I've never known computers to have that many electrical hazards (towards humans.) Unless you muck around inside power supplies or monitors, or dunk your computer in the bathtub with you, there just isn't enough voltage going through computer parts to deliver a meaningful shock.
Though I have encountered an older computer where the power switch had exposed contacts carrying live 110v wall current. Found that out after touching the wrong place with a screwdriver.
Modern ATA motherboards & cases don't have any high voltages except in the power supply, clearly labeled with "HIGH VOLTAGE" stickers.
As far as program load times are concerned, they're getting better, but still need work. Mozilla on Win32 does have this preload-on-boot option that loads the libraries into memory when Windows starts up, so starting Mozilla itself is very fast. Both Konqueror & Mozilla need that in Linux. Maybe make a daemon - mozillad or konquerord that is started either on boot or when the user logs into KDE (or his favorite desktop environment) & holds much of the overhead in memory so opening a browser window is very quick.
Two of the nightmare examples stated in this thread have already come true. The state of Indiana will ticket drivers on their toll highways if the timestamps on their toll cards indicate they were driving faster than the speed limit, and Progressive Insurance has been testing a system where the insuree has a GPS device installed in their car, ostensibly for an insurance discount. If the car is driven at night, or through a bad neigborhood, premiums go up. Acme Auto Rental has been slapping people who speed in their rental cars with surcharges automatically added to their credit card bill.
Smile for the unblinking camera and welcome to Hell.
$5.00 per component may be cheap when buying a motherboard or Palm as a consumer. It's quite a different matter for the manufacturer. When making millions of motherboards a year, multiply the number of units made by $5.00 and you get a large chunk of cash that any electronics manufacturer will refuse to spend, especially in the highly competitive, low profit margin computer industry.
Add five dollars to the manufacturing cost of a motherboard? Ain't gonna happen. Most managers go ape-shit when asked to put in a component that increases manufacturing cost by 15 cents per unit.
Looking at my Palm m505, it's apparent that there is some decent ESD protection. The connector that connects the Palm and the cradle has two metal hooks that contact two metal latches on the Palm before the gold connector pins make contact. I'd bet good money that they're grounded. There's also a ferrite cylinder attached around the cable to the USB port. Between that and the aluminum case, I'd say that it's pretty hard to static-zap your Palm or system in the process of cradling your palm for a sync. But that's just the Palm m500 & m505. Other Palms have different connectors.
If the credit card companies were smart enough to hire decent cryptographers, they could put together a standard using public key crypto & digital signatures. If done right, it would be very difficult to forge cards or make purchases with stolen cards (key revocation protocol could make a compromised card unusable.) Of course, that assumes that the credit card companies wanted to take the trouble to do it right, rather than using ROT-13.
I don't see why the credit card companies start putting together a scary ad campaign showing people with conventional credit cards getting ripped of, then saying "Don't let this happen to you, get our ultra secure smartcards." Then they could show an "evil hacker" trying to use the new cards, and getting nothing but "TRANSCATION DENIED." messages.
The merchants have enough motivation to want a more secure solution - every time a credit card transaction is rejected, they get slapped with a stiff chargeback fee and have to eat the loss. Consumers are only liable for fifty dollars if the report the card as stolen promptly, so they would find that having to switch to a new card is a big pain. The credit card companies have no motivation to do this, since that pass the fraud losses to the merchants, and collect chargeback fees on top.
Re:Don't Like It That Way? Don't Buy It That Way?
on
$1200 Cheap!
·
· Score: 2
Fortunately for us consumers, Microsoft does not (yet?) have a monopoly in the console gaming industry. We can still take our business to the competitors if we don't like the way MS hawks their products.
The problem is that the users don't know what's being installed. Gator is a program that silently piggybacks itself on other popular programs like Gozilla. It doesn't bring up its own screen saying "Now installing Gator." The only indications that Gator is installed is a blurb buried deep in the fine print of the twenty page click-thru license agreement, and Gator showing up in the Add/Remove Programs dialog. Worse, when you try uninstalling Gator, a piece of it still remains that continues to perform stealth advertisement hijacking until you uninstall it as well. Most non-computer-geeks won't have the time or inclination to figure this out.
Gator is almost virus-like in its attempts to conceal itself from the user, do things without their consent, and spread itself to more machines. It includes only the bare minimum required to make a paper-thin claim of ethical behavior. With Junkbuster, the user knows exactly what's going on. Gator does its best to make sure the user doesn't know it's working.
It'll end up looking something like Japanese "Coffin Hotels" where everyone gets a little space that's 7'x4'x4', stacked 3 high. Oh well, the advantage of that arrangement is that it's easier to justify mounting doors on the coffins for privacy.
It definitely isn't over - Code Red Vigilante still reports dozens of attempted Code Red II attacks. Hopefully, at least some of the decaffeinations get through and get people to patch their machines.
Port 80 may still be blocked by @Home, but I'm still getting attacks from other @Home customers. When are @Home's admins going to start cutting off the connections of infected machines? It's drastic, but it seems to be the only way to get the attention of some people.
Which is excellent justification for killing him, burying the body in some remote location, cleaning up the mess, and denying everything.;)
Re:Why not force a download of the patch?
on
Broadband Crackdown
·
· Score: 2
C'mon, it's not that hard to write a script to detect Code Red packets and cut off their service. Cutting off their service is as simple as setting dhcpd (or whatever DHCP server they use) to refuse to lease an IP address to the infected customer's MAC address.
They can do whatever they want, and if you don't like it you can look at the competitors (which in this case would be one of the many tetering on the edge of bankruptcy DSL providers).
What competitors? For myself and many others, @Home is the only game in town. I'm not in DSL range, and I only have one cable provider I can use, the local monopoly. I can't just tell them to fuck off and go do business elsewhere. There is no elsewhere. Thus, the monopoly has a special responsibility not to abuse their power, which they don't take seriously.
It may be in the TOS, but the "no servers allowed" clause in the agreement is totally unreasonable. Lots of residential customers have plenty of good reasons to have servers - small web servers for their own amusement, Freenet nodes, Quake servers for hosting games with neighbors, an email server that serves as a spam filter, etc. I can understand the need to limit bandwidth with rate caps so one person isn't hogging the network, but within those constraints, people should be able to run servers if they want.
Why don't some of the open source advocates start creating a Gnutella-like p2p data storage facility, perhaps with solid crypto, where the machine's owner actually doesn't know what specific data really resides on his machine? Seems like if enough folks opted in with a small chunk of their hard drive, we could prevent things like DeCSS, RIASS/Napster, Dolby AC3, etc. from happening in the first place.
That's already been done. It's called Freenet. Everything is encrypted & anonymized, and users don't know what's stored on their machines.
The way I see it, the keylogger could either be a software or hardware device. It may require that an agent break into the Bad Guy's premises to install the bug. Then again it may not...
If it was a software device, it would probably be some sort of virus or trojan horse that would sit silently & log keystrokes, and transmit them to the FBI at periodic intervals. There are the issues of compatibility - there are over a dozen different varieties of Windows in general use, as well as Linux, BeOS, BSD, etc. That would require multiple versions of the software, all carefully crafted to hide itself from anyone from a casual luser to an experienced computer security expert (what the FBI likes to refer to as a "hacker".) Somewhere along the line it would probably be detected and deactivated.
The hardware approach has the advantage of being OS neutral, and there are only a few varieties of keyboard interfaces that need to be handled. The device could be hidden inside the keyboard, which would require the agent to physically disassemble the keyboard to install the device. This would take a lot of time, and have several risks: The agent could be caught in the act, which is made more likely by the extra time taking the keyboard apart. Also, the agent could break the keyboard, which would make the Bad Guys aware that something suspicious was happening.
Putting the device inside the computer would be easier - most computers are designed to be opened & serviced with little more than a screwdriver. However, the agent still has to spend time disassembling & reassembling equipment, with risk of breaking the computer or being caught and subject to Great Unpleasantness. Putting the bug outside of the computer (glued to the underside of the desk or attached to a cable) would be too easy to detect, especially when dealing with Evil Russian Hackerz(TM).
The best way would be to use a bakery van full of TEMPEST gear to listen to the stray signals coming from the computer. The gear would be able to listen to keystrokes, as well as record everything that is displayed on the computer's screen. I suspect the feds don't want this revealed because then the Bad Guys could send thugs to kill the agents in the van, then they would be able to play with all the neat toys inside and come up with countermeasures.
Yep, it's probably illegal, but how are they going to catch you? Quite frankly, the copyright & patent laws are draconian and absurd. The whole intellectual property system in the U.S. and much of the rest of the world has been irreversably corrupted, so the only way to survive is to violate patents and copyrights. If they take down your web sites, bring them back up on another ISP and make their lawyers play whack-a-mole until their offices are buried in lawsuits and cease-and-desist letters.
That's probably just as well, that way Dimitry doesn't have to worry about the bondsman's hired thugs^W^Wbounty hunters. He has enough things to worry about.
In addition to the DUI, you could still be charged with involuntary manslaughter in an accident like that, though it's likely that that charge would be dropped in a plea bargain.
I'd like to hear you say that again after taking a vacation in Afghanistan and being flogged for daring to shave or surf the web. Some laws are so unjust that they need to be broken.
Slashdot Mirror
I've never known computers to have that many electrical hazards (towards humans.) Unless you muck around inside power supplies or monitors, or dunk your computer in the bathtub with you, there just isn't enough voltage going through computer parts to deliver a meaningful shock.
Though I have encountered an older computer where the power switch had exposed contacts carrying live 110v wall current. Found that out after touching the wrong place with a screwdriver.
Modern ATA motherboards & cases don't have any high voltages except in the power supply, clearly labeled with "HIGH VOLTAGE" stickers.
As far as program load times are concerned, they're getting better, but still need work. Mozilla on Win32 does have this preload-on-boot option that loads the libraries into memory when Windows starts up, so starting Mozilla itself is very fast. Both Konqueror & Mozilla need that in Linux. Maybe make a daemon - mozillad or konquerord that is started either on boot or when the user logs into KDE (or his favorite desktop environment) & holds much of the overhead in memory so opening a browser window is very quick.
Two of the nightmare examples stated in this thread have already come true. The state of Indiana will ticket drivers on their toll highways if the timestamps on their toll cards indicate they were driving faster than the speed limit, and Progressive Insurance has been testing a system where the insuree has a GPS device installed in their car, ostensibly for an insurance discount. If the car is driven at night, or through a bad neigborhood, premiums go up. Acme Auto Rental has been slapping people who speed in their rental cars with surcharges automatically added to their credit card bill.
Smile for the unblinking camera and welcome to Hell.
$5.00 per component may be cheap when buying a motherboard or Palm as a consumer. It's quite a different matter for the manufacturer. When making millions of motherboards a year, multiply the number of units made by $5.00 and you get a large chunk of cash that any electronics manufacturer will refuse to spend, especially in the highly competitive, low profit margin computer industry.
Add five dollars to the manufacturing cost of a motherboard? Ain't gonna happen. Most managers go ape-shit when asked to put in a component that increases manufacturing cost by 15 cents per unit.
Looking at my Palm m505, it's apparent that there is some decent ESD protection. The connector that connects the Palm and the cradle has two metal hooks that contact two metal latches on the Palm before the gold connector pins make contact. I'd bet good money that they're grounded. There's also a ferrite cylinder attached around the cable to the USB port. Between that and the aluminum case, I'd say that it's pretty hard to static-zap your Palm or system in the process of cradling your palm for a sync. But that's just the Palm m500 & m505. Other Palms have different connectors.
If the credit card companies were smart enough to hire decent cryptographers, they could put together a standard using public key crypto & digital signatures. If done right, it would be very difficult to forge cards or make purchases with stolen cards (key revocation protocol could make a compromised card unusable.) Of course, that assumes that the credit card companies wanted to take the trouble to do it right, rather than using ROT-13.
I don't see why the credit card companies start putting together a scary ad campaign showing people with conventional credit cards getting ripped of, then saying "Don't let this happen to you, get our ultra secure smartcards." Then they could show an "evil hacker" trying to use the new cards, and getting nothing but "TRANSCATION DENIED." messages.
The merchants have enough motivation to want a more secure solution - every time a credit card transaction is rejected, they get slapped with a stiff chargeback fee and have to eat the loss. Consumers are only liable for fifty dollars if the report the card as stolen promptly, so they would find that having to switch to a new card is a big pain. The credit card companies have no motivation to do this, since that pass the fraud losses to the merchants, and collect chargeback fees on top.
Fortunately for us consumers, Microsoft does not (yet?) have a monopoly in the console gaming industry. We can still take our business to the competitors if we don't like the way MS hawks their products.
Maybe we should call it "Remora-ware" - after those fish that attach themselves to sharks.
The problem is that the users don't know what's being installed. Gator is a program that silently piggybacks itself on other popular programs like Gozilla. It doesn't bring up its own screen saying "Now installing Gator." The only indications that Gator is installed is a blurb buried deep in the fine print of the twenty page click-thru license agreement, and Gator showing up in the Add/Remove Programs dialog. Worse, when you try uninstalling Gator, a piece of it still remains that continues to perform stealth advertisement hijacking until you uninstall it as well. Most non-computer-geeks won't have the time or inclination to figure this out.
Gator is almost virus-like in its attempts to conceal itself from the user, do things without their consent, and spread itself to more machines. It includes only the bare minimum required to make a paper-thin claim of ethical behavior. With Junkbuster, the user knows exactly what's going on. Gator does its best to make sure the user doesn't know it's working.
I believe that Konqueror is getting support for ActiveX.
It'll end up looking something like Japanese "Coffin Hotels" where everyone gets a little space that's 7'x4'x4', stacked 3 high. Oh well, the advantage of that arrangement is that it's easier to justify mounting doors on the coffins for privacy.
Try raising a Bonsai Kitten You'll get attention from every animal lover in the office!
That has been addressed in 2.2 - it comes with a prelinker utility that greatly improves startup times.
It definitely isn't over - Code Red Vigilante still reports dozens of attempted Code Red II attacks. Hopefully, at least some of the decaffeinations get through and get people to patch their machines.
Port 80 may still be blocked by @Home, but I'm still getting attacks from other @Home customers. When are @Home's admins going to start cutting off the connections of infected machines? It's drastic, but it seems to be the only way to get the attention of some people.
Which is excellent justification for killing him, burying the body in some remote location, cleaning up the mess, and denying everything. ;)
C'mon, it's not that hard to write a script to detect Code Red packets and cut off their service. Cutting off their service is as simple as setting dhcpd (or whatever DHCP server they use) to refuse to lease an IP address to the infected customer's MAC address.
What competitors? For myself and many others, @Home is the only game in town. I'm not in DSL range, and I only have one cable provider I can use, the local monopoly. I can't just tell them to fuck off and go do business elsewhere. There is no elsewhere. Thus, the monopoly has a special responsibility not to abuse their power, which they don't take seriously.
It may be in the TOS, but the "no servers allowed" clause in the agreement is totally unreasonable. Lots of residential customers have plenty of good reasons to have servers - small web servers for their own amusement, Freenet nodes, Quake servers for hosting games with neighbors, an email server that serves as a spam filter, etc. I can understand the need to limit bandwidth with rate caps so one person isn't hogging the network, but within those constraints, people should be able to run servers if they want.
Hallelujah brother! It's time to show X-10 & Gator who's boss of my machine.
The way I see it, the keylogger could either be a software or hardware device. It may require that an agent break into the Bad Guy's premises to install the bug. Then again it may not...
If it was a software device, it would probably be some sort of virus or trojan horse that would sit silently & log keystrokes, and transmit them to the FBI at periodic intervals. There are the issues of compatibility - there are over a dozen different varieties of Windows in general use, as well as Linux, BeOS, BSD, etc. That would require multiple versions of the software, all carefully crafted to hide itself from anyone from a casual luser to an experienced computer security expert (what the FBI likes to refer to as a "hacker".) Somewhere along the line it would probably be detected and deactivated.
The hardware approach has the advantage of being OS neutral, and there are only a few varieties of keyboard interfaces that need to be handled. The device could be hidden inside the keyboard, which would require the agent to physically disassemble the keyboard to install the device. This would take a lot of time, and have several risks: The agent could be caught in the act, which is made more likely by the extra time taking the keyboard apart. Also, the agent could break the keyboard, which would make the Bad Guys aware that something suspicious was happening.
Putting the device inside the computer would be easier - most computers are designed to be opened & serviced with little more than a screwdriver. However, the agent still has to spend time disassembling & reassembling equipment, with risk of breaking the computer or being caught and subject to Great Unpleasantness. Putting the bug outside of the computer (glued to the underside of the desk or attached to a cable) would be too easy to detect, especially when dealing with Evil Russian Hackerz(TM).
The best way would be to use a bakery van full of TEMPEST gear to listen to the stray signals coming from the computer. The gear would be able to listen to keystrokes, as well as record everything that is displayed on the computer's screen. I suspect the feds don't want this revealed because then the Bad Guys could send thugs to kill the agents in the van, then they would be able to play with all the neat toys inside and come up with countermeasures.
Yep, it's probably illegal, but how are they going to catch you? Quite frankly, the copyright & patent laws are draconian and absurd. The whole intellectual property system in the U.S. and much of the rest of the world has been irreversably corrupted, so the only way to survive is to violate patents and copyrights. If they take down your web sites, bring them back up on another ISP and make their lawyers play whack-a-mole until their offices are buried in lawsuits and cease-and-desist letters.
That's probably just as well, that way Dimitry doesn't have to worry about the bondsman's hired thugs^W^Wbounty hunters. He has enough things to worry about.
In addition to the DUI, you could still be charged with involuntary manslaughter in an accident like that, though it's likely that that charge would be dropped in a plea bargain.
I'd like to hear you say that again after taking a vacation in Afghanistan and being flogged for daring to shave or surf the web. Some laws are so unjust that they need to be broken.