"declared that the GPL violates the US copyright law and is thus null and void"
i hereby declare that earth is flat and the sun rotates around earth - does that make earth flat or does it make me look stupid ?
even if GPL should violate the US copyright law, does it also violate Finland copyright law?
if the GPL is "null and void", doesn't standard copyright apply - which gives you the right to release the code under any license you like (probably including the GPL:-) ?
any program you can crash by feeding invalid data has a (possibly exploitable) security problem, so there hardly is any program not vulnerable.
try to feed word or excel corrupted.doc or.xls files and see what happens, try to load corrupted images in photoshop or gimp.
probably that's no problem if you don'r read files not produced by your own programs, are not connected to any network and are the only one to access your compuert:-)
80% effect - easy and low maintainance: - several RBL sources (dsbl.org, spamcop.net, spamhaus.org, etc.) - geographical information (china, korea, etc.) - listings of spammy providers (XO, RR, COMCAST, ATT, UUNET) and countries (CN, KR, etc) from blackholes.us - some netblocks semms to send spam only: 4/8 (genuity ), 12/8 (ATT), 218/8 and 61.156 (china), more to come whenever
20% maintainance required: - add/24 or/16 netblocks of persistent spam sources (thanks to postfix for the logs:-), dialups and proxy sources - block spammy domains (libero.it, daily-promotions.net, adelphia.net, etc.) - use some spambait addresses (nobody has any reason to sent mail to users who left years ago or to role accounts abandoned for a long time) and add any mail senders/24 block
enjoy the 5 or 10 spams coming through per week and complain to providers if local, otherwise add to block list.
Now, I must also ask, if SuSE will be supporting their distro for 6 years, what is Munich left with after that? No support for their distro...same boat. A call to Redhat isn't going to do them any good (I don't think anyone is deluded enough to think that Redhat will support a 6 year old version of a competitor's distro).
I'm afraid you didn't quite understand one of the nice advantages of open source software. if you want support you can buy it from anyone, not only from one company.
You could even hire someone to support OSS for 10 years or your own IT department could learn the necessary skills and you're completely free to do whatever you like.
Some people just love being free and are willing to shell out some bucks for it:-)
> Because SysAds should not be putting > lame requirements on their users
As long as "SysAds" ( [Sys]tem [Ad]vertisement[s]:-) have to take responsibility for the systerms they manage, fix any "communication enablers" (a.k.a. trojans, keyloggers, backdoors, etc.) and "self replicating features" they have the duty to impose some restrictions on their users if they need.
> I'm a SysAd and I think that is bull. Errare humanum est.
Assigining the same IP address each and every time doesn't sound very "dynamic" to me. Using DHCP to assign the address doesn't make the IP dynamic.:-)
Actually i DO know it by now:
Just install linux and offer some support.
(Some people even recommend to stop supporting WinDos and offer help for Linux only:-)
Did it for a friend a month ago and the result is: WinDos is used to play games now, Linux does WWW, mail, multimedia etc.
Time for linux games now, then i can claim some more space for ext3:-)
> ``I don't know what you do [...] except > to out-innovate the Linux community.''
Hmmm - usually M$ has the reputation to out-innovate competitors by a) including the same features "for free" in the next release of Windows b) buying the product/company.
Oh, and don't even think about using a different DNS server..
After jumping through some M$-loops(tm) and tweaking/etc/named.conf (make bind forget some RFCs and standards and play with DDNS updates) i managed to get our PDS talk to linux DNS, but it was far from funny and took (LOTS) more time than i had planned.
me: "hmmmm... DNS is a a stable standard, so it shouldn't be that tricky"
reality: "dooooh - wrong answer!"
Abort [Retry] Ignore:-)
--
Hofstadter's Law: It always takes longer than you expect, even when you take Hofstadter's Law into account.
> I wasn't aware security was a big > issue in gaming consoles.
Security has it's place in THIS gaming console
a) it's intended to be connected to the internet b) it has a HDD
imagine someone writes a nice virus/worm with evil intentions (e.g. download a tiny linux distro, and then take over your XBox , store child pronography on you HDD or start a DOS on www.microsoft.com:-)
> He later acknowledged that some Microsoft > code was so flawed it could not be safely > disclosed.
a) we better hire 100 cheap law benders (@4K/hr each) and donate some bucks to our preferred lobby group (and some donations to a political party or two can't hurt) to keep the bugs in the code, but we shouldn't start hiring 200 testers and 200 decent programmers (@1K/hr each) and begin squashing some bugs threatening our national security
b) where has the MS 'bug resolution month' gone ? wasn't there a supposed change in quality ? oh, i forgot - that came from the marketing gurus ("FUD-departemnt")
c) suppose terrorists and criminal crackers won't simply sign our "shared source" agreements and then do whatever they want - they wouldn't break the law, would they ?
d) security by obscurity has always been better than actually fixing buggy code. nobody finds those bugs anyways (Guninsky doesn't exist, nobody reads (nt)bugtraq anyways, the insecure.org website is unreachable, etc.)
e) how could we convince the crowd to buy our new, innovative and improved releases (a.k.a bugfixes users have to pay for) year by year ?
f) NASA (or was it NSA?:-) would like us to continue delivering security by obscurity to our friends all over the world for more effective information exchange (not sure about the direction information flows *G*)
> He later acknowledged that some Microsoft > code was so flawed it could not be safely > disclosed.
a) we better hire 100 cheap law benders (@4K/hr each) and donate some bucks to our preferred lobby group (and some donations to a political party or two can't hurt) to keep the bugs in the code, but we shouldn't start hiring 200 testers and 200 decent programmers (@1K/hr each) and begin squashing some bugs threatening our national security
b) where has the MS 'bug resolution month' gone ? wasn't there a supposed change in quality ? oh, i forgot - that came from the marketing gurus ("FUD-departemnt")
c) suppose terrorists and criminal crackers won't simply sign their "shared source" agreements and then do whatever they want - they wouldn't break the law and just spit on that agreement, would they ?
d) security by obscurity has always been better than actually fixing buggy code
e) how could we convince the crowd to buy our new, innovative and improved releases (a.k.a bugfixes users have to pay for) year by year ?
f) NASA (or was it NSA?:-) would like us to continue delivering security by obscurity to our friends all over the world for more effective information exchange (not sure about the direction information flows *G*)
> He later acknowledged that some Microsoft > code was so flawed it could not be safely > disclosed.
a) we better hire 100 cheap law benders (@4K/hr each) and donate some bucks to our preferred lobby group (and some donations to a political party or two can't hurt) to keep the bugs in the code, but we shouldn't start hiring 200 testers and 200 chief programmers (@1K/hr each) to begin getting the bugs out
b) where has the MS 'bug resolution month' gone ? wasn't there a supposed change in quality ? oh, i forgot - that came from the marketing gurus ("FUD-departemnt")
c) suppose terrorists and criminal crackers won't simply sign their "shared source" agreements and then do whatever they want - they wouldn't break the law and just spit on that agreement, would they ?
d) security by obscurity has always been better than actually fixing buggy code
e) how could we convince the crowd to buy our new, innovative and improved releases (a.k.a bugfixes users have to pay for) year by year ?
Proxomitron gives (almost) full control to you and is much fun. Replacing ads from spamspamspam.com by a nice "[spamspamspam sucks]" message makes you smile and saves bandwidth by not downloading their crappy images.
Hate a new popup provider ? Just hack a small filter regexp to find (and replace by "This banner killed by Proximitron":-) and send to the Proximitron site to share with others.
Recommended !
In addition turn off scripting and active content - we want information, not flashing and beeping nonsense eating up bandwidth.
True, there is someone to blame if you buy at M$, IBM, Sun et al.
but...
- does complaining fix your problem ?
- do you have any guarantees anyone cares ?
Just use the source - or hire someone to do it for you - and you CAN squash the bug and nobody can stop you from doing it.
Just tell your boss "the EULA doesn't allow reverse engineering, and they ignore our reports - we are out of luck"
Slashdot Mirror
any program you can crash by feeding invalid data has a (possibly exploitable) security problem, so there hardly is any program not vulnerable.
.doc or .xls files and see what happens, try to load corrupted images in photoshop or gimp.
:-)
try to feed word or excel corrupted
probably that's no problem if you don'r read files not produced by your own programs, are not connected to any network and are the only one to access your compuert
... Money for nothing and logs for free.
/24 or /16 netblocks of persistent spam sources (thanks to postfix for the logs :-), dialups and proxy sources /24 block
98% block rate: RBL + custom rules
80% effect - easy and low maintainance:
- several RBL sources (dsbl.org, spamcop.net, spamhaus.org, etc.)
- geographical information (china, korea, etc.)
- listings of spammy providers (XO, RR, COMCAST, ATT, UUNET) and countries (CN, KR, etc) from blackholes.us
- some netblocks semms to send spam only: 4/8 (genuity ), 12/8 (ATT), 218/8 and 61.156 (china), more to come whenever
20% maintainance required:
- add
- block spammy domains (libero.it, daily-promotions.net, adelphia.net, etc.)
- use some spambait addresses (nobody has any reason to sent mail to users who left years ago or to role accounts abandoned for a long time) and add any mail senders
enjoy the 5 or 10 spams coming through per week and complain to providers if local, otherwise add to block list.
Either they: :-)
- fake the sender
- do not read their bounces
- don't exist and you invented this
I'm afraid you didn't quite understand one of the nice advantages of open source software. if you want support you can buy it from anyone, not only from one company.
You could even hire someone to support OSS for 10 years or your own IT department could learn the necessary skills and you're completely free to do whatever you like.
Some people just love being free and are willing to shell out some bucks for it
> Because SysAds should not be putting
:-) have to take responsibility for the systerms they manage, fix any "communication enablers" (a.k.a. trojans, keyloggers, backdoors, etc.) and "self replicating features" they have the duty to impose some restrictions on their users if they need.
> lame requirements on their users
As long as "SysAds" ( [Sys]tem [Ad]vertisement[s]
> I'm a SysAd and I think that is bull.
Errare humanum est.
Assigining the same IP address each and every time doesn't sound very "dynamic" to me. Using DHCP to assign the address doesn't make the IP dynamic. :-)
(Some people even recommend to stop supporting WinDos and offer help for Linux only
Did it for a friend a month ago and the result is: WinDos is used to play games now, Linux does WWW, mail, multimedia etc.
Time for linux games now, then i can claim some more space for ext3
> ``I don't know what you do [...] except
> to out-innovate the Linux community.''
Hmmm - usually M$ has the reputation to out-innovate competitors by
a) including the same features "for free" in the next release of Windows
b) buying the product/company.
Where Do You Want to Go Today?
me: "hmmmm
reality: "dooooh - wrong answer!"
Abort [Retry] Ignore
--
Hofstadter's Law: It always takes longer than you expect, even when you take Hofstadter's Law into account.
> Europe is probably the only hope for sanity.
:-)
EU and time
Time is on my side, yes it is
Time is on my side, yes it is
-- ROLLING STONES
> Does the link even need to be clicked? Wouldn't a do the trick?
:-)
just enable JavaScript and you're done
> I wasn't aware security was a big
:-)
> issue in gaming consoles.
Security has it's place in THIS gaming console
a) it's intended to be connected to the internet
b) it has a HDD
imagine someone writes a nice virus/worm with evil intentions (e.g. download a tiny linux distro, and then take over your XBox , store child pronography on you HDD or start a DOS on www.microsoft.com
> He later acknowledged that some Microsoft
:-) would like us to continue delivering security by obscurity to our friends all over the world for more effective information exchange (not sure about the direction information flows *G*)
:-)
> code was so flawed it could not be safely
> disclosed.
a) we better hire 100 cheap law benders (@4K/hr each) and donate some bucks to our preferred lobby group (and some donations to a political party or two can't hurt) to keep the bugs in the code, but we shouldn't start hiring 200 testers and 200 decent programmers (@1K/hr each) and begin squashing some bugs threatening our national security
b) where has the MS 'bug resolution month' gone ? wasn't there a supposed change in quality ? oh, i forgot - that came from the marketing gurus ("FUD-departemnt")
c) suppose terrorists and criminal crackers won't simply sign our "shared source" agreements and then do whatever they want - they wouldn't break the law, would they ?
d) security by obscurity has always been better than actually fixing buggy code. nobody finds those bugs anyways (Guninsky doesn't exist, nobody reads (nt)bugtraq anyways, the insecure.org website is unreachable, etc.)
e) how could we convince the crowd to buy our new, innovative and improved releases (a.k.a bugfixes users have to pay for) year by year ?
f) NASA (or was it NSA?
-- TROLL - DO NOT FEED
> He later acknowledged that some Microsoft
:-) would like us to continue delivering security by obscurity to our friends all over the world for more effective information exchange (not sure about the direction information flows *G*)
:-)
> code was so flawed it could not be safely
> disclosed.
a) we better hire 100 cheap law benders (@4K/hr each) and donate some bucks to our preferred lobby group (and some donations to a political party or two can't hurt) to keep the bugs in the code, but we shouldn't start hiring 200 testers and 200 decent programmers (@1K/hr each) and begin squashing some bugs threatening our national security
b) where has the MS 'bug resolution month' gone ? wasn't there a supposed change in quality ? oh, i forgot - that came from the marketing gurus ("FUD-departemnt")
c) suppose terrorists and criminal crackers won't simply sign their "shared source" agreements and then do whatever they want - they wouldn't break the law and just spit on that agreement, would they ?
d) security by obscurity has always been better than actually fixing buggy code
e) how could we convince the crowd to buy our new, innovative and improved releases (a.k.a bugfixes users have to pay for) year by year ?
f) NASA (or was it NSA?
-- TROLL - DO NOT FEED
> He later acknowledged that some Microsoft
> code was so flawed it could not be safely
> disclosed.
a) we better hire 100 cheap law benders (@4K/hr each) and donate some bucks to our preferred lobby group (and some donations to a political party or two can't hurt) to keep the bugs in the code, but we shouldn't start hiring 200 testers and 200 chief programmers (@1K/hr each) to begin getting the bugs out
b) where has the MS 'bug resolution month' gone ? wasn't there a supposed change in quality ? oh, i forgot - that came from the marketing gurus ("FUD-departemnt")
c) suppose terrorists and criminal crackers won't simply sign their "shared source" agreements and then do whatever they want - they wouldn't break the law and just spit on that agreement, would they ?
d) security by obscurity has always been better than actually fixing buggy code
e) how could we convince the crowd to buy our new, innovative and improved releases (a.k.a bugfixes users have to pay for) year by year ?
ouch - my head hurts !
> No. Life's short, play more.
Running Linux on XBox might be more fun than playing to some folks (looky here !)
Proxomitron gives (almost) full control to you and is much fun. Replacing ads from spamspamspam.com by a nice "[spamspamspam sucks]" message makes you smile and saves bandwidth by not downloading their crappy images. :-) and send to the Proximitron site to share with others.
Hate a new popup provider ? Just hack a small filter regexp to find (and replace by "This banner killed by Proximitron"
Recommended !
In addition turn off scripting and active content - we want information, not flashing and beeping nonsense eating up bandwidth.
True, there is someone to blame if you buy at M$, IBM, Sun et al.
...
but
- does complaining fix your problem ?
- do you have any guarantees anyone cares ?
Just use the source - or hire someone to do it for you - and you CAN squash the bug and nobody can stop you from doing it.
Just tell your boss "the EULA doesn't allow reverse engineering, and they ignore our reports - we are out of luck"
and the problem will go away
very clever idea - do not publish errors and they don't happen, make security research illegal and there will be no computer crime,
--
This is Linux country. On a quiet night, you can hear NT re-boot.