Brendan Koerner was previously a Senior Editor at U.S. News & World Report, where he wrote more than 100 feature articles including six cover stories, since 1996 on subjects ranging from higher education to urban renewal to religion to business and technology. His stories have included "A Lust for Profits," a cover-story, study of the Internet pornography industry, and "Can Hackers be Stopped," a special report on information security.
As a Markle Fellow at the New America Foundation, Mr. Koerner will use the lens of the digital underground to examine some of the most critical issues affecting the future of information technology and the new economy--including the commercialization of the Internet; the struggle over copyright and patent law and the preservation of the information commons; the ethics of free speech on the Internet; and the increasing concerns over cyber-security. In his writing, Mr. Koerner will seek to meld traditional reportage with well-informed commentary that will be solutions oriented. In particular, his work will seek to suggest workable compromises and creative policy alternatives that might allow the wired establishment and its hacker critics to develop a less adversarial relationship.
His e-mail address and picture are also available at the URL above.
Here (10-30-00 in the archives):
contributed by abner and laney
The weekend did not manage to quell the massive
amounts of coverage the Microsoft infiltration continues
to garner. Virtually every news organization has its own
version of the Microsoft debacle, of which we've
provided a sampling below. Meanwhile, we are left
wondering why the crown jewels of Microsoft were left
at the mercy of passwords. There are all sorts of other
authentication technologies that we have no doubt
Microsoft will be investigating. Perhaps utilizing the
smart card support in Windows 2000 wouldn't be a bad
idea. It's a shame it takes negative incidents like this to
get people to consider security as a strategic business
issue. Shame on you, Microsoft.
ou've heard it before and you'll hear it again. Threats
are evolving. We've seen viruses retrieve and forward
passwords before on a large scale, now they are
becoming targeted and fast. Threat evolution is
something that cannot be dealt with reactively; it must
be part of infrastructure planning and design. Today, all
attention is focused on Microsoft. The world's favorite
target has fallen victim to a password-stealing virus
that got a hold of passwords that can access the
source code to upcoming versions of Windows and
Office. It is unclear whether or not the perpetrators
were able to use the passwords to actually access and
manipulate the source code, however if the source code
was accessed two questions remain. 1. Was the code
manipulated in some way that could open the door for
later attacks or other problems? Microsoft claims no, the
code has maintained it's integrity. Other than to trust
Microsoft's word we may never know the answer. 2.
Does the ability for a criminal group to view the source
code destroy the security by obscurity that is key to so
many commercial software products? In the open source
community, numerous hackers examine products and
contribute solutions to flaws in the products. In the
commercial world, many companies rely on their
development team to produce secure code and then
keep the source code secret to not only protect their
intellectual property, but also to minimize potential
attacks that could be launched against the product. In
this case, the loss of security by obscurity could result
in a criminal having intimate knowledge of the product
development cycle to be able to develop targeted
attacks on future Microsoft products. Regardless of the
quality of Microsoft products, the mere fact that the
company was able to recognize that this incident
occurred is unfortunately unique. Many corporations
might never know this had happened to them. In fact
the ability to isolate the incident to specific networks or
machine is quite difficult in many environments. The
other interesting thing going on here is the Trojan horse
attack. These attacks have been discussed for several
years now and the current solution has been to use
content filtering software to detect the attack. If you
are one of the world's favorite targets, the Trojan horse
writer will write the attack specifically at you. By the
time the anti-virus companies know about the Trojan
horse and are able to detect and stop it, it's too late.
Unfortunately, it has taken a high profile incident like
this for awareness to spread. One solution is to
seperate general purpose computing such as internet
surfing and email from sensitive computing such as
accessing source code or controlling IT infrastructure.
This is what the military does. They run 2 networks that
are physically isolated from each other. A less expensive
solution is to keep all executable content from reaching
workstations such as executable programs, active HTML
content, or documents that contain macros. This is
difficult to acheive in reality so physical seperation is
the the only way to be sure you are secure. The Wall
Street Journal broke this story and pretty much
everybody is currently running it. Look for more
information and speculation to filter out through the rest
of the day.
"This paper describes a Perl module -- Lingua::Romana::Perligata -- that makes it possible to write Perl programs in Latin. A plausible rationale for wanting to do
such a thing is provided, along with a comprehensive overview of the syntax and semantics of Latinized Perl. The paper also explains the special source filtering and
parsing techniques required to efficiently interpret a programming language in which the syntax is (largely) non-positional."
An excellent BASIC resource
on
KBasic
·
· Score: 1
If you need information about any dialect of BASIC, check out Neozones. Although the main topic of Neozones seems to be QBasic, the forum users know various BASIC dialects and are very helpful.
[Unix: from IBM
JCL] Equivalent to
cat or BLT. Originally the name of a Unix copy command
with special options suitable for block-oriented devices; it was
often used in heavy-handed system maintenance, as in "Let's
dd the root partition onto a tape, then use the boot PROM to
load it back on to a new disk". The Unix dd(1) was
designed with a weird, distinctly non-Unixy keyword option syntax
reminiscent of IBM System/360 JCL (which had an elaborate DD
`Dataset Definition' specification for I/O devices); though the
command filled a need, the interface design was clearly a prank.
The jargon usage is now very rare outside Unix sites and now nearly
obsolete even there, as dd(1) has been deprecated for a
long time (though it has no exact replacement). The term has been
displaced by BLT or simple English `copy'.
If you're running FreeBSD 4.0 or 4.1, the jail(2) (Slashdot story) system call is available. jail(2) is much more powerful than chroot(2). The author of jail(2), Poul-Henning Kamp, described jail as:
UNIX has always been designed around two levels of users: root and everybody
else. While this is a simple and strong security model, it has disadvantages when it
comes to delegating administrative tasks to more or less trusted persons. The
FreeBSD ``Jail'' facility provides a way to compartmentalize a server in such a way
that the root-privilege for one compartment can be handed over to non-trusted
persons without compromising the security of the entire machine. Creating
"virtual
machines" this way has many uses.
As explained at Netscape, These attachments contain only
formatting and are not important to the message itself. . Basically, formatted separated from content. I personally think this is a good idea for these reasons:
Sections of the text can be extracted without missing an opening or closing tag. In HTML (and other embedded markup languages), excerpts require careful examination of enclosing tags to make sure the tags are closed and opened at the correct locations.
Formatting is separated from content. If you don't want to see the formatting, you don't have to. This can also be useful for source code.. maybe you want each comment in your program to appear in italics. The source code itself can be extracted and run without the formatting.
There are other pros, too. I believe the Project Xanadu lists them somewhere.
Netscape has the answer, for those that don't know:
Those attachments contain Microsoft Exchange's rich text information, encoding attributes of the message such as boldface, underlining, fonts, and colors. Exchange/Internet Mail puts these attributes into an attachment so that they can appear to other Exchange users on the Internet. The problem arises when people not using Exchange receive these attachments: instead of seeing a formatted message, they see a big chunk of UUENCODE data named WINMAIL.DAT, or a section application/ms-tnef if you're using MIME (which is what Communicator uses). These attachments contain only formatting and are not important to the message itself.
For communicating with users of other clients, Exchange contains an option to suppress sending rich text information when mailing them. You may want to contact the person who sends these attachments, and ask them to turn these off for messages sent to you. To do this, they need to double-click on your address and uncheck the box labelled "Send to this recipient in Microsoft rich text format."
I thought that a black hole was just a star that collapsed on itself because there was no matter trying to escape, and therefore just started to,
uhh, suck.:-)
Not exactly. Stars enter other phrases before dying. See The Death of a Star.
Get the Project Gutenberg e-text of Hackers here
on
Hackers
·
· Score: 1
Slashdot Mirror
-
The Wall Street Journal via MSNBC
- CNET
- MSNBC via ZDNet
- Reuters via Yahoo
- The Register
Also Happy Microsoft Day:- Wall Street Journal via MSNBC
- Reuters
- CNNfn
- CNET
- Newsbytes
- AP via ABC News
- Reuters via Excite re: Microsoft Stock Price
- http://www.symantec.com/avcenter/venc/data/w32.hl
l w.qaz.a.html
- F-Secure's Qaz description via datafellows.com
Hope this helps.The most closely related articles to this story could be Affordable Backup Hardware for Today's Systems? and Hardware To Archive/Manage Large Collection Of Images? .
Don Harlow has a huge amount of information about Esperanto, including a detailed history of the more successful auxlangs. There's also a debate on auxlangs.
Windows has a few mutations (see the Windows History Chart, also here), but the number is delta compared to the number of Unix variants.
At Virtual Avenue. I don't know how long it will hold up, but get it while you can.
More information about using Ada with a Java binding can be found in the Ada95 Lovelace Tutorial, Lesson 16.
Jonathan Desp, an early open source nanotech pioneer, might have some insightful comments on this.
Also see Daryl Bender and Ottawa Canada's page, where Darly and Ottawa explain other ways to obtain electric motors.
Just take a look at his homepage.
If you need information about any dialect of BASIC, check out Neozones. Although the main topic of Neozones seems to be QBasic, the forum users know various BASIC dialects and are very helpful.
This is not too supprising, considering that VA Linux (Slashdot's parent company) donated Kuro5hin's hardware.
ZD's Firewalls Alternatip might be useful. Hope this helps.
No need to use Google, the Floppies for Kiddies Recycled Disk Project can be found at floppiesforkiddies.org.
SysInternals's File Monitor, Registry Monitor, VXD Monitor, and TDI Monitor could be useful for detecting and removing Napster's invasive tags.
The correct links of course are here and here.
is here.
here.
- 10.0.0.0 - 10.255.255.255
- 172.16.0.0 - 172.31.255.255
- 192.168.0.0 - 192.168.255.255
172.16.1.1 is in Netherlands too.