Microsoft had to re-engineer Internet Explorer to stop a technology known as ActiveX automatically starting when users visit some websites.
MS may have done this as a result of the Eolas suit, but the rest of us can consider it a security patch;)
People who love porn would not mind DRM or any other restrictive technology
I wouldn't go that far. Remember that there are quite a few porn sites that will happily embed a trojan (the malware not the condoms) into their website. The machines that I've cleaned for friends who like porn are some of the biggest messes I've seen. They all now know that if they want me to clean out their machine, I'll wipe the drives first thing unless they take precautions (anti-virus, firewall, rent their porn rather than download it).
(oh, the inuendo for this article)
Re:I've done tests with HoneyBOT
on
Spam from Taiwan
·
· Score: 1
ALL of APNIC? You do realize that includes us poor Aussies and New Zealanders too? (I assume since you mentioned Pacific Rim, yes)
I whitelist some countries through a conversion to IP number (see this for info). So far there are four entries (JP,AU,NZ and IN) in my whitelist. The rest are blanket filtered for now. Don't worry, I don't consider you careless - You replied because you care;)
Re:I've done tests with HoneyBOT
on
Spam from Taiwan
·
· Score: 1
You've made damn sure of that, haven't you. Personally, I have never encountered a company that did not need to communicate with someone on APNIC from time to time, but maybe you're a sysadmin for a small company that only deals with people in your own hick town.
FYI: It's a privately owned (by me) server, so what I say goes. Regardless, I check the logs mainly to spot when/if my users ever trigger it by chance (hasn't happened once). Further, I can only think of two companies I have worked for that ever did anything that needed APNIC. Like I said, it saddens me to filter those IPs but the usage generated by those spams was quite a burden for spamassassin and my other services. I spent quite a while trying to decide whether it was a good idea or not.
and... If San Francisco is considered a hick town now, then the major cities must be huge! I never knew that hick towns could generate millions on tourism. You could have made your comment without putting your foot in your mouth. Thanks for the speculation on something you had absolutely no idea about - made for a good laugh (unfortunately at you, not with you).
Re:I've done tests with HoneyBOT
on
Spam from Taiwan
·
· Score: 1
You mean you block one legit mail for every for spam mails?
After reading the AC who replied to you, it would be a factor of THREE that I meant then. Roughly anwhere from 500-1000 blocked APNIC SMTP connections per legit email on my bi-weekly log checks. A couple of my users used their accounts for sites like collegehumor.com, so they are basically spam honeypots without filtering. In fact, I use one of them that was abandoned by the user to feed spamassassin learning (it only has the APNIC filter and no other protection on that account)
Got my factors all fandangled - sorry!
Re:I've done tests with HoneyBOT
on
Spam from Taiwan
·
· Score: 5, Interesting
That's a cool project for a Windows honeypot. Thanks for the link. Outside of honeypots, I've been blanket filtering addresses from APNIC on my mail server for about a year now using some ideas I learned from this project (I filter at the mail request level rather than iptables). It's sad to filter an entire geographic region like that, but my users never talk to people from the Pacific Rim that I know of. My server (running XMail) is small, but my logs for the filtered emails constantly show the spam blocked exceeds the number of legit mails by a factor of four.
Since I started filtering, I've turned a couple of other admins onto the idea. I wonder if TW/KR will find themselves in some odd form of network segregation in the future as more people adopt the practice of filtering their IPs. That might push the authorities into a little more action.
You must be new to this Interweb thing if you still think 17 pages is impressive (link to tomshardware)
Not impressive, but I'm still quite happy to avoid the click madness. I say again: "They used to be a good company with good content, but now they are just ad whores (like most consumer computing sites - TOM!)./rant"
do we really need a play-by-play commentary of some jackass installing an update? 17 pages of ads and shit.
Agreed. I won't even read content from ZDNet at all anymore. 17 pages is insane (thanks for letting me know how many I avoided). Even with blocking the ads and repaginating the article into one page, ZDNet assumes that the format is acceptable to users because the article generates hits. They won't change it when they think "it's still working". I've tried to complain to them as a (now former) print customer of their periodicals for years and a web user. They don't respond, so I assume they don't care. Calling them just leads to the phone-forward-runaround of "I'll connect you to...". They used to be a good company with good content, but now they are just ad whores (like most consumer computing sites - TOM!)./rant
While i know i am using the word treason wrongly - i am ineffect trying to spark the thought in peoples mind. which is what needs to happen if we are ever going to fix this nation.
Please stop doing this. This type of manipulation and similar justifications are the basis for terms such as the "Patriot Act". Regardless of your intentions, it is a mis-representation. By using it, you are further de-sensitizing poeple to this type of manipulation by makiing it more common and acceptable. Tricking someone into the truth is not telling them the truth.
I don't disagree with your point, just your presentation of it and the dangers that presentation poses.
What's next? How about a third reich like system where they allocate an entire demographic region, send all the arabs there and figure out who is who.
The US already did that to Japanese-Americans during WWII. Ironically, it was done at the same time the Reich was doing it (sans genocide though). Doing it again isn't much of a stretch.
Lawyers for the Justice Department have offered to fly a courier from Washington to San Francisco with classified documents that Walker could review in private--documents that, in the eyes of the government, will convince him to dismiss the lawsuit. (The Bush administration also argues that EFF lawyers should not be permitted to see the classified information.)
I can just imagine what's in those documents... "here's a picture of your granddaughter next to one of our agents at school... here's a picture of your toothbrush - I wonder what's on it... Here's a picture of your wife sitting at home masturbating thinking she was alone (heh)... Here's a picture of you and your secretary."
Sorry, but with this administration, it's hard not to assume some underhanded strong-armin^^^^^ persuasion.
There are OS X botnets, and although I've never heard of any, I'd be there's probably a few proof of concept Linux botnets hanging out in hacker circles.
There are plenty of *nix botnets in the wild. Here's one source, but I've heard about them for a long time now. Almost all are running a service that gets it hacked (such as PHP on httpd in that example). Back when I was willig to help people with their PHP-Nuke installs, I saw a lot of compromised machines with interesting bits of software on them. My old website was once hacked (before being kind of abandoned) with a simple SQL injection exploit in Nuke.
This is getting a bit far for the "humor" portion of my post, but I hear you. Given just today's silo capcity they're probably not compressing it much even (It's bad enough having a data set offline, but to then have to de-compress it - urgh!).
I still keep thinking of the growth of phone useage over that last ten years though and how much I saw our storage needs growing around the same time as the ATT data dump (~10 years ago). I would like to see the size of the past ten years of ATT data as everything has grown. I also keep thinking of the extra storage you need to process that data (even in small-ish chunks).
Let's just leave it at "It still boggles _my_ mind", how about that?:-)
Not that big a deal. All of these companies already maintain similar databases for marketing purposes. ATT has had a database of over a decade's worth of long distance calls up and running for about 10 years. We're talking 10's of terabytes. This used to be awe-inspiring - now its just cool.
As I mentioned to another poster I worked at a mid-sized datacenter. The tape library alone was about 3TB for a regional insurance company. That plus the 2TB of live data (DASD), makes 5TB. Transactions happened in our largest DBs at a rate of a couple thousand per minute from the customer service center and bill payment systems (dropplets compared to a live phone company swtiching system).
The 2TB of live data? Two years of transactions. The 3TB of offline? The previous 20 years of transactions. To handle the growth alone, we were talking about doubling our tape storage system as the amount of data to store in the future was growing at an accelerated rate (think of all the new phones out there since 2000). We were looking at 10TB systems by the time I left the company (~1998).
I stand firm. It's going to be a big chunk of storage to handle all of that call data the telcos have. To just shrug at that is silly.
When people say to you "if you have nothing to hide, you have nothing to fear," you can respond (which I usually do) with "no decent, civilized person would ever have grounds to criticize the basic checks and balances that you oppose."
That reminds me of something my Dad said once "When you have something to fear, you have to hide everything". From the way the executive branch is acting, they are scared shitless of us (citizens).
I'm not forgetting them. I was an operator and sysprog for about four years at an insurance company (S/390). I know how big a regional billing dataset with transactions can be. It's still a huge pile of storage, mainframe or not.
By the way, mainframes have been going away for 20 years now... They never will. Big crunching will always need big hardware.
You know what I love? Scenarios!... Farfetched? Maybe.
Here's a far-fetched scenario for you: On the day the NSA leaked the existence of a huge domestic spying database that covers every US citizen with a phone, the television news was preoccupied with tax legislation (that will benefit the rich mostly), Jeb Bush and the Vatican's position on a work of fiction. Oh wait...
Man, the NSA must have servers the size of Steven Colbert's galvanized balls. This and the Google search request they made represent massive data sets.
The agency's goal is "to create a database of every call ever made" within the nation's borders
Are they really going through old records as well? "Ever made" is a pretty big term, but I'm betting there are lots of old call records on legacy systems and paper out there. Do they have agreements with the companies in question to provide aggregate data for marketing purposes? I also wonder what points they're getting the data from. There's a lot of people and companies spoofing ANI with Asterisk or similar boxes these days. This is a government database though... how clean can that data be? That cleanliness, of course, makes the situation better and worse at the same time. If someone reading has more operational knowledge of telcos and how the call records themselves are transmitted, please post clarifications.
So many questions, but me no longer wonders how those biggie telco mergers got past regulators anymore...
I found another article from ABC News that is (slightly) more specific. In it, they mention that "Customs officials in the U.K. hope one day the dogs will only signal when there are large collections of discs, which would more likely include illegally copied movies." This made me feel better - they were looking for bulk shipments. But then my hopes were dashed: "Trainers say the dogs have been notifying customs agents of packages with discs in them. The packages have been opened but so far no pirated movies have been found."
Now wait a second. This is a test and they are opening real people's packages. WTF? (FTW?) I didn't know that shipping plastic optical media was a crime anywhere. Sure it's "customs" that's actually opening the packages, but the fact that it's plastic optical media is not probable cause. How many false positives have they had? Is it worth pissing off that many FedEx customers for the occasional actually pirated media (of which they've found zero)?
In all fairness, if you're going to post articles about MS doing this, you should post about other companies doing this as well.
So let's hear about them. C'mon, you know about them abviously, so let's see what you know. Who else in the software industry is using this or a similar tactic outside of the BSA procedures? I personally don't want to do business with companies like that, so inform me... and the rest of us.
..... Is it FULLY FUNCTIONAL in EVERY way? (poster then refers to ST:TNG)
When I first saw that episode, my ex-girlfriend who was sitting next to me said "Data's got to be the most complicated vibrator ever conceived! Have you seen him type? That girl is horny and smart."
During migrations, users will have key security infrastructures that straddle two different authentication environments, one for Vista and one for earlier versions of Windows, until migrations are complete... In addition, users with any homegrown authentication mechanisms linked to Windows will have to rewrite their code from the ground up... That task will be painful in part because ISVs say Vista's new authentication architecture is incomplete in the beta released in February.
Why wait for headaches when you could just start porting your authentication systems to any platform except Windows right now? Then, while everyone else is going throught the "dual Win32 backdoor^^^^^^^^authentication" period hell, you can just laugh and say "I did that over a year ago and I won't have to do it again becuase I moved away from MS Products completely".
You could compare it to programming. What are your first steps when you sit down to write a program? Yes, yes, of course there are doodles, sketches and diagrams.
Why note let them do that step too? Sentence diagrams have been around for a long time. When I learned the technique in 6th grade, suddenly English seemed more like Math and I understood the basis better.
Slashdot Mirror
I wouldn't go that far. Remember that there are quite a few porn sites that will happily embed a trojan (the malware not the condoms) into their website. The machines that I've cleaned for friends who like porn are some of the biggest messes I've seen. They all now know that if they want me to clean out their machine, I'll wipe the drives first thing unless they take precautions (anti-virus, firewall, rent their porn rather than download it).
(oh, the inuendo for this article)FYI: It's a privately owned (by me) server, so what I say goes. Regardless, I check the logs mainly to spot when/if my users ever trigger it by chance (hasn't happened once). Further, I can only think of two companies I have worked for that ever did anything that needed APNIC. Like I said, it saddens me to filter those IPs but the usage generated by those spams was quite a burden for spamassassin and my other services. I spent quite a while trying to decide whether it was a good idea or not.
and... If San Francisco is considered a hick town now, then the major cities must be huge! I never knew that hick towns could generate millions on tourism. You could have made your comment without putting your foot in your mouth. Thanks for the speculation on something you had absolutely no idea about - made for a good laugh (unfortunately at you, not with you).After reading the AC who replied to you, it would be a factor of THREE that I meant then. Roughly anwhere from 500-1000 blocked APNIC SMTP connections per legit email on my bi-weekly log checks. A couple of my users used their accounts for sites like collegehumor.com, so they are basically spam honeypots without filtering. In fact, I use one of them that was abandoned by the user to feed spamassassin learning (it only has the APNIC filter and no other protection on that account)
Got my factors all fandangled - sorry!That's a cool project for a Windows honeypot. Thanks for the link. Outside of honeypots, I've been blanket filtering addresses from APNIC on my mail server for about a year now using some ideas I learned from this project (I filter at the mail request level rather than iptables). It's sad to filter an entire geographic region like that, but my users never talk to people from the Pacific Rim that I know of. My server (running XMail) is small, but my logs for the filtered emails constantly show the spam blocked exceeds the number of legit mails by a factor of four.
Since I started filtering, I've turned a couple of other admins onto the idea. I wonder if TW/KR will find themselves in some odd form of network segregation in the future as more people adopt the practice of filtering their IPs. That might push the authorities into a little more action.I don't disagree with your point, just your presentation of it and the dangers that presentation poses.
Sorry, but with this administration, it's hard not to assume some underhanded strong-armin^^^^^ persuasion.
(yes, every tag in the CDF is "aaaaawrwwwggggg" - and you thought it was binary data - It's Wookie dammit!)
I still keep thinking of the growth of phone useage over that last ten years though and how much I saw our storage needs growing around the same time as the ATT data dump (~10 years ago). I would like to see the size of the past ten years of ATT data as everything has grown. I also keep thinking of the extra storage you need to process that data (even in small-ish chunks).
Let's just leave it at "It still boggles _my_ mind", how about that? :-)
The 2TB of live data? Two years of transactions. The 3TB of offline? The previous 20 years of transactions. To handle the growth alone, we were talking about doubling our tape storage system as the amount of data to store in the future was growing at an accelerated rate (think of all the new phones out there since 2000). We were looking at 10TB systems by the time I left the company (~1998).
I stand firm. It's going to be a big chunk of storage to handle all of that call data the telcos have. To just shrug at that is silly.
By the way, mainframes have been going away for 20 years now... They never will. Big crunching will always need big hardware.
So many questions, but me no longer wonders how those biggie telco mergers got past regulators anymore...
Now wait a second. This is a test and they are opening real people's packages. WTF? (FTW?) I didn't know that shipping plastic optical media was a crime anywhere. Sure it's "customs" that's actually opening the packages, but the fact that it's plastic optical media is not probable cause. How many false positives have they had? Is it worth pissing off that many FedEx customers for the occasional actually pirated media (of which they've found zero)?
OmnipotentEntity asks: "How dare you doubt my power!?!?"