What if they classified the tape and tape recorder they used to tape a conversation - no one would be able to check the tape to see if it was or could have been altered!
I said: " and parse through 100's of GB of data after a raid"
After a raid, assuming they take 20 computers, each with 10 gb hard drives, each at least half full, that is 100GB of data to parse through - and don't think for one moment that they only will take a few computers - a company I worked for was accused of some wrong doing - they came in and took every computer, even an old OpenBSD machine that I hadn't even setup yet!
The references to 100's of GB elsewhere refer to the amount of data that could be snooped using carnivore if the filter was wide open.
Besides, who ever said you had to feel all warm and fuzzy inside about the FBI?
I don't think they care what you think of them.
By the way, my post wasn't designed to be a troll - it is honestly what my friends told me.
Also, you seem to have misconceptions of where carnivore is employed - it is dropped off and set up at an ISP after a warrant is issued... if you want to talk about people sniffing for the word "bomb," go talk to some one about echelon (sp).
Yes, I did believe them. They are my FRIENDS and while that word may have no meaning to YOU, to ME that means they don't lie to me. If they couldn't tell me, they'd say "I can't tell you" instead of making up some bullshit for me to spread on/..
Look folks, I have some friends who work at the FBI - not agents, but the guys who actually setup and maintain the carnivore system, go on raids WITH the agents to make sure the computers are handled successfully, and parse through 100's of GB of data after a raid to determine what is of and what isn't. (this goes against common misconception #1 that the agents actually sort through the data - they do not - they have a computer guy do it).
One day, I asked my friends about carnivore.
Carnivore is a very simple system - TCPDump, a filter, and a sort utility. It is a black box administered from remote, setup at their office.
The filter is setup to only record a handfull of things - a) email communications to or from a suspect as specified in a warrant or b) packets to or from a certain IP address designated by the warrant.
It does not capture and save every packet going across the wire - that would be illegal.
Let me say that again, as it bears repeating - It does not capture and save every packet going across the wire.
Yes, in a TCPDump, all packets are going to be pulled that hit the network interface, but the filter will only save the packets that meet a certain criteria.
They developed this with the WHOLE IDEA of making DAMN sure they stay within the confines of their warrants - because otherwise, they are breaking the law. Also, they would have to go through 100's of GB of data if they captured EVERY packet at a standard ISP. At an ISP like mindspring, the amount of data captured would be unfathomable.
The computer guys actually know how to set the thing up properly, so you don't have to rely on the standard Liberal Arts/Criminal Justice major FBI agent to understand what he or she is doing. All the agent might do is drop the big black box off at an ISP, plug in the power cable and network cable, and walk out.
Don't get me wrong - I personally don't like the FBI or its agents. I've had run-ins with them in the past, and the ones I met I didn't like. The guys who deal with this AREN'T agents... they are computer geeks, like you and me. They read/., the game, they program in Perl and other ub3r-1337 h4x0r languages. They know what they are doing, AND they do EVERYTHING in their power to make sure ONLY those communications that they NEED and are supposed to HAVE get captured.
"...or are we finally going to be able to sit with our laptops and connect from the middle of the Sahara?"
Iridium already has data services just about anywhere in the world... Of course, you have to be willing to pay for it and the throughput is only 10Kbps for (i'm guessing) anything that is easily compressed (ie text). According to their site, "Graphics and images will result in lower throughput."
Seriously though, the battery power required to transmit to a LEO satellite is a bit much to ask for in a portable phone that any joe can use - at least with today's technology. Just think of the EMF from that thing! And they say current cell phones will fry your brain!
As for laptop batteries, mine already only lasts 3 hours on a GOOD day...
What I meant was that once there is a dispute, and it goes to court, this is a civil matter and hence would be handled by preponderance of the evidence...
What we will have is a Compliance Bureau - a clearing house for people's information, much like today's credit bureaus...
ISPs will report DMCA and other transgressions to these bureaus.
When you go to an ISP to get a new account, they'll run a "Compliance Check" on you instead of a credit check. If you have a file, they'll see what's in it. Your ISP may decide to charge you a higher premium or require you to post a security deposit for insurance purposes if you have a "bad" file.
Sure, after a while, Congress will pass a "Fair Internet Compliance Reporting Act" much like the Fair Credit Reporting Act that is used by creditors and bureaus today, but how much will that REALLY protect us... How many of you out there REALLY trust your credit card company and credit bureau?
There will be a dispute policy, but ultimately it is the ISPs word against yours... so you will have to wear a scarlet "DMCA" every time you go "apply" for internet access.
Unlike a criminal record, this is completely a CIVIL matter, which means preponderance of the evidence - someone thinks the bureau has a decent case, you're screwed for x number of years.
Who's to say that if I just say "hey Time-Warner, go to HELL I'm going elsewhere" they won't put a mark on my file?
Yet Kuhn and Stallman say they don't like this world. It appears that they would prefer a world in which people who write software cannot choose the proprietary licenses that Kuhn and Stallman dislike.
"Stallman" is starting to sound a little too much like "Stalin" for my tastes.
It is my property, I can and will choose a license that fits MY needs as a developer.
And like it or not, proprietary licenses DO foster innovation on a corporate scale. I'm not saying free licenses don't foster innovation - but they do so at a different level - the community level... and companies (and individuals) have to get paid. I gotta keep food on my table SOMEHOW! is RMS/FSF going to send me a check every month? Or is that the government's job? This is sounding more and more like communism/socialism.
Microsoft could actually help here quite a bit - and they have good reason to.
Anyone remember this article from a few days ago about WinXP blocking certain device drivers because of potential flaws based on crash data? I'm SURE that could be widended to include programs and OCXs. Here's what we need to do...
Get Microsoft to expand their block list to include software too
Have a bunch of people "Break" the OCX so it really fouls things up
Have these people submit the crash info to Microsoft
POOF! Microsoft's auto-update feature for XP blocks the software...
"I would trust the judgment of trained law-enforcement professionals trying to maintain public order and public safety over that of a younger, immature, less circumspect agitator."
This quote emobides what is wrong with law enforcement in America (especially) and (I'd assume) across the world!
Basically, this quote says "Everyone participating in the protest is wrong and just an agitator - a malcontent - someone who we should lock up anyway."
That thought, combined with these new weapons - I'm scared.
"One more day before the storm
At the baracade of freedom when our ranks begin to form...
will you take your place with me?"
--- "One Day More" from Les Miserables
It might have passed but that does not mean it will last.
Yes, but how many Dmitry's will we have with THIS bill OR DMCA before they are overturned by the courts or repealed.
Courts take time.
Legislation takes even longer
I can understand blocking outgoing port 25 on your network except for your mail server and thus assuring that all mail is routed through the ISP's mail server - Mindspring/Earthlink has been doing this for quite a while! But not relaying mail for your local users (regardless of from address) breaks one of the core reasons for having LOCAL mail servers. What the hell else are people going to do? Most third partys' mail servers are locked down to allow local relay only (as well they should be!). Yeah there are a few open relays out there, but everyone won't be able to find one. I for one won't be opening up my server!
Here's what I see happening:
This will actually increase Verizon Online's network's contribution to spam...
Verizon blocks their users from using their mail servers for foo@bar.com accounts
Many of the more savvy users start their own mail servers on verizon's network to act as a local relay.
Some of these people aren't going to be savvy enough and some of these servers will not be configured correctly such that they are open relays (not hard AT ALL to do)
Some spammers find these open relays
Verizon's network is now contributing to the spam
Basically, what this tells me is that they are too lazy to police their own users by dealing with spammers when they occur and instead have opted to just say "It isn't us! We're secured!"
The problem with reducing arms is that there is no guarantee that any nation agreeing to the arms reduction will actually reduce their arms. Hell, there is no guarantee that WE ever reduced our arms even though we agreed to years ago. Countries (including the US) can put on whatever front they want to put on for the media, UN (powerless) inspection teams, etc but the fact remains that there is not enough power in the UN or NATO or EU or any other group of countries to completely force a reduction of arms of any sufficient magnitude.
I will agree that it would be silly (by our definition) for any nation to use a nuke against the United States, but does Michael honestly believe that other countries DON'T have strategic ballistic missles AND don't have someone in charge who might not have the same definition of the word "silly" (READ: Taliban).
The proper contact address for e-mail in a domain has always been postmaster@domain. If they don't have a postmaster alias setup then they shouldn't be accepting e-mail. In that case, DDOS them into the fucking stoneage.
Yes, but how many folks have that alias set to send to an account they actually read? Most (I'd imagine) go to some quiet account that is never checked. This would be especially true of a site that may see a lot of bounces (ie: Web site hosting facilities whose web sites accept email addresses as part of registration and then send email to those addresses... remember - users aren't always able to put the @aol.com after their email address, or just can't spell aol;-) )
As far as DDOSing them into oblivion: Von Clausewitz once said (paraphrased) "War is a continuation of politics by other means." Use whois, contact them, THEN if you deem necessary (NOTE: THIS IS NOT ADVOCATING ACTUALLY DDOSING SOMEONE!!!), explore other means of... communication.
One use of whois that hasn't yet been mentioned - solving technical issues between domains.
When I worked for a small commercial web design/hosting firm, I managed all the servers, including one Linux mail server running sendmail. Something hiccupped and my box started contacting someone else's mail server OVER AND OVER for hours, filling up his logs but never quite making it into mine. He used whois to contact me and inform me of the problem. Turns out, my box choked on some mail because the server got some invalid DNS information.
Someone out there is going to flame me about how I should have had my box setup to only retry every 30 minutes or so... Whoever you are - get over it. This post is about how whois is beneficial, not how improperly configured sendmail instances are Satan's own kin.
Fine! Let the browser be standards compliant - I welcome it...
BUT GIVE ME AN ERROR MESSAGE - SOME LITTLE HINT of where I missed the tag - C, C++, yadda yadda yadda ALL give me at least a line number, if not some HINT.
Slashdot Mirror
There is a grave difference between claiming ownership of a human being and claiming ownership of a piece of code that I wrote.
Yes, I do.
I believe the same to be true of the Carnivore system, even though I readily defend its use as legitimate.
What if they classified the tape and tape recorder they used to tape a conversation - no one would be able to check the tape to see if it was or could have been altered!
I said: " and parse through 100's of GB of data after a raid"
After a raid, assuming they take 20 computers, each with 10 gb hard drives, each at least half full, that is 100GB of data to parse through - and don't think for one moment that they only will take a few computers - a company I worked for was accused of some wrong doing - they came in and took every computer, even an old OpenBSD machine that I hadn't even setup yet!
The references to 100's of GB elsewhere refer to the amount of data that could be snooped using carnivore if the filter was wide open.
Besides, who ever said you had to feel all warm and fuzzy inside about the FBI? I don't think they care what you think of them.
By the way, my post wasn't designed to be a troll - it is honestly what my friends told me.
Also, you seem to have misconceptions of where carnivore is employed - it is dropped off and set up at an ISP after a warrant is issued... if you want to talk about people sniffing for the word "bomb," go talk to some one about echelon (sp).
Yes, I did believe them. They are my FRIENDS and while that word may have no meaning to YOU, to ME that means they don't lie to me. If they couldn't tell me, they'd say "I can't tell you" instead of making up some bullshit for me to spread on /..
One day, I asked my friends about carnivore.
Carnivore is a very simple system - TCPDump, a filter, and a sort utility. It is a black box administered from remote, setup at their office.
The filter is setup to only record a handfull of things - a) email communications to or from a suspect as specified in a warrant or b) packets to or from a certain IP address designated by the warrant.
It does not capture and save every packet going across the wire - that would be illegal.
Let me say that again, as it bears repeating - It does not capture and save every packet going across the wire.
Yes, in a TCPDump, all packets are going to be pulled that hit the network interface, but the filter will only save the packets that meet a certain criteria.
They developed this with the WHOLE IDEA of making DAMN sure they stay within the confines of their warrants - because otherwise, they are breaking the law. Also, they would have to go through 100's of GB of data if they captured EVERY packet at a standard ISP. At an ISP like mindspring, the amount of data captured would be unfathomable.
The computer guys actually know how to set the thing up properly, so you don't have to rely on the standard Liberal Arts/Criminal Justice major FBI agent to understand what he or she is doing. All the agent might do is drop the big black box off at an ISP, plug in the power cable and network cable, and walk out.
Don't get me wrong - I personally don't like the FBI or its agents. I've had run-ins with them in the past, and the ones I met I didn't like. The guys who deal with this AREN'T agents... they are computer geeks, like you and me. They read /., the game, they program in Perl and other ub3r-1337 h4x0r languages. They know what they are doing, AND they do EVERYTHING in their power to make sure ONLY those communications that they NEED and are supposed to HAVE get captured.
Iridium already has data services just about anywhere in the world... Of course, you have to be willing to pay for it and the throughput is only 10Kbps for (i'm guessing) anything that is easily compressed (ie text). According to their site, "Graphics and images will result in lower throughput."
Seriously though, the battery power required to transmit to a LEO satellite is a bit much to ask for in a portable phone that any joe can use - at least with today's technology. Just think of the EMF from that thing! And they say current cell phones will fry your brain!
As for laptop batteries, mine already only lasts 3 hours on a GOOD day...
Thanks, I'll stick to CDPD.
Sorry, should have been clearer :)
What we will have is a Compliance Bureau - a clearing house for people's information, much like today's credit bureaus...
ISPs will report DMCA and other transgressions to these bureaus.
When you go to an ISP to get a new account, they'll run a "Compliance Check" on you instead of a credit check. If you have a file, they'll see what's in it. Your ISP may decide to charge you a higher premium or require you to post a security deposit for insurance purposes if you have a "bad" file.
Sure, after a while, Congress will pass a "Fair Internet Compliance Reporting Act" much like the Fair Credit Reporting Act that is used by creditors and bureaus today, but how much will that REALLY protect us... How many of you out there REALLY trust your credit card company and credit bureau?
There will be a dispute policy, but ultimately it is the ISPs word against yours... so you will have to wear a scarlet "DMCA" every time you go "apply" for internet access.
Unlike a criminal record, this is completely a CIVIL matter, which means preponderance of the evidence - someone thinks the bureau has a decent case, you're screwed for x number of years.
Who's to say that if I just say "hey Time-Warner, go to HELL I'm going elsewhere" they won't put a mark on my file?
That way, Joe Corporation can't nuke JoeCoSucks.com as easily by going to one of the "Trademark Friendly" arbitrators.
This is, of course, acceptable... it will never happen, but is acceptable none the less... so long as we all have a CHOICE.
"Stallman" is starting to sound a little too much like "Stalin" for my tastes.
It is my property, I can and will choose a license that fits MY needs as a developer.
And like it or not, proprietary licenses DO foster innovation on a corporate scale. I'm not saying free licenses don't foster innovation - but they do so at a different level - the community level... and companies (and individuals) have to get paid. I gotta keep food on my table SOMEHOW! is RMS/FSF going to send me a check every month? Or is that the government's job? This is sounding more and more like communism/socialism.
Anyone remember this article from a few days ago about WinXP blocking certain device drivers because of potential flaws based on crash data? I'm SURE that could be widended to include programs and OCXs. Here's what we need to do...
- Get Microsoft to expand their block list to include software too
- Have a bunch of people "Break" the OCX so it really fouls things up
- Have these people submit the crash info to Microsoft
POOF! Microsoft's auto-update feature for XP blocks the software...Anyone know any XP core programers?
This quote emobides what is wrong with law enforcement in America (especially) and (I'd assume) across the world!
Basically, this quote says "Everyone participating in the protest is wrong and just an agitator - a malcontent - someone who we should lock up anyway."
That thought, combined with these new weapons - I'm scared.
"One more day before the storm
At the baracade of freedom
when our ranks begin to form...
will you take your place with me?"
--- "One Day More" from Les Miserables
Yes, but how many Dmitry's will we have with THIS bill OR DMCA before they are overturned by the courts or repealed.
Courts take time.
Legislation takes even longer
I think we'd all agree that the DMCA is/was a stupid bill too... but it passed AND put Dmitry in jail.
Lets hope the knowledge and technology gained from this doesn't fall into the wrong hands. We all know what happened last time that happened.
Don't let all the Irritating Parentheses fool you, LISP WILL WIN!
I can understand blocking outgoing port 25 on your network except for your mail server and thus assuring that all mail is routed through the ISP's mail server - Mindspring/Earthlink has been doing this for quite a while! But not relaying mail for your local users (regardless of from address) breaks one of the core reasons for having LOCAL mail servers. What the hell else are people going to do? Most third partys' mail servers are locked down to allow local relay only (as well they should be!). Yeah there are a few open relays out there, but everyone won't be able to find one. I for one won't be opening up my server!
Here's what I see happening:
This will actually increase Verizon Online's network's contribution to spam...
- Verizon blocks their users from using their mail servers for foo@bar.com accounts
- Many of the more savvy users start their own mail servers on verizon's network to act as a local relay.
- Some of these people aren't going to be savvy enough and some of these servers will not be configured correctly such that they are open relays (not hard AT ALL to do)
- Some spammers find these open relays
- Verizon's network is now contributing to the spam
Basically, what this tells me is that they are too lazy to police their own users by dealing with spammers when they occur and instead have opted to just say "It isn't us! We're secured!"One time $79 fee, then $12/domain.
In the light of these new policies, I have transfered most of the domains I didn't register with bulkregister to them and away from NetSlo.
The problem with reducing arms is that there is no guarantee that any nation agreeing to the arms reduction will actually reduce their arms. Hell, there is no guarantee that WE ever reduced our arms even though we agreed to years ago. Countries (including the US) can put on whatever front they want to put on for the media, UN (powerless) inspection teams, etc but the fact remains that there is not enough power in the UN or NATO or EU or any other group of countries to completely force a reduction of arms of any sufficient magnitude.
I will agree that it would be silly (by our definition) for any nation to use a nuke against the United States, but does Michael honestly believe that other countries DON'T have strategic ballistic missles AND don't have someone in charge who might not have the same definition of the word "silly" (READ: Taliban).
Yes, but how many folks have that alias set to send to an account they actually read? Most (I'd imagine) go to some quiet account that is never checked. This would be especially true of a site that may see a lot of bounces (ie: Web site hosting facilities whose web sites accept email addresses as part of registration and then send email to those addresses... remember - users aren't always able to put the @aol.com after their email address, or just can't spell aol ;-) )
As far as DDOSing them into oblivion: Von Clausewitz once said (paraphrased) "War is a continuation of politics by other means." Use whois, contact them, THEN if you deem necessary (NOTE: THIS IS NOT ADVOCATING ACTUALLY DDOSING SOMEONE!!!), explore other means of... communication.
When I worked for a small commercial web design/hosting firm, I managed all the servers, including one Linux mail server running sendmail. Something hiccupped and my box started contacting someone else's mail server OVER AND OVER for hours, filling up his logs but never quite making it into mine. He used whois to contact me and inform me of the problem. Turns out, my box choked on some mail because the server got some invalid DNS information.
Someone out there is going to flame me about how I should have had my box setup to only retry every 30 minutes or so... Whoever you are - get over it. This post is about how whois is beneficial, not how improperly configured sendmail instances are Satan's own kin.
BUT GIVE ME AN ERROR MESSAGE - SOME LITTLE HINT of where I missed the tag - C, C++, yadda yadda yadda ALL give me at least a line number, if not some HINT.