools, just like hammers and knives. They can be used for good (and usually are) or bad (and sometimes are) but that does not mean they should be outlawed.
You know those "emergency hammers" that they sell to break car windows with? My guess is that more of them are sold to car-burgulars than are sold for their legitimate purpose. They are easy to conceal and break windows with a minimum of noise and fuss. Crooks use them every day. Why hasn't there been a cry to have those things outlawed, regulated, or controlled? It is because they are a tool, that the tool has a legitimate purpose, and that the crooks would simply use something else if it were made unavailable to them. I guess I'd rather have them carrying these hammers than a hatchett. Of course, I would rather see the crook in jail where he would have neither.
I doubt your question was serious (and I do see the humor) but I want to give a serious answer.
The answer is; "No." The battery memory problem is an issue only with NiCad batteries where dendrites build up around the cathode increasing resistance causing the battery to seem to loose capacity. Li-Ion and Ni-MiH batteries simply do not have this problem.
These newer batteries can still have problems that cause them to lose capacity (they can still "die") but it is not as frequent or as fast as the memory problem associated with NiCad.
Okay, I'll admit it, I have a thing against these upper-crust schools. But a school like MIT should employ people who know better, less destructive ways of dealing with worms and viruses! It is after all, perhaps the most highly respected technology school in the country. If they are requiring this, they are teaching their students to always use heavy handed overkill.
It would be like Harvard teaching it's doctors to always amputate a foot to treat an ingrown toe nail. Sure it fixed the complaint but look how many other problems you introduce!
In my case, I guess I'll continue to look at these schools like I always have. But I hope that it has caused a few others to wake up and see that an education from a "good" school is not much better than an education from the school down the street. It just has more "snob" appeal.
I can't help but agree with you. But didn't Windows 3.1 and 95 include a desktop link to AOL? Wasn't that in essence an advertisment for AOL? As I recall Prodigy got in on that act too. So, they have already done that and then they came up with MSN and tried to take that business as well...
Face it, the Slashdot crowd will find fault with almost anything that Microsoft does (and frequently there is justification for doing so). In a sense, Slashdot is the ultimate Microsoft hater's club and Microsoft bashing is one of the reasons they come here.
I don't like Microsoft as a business, and I think their products are good but could be better (especially security-wise) but I fall far short of being a died in the wool M$ hater I guess.
I like the concept of open source but see the weakness of it's "business model" and support anyone who finds a way of making that model a little stronger.
Going off on a little tangent here: I suspect that open source currently has a "window of opportunity" that is not being exploited. With the recent MS-Blast worm and SoBig.F virus attacks most people are very aware of the vunerabilities of M$ operating systems. If Open-Source had a healthy war chest they could have been poised to say "We have the solution, please try this..." and could have really exploited the situation. But the money simply hasn't been there to do that.
With recent innovations, like the Knoppix CD, I can see where a "product" could be developed that could be used to fix virus/worm infestations that could also be used to bring open source software a greater audience and perhaps also give a company some free advertising.
Imagine hearing that a free fix CD is available at your local computer store. You go pick up the modified Knoppix CD and boot it. You get a message that says something like "You have just used Linux to remove the MSBlastxxx worm. Press enter for a preview of the Linux Operating System or press F1 to eject the CD and then reboot your computer to return to the Windows Operating System."
If they hit enter, a modified Knoppix launches that promotes the store (and if they have broadband could actually show the weeks specials).
People will see how easy Linux and open source is to use and they will be left with a very good feeling because Open Souce just helped them fix their computer! They will also have some loyalty to the company that provided them with the free CD that fixed their problem and will be impressed with all the features and functionality.
I wish I had the time, skill and, energy to develop this but I don't. I really think it could go somewhere.
Mandrake has every right to sell advertisments. If it bothers you then you have every right to choose another distro (or "fix" the Mandrake distro).
Frankly, this may be one way to make open source projects actually profitable. Of course, ads are like seasoning, you want to serve up something that isn't too sweet, too salty, too hot... I suspect that Mandrake is well aware that too much will hurt more then help and that this will not be a problem. I also suspect that they are aware of what will be appropriate for their product so you won't get hit with ads for penis enlargment or Microsoft Office.
If this is a success, and part of me hopes it will be, there is a real chance that other projects floundering for lack of financing will do the same thing. This could be a real boost in the arm for open source. I can see games sponsored by McDonalds or an office suite sponsored by Staples but I can't see an MP3 player supported by the RIAA (or at least I wouldn't trust it).
We all know Linux is robust enough to go head to head against Microsoft but Linux lacks a sizeable war chest. Advertising inside of a free operating system could help this in two ways. First is the income. Second is the advertisers desire to see the product successful. This influence could be a great advantage because the sponsor can push the product too!
Imagine Best Buy advertising on a special distro and then making it available free or next to free in all of their stores. The user gets a free O/S and Best Buy has a desktop filled with the latest weekly specials! I suppose Best Buy sells too much MS software for that to happen but you get the picture.
Over the years we have had many new things come and go. It seems to me that the ones that stick around are the ones that are more productive in nature. The CB radio didn't exactly stick around but the cel-phone has. The digital watch is okay but it sure hasn't replaced the analog watch. The 8-track tape lost out to the cassette and VHS beat Beta-max (still don't quite understand that). Technologies have changed and replaced other things that seemed that they would be around forever, the LP is all but gone, replaced by the CD.
For new tech to work, the consumer seems to need to see an obvious benefit but the manufacturer has to see an obvious profit. Without buy-in from both sides, a new tech will not fly. It is pretty simple. In some cases, the manufacturers have enough clout to throw a technology down our throats. This pretty much happened with the CD.
Another thing that I have noticed is that a lot of what they said would free us has acted more as a chain. The cel phone and pager are two obvious examples. I can no longer really get away from work and I can not get away from my personal things either. There is no such thing as getting away anymore. Sure it is nice bing available but I have been called into work while I was in the boat fishing. I've been camping and had my mother-in-law call me with computer questions. In the eveing at home, I can pull out the laptop and do some work... We no longer have the clear work/home family/profession lines that used to divide our time and responsibilities. This has the effect of attaching us rather than freeing us.
Ever since the term was coined, I've felt that multi-media lacked something. I never could quite put my finger on it. To me, multi-media means a combination of different types of sources coming together to create a single more impressive product. Yet almost every multi-media project that I have ever seen fell far short of my expectations. Typically the products have seemed rushed and lacked depth or are missing elements that I had expected to be there.
The application that would define what multi-media is never really came along. Perhaps some games have come close but I don't really know since I no longer game.
Frankly, I don't blame a newspaper for trying a CD-ROM. I can't think of a business that needs to look at changing how it does business in response to the computer and the internet more than the dead-tree based newspaper. They need to change or they will be left in the dust. Like blacksmiths, saddle makers, and buggy whip companies. Newspapers have huge investments in printing presses, delivery methods, and other things that the internet could simply kill. It probably already has to some degree.
If I were a newspaper publisher, I can see how I would think a CD-ROM could be a useful adjunct to the tree based edition of my product. I'd see it as a bridge to moving away from paper and on to something different. If I were sitting in that seat, I think I would see the internet and computers as being a double-edged axe. If I moved towards internet publishing I could reduce costs but would also risk alienating a significant number of my subscribers. That is where the bridge would need to come into play. You could gradually get the readership used to it and as the profitability of the paper portion of the newspaper started to decline you reduce the size of it and put more of your efforts twords the CD and online versions. Eventually you reduce depencance on the CD and get everything online. This weaning process could take a decade or longer or may never have to happen. I'm sure newspapers suffered with the advent of radio and TV but they have weathered both rather nicely.
On tonight's TV news and in tomorrows newspapers we will see and hear headlines that tell us that the blaster author has been caught and that he faces a lengthy prison sentence. This is what most people will hear and understand. The few who dig deeper will learn that this kid took the worm and created a variant of it.
What the kid allegidly did is wrong, if he did it, he deserves to be arrested, arraigned and go through the process and ultimately be punnished.
I smell a smoke screen here. It seems to me like the FBI is making this arrest and getting the publicity here for their own purposes. By making an arrest and getting publicity, they are doing something for themselves. People will think the FBI actually caught the guy that did it. That isn't true. They caught a stupid individual who took the code, changed it, and re-released it.
Now that the pressure is off, I doubt that the FBI will be able to afford many resources to keep hunting down the original author. They will keep some people on the case but the reality is that they will task most of the agents to other higher priority things now that this is going to the back burner.
To me, the FBI has achieved their goal - to divert publicity away from themselves but, they have not achieved justice which is what I would expect of them.
One of the things that I fear the most is an actual terrorist attack using viruses to completely disrupt our financial system. It could be pretty simple and still be successful simply because the countries that have the money are the same countries that the terrorists are targeting! While countries like Iran would be "hit" they would not suffer nearly the damage that countries like the U.S. and Great Britan would. Because of this possibility, I think it is very important that the free countries of the world take immediate steps to harden themselves against computer based terrorisim, worms, viruses, and other security issues.
I think that there is poor security designed into Windows. Microsoft knows how to design adequate security, as proof of that look at the X-box. It is quite secure. This probably means that a future generation operating system is going to take the "lessons learned" from the X-box and apply them to that new O/S. This will be the PR story at least. The truth will be closer to MS obtaining a software monopoly on the Windows platform. They will control licenses for it and will require your source code for evaluation before you get the key that will allow installation.
Perhaps poor security is better than the alternative that M$ will dream up. They are driven by profit (every company is) and will take full advantage of any opportunity that they control (as they have already demonstrated).
After the past couple of weeks, it is obvious that there is a business opportunity out there for someone OTHER THAN MICROSOFT to offer a product for Windows that is a full featured security system for desktops (and servers).
I'm wondering what this kind of system would entail? How could you provide exceptional security to everything from a home PC to an enterprise level network? There are some obvious things like firewalls, anti-virus protection, automated patches, controls for security and permissions, and so on. But there are other things that could be done too. How about a key system for executing software? If the key does not exist then the software (exe, process, driver whatever) simply does not get permission to run. What about software that monitors network traffic and when certain limits are set human intervention is required of the PC is taken off line?
I am also wodering about the ethical issues associated with all of this. If Ford puts a car on the road that they know is insecure and an accident happens, they have liability. If I drive a car knowing that it is unsafe, I have liability. If the state allows a road to go unrepaired, they have liability. Isn't the same thing true for a software product? In today's world, in this litigious society, isn't M$ opening themselves up to a great deal of liability when their software is a swiss cheese of vunerabilities?
I would design the equipment to be a simple user interface, as much like a pen and paper ballot system as possible except that you could make changes without ruining the ballot. To prevent fraud, I'd use a mag-stripe, bar-code, or chip system that would allow for only one ballot cast per code. These codes would be designed so as to not be able to be traced to the individual voter. Perhaps they could get a random one from an election judge in exchange for their registration reciept.
Once the vote is cast, the data could go to a secure database on a locked and sealed laptop. The data would have to also be written to a non-volitile media (ie: burned on a CD). Once the polls close the PC could be unlocked and the seals broken (in front of election judges) taken to a central location for "counting" and "verification" allowing for rapid certification of the count. Auditing could be done later using the original database to veryfy the count.
This would assure the secrecy of the ballot and would not force many changes on the system that already works fairly well. This would help it gain acceptance and credibility.
I know this is low-tech. No internet, no VPN, minimal investment, almost nothing to go wrong. But that is just what is needed. Anything more opens the door to fraud.
Usually something like this would make the hairs on the back of my neck stand on end. I feel very strongly about keeping the government out of people's business and see efforts like this as a pure invasion of privacy.
I also happen to have a brother who is homeless more often than not. He is an alcoholic, he is mentally ill and he has burned most of his bridges. He is a burden on the family, he is a burden on the system. He is in and out of detox, jail, treatment, halfway houses and whatever else he can find more often than you could imagine.
If this system is built so that medical professionals, cops, detox centers, and other places could have a kind of roving profile of him maybe it would be good. Maybe then he could get the long-term help he needs. If they can do that it would be a blessing. Even if it cost him a little bit of his privacy. Hell, he has no self-esteem and he is costing us tax-payers thousands of dollars a year. If it can help with that then hell yeah, I'm all for it.
Having spent many hours cleaning up this mess I have to say that we are actually pretty fortunate.
If this worm had been a little better written (not a lot, a little) and had targeted the financial infrastructure, the free world could be in serious financial trouble right now.
As it is, this worm has cost millions and millions of dollars. Imagine what would have happened if it had targeted financial transaction institutions rather than Microsoft!