Ok, how about executable programs that have lost their resource forks (from being emailed across a Windows server)... how do you restore the properties of that application so that you can run it? You can't "open" an executable from within another application to reset the resource fork. It will "always" show as a PC file, until you use a tool like ResEdit to "fix" it.
It's a pain in the butt, the single most annoying thing I've run into on the Mac... believe me, I've been there!
Has he ever tried to change the file association on a Macintosh file? He mentions how "easy and convenient" it is on a Mac...
On a Mac, without special 3rd-party hack programs (like ResEdit or Snitch), it CANNOT BE DONE AT ALL! Talk about monopoly power!
Man... if he can't handle right-clicking on a file, and selecting his own alternative with the provided "Open With" dialog (recent OS's), then he shouldn't be running a computer at all!
By finding conclusive proof that We Are Not Alone (tm), it profoundly changes the philosophic base of society as a whole.
The specific scientific gains from any "information" received could be great, but more likely it will be meaningless or trivial.
We, as a society, will have to come to terms with the fact that Humankind is not the sole divine purpose for the universe to exist. Similar to Galileo's findings hundreds of years ago, once again we'll have proof that We Are Not The Center Of The Universe (tm).
For those of us that already believe that there is life elsewhere, this will be an amazing turning point. For those who are bound in religious beliefs that don't include any room for such possibilities, there will be great unrest and conflict. However, hopefully, as in the past, religion will slowly incorporate this new evidence into their rote, and move forward.
I, for one, hope that it would be the one single scientific fact that could help unite the world. We're not alone. It's now "humankind versus the Universe", not U.S. versus Afganistan. We've a lot more in common with each other than we do with "them", and it may make our petty differences seem insignificant.
You could set up a nice web hosting business there, with guaranteed security, excellent UPS setup, and most likely a pre-installed fat data pipe (probably laying dormant though).
Did you say nuke-proof? Well, maybe, unless as someone pointed out earlier, the Russians have your home address locked directly into one of their nukes...
Volume: one litre is the volume of 1000 cubic centimeters (i.e. 10cmx10cmx10cm cube). How many of you can tell me how "large" one gallon is, physically? Could you guess how many gallons are in your swimming pool just by the dimensions... in your head?
Kilogram: the mass of one litre of pure water. How much does a gallon of water weigh???
Metric Tonne: the mass of one cubic meter of water. How many Imperial Tons does your swimming pool weigh?
I can easily visualize things in terms of metric units... but it's very difficult to do so with Imperial units. I see this as a great aid in any sort of mental gymnastics.
I wish they'd do something like a shareware program I saw recently did (the Linux "tarpit" software mentioned here last week or so):
require that a specific thing be done to make the software run at all, and hide the details deep in the manual somewhere, so you actually have to read it to get it to work.
Well, the interesting thing is the the "Windows" holes are more "bugs" than general architecture problems. Bugs can be easily fixed (if users patch their machines), and in fact most of the Windows ones already are fixed.
The UNIX holes listed are more fundamental in nature, requiring a significant re-development effort, and in some cases, redefining of protocols and fundamental tools.
Although the Windows "bugs" have been exploited more (and are easier to exploit in general), it'll take longer to address the issues in the UNIX list than those in the Windows list.
Sorry... I'm not a M$ advocate, but it does point out some significant issues that we need to overcome in the UNIX world, and quickly.
If you add GPS (as in the E911 service in the other article today), you not only location-based advertising, but location-based information.
"you're currently at bus stop #445... there will be a bus there in 2.3 minutes, time enough for you to get a coffee at Starbucks, 27m around the corner. There is a lineup of 2 people currently, and average serving time is 43 seconds."
It's not THAT far fetched... and although advertising pays for many of these services, it's not necessarily a bad thing in all cases (if handled right, and opt-in).
I ordered one of these a few weeks ago, and unfortunately it arrived "Dead On Arrival".
I've been talking to a lot of other 2460 owners, and everyone is impressed, but everyone agrees that it can also be a very picky board.
There's been many reports of memory related problems, specifically with some brands of memory. The consensus so far is that Corsair memory has been the most reliable.
Once it's up an running though, there's been nothing but raving reviews.
MadCow... anxiously awaiting my replacement mobo...
>> Mind you, some ISPs and web hosts have provisions in their agreements making sure they can view any data on their machines for whatever reason
And people ask why I choose to run my own mail server at home (on a Linux box of course). I manage my own data because I don't trust anyone else to do it with MY best interests in mind.
Now, they can track any traffic that goes through their server, but without a warrant it's dicier than just looking at mail and such that's stored on their computers. The have to "actively" track my Internet usage to get any real information.
In the long run, nothing is "safe", but at least it's harder to get at if you take care of it yourself.
The original intent of my post was to suggest that the only way for them NOT to get sued is to be BLATANTLY clear that it is not a "normal" CD.
This doesn't mean just ommitting the "CD" logo, it means putting a "warning label" on it of some sort, explaining the differences.
If I market a product that is deceptively similar to a common product, and "let users believe" that it is the same, I am guilty of deceptive marketing and misrepresentation. "Deceptively similar" is the key word... misleading people through similarities to another product and not noting that it's different is as bad as advertising it as something it isn't in the first place.
These products should absolutely be labelled as "non-compatible" with the CD standard if they in any way are not compatible with other CD usages.
This includes playing on a computer. Many of the other "copy protection" schemes make it impossible to use them on a computer of any sort. Others degrade sound quality.
If they're not clearly labelled as such, I could see lawsuits over mis-representation of the product.
You can always do a 1-time distribution of the "reference images" (say, a CD with 1000 images on it), then post images from time to time as needed with the data in them.
You're trusting that the CD's don't get into the wrong hands, obviously, but you're still distributing the messages broadly over an insecure channel. There's also no reliable way to determine if there's data hidden in images posted or not, so Joe-FBI-Agent is clueless.
It's really just a "private key encryption" scheme that is masked to look like something else to the unaware viewer. Nothing fancy, but also very secure unless the reference images are compromised (which is definately a weakness).
I'll use my "method" above to encode a message in an image tonite, and then try out such tools to see what they find. I truly believe that it would be impossible to detect a 1-value change (out of 255), even if it is a regular pattern, due to the noise level apparent in any normal digital photo/scan.
Hey, I'm always willing to be proved wrong, but that's just it, I am the type that needs proof.
If you're interested in trying to "break" such a scheme, let me know and I'll post a link to the image with the hidden text tonite.
If binary "1"s are encoded as "different than original image, and 0's are "same as original image", you could change the pixel value by +/- 1 to suit the general area of the image.
If you look closely at any scanned or digitally captured image, there's always a "noise factor", from sensor gain, etc. A value change of 1 would not be detectable due to a noise level of at least 1 pixel value.
You could also triple your data density by encoding the R, G, and B channels separately. This could potentially be a little more noticable, but not by much. You could also encode them in different orders (rgbrgb... rrrrggggbbbb, whatever order you want) to further encrypt it.
The only images that do not have noise are digitally created images (i.e. rendered, or drawn in a computer). Just JPEG compressing an image causes noise of more than 1 value.
I could write a program to encrypt/decrypt like this in less than 5 minutes... the only problem I can see is distributing the "key images", which would be susceptible to being intercepted. You could always distribute them on a hard medium (CD), and trust that noone is a spy in your group. I'd probably distribute a few hundered "refrence images".
I could easily encode a message into an image, and NOBODY could detect that one was there, even through careful examination... why would this study be accurate?
For example:
-take an original image as a reference
-encode a message into binary 1's and 0's (use encryption if you like, or just the binary ascii equivalent)
-go through the image in a certain direction, and change each pixel value by 1 to encode a binary "1", or leave it alone to encode a binary "0".
-distribute a "reference image" separately that can be used to decode the image (like a key)
-use a simple algorythm to compare the original and reference, which will give you a binary sequence
-decode the binary sequence using whatever method you used to encode it
Unless you have the reference image, you're screwed. Changing RGB values by 0 or 1 will not be detectable, and will easily blend in with the noise of most images.
The only thing you can't do is compress the image with JPEG or other "lossy" compression routines.
How could you detect this? How could you prevent it from being used? You can't, unless you know the reference image. I could post secret messages on the front page of CNN.com and nobody would know (ok, assuming I had access to CNN.com to post an image).
Ok, does that mean that datahavens like Sealand are now suddenly Terrorist cells?
They harbor data, quite possibly for "crackers", along with other "questionable" sources (along with many legitamite ones too). If I were them, I'd be a little worried.
Actually, they're now selling 1-acre plots, but they used to sell 1774 acre plots for the same amount. I only paid for one "plot".
I'm not THAT crazy, ya know!
And yes, I do realize that such a landclaim is extremely sketchy, but it's a fun conversation piece (actual "Lunar Deed"), and if you read their history, they have a quasi-legal claim to the moon (although I'm sure it wouldn't stand up).
Gee, I really don't see what's so hard about most installations on Linux as it is, even without.rpm's or apt-get...
1) untar
2) vi README
3) make test (usually)
4) make config
5) make install
Is that really that hard for joe-user... or will they look at step 2) and panic? "Oh my god, there's instructions... I can't possibly read those and follow them!".
Slashdot Mirror
Ok, how about executable programs that have lost their resource forks (from being emailed across a Windows server)... how do you restore the properties of that application so that you can run it? You can't "open" an executable from within another application to reset the resource fork. It will "always" show as a PC file, until you use a tool like ResEdit to "fix" it.
It's a pain in the butt, the single most annoying thing I've run into on the Mac... believe me, I've been there!
MadCow.
Has he ever tried to change the file association on a Macintosh file? He mentions how "easy and convenient" it is on a Mac...
On a Mac, without special 3rd-party hack programs (like ResEdit or Snitch), it CANNOT BE DONE AT ALL! Talk about monopoly power!
Man... if he can't handle right-clicking on a file, and selecting his own alternative with the provided "Open With" dialog (recent OS's), then he shouldn't be running a computer at all!
MadCow.
By finding conclusive proof that We Are Not Alone (tm), it profoundly changes the philosophic base of society as a whole.
The specific scientific gains from any "information" received could be great, but more likely it will be meaningless or trivial.
We, as a society, will have to come to terms with the fact that Humankind is not the sole divine purpose for the universe to exist. Similar to Galileo's findings hundreds of years ago, once again we'll have proof that We Are Not The Center Of The Universe (tm).
For those of us that already believe that there is life elsewhere, this will be an amazing turning point. For those who are bound in religious beliefs that don't include any room for such possibilities, there will be great unrest and conflict. However, hopefully, as in the past, religion will slowly incorporate this new evidence into their rote, and move forward.
I, for one, hope that it would be the one single scientific fact that could help unite the world. We're not alone. It's now "humankind versus the Universe", not U.S. versus Afganistan. We've a lot more in common with each other than we do with "them", and it may make our petty differences seem insignificant.
Is that not a worthwhile goal?
MadCow.
Yes I play UT... but it probably wasn't me, unless you're REALLY REALLY bad. q:]
MadCow.
You could set up a nice web hosting business there, with guaranteed security, excellent UPS setup, and most likely a pre-installed fat data pipe (probably laying dormant though).
Did you say nuke-proof? Well, maybe, unless as someone pointed out earlier, the Russians have your home address locked directly into one of their nukes...
MadCow
You forgot a few other niceties:
Volume: one litre is the volume of 1000 cubic centimeters (i.e. 10cmx10cmx10cm cube). How many of you can tell me how "large" one gallon is, physically? Could you guess how many gallons are in your swimming pool just by the dimensions... in your head?
Kilogram: the mass of one litre of pure water. How much does a gallon of water weigh???
Metric Tonne: the mass of one cubic meter of water. How many Imperial Tons does your swimming pool weigh?
I can easily visualize things in terms of metric units... but it's very difficult to do so with Imperial units. I see this as a great aid in any sort of mental gymnastics.
MadCow.
I wish they'd do something like a shareware program I saw recently did (the Linux "tarpit" software mentioned here last week or so):
require that a specific thing be done to make the software run at all, and hide the details deep in the manual somewhere, so you actually have to read it to get it to work.
That would be justice. q:]
MadCow.
Well, the interesting thing is the the "Windows" holes are more "bugs" than general architecture problems. Bugs can be easily fixed (if users patch their machines), and in fact most of the Windows ones already are fixed.
The UNIX holes listed are more fundamental in nature, requiring a significant re-development effort, and in some cases, redefining of protocols and fundamental tools.
Although the Windows "bugs" have been exploited more (and are easier to exploit in general), it'll take longer to address the issues in the UNIX list than those in the Windows list.
Sorry... I'm not a M$ advocate, but it does point out some significant issues that we need to overcome in the UNIX world, and quickly.
MadCow.
"G" stands for "general holes"
"W" stands for "Windows holes"
"U" stands for "Unix holes"
G1 - Default installs of operating systems and applications
G2 - Accounts with No Passwords or Weak Passwords
G3 - Non-existent or Incomplete Backups
G4 - Large number of open ports
G5 - Not filtering packets for correct incoming and outgoing addresses
G6 - Non-existent or incomplete logging
G7 - Vulnerable CGI Programs
W1 - Unicode Vulnerability (Web Server Folder Traversal)
W2 - ISAPI Extension Buffer Overflows
W3 - IIS RDS exploit (Microsoft Remote Data Services)
W4 - NETBIOS - unprotected Windows networking shares
W5 - Information leakage via null session connections
W6 - Weak hashing in SAM (LM hash)
U1 - Buffer Overflows in RPC Services
U2 - Sendmail Vulnerabilities
U3 - Bind Weaknesses
U4 - R Commands (rlogin, rsh, rcp)
U5 - LPD (remote print protocol daemon)
U6 - sadmind and mountd
U7 - Default SNMP Strings
MadCow
If you add GPS (as in the E911 service in the other article today), you not only location-based advertising, but location-based information.
"you're currently at bus stop #445... there will be a bus there in 2.3 minutes, time enough for you to get a coffee at Starbucks, 27m around the corner. There is a lineup of 2 people currently, and average serving time is 43 seconds."
It's not THAT far fetched... and although advertising pays for many of these services, it's not necessarily a bad thing in all cases (if handled right, and opt-in).
MadCow.
I ordered one of these a few weeks ago, and unfortunately it arrived "Dead On Arrival".
I've been talking to a lot of other 2460 owners, and everyone is impressed, but everyone agrees that it can also be a very picky board.
There's been many reports of memory related problems, specifically with some brands of memory. The consensus so far is that Corsair memory has been the most reliable.
Once it's up an running though, there's been nothing but raving reviews.
MadCow... anxiously awaiting my replacement mobo...
And people ask why I choose to run my own mail server at home (on a Linux box of course). I manage my own data because I don't trust anyone else to do it with MY best interests in mind.
Now, they can track any traffic that goes through their server, but without a warrant it's dicier than just looking at mail and such that's stored on their computers. The have to "actively" track my Internet usage to get any real information.
In the long run, nothing is "safe", but at least it's harder to get at if you take care of it yourself.
MadCow.
Actually, you can't yet pick up "real" food at McDonalds... let them get past that hurdle first.
MadCow.
The original intent of my post was to suggest that the only way for them NOT to get sued is to be BLATANTLY clear that it is not a "normal" CD.
This doesn't mean just ommitting the "CD" logo, it means putting a "warning label" on it of some sort, explaining the differences.
If I market a product that is deceptively similar to a common product, and "let users believe" that it is the same, I am guilty of deceptive marketing and misrepresentation. "Deceptively similar" is the key word... misleading people through similarities to another product and not noting that it's different is as bad as advertising it as something it isn't in the first place.
MadCow
These products should absolutely be labelled as "non-compatible" with the CD standard if they in any way are not compatible with other CD usages.
This includes playing on a computer. Many of the other "copy protection" schemes make it impossible to use them on a computer of any sort. Others degrade sound quality.
If they're not clearly labelled as such, I could see lawsuits over mis-representation of the product.
INIAL, IAJAMC.
MadCow.
Yes, I agree with you, but...
You can always do a 1-time distribution of the "reference images" (say, a CD with 1000 images on it), then post images from time to time as needed with the data in them.
You're trusting that the CD's don't get into the wrong hands, obviously, but you're still distributing the messages broadly over an insecure channel. There's also no reliable way to determine if there's data hidden in images posted or not, so Joe-FBI-Agent is clueless.
It's really just a "private key encryption" scheme that is masked to look like something else to the unaware viewer. Nothing fancy, but also very secure unless the reference images are compromised (which is definately a weakness).
MadCow.
I'm curious...
I'll use my "method" above to encode a message in an image tonite, and then try out such tools to see what they find. I truly believe that it would be impossible to detect a 1-value change (out of 255), even if it is a regular pattern, due to the noise level apparent in any normal digital photo/scan.
Hey, I'm always willing to be proved wrong, but that's just it, I am the type that needs proof.
If you're interested in trying to "break" such a scheme, let me know and I'll post a link to the image with the hidden text tonite.
MadCow.
I don't agree with you, actually...
If binary "1"s are encoded as "different than original image, and 0's are "same as original image", you could change the pixel value by +/- 1 to suit the general area of the image.
If you look closely at any scanned or digitally captured image, there's always a "noise factor", from sensor gain, etc. A value change of 1 would not be detectable due to a noise level of at least 1 pixel value.
You could also triple your data density by encoding the R, G, and B channels separately. This could potentially be a little more noticable, but not by much. You could also encode them in different orders (rgbrgb... rrrrggggbbbb, whatever order you want) to further encrypt it.
The only images that do not have noise are digitally created images (i.e. rendered, or drawn in a computer). Just JPEG compressing an image causes noise of more than 1 value.
I could write a program to encrypt/decrypt like this in less than 5 minutes... the only problem I can see is distributing the "key images", which would be susceptible to being intercepted. You could always distribute them on a hard medium (CD), and trust that noone is a spy in your group. I'd probably distribute a few hundered "refrence images".
MadCow.
I could easily encode a message into an image, and NOBODY could detect that one was there, even through careful examination... why would this study be accurate?
For example:
-take an original image as a reference
-encode a message into binary 1's and 0's (use encryption if you like, or just the binary ascii equivalent)
-go through the image in a certain direction, and change each pixel value by 1 to encode a binary "1", or leave it alone to encode a binary "0".
-distribute a "reference image" separately that can be used to decode the image (like a key)
-use a simple algorythm to compare the original and reference, which will give you a binary sequence
-decode the binary sequence using whatever method you used to encode it
Unless you have the reference image, you're screwed. Changing RGB values by 0 or 1 will not be detectable, and will easily blend in with the noise of most images.
The only thing you can't do is compress the image with JPEG or other "lossy" compression routines.
How could you detect this? How could you prevent it from being used? You can't, unless you know the reference image. I could post secret messages on the front page of CNN.com and nobody would know (ok, assuming I had access to CNN.com to post an image).
MadCow.
C'mon, get back to the point. q:]
Ok, does that mean that datahavens like Sealand are now suddenly Terrorist cells?
They harbor data, quite possibly for "crackers", along with other "questionable" sources (along with many legitamite ones too). If I were them, I'd be a little worried.
MadCow.
Actually, I believe that the same company DOES sell plots on Mars too.
q:]
Actually, they're now selling 1-acre plots, but they used to sell 1774 acre plots for the same amount. I only paid for one "plot".
I'm not THAT crazy, ya know!
And yes, I do realize that such a landclaim is extremely sketchy, but it's a fun conversation piece (actual "Lunar Deed"), and if you read their history, they have a quasi-legal claim to the moon (although I'm sure it wouldn't stand up).
MadCow.
Don't believe me? Go buy your own plot at www.lunarembassy.com !!
q:]
MadCow
Gee, I really don't see what's so hard about most installations on Linux as it is, even without .rpm's or apt-get...
1) untar
2) vi README
3) make test (usually)
4) make config
5) make install
Is that really that hard for joe-user... or will they look at step 2) and panic? "Oh my god, there's instructions... I can't possibly read those and follow them!".
If you don't like soup, stay out of the kitchen.
q:]
MadCow.