I think it's probably the fact that the owner of this system had the root password set to "GOD" as all good sysadmins do. The hacker's extensive experience hacking the Gibson made getting into this system a cakewalk.
Clearly, we as sysadmins should rethink the long-standing policy of setting all root passwords to either love, secret, sex, or god. Perhaps we should at least add another password to the list, like "unhackable" or something truly secure like that.
This article is somewhat helpful as it does show one way to catch crackers, although he goes about it somewhat clumsily (an "ls" command that doesn't accept a flag you know to be valid, especially when that flag has been aliased on your own shell for months, should instantly tell you you have a cracked box) and the method by which he finds out where the rootkit is is due to a mistake that most non-moron crackers would not make (neglecting to remove the.bash_history file).
It's unfortunate that this cracker made such an elementary mistake, it would have been interesting to see more advanced techniques in detecting rootkits. However, his analysis of the rootkit itself does provide some good information as to what a typical rootkit will generally do (replace core binaries, hide itself, use innocuous-looking names, etc).
I think the average consumer needs 187 combined hours of Sportscenter each day. And how could we call ourselves a civilized nation if we couldn't watch the Underwater Basket-weaving Finals on ESPN 8 "The Ocho" in prime time?
The funny thing about power is that once it's gained, it's rarely given up voluntarily. Candidates may shout loudly about how the Executive is getting far too powerful, but once they become the Executive, you can count on them "forgetting" to give that power back.
I don't know how to tell you this, but if you're complaining about using the mouse while browsing the web, you're fighting a losing battle. Yes, there are ways to navigate through websites without the mouse, but most of the time using the mouse is easier. With modern web design techniques, the mouse is becoming more essential to web browsing, not less so. Maybe you should invest in a nice mouse pad with a wrist rest, or perhaps a trackball.
How about the Mirrordot cache? I would give you the Google cache too, but that one doesn't seem to be working.
By the way, you can install the Slashdotter Firefox extension and automatically get all 3 cache links appended to every link in an article summary. Very handy.
Apparently MTV still has some influence among the 12-18 set, so I would imagine they can get some traction with that demographic. Apple's demo does intersect that, but there is opportunity on the lower end if they can tie it to a cheaper music player that's more accessible to the tween/early teen set.
Everyone is looking at virtualization for this sort of thing, and it does hold some promise. Currently, though, virtualization still comes with some very significant performance penalties. I think if virtualization can further mature, and we can get more cores and cheaper memory, we will be where we want to be.
Eventually, if RAM continues to get bigger and cheaper, more cores get packed into chips, and virtualization becomes what it is intended to be in terms of performance and stability, we will start to see a lot of movement away from lots of small pieces of commodity hardware and back to fewer large systems in the data center. Of course, cheaper and faster disks on Enterprise storage systems like Netapp or EMC will help that transition too.
V'ger was the (fictional) Voyager 6, not Voyager 1 or 2. Of course, the probe the Klingons used for target practice in Star Trek V was Pioneer 10, so the OP isn't really accurate either unless I'm missing a Voyager reference in some other Star Trek.
I thought you were trolling, but he really did say that. I don't know which would be more disturbing, that he meant it was a missed opportunity for his friend, or a missed opportunity for himself.
Is it just me, or is his head way too big for the body? If he was ever unfrozen, his neck would instantly snap under the weight of that enormous melon.
What you are essentially asking is if it's okay to share information you think would be valuable to oppressed people by spamming them. Your thought is to share proxy site information with them. That's all very noble, but you are talking about is essentially using spam as a tool to give people you don't know information you personally believe they will find valuable.
So, who is to say this information is the most valuable thing they could receive? What if I believe what these people really need to change their lives is a personal relationship with Jesus Christ? Would if be okay in your view for me to spam them with religious messages? Why not? What if I think they would really benefit by hearing the word of Allah?
You argue that the big problem with spam is that the benefit is small and the cost is large to the recipient. But, you say, this information is enormously beneficial to the recipient, so it's worth the cost they pay. The problem is, you as the sender are not the one who gets to make that call. The value of the email is determined by the recipient, not by the sender. As a sender, I may think that my discount C1al1s is enormously beneficial and far outweighs the miniscule cost of receiving an email, but I doubt the recipients of my message feel the same way.
There's also the problem of just how oppressive these governments are. Will recipients of these messages be subject to punishment by their governments just for having it in their inbox? Will the governments use the emails as an excuse to crack down on proxies and block even larger swaths of the Internet, thereby defeating the purpose? There's no way you could blanket spam a country without its government noticing and taking measures to defeat your efforts.
Your heart may be in the right place, but this method just isn't a good idea.
I understand that, but the point is that Easylist USA, which is what most ABP users use, blocks (or did block) this site by default. Blocking a site by default because it slanders you is not what ABP lists should be doing. They should stick to blocking ads, not content, no matter how distasteful the content is.
User-Agent switcher should have no problem with this one either. It's "How to block Firefox" page just tells you to put simple code in your page to detect if "firefox" is in the HTTP_USER_AGENT string.
However, I hadn't noticed that this was was blocked in ABP until you mentioned it. I clicked the link, and it failed to load, but I thought it was because these people hadn't tested it in Firefox and it just didn't render. The fact that it didn't appear because ABP blocked it is troubling. I use ABP to get rid of ads, not to get rid of "slander". Why does ABP block a site just because it is critical of ABP? If I'm using ABP, it's because I find it incredibly useful (which I do), and reading some site tell me I'm stealing money from website owners isn't going to make me uninstall it. Learning that ABP is blocking not only ads but also sites that badmouth ABP, though, might.
I had to laugh at this part of the press release:
The invention of the CD ushered in a technological revolution in the music industry as CDs -- with their superior sound quality and scratch free durability -- marked the beginning of the shift from analog to digital music technology. I think that initially CDs were intended to come in plastic cartridges that would protect the actual playing surface from scratches, but those were eliminated very early on. The CD as released is very fragile and prone to scratching. In the old days of cassette tapes, I could throw all my tapes in a big pile and still be fairly confident they would play (unless I left them out in the sun or something). If you try and throw your CDs into a big pile, you're going to get a big pile of scratched up coasters.
Maybe CDs are more scratch resistant than LPs (which isn't saying much), but they're still ridiculously fragile. Maybe music piracy wouldn't be so prevalent if CDs were more durable. I know that I hesitate to buy CDs because I don't want to spend 15-20 bucks on something that could end up being worthless in 6 months if I don't treat it with extreme care.
I agree that technology should be taught more in schools. When I was in high school there were only two offered computer classes, and they were electives. I think there needs to be at least one mandatory class. The problem is there is a serious shortage of people that really know computers that are willing to teach them at that level. Most of the people that are into computers are making a whole lot more money than K-12 school could provide either in the private sector or teaching at the college level. Maybe after all the big companies ship all of their IT jobs to India, there will be more computer geeks out there willing to take the pay cut to go into teaching.
The Internet is a huge part of "society" these days, and it will only become more so as time passes. Teaching kids how to function properly in a segment of society that they spend an enormous amount of time in seems like a worthy goal.
We've seen over the past decade that people, for whatever reason, tend to trust websites more than they probably should, and will more readily hand over their social security number to a website than they would to their own mother. This apparently natural tendency needs to be counteracted with education.
I think this is a good idea, although I would suggest making the teachers and administrators attend the class too. In most schools I've seen, most of the students know more about this stuff than the teachers do, and the teachers are a whole lot more resistant to learning about it, as they lump it in with "all that computer stuff" that they've convinced themselves they're incapable of learning.
Yes, of course you're right, but I think if you reversed the polarity on the graviton fields around the vehicle, thus allowing the boson radiation to properly align with the tachyon pulse beam naturally generated by a properly seated banana, I think you'll find the OP's analogy is actually quite apt.
Everyone knows the best way to get cheap karma is to post something that looks vaguely on-topic early in the thread. If you show up too late to get one of the first 10 or 15 posts, you reply to the first post. Doesn't matter what the first post says, moderators usually don't look to see if your post has anything to do with what you're replying to. There are plenty of stories around here where you see karma bait posted as a reply to a totally nonsensical first post. It works because, by my estimation, 80% of moderators semi-randomly assign moderations to the first half page of comments and ignore the rest.
As of this writing, the post you replied to has already collected an "Insightful" mod, despite displaying virtually no insight. So you see, this technique really does work.
This has been your first lesson in Karma Whoring 101. Join us next week when we discuss how to turn a "-1, Troll" into a "+5, Insightful" by replying to your own posts as AC.
Slashdot Mirror
How is postmortem better? Postmortem means "occurring after death," but this box is not dead by any means.
I think it's probably the fact that the owner of this system had the root password set to "GOD" as all good sysadmins do. The hacker's extensive experience hacking the Gibson made getting into this system a cakewalk.
Clearly, we as sysadmins should rethink the long-standing policy of setting all root passwords to either love, secret, sex, or god. Perhaps we should at least add another password to the list, like "unhackable" or something truly secure like that.
This article is somewhat helpful as it does show one way to catch crackers, although he goes about it somewhat clumsily (an "ls" command that doesn't accept a flag you know to be valid, especially when that flag has been aliased on your own shell for months, should instantly tell you you have a cracked box) and the method by which he finds out where the rootkit is is due to a mistake that most non-moron crackers would not make (neglecting to remove the .bash_history file).
It's unfortunate that this cracker made such an elementary mistake, it would have been interesting to see more advanced techniques in detecting rootkits. However, his analysis of the rootkit itself does provide some good information as to what a typical rootkit will generally do (replace core binaries, hide itself, use innocuous-looking names, etc).
I think the average consumer needs 187 combined hours of Sportscenter each day. And how could we call ourselves a civilized nation if we couldn't watch the Underwater Basket-weaving Finals on ESPN 8 "The Ocho" in prime time?
There already is a White Family Channel, only it's called TBN and it's really more of a White Christian Fundamentalist Family Channel.
Do you feel BET should be forced to shutdown? I mean, even if it had watchable programs on it?
This is clearly a Ninja plot.
The funny thing about power is that once it's gained, it's rarely given up voluntarily. Candidates may shout loudly about how the Executive is getting far too powerful, but once they become the Executive, you can count on them "forgetting" to give that power back.
I don't know how to tell you this, but if you're complaining about using the mouse while browsing the web, you're fighting a losing battle. Yes, there are ways to navigate through websites without the mouse, but most of the time using the mouse is easier. With modern web design techniques, the mouse is becoming more essential to web browsing, not less so. Maybe you should invest in a nice mouse pad with a wrist rest, or perhaps a trackball.
How about the Mirrordot cache? I would give you the Google cache too, but that one doesn't seem to be working.
By the way, you can install the Slashdotter Firefox extension and automatically get all 3 cache links appended to every link in an article summary. Very handy.
Apparently MTV still has some influence among the 12-18 set, so I would imagine they can get some traction with that demographic. Apple's demo does intersect that, but there is opportunity on the lower end if they can tie it to a cheaper music player that's more accessible to the tween/early teen set.
Everyone is looking at virtualization for this sort of thing, and it does hold some promise. Currently, though, virtualization still comes with some very significant performance penalties. I think if virtualization can further mature, and we can get more cores and cheaper memory, we will be where we want to be.
Eventually, if RAM continues to get bigger and cheaper, more cores get packed into chips, and virtualization becomes what it is intended to be in terms of performance and stability, we will start to see a lot of movement away from lots of small pieces of commodity hardware and back to fewer large systems in the data center. Of course, cheaper and faster disks on Enterprise storage systems like Netapp or EMC will help that transition too.
So what you're saying is if I see Voyager logging in to a Counterstrike server, I shouldn't be too worried?
V'ger was the (fictional) Voyager 6, not Voyager 1 or 2. Of course, the probe the Klingons used for target practice in Star Trek V was Pioneer 10, so the OP isn't really accurate either unless I'm missing a Voyager reference in some other Star Trek.
I thought you were trolling, but he really did say that. I don't know which would be more disturbing, that he meant it was a missed opportunity for his friend, or a missed opportunity for himself.
Is it just me, or is his head way too big for the body? If he was ever unfrozen, his neck would instantly snap under the weight of that enormous melon.
What you are essentially asking is if it's okay to share information you think would be valuable to oppressed people by spamming them. Your thought is to share proxy site information with them. That's all very noble, but you are talking about is essentially using spam as a tool to give people you don't know information you personally believe they will find valuable.
So, who is to say this information is the most valuable thing they could receive? What if I believe what these people really need to change their lives is a personal relationship with Jesus Christ? Would if be okay in your view for me to spam them with religious messages? Why not? What if I think they would really benefit by hearing the word of Allah?
You argue that the big problem with spam is that the benefit is small and the cost is large to the recipient. But, you say, this information is enormously beneficial to the recipient, so it's worth the cost they pay. The problem is, you as the sender are not the one who gets to make that call. The value of the email is determined by the recipient, not by the sender. As a sender, I may think that my discount C1al1s is enormously beneficial and far outweighs the miniscule cost of receiving an email, but I doubt the recipients of my message feel the same way.
There's also the problem of just how oppressive these governments are. Will recipients of these messages be subject to punishment by their governments just for having it in their inbox? Will the governments use the emails as an excuse to crack down on proxies and block even larger swaths of the Internet, thereby defeating the purpose? There's no way you could blanket spam a country without its government noticing and taking measures to defeat your efforts.
Your heart may be in the right place, but this method just isn't a good idea.
I understand that, but the point is that Easylist USA, which is what most ABP users use, blocks (or did block) this site by default. Blocking a site by default because it slanders you is not what ABP lists should be doing. They should stick to blocking ads, not content, no matter how distasteful the content is.
User-Agent switcher should have no problem with this one either. It's "How to block Firefox" page just tells you to put simple code in your page to detect if "firefox" is in the HTTP_USER_AGENT string.
However, I hadn't noticed that this was was blocked in ABP until you mentioned it. I clicked the link, and it failed to load, but I thought it was because these people hadn't tested it in Firefox and it just didn't render. The fact that it didn't appear because ABP blocked it is troubling. I use ABP to get rid of ads, not to get rid of "slander". Why does ABP block a site just because it is critical of ABP? If I'm using ABP, it's because I find it incredibly useful (which I do), and reading some site tell me I'm stealing money from website owners isn't going to make me uninstall it. Learning that ABP is blocking not only ads but also sites that badmouth ABP, though, might.
Maybe CDs are more scratch resistant than LPs (which isn't saying much), but they're still ridiculously fragile. Maybe music piracy wouldn't be so prevalent if CDs were more durable. I know that I hesitate to buy CDs because I don't want to spend 15-20 bucks on something that could end up being worthless in 6 months if I don't treat it with extreme care.
I agree that technology should be taught more in schools. When I was in high school there were only two offered computer classes, and they were electives. I think there needs to be at least one mandatory class. The problem is there is a serious shortage of people that really know computers that are willing to teach them at that level. Most of the people that are into computers are making a whole lot more money than K-12 school could provide either in the private sector or teaching at the college level. Maybe after all the big companies ship all of their IT jobs to India, there will be more computer geeks out there willing to take the pay cut to go into teaching.
The Internet is a huge part of "society" these days, and it will only become more so as time passes. Teaching kids how to function properly in a segment of society that they spend an enormous amount of time in seems like a worthy goal.
We've seen over the past decade that people, for whatever reason, tend to trust websites more than they probably should, and will more readily hand over their social security number to a website than they would to their own mother. This apparently natural tendency needs to be counteracted with education.
I think this is a good idea, although I would suggest making the teachers and administrators attend the class too. In most schools I've seen, most of the students know more about this stuff than the teachers do, and the teachers are a whole lot more resistant to learning about it, as they lump it in with "all that computer stuff" that they've convinced themselves they're incapable of learning.
That depends entirely on your objectives.
Yes, of course you're right, but I think if you reversed the polarity on the graviton fields around the vehicle, thus allowing the boson radiation to properly align with the tachyon pulse beam naturally generated by a properly seated banana, I think you'll find the OP's analogy is actually quite apt.
Everyone knows the best way to get cheap karma is to post something that looks vaguely on-topic early in the thread. If you show up too late to get one of the first 10 or 15 posts, you reply to the first post. Doesn't matter what the first post says, moderators usually don't look to see if your post has anything to do with what you're replying to. There are plenty of stories around here where you see karma bait posted as a reply to a totally nonsensical first post. It works because, by my estimation, 80% of moderators semi-randomly assign moderations to the first half page of comments and ignore the rest.
As of this writing, the post you replied to has already collected an "Insightful" mod, despite displaying virtually no insight. So you see, this technique really does work.
This has been your first lesson in Karma Whoring 101. Join us next week when we discuss how to turn a "-1, Troll" into a "+5, Insightful" by replying to your own posts as AC.