The simple solution to this is to use https: url's whenever possible. Without the private key, your ISP can't manipulate the traffic (and still have it be valid).
The Recording Industry Association of America says it is targeting 68 people on University of Wisconsin System campuses for litigation over copyright infringements.
According to eweek: Thompson also suggested implanting military personnel with the chips to replace dog tags. Though he hasn't quite gotten around to being chipped himself.
Sticking out like a sore thumb?
on
Peek-a-Boo(ty)
·
· Score: 1
Wouldn't running this software cause you to stick out like a sore thumb?
For example, consider that you are currently in an environment that you have connectivity out to the world, but it is monitored. Once you connect, won't some fraction of the "anonomized" traffic come through you?
At some point, if you are trying to view a website with potentially objectionable material, a clear connection has to come from somewhere, and if someone else's connection comes from you, the gestapo could come looking for you.
Once I started looking at Snort, I became very afraid of what is possible. NIDS is a wonderful thing, but if used in the wrong way it could become a good tool for someone wanting to be big brother....
Actually as the email admin for a fairly large group (over 5k+ users). One of the biggest methods for getting spam: Your user name.
Thats right, if you happen to be jeff@somewhere.com or sally@somewhereelse.com or bill@ or steve@ or smith@ or jones@ your gonna get a lot of spam. They try every username they have ever seen on anybody's server -- on your server.
A big problem is that a lot of people leave EXPN (expand) on their sendmail servers turned on. That means joe spammer can go to your server and try expanding every common username on his list and quickly he can get every user on the system to spam. Even if that is turned off, during the normal SMTP process, sendmail will generate an error code if the username is invalid... which means they can cancel that email and try the next name.
This and a lot more spam-avoidance stuff can be found in Brett Glass's paper Stopping Spam and Trojan Horses with BSD, which contains a lot of good information, even if you are not using BSD.
--
I hack my machines regularly. Video cards and occasionally motherboards move on a 6-month to 1-year basis. I also reformat my partition every 3 months for Windows, every 6 months for Linux. Does this mean I'll have to be constantly calling in to get new keys? That's just ridiculous.
Which is probably what is going to make it fail. The problem with this will be that as hordes and hordes of people call up Microsoft to get new keys, Microsoft has to pay for many things, including:
The people manning the phone
The database of people who are valid and what they came from.
Keeping the whole process so your normal user doesn't give up and say "Screw it".
In reality its probably the last one that Microsoft is most worried about. Sure people cost money and the big database will be non-insignifigant, but its the turning customers off to your product thats the biggest worry. It will make it RIPE for competition to come along and say "We don't make you call us every time you change something in your system..."
Its in the same vein as the copy-protected CD debaccle... in Europe they released a copy-protected CD and they ended up re-releasing it because 3% of the people had problems.... Thats not a lot. And think about trying to explain/help all the novice computer users out there... (*shudder*)
it is impossible to generate a truely random number
In software alone. Take one bad diode and read it to your heart's content. (Probably to stir some other entropy system to avoid bias to 0 or 1 in the diode).
Is he assuming that since the vulnerable buffer was malloc'd from heap, an attacker can't predict a jump address for any particular byte in the buffer?
Acutually that should be enough to stop most attacks. Being in the heap means he could trash things higher (or lower, depending on your perspective) on the heap. Overwriting everything in memory down to the stack...and to the correct jump address on the stack... would be EXTREMELY difficult and wouldn't be portable across different versions of symbolic libraries, for instance (which might shift the heap -- and even a few bytes would do).
Do we want a data cloud full of the digital pictures millions of people couldn't bring themselves to delete?
So isn't this just the digital equivialant of having a box with all of your old negatives in it?:) You have so many pictures you don't know what to do with them and no really good way of organizing them.
Speaking of which, my wife is a Librarian and she was amazed at how few of digital photograps are really kept. Things like your state's (if you're in the US anyway) historical society have tons and tons of negatives that if the person who took them had the ability to instantly delete them, they probably would have. You never know how important something would be 10, 20 or even 100 years down the road. So perhaps having limitless storage isn't a bad thing from this perspective.
How about Gas Company having right to access your installation in order to prevent/fix any emergencies?
Do you think their right to do that expires when you leave that house and new owner can kick them out and endanger whole neighborhood?
Check your local city statues. They have easements into your property that gives them (and anyone else city-sanctioned) right to use certain parts of your property for power lines/gas lines, and to do emergency things.
All they are saying here is that if they go out and install some of their equipment on your property they should have a right to access it even if you are no longer owner of this property.
And without a legal discription of the property and an assignment onto the deed they won't be able to have it go with the property.
Besides this also probably varies widely from jurisdiction to jurisdiction because there are a miriad of local laws prohibiting/restring things.
Of course IANAL, but IAAHO (I am a house owner) and went through this junk lately.
Anyway, I hope that they work a bandwidth limit solution (limit bandwidth, not content) so that the students doing real work may have access to
the resources that they are paying for.
Well, the better solution is not to limit aggrigrate bandwith to/from any particular IP address, but prioritize the network utilization so that things that the university wants/needs are given higher priority on the network
For instance, you know telnet/ssh/smtp/http are all important, these go first. Then, if there is room left on the network, everything that you don't know about. Finally, after THAT, then let things like net2phone, napster, et all go through.
Then, you're not blocking anything. You're just saying, "there are important things on the network", and prioritizing it correctly.
My guess is that the solution to the limited number base is one (or both) of the following:
Use the existing 16 digit block, but also twiddle the expiration date. Therefore they could reuse the same 16 digit block, and use all of the combinations of expiration date and match up the purchaser name. So therefore I might only get a certain 16 digit block once, but that one time I get it I'll have a special expiration date so that it will differenciate between me and some other person who got this block before... and my name needs to match up or the sale is blocked.
Expand the 16 digit base (potentially as high as 32 digits). Since the forum that these will be used in is online, there are fewer (but certainly there are some) legacy problems in a limited number of digits. In fact, a lot of cards that are not general use (like gas cards, dining club cards, etc) don't use 16 digits...
Maybe this will force an overhaul of elections in the United States . . . count every vote directly. A popular vote, without party and state lines, is the only fair way to elect a president.
Well as someone who lives in the midwest, if it were just a straight-up popular vote, then we'd never hear hide-nor-hair of the president because he/she would just pander directly to california and the boston-ny-dc areas.
That said, I think the idea of the electoral college was something that in less informed times was necessary, but I think that it's a middle step that is just ripe for abuse. Just think of instead of buying a person's votes (each person's vote just influences the electoral college...not directs it), you could buy an electoral college vote. Sure it'd be more expensive, but it would also be more effective -- although if you could buy those, the person selling their electoral college vote should be dragged out into the streat and shot for treason...
So basically, I'm saying that the electoral college shouldn't be another vote -- it should be turned into a popular vote with each state weighted by the number of electoral college votes.
Hey, while I'm overhauling politics, let's kick out the legalized bribes (lobbyists), too!
I think the problem with lobbists aren't lobbists in general, but corporate lobbists. In fact, if the politicians would have to report every cent of what they take in, you'd see a lot less vote-buying going on:)...and then you're just left with the plain old illegal bribes.
So instead of doing diff's of everything (as pointed out already this is n!)... do a histogram on how many times each word is used. Think of this as a fingerprint. If you see two posts with practically the same words used the same number of times (or, even, in the same ratio), then do the diff and flag it appropriately.
BUT, the trouble is that no matter what algorithm, if people want to find a way to beat the system they will. So now they just write a program to submit their stories, but change a random number of "o" to "O", or something. Never underestimate the power of a determined person.
The only thing that seems reasonable is an exponiential backoff in the number of posts an IP address is allowed to submit. After you're first post, you'll need to wait 1 second, after the second 2 seconds, after the third 4 seconds, etc. After the tenth post, you'll have to wait 512 seconds, or 8.5 minutes. Eleven is 17 minutes, etc. Reset the timers every hour or so... This way if you get people slamming the queues, the damage has some hope of being contained.
Not necessarily. Just because the IOC has anything Olympi* trademarked doesn't mean that they won't/haven't given other groups the right to use it. My guess is that Special Olympics has long requested and has been granted rights to use the terms contained in Olymp*
ObTangent: This whole thing is about as lame as having the term Realtor trademarked...
Also, where the *heck* do businesses have massively parallel problems in everyday life. this is a *very* specialized thing. I just dont see it coming.
Ross Perot started EDS on borrowed time on mainframes... Businesses has tons of need, but just haven't tapped into commodity computing (i.e. lots of desktop machines.)
Besides, you don't necessarially need to have a specialized format like SETI or RC5 to do distributed computing... like I said earlierCondor works on lots of platforms -- including Linux (and even Alpha Linux too).
Currently Condor is available for 12 *nix platforms (Including support for Linux-libc5, Linux-glibc2.0, & Linux-glibc2.1.), and WinNT. We're heavily used in many scientific communities -- often in Monte Carlo simulations that could never have enough CPU time.
We also have been used (using loads and loads of Linux machines, I might add) to solve some extremely massive optimzation problems (using over 1000 non-dedicated -- i.e. desktop -- machines at one time.) The problem in question has been around for 32 years, and was solved using Condor in 7 days!
So anyway, on all of those platforms we support checkpointing (restarting a job on another machine) and remote procedure calls (having a job on a remote machine think its on your machine).
Plus you can download Condor right away and get it up and running! Its cool stuff, but then again I might be biased:)
Its interesting to draw the parallels (like the article does) about how the Movie Industry fought like hell to stop VCR's, but lost. And what happened? They make more money off VCR/DVD sales than off of Theater sales.
So, it makes you wonder if by opening up digital usage of files, if it really would hurt the Music industry?
"Those who don't study history are doomed to repeat it." - George Santayana
Actually MP3's 128k and below encode one channel and a "diff" channel. 192k and up encode two seperate channels (part of why 192 sounds better than 128...)
That said, for most voice applications, mono is quite appropriate.
There is a better way for universities to handle the situation. From their perspective its eating bandwith... but they can assign quality of service levels at their routers (and presumedly at their ISP routers as well) and then they could use all of their bandwidth.
For instance, you can say the following:
First, let all traffic not defined below go first (SMTP, NTP, etc) -- basically all non-classified traffic
Then if theres bandwidth left over, all web traffic,
Then if theres bandwidth left over, all IP telephony traffic,
Then if theres bandwidth left over, all Napster traffic.
(Insert other bandwidth hogging apps or reprioritize as necessary)
Basically this is probably the best for all worlds, since then the Napster users can try to hammer the network all they want. They just will have their packets dropped first. This will allow them to actually use *ALL* of their network.
This distributed DOS stuff can be stopped only if *all* of the sites in the community engage in sound security practices.
There is one sound security practice thats simple, and would clamp down on much of this. I would just love to be able to have everyone (ISP's included) only let packets out from their networks that origionate from their networks. It was as true 5 years ago as it is now -- be a good net admin and clamp down on spoofing!
Re:First Down Line by Princeton Video Image
on
Live or Memorex?
·
· Score: 1
Well, not exactly. It is sometimes interesting to watch when there are teams that have green jourseys (like the Packers, Jets, etc), because in the right light it will draw the line right over 'em.
Another interesting thing to watch is how accurate (or lack thereof) it is. Often that FDL is not quite parallel to the rest of the lines on the field:)
Next thing you know, they're going to put a blue/red glow around the football (like they do for hockey:/ )
...the population density would be on person per 0.78 m^2
That is, of course, assuming that people only exist on one level. What about very tall living structures (ala lots of apartments with >100 stories)? This also leads to the tired "the whole planet is a city" concept that is re-tred into many sci-fi stories...
Even now, for instance, I would suppose that the population density of a city like New York is quite a bit higher than that of Madison, WI.
But the time you sign up for one of these services costs the same amount of money you supposedly "save."
IIRC, the average bill for MSN for 3 years is something like $720. So you typically spend more than the $400 by the time you are done with it...
Although, I do know for a fact that for one person this was the best of all deals. Here in Wisconsin, we tend to have some fairly funky local calling zones. Since one of my friends lives about 10 minutes out of town, the MSN number was the only ISP (yes, I checked), that was a local call from her house. (damn telcos) So she saved $400 on two things she wanted (the computer and MSN).
As i remember, Download.com had a copy of this software on their website. I wonder why they haven't been added to the list of "Defendants". Kind of makes you wonder what's going on here.
download.com most likely followed the cease and desist order...
Slashdot Mirror
The simple solution to this is to use https: url's whenever possible. Without the private key, your ISP can't manipulate the traffic (and still have it be valid).
The Recording Industry Association of America says it is targeting 68 people on University of Wisconsin System campuses for litigation over copyright infringements.
[snip]
According to eweek: Thompson also suggested implanting military personnel with the chips to replace dog tags. Though he hasn't quite gotten around to being chipped himself.
For example, consider that you are currently in an environment that you have connectivity out to the world, but it is monitored. Once you connect, won't some fraction of the "anonomized" traffic come through you?
At some point, if you are trying to view a website with potentially objectionable material, a clear connection has to come from somewhere, and if someone else's connection comes from you, the gestapo could come looking for you.
Once I started looking at Snort, I became very afraid of what is possible. NIDS is a wonderful thing, but if used in the wrong way it could become a good tool for someone wanting to be big brother....
-Jeff
Thats right, if you happen to be jeff@somewhere.com or sally@somewhereelse.com or bill@ or steve@ or smith@ or jones@ your gonna get a lot of spam. They try every username they have ever seen on anybody's server -- on your server.
A big problem is that a lot of people leave EXPN (expand) on their sendmail servers turned on. That means joe spammer can go to your server and try expanding every common username on his list and quickly he can get every user on the system to spam. Even if that is turned off, during the normal SMTP process, sendmail will generate an error code if the username is invalid... which means they can cancel that email and try the next name.
This and a lot more spam-avoidance stuff can be found in Brett Glass's paper Stopping Spam and Trojan Horses with BSD, which contains a lot of good information, even if you are not using BSD.
--
Which is probably what is going to make it fail. The problem with this will be that as hordes and hordes of people call up Microsoft to get new keys, Microsoft has to pay for many things, including:
- The people manning the phone
- The database of people who are valid and what they came from.
- Keeping the whole process so your normal user doesn't give up and say "Screw it".
In reality its probably the last one that Microsoft is most worried about. Sure people cost money and the big database will be non-insignifigant, but its the turning customers off to your product thats the biggest worry. It will make it RIPE for competition to come along and say "We don't make you call us every time you change something in your system..."Its in the same vein as the copy-protected CD debaccle... in Europe they released a copy-protected CD and they ended up re-releasing it because 3% of the people had problems.... Thats not a lot. And think about trying to explain/help all the novice computer users out there... (*shudder*)
-Jeff
In software alone. Take one bad diode and read it to your heart's content. (Probably to stir some other entropy system to avoid bias to 0 or 1 in the diode).
-Jeff
Acutually that should be enough to stop most attacks. Being in the heap means he could trash things higher (or lower, depending on your perspective) on the heap. Overwriting everything in memory down to the stack...and to the correct jump address on the stack... would be EXTREMELY difficult and wouldn't be portable across different versions of symbolic libraries, for instance (which might shift the heap -- and even a few bytes would do).
-Jeff
So isn't this just the digital equivialant of having a box with all of your old negatives in it? :) You have so many pictures you don't know what to do with them and no really good way of organizing them.
Speaking of which, my wife is a Librarian and she was amazed at how few of digital photograps are really kept. Things like your state's (if you're in the US anyway) historical society have tons and tons of negatives that if the person who took them had the ability to instantly delete them, they probably would have. You never know how important something would be 10, 20 or even 100 years down the road. So perhaps having limitless storage isn't a bad thing from this perspective.
Check your local city statues. They have easements into your property that gives them (and anyone else city-sanctioned) right to use certain parts of your property for power lines/gas lines, and to do emergency things.
All they are saying here is that if they go out and install some of their equipment on your property they should have a right to access it even if you are no longer owner of this property.
And without a legal discription of the property and an assignment onto the deed they won't be able to have it go with the property.
Besides this also probably varies widely from jurisdiction to jurisdiction because there are a miriad of local laws prohibiting/restring things.
Of course IANAL, but IAAHO (I am a house owner) and went through this junk lately.
Well, the better solution is not to limit aggrigrate bandwith to/from any particular IP address, but prioritize the network utilization so that things that the university wants/needs are given higher priority on the network
For instance, you know telnet/ssh/smtp/http are all important, these go first. Then, if there is room left on the network, everything that you don't know about. Finally, after THAT, then let things like net2phone, napster, et all go through.
Then, you're not blocking anything. You're just saying, "there are important things on the network", and prioritizing it correctly.
Anyway thats my US$0.02.
Well as someone who lives in the midwest, if it were just a straight-up popular vote, then we'd never hear hide-nor-hair of the president because he/she would just pander directly to california and the boston-ny-dc areas.
That said, I think the idea of the electoral college was something that in less informed times was necessary, but I think that it's a middle step that is just ripe for abuse. Just think of instead of buying a person's votes (each person's vote just influences the electoral college...not directs it), you could buy an electoral college vote. Sure it'd be more expensive, but it would also be more effective -- although if you could buy those, the person selling their electoral college vote should be dragged out into the streat and shot for treason...
So basically, I'm saying that the electoral college shouldn't be another vote -- it should be turned into a popular vote with each state weighted by the number of electoral college votes.
Hey, while I'm overhauling politics, let's kick out the legalized bribes (lobbyists), too!
I think the problem with lobbists aren't lobbists in general, but corporate lobbists. In fact, if the politicians would have to report every cent of what they take in, you'd see a lot less vote-buying going on :) ...and then you're just left with the plain old illegal bribes.
BUT, the trouble is that no matter what algorithm, if people want to find a way to beat the system they will. So now they just write a program to submit their stories, but change a random number of "o" to "O", or something. Never underestimate the power of a determined person.
The only thing that seems reasonable is an exponiential backoff in the number of posts an IP address is allowed to submit. After you're first post, you'll need to wait 1 second, after the second 2 seconds, after the third 4 seconds, etc. After the tenth post, you'll have to wait 512 seconds, or 8.5 minutes. Eleven is 17 minutes, etc. Reset the timers every hour or so... This way if you get people slamming the queues, the damage has some hope of being contained.
Not necessarily. Just because the IOC has anything Olympi* trademarked doesn't mean that they won't/haven't given other groups the right to use it. My guess is that Special Olympics has long requested and has been granted rights to use the terms contained in Olymp*
ObTangent: This whole thing is about as lame as having the term Realtor trademarked...
Ross Perot started EDS on borrowed time on mainframes... Businesses has tons of need, but just haven't tapped into commodity computing (i.e. lots of desktop machines.)
Besides, you don't necessarially need to have a specialized format like SETI or RC5 to do distributed computing... like I said earlier Condor works on lots of platforms -- including Linux (and even Alpha Linux too).
We also have been used (using loads and loads of Linux machines, I might add) to solve some extremely massive optimzation problems (using over 1000 non-dedicated -- i.e. desktop -- machines at one time.) The problem in question has been around for 32 years, and was solved using Condor in 7 days!
So anyway, on all of those platforms we support checkpointing (restarting a job on another machine) and remote procedure calls (having a job on a remote machine think its on your machine).
Plus you can download Condor right away and get it up and running! Its cool stuff, but then again I might be biased :)
So, it makes you wonder if by opening up digital usage of files, if it really would hurt the Music industry?
"Those who don't study history are doomed to repeat it." - George Santayana
That said, for most voice applications, mono is quite appropriate.
For instance, you can say the following:
- First, let all traffic not defined below go first (SMTP, NTP, etc) -- basically all non-classified traffic
- Then if theres bandwidth left over, all web traffic,
- Then if theres bandwidth left over, all IP telephony traffic,
- Then if theres bandwidth left over, all Napster traffic.
(Insert other bandwidth hogging apps or reprioritize as necessary)Basically this is probably the best for all worlds, since then the Napster users can try to hammer the network all they want. They just will have their packets dropped first. This will allow them to actually use *ALL* of their network.
There is one sound security practice thats simple, and would clamp down on much of this. I would just love to be able to have everyone (ISP's included) only let packets out from their networks that origionate from their networks. It was as true 5 years ago as it is now -- be a good net admin and clamp down on spoofing!
Another interesting thing to watch is how accurate (or lack thereof) it is. Often that FDL is not quite parallel to the rest of the lines on the field :)
Next thing you know, they're going to put a blue/red glow around the football (like they do for hockey :/ )
-Jeff
That is, of course, assuming that people only exist on one level. What about very tall living structures (ala lots of apartments with >100 stories)? This also leads to the tired "the whole planet is a city" concept that is re-tred into many sci-fi stories...
Even now, for instance, I would suppose that the population density of a city like New York is quite a bit higher than that of Madison, WI.
IIRC, the average bill for MSN for 3 years is something like $720. So you typically spend more than the $400 by the time you are done with it...
Although, I do know for a fact that for one person this was the best of all deals. Here in Wisconsin, we tend to have some fairly funky local calling zones. Since one of my friends lives about 10 minutes out of town, the MSN number was the only ISP (yes, I checked), that was a local call from her house. (damn telcos) So she saved $400 on two things she wanted (the computer and MSN).
download.com most likely followed the cease and desist order...