Remember getting the secret decoder in the cereal box? Remember making up secret codes in school to pass notes? I wonder when the encryption laws are going to get so strict in some places that even that will be illegal.
I just installed the plug-in here at my work. And the samples are keeping me extremely entertained. It's pretty neat, a little better than javascript i'd say.
This isn't the first time that Mac has decided to drop their lawyer brigade on someone that might be infringing on their copyrights with design. Another story I remember a while back, link to the slashdot story here, They were suing other companies for producing what macintosh said were "iMac clones". I can't remember, but I think in one of the articles, they're reason for suing the iMac clone companies, was because they "did not want to confuse they're customers."
And this isn't even the first time macintosh has gotten on themes.org. Look at this older slashdot story here.
For those who are crazy about macintosh themes, check this link here. It's an FTP site that has a variety of different themes including a few Aqua themes. I suppose that macintosh hasn't seen them yet, otherwise they'd be getting requested to remove their material as well.
I agree, most people are decent, but there are those that feel that they should be able to do whatever they want, not caring who it might hurt in the end.
If Silencers for guns were available to the public, it would make it 90% easier to snipe off your worst enemy and make it that much harder to get caught. You could be gone from the scene long before someone figures out a gun was fired. But it is hard to obtain a silencer, so it makes it harder to get away with crimes involving firearms
Now I am not saying that people won't break laws if they know they can get caught, but proving anonymity service would just make it easier.
wouldn't it be great to be a bank robber and just be able to stroll into the bank, take the money, take a seat in the bank and count your loot? Then just kinda stroll out, stop by the convenience store across the street and pick up a pack of smokes?
Bank robbing is nothing like this, it still happens though, but because it's not that easy to rob a bank, it doesn't happen as often as it could.
You have a valid point against mine. I agree that there are laws that shouldn't exist, and that sometimes it is necessary to break the law, in which case, anonymity would become a tool in helping to progress society. But that is rare. In a case of total IP Anonymity, you would have the majority of people Spamming, Hacking, DoS'ing and other things that would become a pain in the ass. It's bad enough right now with spammers that can't hide their IP's. Imagine being able to set up your own SMTP server running behind an anonymous network doing nothing but mailing 24/7. And if it's totally anonymous, then whoever supplying the service would have no right to monitor what you are doing. That is why I don't agree that it would be a good idea, for those that need to be anonymous, there are plenty of ways out there. But for a service like this to be offered out, it would just turn bad.
I just monitor and take action on the activity monitored by our IDS engines. We monitor 124 IDS' across the country. I do not administrate anything behind those IDS's nor do I have any jurisdiction of what is behind them. I don't even know what is behind them. If i see an event, my job is to find out if anything has been affected. and if it is I have to make sure that the source network can no longer reach any of our networks for the time it takes to isolate and fix the problem with the affected destination. Blocking anonymizer.com is just plain stupid.
(I'm probably going to get flamed for this post) When you walk down the street you can't just put on a "Generic Pedestrian Mask" and be anonymous to the world. Same with online, even though your IP address is shown to the world, as long as you configure stuff right, that's all that is seen. Who can put an IP address to a name/face/identity unless they research through your ISP? No one does that anyways unless you give them a reason to. The only reason people strive for anonymity on the net is because they know they are doing something they shouldn't be doing. If no one was breaking the rules, then there'd be no problem. I understand that there are plenty of paranoid conspiracy theorists out there who believe that if they go to a site that contains literature on illegal activity, that the CIA is going to log that and continue to monitor everything that person does. I don't believe that because I think government organizations have better things to do than worry about what some joe schmoe is reading about. If you could go on the internet and have absolutely no worry about anyone ever finding out who you are, then you are free to do whatever you want, including hacking, denial of service and other things that get really annoying. One complaint I have about anonymizer.com is all the people using it to exploit IIS's Unicode exploit. Where I work, when that happens, we can't do anything about it. That is why I don't agree that people should be anonymous. Just don't do anything wrong.
I am a contractor working for the US Army handling events that are caught by the Intrusion Detection System used to monitor the network activity. These are the events that are part of these statistics in the article. The IDS used in ISS Real Secure, It has quite a bit of signatures and It works well for network level security for the Army's WAN. One thing about Real Secure though is that it's threshold for portscans is buggy. 30 seperate probes have to be detected within 15 seconds in order to trigger a Port Scan event. With NMAP, as long as you don't use the -0 switch, you actually have to work harder in order to get it to show! So the only scans that are detected are the script kiddies running their uber-windows scanning toolz, and it saddens me that they throw these statistics in as "hacker events".
One thing I can say for the DoD, is that their SIPRNet (Secure IP Router Network) or classified network, is pretty damn secure. What secures it first hand is that it is completely isolated from the internet. There are absolutely no connections crossing the SIPRNet/Internet. Physical security is also extremely tight around just workstations for this network. That would explain though why there really haven't been too many reported cases of intrusions into the SIPRNet from the outside, pretty much the only possibility of a threat to that network would be disgruntled employees.
Microsoft is a large corporation. I am not going to try to dog on them or anything, I will give it to them that they probably have a lot to worry about and security response probably doesn't get the same reaction time as a smaller corporation would. A source like BugTraq which helps make the IT world more aware of vulnerabilities and how to guard against them would be a huge benefit for a place like microsoft. It should be more comfort to them that more people can secure themselves against their own bugs. They are obviously profit-oriented, so how does controlling the source of knowledge help them? It really doesn't make any sense to me that they would try to control their bulletins issued like that. It really won't hurt bugtraq any though, microsoft is usually the last person to release anything about their own vulnerabilites.
Since the DoD is going to save the iridium project, they might as well need some ideas as to what to do with them. I was thinking something along the lines of:
Turning them into a television service that broadcasts "Ishtar" to puerto rico 24 hours a day, 7 days a week
Streaming porn service for RV'ers across the nation
Mozilla is great and all, but every version I run into problems with Shockwave flash files. I am a frequenter of the simple humor on www.joecartoon.com and it Never loads the site correctly. Has anyone else run into this problem?
Nevermind... I saw the part where it said Although these vulnerabilities are not new, this recent activity warrants additional attention by system administrators.
next time i'll read the article a bit more carefully
The NIPC is way behind the times. These exploits have been out for a while now, they are nothing new. Just because a certain ammount of sites are getting hit just recently doesn't mean that extra precaution should be made now. The precautions should have been taken a long time ago. Microsoft can put out some pretty secure stuff if the gaping holes like the MDAC vulnerability are closed. They forgot an even bigger IIS vulnerability as well. The new UNICODE vulnerability affects IIS 4.0 and IIS 5.0. It's the easiest vulnerability that I have seen yet. http://target/scripts/..%c0%af../winnt/system32/cm d.exe?/c+dir. Sorry to come off strong, but if people would just pay attention to the resources out there like www.securityfocus.com then articles like these wouldn't be so common.......dick
Just because I have a bigger better box, doesn't mean I want bigger memory hogging applications to use everything. I buy faster hardware to run applications faster, not to run newer, huge programs that eat up more memory than ever concieved. You can run your huge new applications, i will stick to the older ones that work.......dick
ICQ wouldn't be the best choice, no matter who they're owned by. First of all the newest version of ICQ's installation file is 5 megs, uncompressed it takes about 7-8 megs of disk space (just for a messenger program). That and it isn't the most secure IM application either. I found this link on www.securityfocus.com which lets other people access your account. It only affects the user locally, but look at how many college computer labs have ICQ installed on them........
Kinda netscape related. I was searching around www.abandonkeep.com and found netscape version 0.9.. It doesn't load very many pages, but it was weird remembering what graphical webbing used to be like.
This article goes in conjunction with the Heaven's Gate revivalist's discovery of four new god powered spaceships that will take them and 3 following generations to the planet of eternal peace. The transition stage (mass suicide) should occur sometime in the next few months.
I used to take apart all sorts of computer parts that weren't supposed to be taken apart in highschool. I would also try to find the most creative way to destroy computer components that didn't work that great anymore. A few of the ways I wasted time in class were:
Using a hard drive while it is open (only lasts about 15-20 minutes)
Crossing 120 volts to various leads on the motherboard and watch what parts in between start smoking
Using about 12 different scan disk programs on an older 386 and see how long the drive lasts
Hotswapping everything.....
I probably had way too much time on my hands, but I got an A in that class.
Slashdot Mirror
a = n
b = o
and so on, read this post if you don't feel like deciphering right now.
Remember getting the secret decoder in the cereal box? Remember making up secret codes in school to pass notes? I wonder when the encryption laws are going to get so strict in some places that even that will be illegal.
...
E DXWVPONHGF
A=ZYX
B=YXW
GFESRQVUT123TSRLKJEDCVUTIHGMLKNMLVUTMLKGFE123HGFF
I just installed the plug-in here at my work. And the samples are keeping me extremely entertained. It's pretty neat, a little better than javascript i'd say.
This isn't the first time that Mac has decided to drop their lawyer brigade on someone that might be infringing on their copyrights with design. Another story I remember a while back, link to the slashdot story here, They were suing other companies for producing what macintosh said were "iMac clones". I can't remember, but I think in one of the articles, they're reason for suing the iMac clone companies, was because they "did not want to confuse they're customers."
And this isn't even the first time macintosh has gotten on themes.org. Look at this older slashdot story here.
For those who are crazy about macintosh themes, check this link here. It's an FTP site that has a variety of different themes including a few Aqua themes. I suppose that macintosh hasn't seen them yet, otherwise they'd be getting requested to remove their material as well.
10 Ghz???? shouldn't they perfect the 1.13 Ghz first?
I agree, most people are decent, but there are those that feel that they should be able to do whatever they want, not caring who it might hurt in the end.
If Silencers for guns were available to the public, it would make it 90% easier to snipe off your worst enemy and make it that much harder to get caught. You could be gone from the scene long before someone figures out a gun was fired. But it is hard to obtain a silencer, so it makes it harder to get away with crimes involving firearms
Now I am not saying that people won't break laws if they know they can get caught, but proving anonymity service would just make it easier.
wouldn't it be great to be a bank robber and just be able to stroll into the bank, take the money, take a seat in the bank and count your loot? Then just kinda stroll out, stop by the convenience store across the street and pick up a pack of smokes?
Bank robbing is nothing like this, it still happens though, but because it's not that easy to rob a bank, it doesn't happen as often as it could.
that's pretty much my point
You have a valid point against mine. I agree that there are laws that shouldn't exist, and that sometimes it is necessary to break the law, in which case, anonymity would become a tool in helping to progress society. But that is rare. In a case of total IP Anonymity, you would have the majority of people Spamming, Hacking, DoS'ing and other things that would become a pain in the ass. It's bad enough right now with spammers that can't hide their IP's. Imagine being able to set up your own SMTP server running behind an anonymous network doing nothing but mailing 24/7. And if it's totally anonymous, then whoever supplying the service would have no right to monitor what you are doing. That is why I don't agree that it would be a good idea, for those that need to be anonymous, there are plenty of ways out there. But for a service like this to be offered out, it would just turn bad.
I just monitor and take action on the activity monitored by our IDS engines. We monitor 124 IDS' across the country. I do not administrate anything behind those IDS's nor do I have any jurisdiction of what is behind them. I don't even know what is behind them. If i see an event, my job is to find out if anything has been affected. and if it is I have to make sure that the source network can no longer reach any of our networks for the time it takes to isolate and fix the problem with the affected destination. Blocking anonymizer.com is just plain stupid.
(I'm probably going to get flamed for this post) When you walk down the street you can't just put on a "Generic Pedestrian Mask" and be anonymous to the world. Same with online, even though your IP address is shown to the world, as long as you configure stuff right, that's all that is seen. Who can put an IP address to a name/face/identity unless they research through your ISP? No one does that anyways unless you give them a reason to. The only reason people strive for anonymity on the net is because they know they are doing something they shouldn't be doing. If no one was breaking the rules, then there'd be no problem. I understand that there are plenty of paranoid conspiracy theorists out there who believe that if they go to a site that contains literature on illegal activity, that the CIA is going to log that and continue to monitor everything that person does. I don't believe that because I think government organizations have better things to do than worry about what some joe schmoe is reading about. If you could go on the internet and have absolutely no worry about anyone ever finding out who you are, then you are free to do whatever you want, including hacking, denial of service and other things that get really annoying. One complaint I have about anonymizer.com is all the people using it to exploit IIS's Unicode exploit. Where I work, when that happens, we can't do anything about it. That is why I don't agree that people should be anonymous. Just don't do anything wrong.
I work here, I am looking at it now. It is not shadow. =)
I am a contractor working for the US Army handling events that are caught by the Intrusion Detection System used to monitor the network activity. These are the events that are part of these statistics in the article. The IDS used in ISS Real Secure, It has quite a bit of signatures and It works well for network level security for the Army's WAN. One thing about Real Secure though is that it's threshold for portscans is buggy. 30 seperate probes have to be detected within 15 seconds in order to trigger a Port Scan event. With NMAP, as long as you don't use the -0 switch, you actually have to work harder in order to get it to show! So the only scans that are detected are the script kiddies running their uber-windows scanning toolz, and it saddens me that they throw these statistics in as "hacker events".
One thing I can say for the DoD, is that their SIPRNet (Secure IP Router Network) or classified network, is pretty damn secure. What secures it first hand is that it is completely isolated from the internet. There are absolutely no connections crossing the SIPRNet/Internet. Physical security is also extremely tight around just workstations for this network. That would explain though why there really haven't been too many reported cases of intrusions into the SIPRNet from the outside, pretty much the only possibility of a threat to that network would be disgruntled employees.
Microsoft is a large corporation. I am not going to try to dog on them or anything, I will give it to them that they probably have a lot to worry about and security response probably doesn't get the same reaction time as a smaller corporation would. A source like BugTraq which helps make the IT world more aware of vulnerabilities and how to guard against them would be a huge benefit for a place like microsoft. It should be more comfort to them that more people can secure themselves against their own bugs. They are obviously profit-oriented, so how does controlling the source of knowledge help them? It really doesn't make any sense to me that they would try to control their bulletins issued like that. It really won't hurt bugtraq any though, microsoft is usually the last person to release anything about their own vulnerabilites.
Since the DoD is going to save the iridium project, they might as well need some ideas as to what to do with them. I was thinking something along the lines of:
Turning them into a television service that broadcasts "Ishtar" to puerto rico 24 hours a day, 7 days a week
Streaming porn service for RV'ers across the nation
Anonymous spam remailer
seti?
Mozilla is great and all, but every version I run into problems with Shockwave flash files. I am a frequenter of the simple humor on www.joecartoon.com and it Never loads the site correctly. Has anyone else run into this problem?
Nevermind... I saw the part where it said Although these vulnerabilities are not new, this recent activity warrants additional attention by system administrators.
next time i'll read the article a bit more carefully
The NIPC is way behind the times. These exploits have been out for a while now, they are nothing new. Just because a certain ammount of sites are getting hit just recently doesn't mean that extra precaution should be made now. The precautions should have been taken a long time ago. Microsoft can put out some pretty secure stuff if the gaping holes like the MDAC vulnerability are closed. They forgot an even bigger IIS vulnerability as well. The new UNICODE vulnerability affects IIS 4.0 and IIS 5.0. It's the easiest vulnerability that I have seen yet. http://target/scripts/..%c0%af../winnt/system32/cm d.exe?/c+dir. Sorry to come off strong, but if people would just pay attention to the resources out there like www.securityfocus.com then articles like these wouldn't be so common.......dick
Just because I have a bigger better box, doesn't mean I want bigger memory hogging applications to use everything. I buy faster hardware to run applications faster, not to run newer, huge programs that eat up more memory than ever concieved. You can run your huge new applications, i will stick to the older ones that work.......dick
I found a link off of www.space.com of pictures of some of the evidence of oceans on mars. It also has many more interesting pictures.
ICQ wouldn't be the best choice, no matter who they're owned by. First of all the newest version of ICQ's installation file is 5 megs, uncompressed it takes about 7-8 megs of disk space (just for a messenger program). That and it isn't the most secure IM application either. I found this link on www.securityfocus.com which lets other people access your account. It only affects the user locally, but look at how many college computer labs have ICQ installed on them........
Commencing countdown, major ken.......
That's pretty cool, if you know of any more abandonware sites, let me know.
Kinda netscape related. I was searching around www.abandonkeep.com and found netscape version 0.9.. It doesn't load very many pages, but it was weird remembering what graphical webbing used to be like.
This article goes in conjunction with the Heaven's Gate revivalist's discovery of four new god powered spaceships that will take them and 3 following generations to the planet of eternal peace. The transition stage (mass suicide) should occur sometime in the next few months.
I used to take apart all sorts of computer parts that weren't supposed to be taken apart in highschool. I would also try to find the most creative way to destroy computer components that didn't work that great anymore. A few of the ways I wasted time in class were:
Using a hard drive while it is open (only lasts about 15-20 minutes)
Crossing 120 volts to various leads on the motherboard and watch what parts in between start smoking
Using about 12 different scan disk programs on an older 386 and see how long the drive lasts
Hotswapping everything.....
I probably had way too much time on my hands, but I got an A in that class.