Re:Can't see how Verisign could win.. (article)
on
The Race Is On For .net
·
· Score: 3, Insightful
so what the article author meant was that ICANN would hate to see either Verisign or Denic winning the bid.
In which case, I suspect that ICANN would probably have stuck with the Devil they already knew and hoped that the move would have smoothed the troubled waters between them and Verisign. That would however have led to all sorts of allegations about the selection process. Assuming that he's come to the same conclusions as the Register then the appointment of the independent body is quite a canny move by Dr. Twomey. Whatever happens, they should hopefully avoid any mudslinging after the announcement and can get on with what they should be doing.
Personally, I'd have to say that DeNIC is much better positioned than Verisign to be our.net gTLD overseer come July. DeNIC already runs a ccTLD with more domains that.net, so there should be no problems there. Moving the.net gTLD to DeNIC means that all the main gTLDs are managed by seperate entities; diversity is good here. Moving
control of gTLDs about is certainly doable because.org has already been reassigned, and DeNIC has the additional advantage of knowing where PIR had problems. Finally, DeNIC is not a US company which addresses another issue for ICANN; they can use that as an argument against the UN/ITU's claims that control of the Internet is too US centric.
By contrast, all Verisign seems to be offering is a continuation of the status quo, for which they have managed to earn themselves a less than stellar reputation. Sure, they can do the job, but where's the vision? Big changes are afoot for the Internet over the next few years with VoIP, streaming media services and more all gaining momentum; I hardly think "status quo" is going to be a winning argument against that dynamic backdrop.
Long live Exeem Lite! May the creator of Exceem make no profit on it at all.
Perhaps, but perhaps not. There isn't much information out there about how the Exeem actually network works, but I get the distinct impression that the Exeem servers are necessary for it to function. Do they merely act as a gateway to the network, are purely for the Spyware/Ad serving, or (as I suspect) are integral to providing the Kazaa style "search engine"? More importantly, can Exeem Lite still function if those servers are not there? That's the crux of it really, because those servers are the obvious focal point for any legal efforts to shut the network down, plus if Exeem fails as a P2P app or a money making venture then those servers will go away.
Personally, my opinion is more aligned with your first sentence; "Pity really - they had a chance, and screwed it." I'm sure that over time it's going to gain some momentum, maybe even a lot of it, but for now at least I'm staying well clear of using it in anger. I might do some packet captures and so on with Exeem Lite to resolve the question of the central servers though...
Judging by the release rate of the last few years "apathy" on the part of the Phrack editors seems to be the order of the day, but that's perhaps a little unfair. There have been scores of papers published that would have been worthy of Phrack at its best in that time. The problem is that everyone writing such papers can just as easily create their own website and publish their works there. Why wait for what might be several months to see you work published for what little kudos being published in Phrack still has left and risk someone else stealing your fifteen minutes of fame?
You check traditional DNSBLs like the XBL DNSBL list run by Spamhaus which list compromised systems. A better option however might be to also use the SURBLs that are used by SpamAssassin and similar anti-spam tools. Most of the domains listed have been spamvertised, but there is also a list for sites used in phishes. The next logical step would probably be a list of sites that try and install spyware or other unwanted binaries or scripts (cookies would be a bit much) on a visiting PC.
Since it works just like a DNSBL, you would need your plugin that grabs the URL, does a quick SURBL lookup and open a standard error page if it gets a 127.0.0.x response to the lookup. The option to continue anyway needs to be something that a network administrator can override, naturally. Best of all (and I can't believe I'm typing this), owing to the high level of integration of IE into Windows it might actually stop people from opening HTML spams in Outlook, inadvertantly or otherwise, as well.
Thinking about it, why stop at IE? Anyone care to write a Mozilla Extension?
True enough, most major news sites are offshoots of the more traditional print and TV news outlets. However, the beauty of the Internet is that it is very easy to compare varying viewpoints on the same situation from different outlets and draw your own conclusions. For instance, you *could* just get your picture of the situation in Iraq from reading CNN.com, or you could do that, then hop over to the BBC, Al Jazeera, Reporters sans Frontières, Amnesty International and any others that might take your fancy for a much more rounded view. It'll probably be more accurate too.
No, I don't care about using IE to run Windows Update, even though I would have to manually start a couple of additional services (BITS and Automatic Updates) that I have disabled by default. Nor do I particulary care if it sends some information about my hardware/software back to Microsoft in order to enable it to do a better job. I care about the fact that Windows Update, and now this new "Genuine Windows" check, both require ActiveX to work, which in turn requires IE. It's not so much about paranoia as Microsoft once again trying to force its "solution" on me, despite my wish to make another choice.
This is also useful for getting updates and other stuff from Microsoft's website site using alternative browsers like Firefox, which obviously won't run the ActiveX control this validation requires. I make a point of avoiding using Windows Update (which requires IE) and manually getting any applicable Windows patches each second Tuesday using Firefox, and I'm pretty sure I'm not alone in this. Hopefully someone at Microsoft is paying attention to their webserver reports and realises that making sections of their websites require IE isn't going to be very popular. How many legitimate Windows users are they willing to annoy just to make it a smidgeon harder for people with unlicensed copies of their software and/or privacy concerns to get updates and so on?
Re:Where is the Mafia when you need them?
on
New Attacks on Spam
·
· Score: 4, Insightful
And what makes you think the Mafia isn't involved in actually sending the spam in the first place? Take a step back and look at the kinds of technical and organisational infrastructures that are used in spamming. We have address harvesting, botnets and the worms and malware to generate them, scams, counterfeiting of goods, moving goods (pills) from one country to another, hosting of services in countries all over the world. Oh, and much of this illegal too, and not just under legislation like CAN-SPAM. If that's not organized crime, then I don't know what is.
Re:That's not the sky falling...
on
Spammers' Upend DNS
·
· Score: 4, Insightful
No, it's a problem with spammers making references to multiple domains in their email, each of which might need to be checked against several SURBLs. Personally, I'm not fretting this one at all; while it's an ingenious work around from the spammers to get around the SURBLs, there's a trivial fix.
At the moment, each domain referenced in the body of a spam is checked against one or more SURBLs to see if it has been spamvertised - hence the 30 lookups figure. Instead of immediately checking the SUBLS, we can just make a single check to see if the domain exists at all, if it doesn't then skip the SURBL checks and bias the score towards being spam. If it does exist, then we can proceed to check the SURBLs as normal and still nail any spams using known spamvertised domains. If the domain does exist, then it's a single extra DNS lookup which is possibly going to be cached, so a root server query may be avoided. If it doesn't exist, then we skip the SURBL checks and save our 30 DNS queries.
Yup, it's the old spam arms race again. Give it a month or so and we'll all be moaning about some completely new spammer tactic brought in to replace this one.
But it might be considered somewhat capr.icio.us and not very jud.icio.us to create mal.icio.us just after Microsoft tries to get of to an ausp.icio.us start in its attempts to help us remove susp.icio.us software that is pern.icio.us in its efforts to remain on our PCs though.
Yup. You're right. Lot's of subdomain possibilities there!
Poland's last-minute intervention has made them popular with supporters of the anti-patent movement.
Yes, and it's not too late to show your gratitude either by adding your signature and any comments to the "Thank Poland" letter. People on Slashdot so often advise writing letters to bureaucrats in order to complain, it's nice to able able to thank them for getting it right once in a while.
Last time I checked Firefox opened WMP on Windows machines
Well, to be precise it opens which ever media player is associated with the media file you are trying to open. You can also override this on a per-filetype basis by specifiying a different handler for the file under the "Downloads" section of the Options box - the section titled "File Types". Whether your motivation for switching to Firefox was security, features, web standards or because it's FOSS, then the same motivation should apply to WMP too. Certainly on my Windows boxes none of the primary media types are associated with the DRM and security hole infested WMP.
Exactly what I was about to suggest - a WinTerm or XTerm hooked up to a box safely stored indoors. Also, since NCD appears to have just pulled out of the hardware business according to The Register you might be able to pick one up (or even a few) for next to nothing.
I'm guessing that the only thing that would account for this kind of discrepency is how registry keys are counted. Whether you count each individual registry key, registry branch, or just piece of spyware on a case-by-case basis will make a huge difference. Also, spyware typically installs copies of its registry settings in several places, and on a system with multiple logins there is even more room for abuse.
Based on my experiences there's not much to choose from between Spybot and Ad-Aware, and I haven't really worked out where the MS/Giant program fits yet. Some programs that are missed by Ad-Aware get picked up by Spybot and vica-versa, so I'd expect there to be a few new things to be found by the MS effort. What worries me most is that discrepency between Spybot and Ad-Aware; I've never seen that kind of gap between the two in either direction. I suspect that inadvertantly or intentionally the selection of spyware installed on the testbed virtual PC may have been slightly biased.
Jeez, don't *do* that! For a couple of seconds there I thought they meant "employ" as in "pay" and not "employ" as in "use". I know Japan has some pretty advanced robot technology, but they're not *that* advanced are they? ARE they? If they start talking about forming a union, it's time to get worried...
Yes, there's certainly a possibility that there may be a breakthrough, I just don't see it happening for several reasons. First and foremost we have the laws of physics; you just can't make the traces on the silicon substrate much thinner and still know for sure what's going on. This is something that strained silicon has alleviated a little, but without further size reductions then more GHz equates to more heat.
My other reasons are a little more subjective, but are largely to do with the fact that both AMD and Intel are investing heavily in developing multi-core CPUs. In Intel's case this has involved the very public scrapping of a promised CPU and a drastic revamp of its roadmap. While breakthroughs in CPU design have come from academia and other companies, the vast majority have come from Intel and IBM. However, neither are investing the R&D in ramping clock speeds ever higher and are focussing on multi-core designs instead.
Hence my original statement: based on what we current know about silicon based CPU design, we are at (or very close to) the limits of what is possible. Further R&D or a breakthrough might push that a little or even a significant amount higher, but without the massive R&D efforts of IBM and Intel, the chances of this happening are slim. Also, if the market does start to shift toward multi-core designs which seems very likely, then the inclination of people to look into better wats of doing things in the old way is likely to be reduced further.
Without a major breakthrough, which isn't something I'd bet on, I'll agree that we are very close to the limits of silicon based CPUs. Strained Silion and Silicon on Insulator are effective stop gaps, but multi-core and possibly switching to something like Gallium Arsenide are the most likely ways forward for greater processing power at the moment.
Hard drives however? Some of the areal densities that are working in R&D labs are significantly denser than what we have now and will allow for plenty of capacity growth if they can be mass produced cheaply enough. Sure, we're approaching a point where it's not going to be viable to go any further, but we're not going to arrive there for a while yet. There is also the option of making the platters sit closer together so you can fit more of them into a drive of course. If you really want or need >1TB on a single spindle then I think you'll need to wait just a few more years.
A potentially better test would be to run the MS program before running Ad-Aware or Spybot.
True enough, but that would entail actually *having* an Internet connected PC that I use IE to browse with, don't run any security tools on, and fail to firewall in any meaningful way. I haven't had a PC meeting any of those conditions for a very *long* while. I could prep my test box and surf some of the dodgier sites on the net for a few minutes while leaving that IP wide open on the firewall I suppose... But no, on the whole I think I'll wait until the next time I get a request to fix someone's "broken" PC before I try running the MS program first.:)
I've literally just finished running it on a PC that I keep fairly clean through use of Spybot, Ad-Aware and Firefox instead of IE. It's pretty fast, even in its in-depth scan mode, despite some earlier reports that the GIANT version was slow, so I'm guessing this is where any of Microsoft's major code changes might have been. It probably took about three minutes to run on my AMD 3800+/XP box, so not too shabby compared to Ad-Aware and Spybot.
As to the resutls, it turfed up three bits of possible Spyware which Ad-Aware and Spybot were missing/ignoring. The first was what it thought was Kazaa, but was infact Kazaa Lite (I've never had the original Kazaa installed). Second was some legacy registry keys left behind by WeatherBug which had piggybacked its way onto my PC with some shareware some time ago - fixed and reported to Spybot/Ad-Aware. Finally, it detected something called SearchSquire, but this turned out to be part of the Immunization feature of Spybot.
So, aside from the conflicts with Spybot's Immunization feature and the false positive on Kazaa Lite's registry keys, both of which can be fixed by setting the detection to "Always Ignore" it's not a bad little tool at all. Expect of course, for the fact that Microsoft is clearly planning of getting people to pay for this tool according to the webpage and EULA. Hmm. Getting people to pay for cleaning up the mess that you helped create in the first place... Unless this product is *vastly* better than Spybot and Ad-Aware on a thoroughly owned PC, I don't think so, and even then I think not...
I think the first time I saw this was in the film "The Jackal") from 1997. That SUV was definitely coated in something that appeared to be white paint that washed off when a water jet was applied unless it was a *very* good special effect.
Re:And let's not forget who is funding a lot of th
on
New and Improved SETI
·
· Score: 5, Interesting
Actually, Paul Allen largely bailed out of the operational side of Microsoft years ago; he was more involved with Asymetrix by the launch of Windows 3.x. In the last few years the only times I seem to hear Paul Allen's name is in connection with *extremely* generous philanthropic gestures toward the science & tech sectors. You might remember his massive backing of Scaled Composites' effort in claiming the Ansari X-Prize for example?
As far as I am concerned Paul Allen is the very best thing *ever* to come out of Microsoft.
Do you think a valid NSA, or more practically, a valid FBI ID would grant the bearer unfettered access to the Dept. of Agriculture and other "low-level" agencies?
No. What it *will* do is establish that the bearer is probably a member of the NSA/FBI to the DoA building's reception/security. How they handle it from there will depend on the DoA policies and proceedures in place at the site concerned. That could easily entail phoning a field office/superior if the person had simply turned up without prior arrangement. In any event, it's highly unlikely that those proceedures would extend to allowing unrestricted access to sensitive areas without some form of escort no matter who they claimed to work for.
Slashdot Mirror
In which case, I suspect that ICANN would probably have stuck with the Devil they already knew and hoped that the move would have smoothed the troubled waters between them and Verisign. That would however have led to all sorts of allegations about the selection process. Assuming that he's come to the same conclusions as the Register then the appointment of the independent body is quite a canny move by Dr. Twomey. Whatever happens, they should hopefully avoid any mudslinging after the announcement and can get on with what they should be doing.
Personally, I'd have to say that DeNIC is much better positioned than Verisign to be our .net gTLD overseer come July. DeNIC already runs a ccTLD with more domains that .net, so there should be no problems there. Moving the .net gTLD to DeNIC means that all the main gTLDs are managed by seperate entities; diversity is good here. Moving
control of gTLDs about is certainly doable because .org has already been reassigned, and DeNIC has the additional advantage of knowing where PIR had problems. Finally, DeNIC is not a US company which addresses another issue for ICANN; they can use that as an argument against the UN/ITU's claims that control of the Internet is too US centric.
By contrast, all Verisign seems to be offering is a continuation of the status quo, for which they have managed to earn themselves a less than stellar reputation. Sure, they can do the job, but where's the vision? Big changes are afoot for the Internet over the next few years with VoIP, streaming media services and more all gaining momentum; I hardly think "status quo" is going to be a winning argument against that dynamic backdrop.
Perhaps, but perhaps not. There isn't much information out there about how the Exeem actually network works, but I get the distinct impression that the Exeem servers are necessary for it to function. Do they merely act as a gateway to the network, are purely for the Spyware/Ad serving, or (as I suspect) are integral to providing the Kazaa style "search engine"? More importantly, can Exeem Lite still function if those servers are not there? That's the crux of it really, because those servers are the obvious focal point for any legal efforts to shut the network down, plus if Exeem fails as a P2P app or a money making venture then those servers will go away.
Personally, my opinion is more aligned with your first sentence; "Pity really - they had a chance, and screwed it." I'm sure that over time it's going to gain some momentum, maybe even a lot of it, but for now at least I'm staying well clear of using it in anger. I might do some packet captures and so on with Exeem Lite to resolve the question of the central servers though...
Judging by the release rate of the last few years "apathy" on the part of the Phrack editors seems to be the order of the day, but that's perhaps a little unfair. There have been scores of papers published that would have been worthy of Phrack at its best in that time. The problem is that everyone writing such papers can just as easily create their own website and publish their works there. Why wait for what might be several months to see you work published for what little kudos being published in Phrack still has left and risk someone else stealing your fifteen minutes of fame?
Actually, when it's a scam like this, it's usually spelt "phishing".
Since it works just like a DNSBL, you would need your plugin that grabs the URL, does a quick SURBL lookup and open a standard error page if it gets a 127.0.0.x response to the lookup. The option to continue anyway needs to be something that a network administrator can override, naturally. Best of all (and I can't believe I'm typing this), owing to the high level of integration of IE into Windows it might actually stop people from opening HTML spams in Outlook, inadvertantly or otherwise, as well.
Thinking about it, why stop at IE? Anyone care to write a Mozilla Extension?
True enough, most major news sites are offshoots of the more traditional print and TV news outlets. However, the beauty of the Internet is that it is very easy to compare varying viewpoints on the same situation from different outlets and draw your own conclusions. For instance, you *could* just get your picture of the situation in Iraq from reading CNN.com, or you could do that, then hop over to the BBC, Al Jazeera, Reporters sans Frontières, Amnesty International and any others that might take your fancy for a much more rounded view. It'll probably be more accurate too.
No, I don't care about using IE to run Windows Update, even though I would have to manually start a couple of additional services (BITS and Automatic Updates) that I have disabled by default. Nor do I particulary care if it sends some information about my hardware/software back to Microsoft in order to enable it to do a better job. I care about the fact that Windows Update, and now this new "Genuine Windows" check, both require ActiveX to work, which in turn requires IE. It's not so much about paranoia as Microsoft once again trying to force its "solution" on me, despite my wish to make another choice.
This is also useful for getting updates and other stuff from Microsoft's website site using alternative browsers like Firefox, which obviously won't run the ActiveX control this validation requires. I make a point of avoiding using Windows Update (which requires IE) and manually getting any applicable Windows patches each second Tuesday using Firefox, and I'm pretty sure I'm not alone in this. Hopefully someone at Microsoft is paying attention to their webserver reports and realises that making sections of their websites require IE isn't going to be very popular. How many legitimate Windows users are they willing to annoy just to make it a smidgeon harder for people with unlicensed copies of their software and/or privacy concerns to get updates and so on?
And what makes you think the Mafia isn't involved in actually sending the spam in the first place? Take a step back and look at the kinds of technical and organisational infrastructures that are used in spamming. We have address harvesting, botnets and the worms and malware to generate them, scams, counterfeiting of goods, moving goods (pills) from one country to another, hosting of services in countries all over the world. Oh, and much of this illegal too, and not just under legislation like CAN-SPAM. If that's not organized crime, then I don't know what is.
At the moment, each domain referenced in the body of a spam is checked against one or more SURBLs to see if it has been spamvertised - hence the 30 lookups figure. Instead of immediately checking the SUBLS, we can just make a single check to see if the domain exists at all, if it doesn't then skip the SURBL checks and bias the score towards being spam. If it does exist, then we can proceed to check the SURBLs as normal and still nail any spams using known spamvertised domains. If the domain does exist, then it's a single extra DNS lookup which is possibly going to be cached, so a root server query may be avoided. If it doesn't exist, then we skip the SURBL checks and save our 30 DNS queries.
Yup, it's the old spam arms race again. Give it a month or so and we'll all be moaning about some completely new spammer tactic brought in to replace this one.
Yup. You're right. Lot's of subdomain possibilities there!
Yes, and it's not too late to show your gratitude either by adding your signature and any comments to the "Thank Poland" letter. People on Slashdot so often advise writing letters to bureaucrats in order to complain, it's nice to able able to thank them for getting it right once in a while.
Well, to be precise it opens which ever media player is associated with the media file you are trying to open. You can also override this on a per-filetype basis by specifiying a different handler for the file under the "Downloads" section of the Options box - the section titled "File Types". Whether your motivation for switching to Firefox was security, features, web standards or because it's FOSS, then the same motivation should apply to WMP too. Certainly on my Windows boxes none of the primary media types are associated with the DRM and security hole infested WMP.
Exactly what I was about to suggest - a WinTerm or XTerm hooked up to a box safely stored indoors. Also, since NCD appears to have just pulled out of the hardware business according to The Register you might be able to pick one up (or even a few) for next to nothing.
Based on my experiences there's not much to choose from between Spybot and Ad-Aware, and I haven't really worked out where the MS/Giant program fits yet. Some programs that are missed by Ad-Aware get picked up by Spybot and vica-versa, so I'd expect there to be a few new things to be found by the MS effort. What worries me most is that discrepency between Spybot and Ad-Aware; I've never seen that kind of gap between the two in either direction. I suspect that inadvertantly or intentionally the selection of spyware installed on the testbed virtual PC may have been slightly biased.
Jeez, don't *do* that! For a couple of seconds there I thought they meant "employ" as in "pay" and not "employ" as in "use". I know Japan has some pretty advanced robot technology, but they're not *that* advanced are they? ARE they? If they start talking about forming a union, it's time to get worried...
My other reasons are a little more subjective, but are largely to do with the fact that both AMD and Intel are investing heavily in developing multi-core CPUs. In Intel's case this has involved the very public scrapping of a promised CPU and a drastic revamp of its roadmap. While breakthroughs in CPU design have come from academia and other companies, the vast majority have come from Intel and IBM. However, neither are investing the R&D in ramping clock speeds ever higher and are focussing on multi-core designs instead.
Hence my original statement: based on what we current know about silicon based CPU design, we are at (or very close to) the limits of what is possible. Further R&D or a breakthrough might push that a little or even a significant amount higher, but without the massive R&D efforts of IBM and Intel, the chances of this happening are slim. Also, if the market does start to shift toward multi-core designs which seems very likely, then the inclination of people to look into better wats of doing things in the old way is likely to be reduced further.
Hard drives however? Some of the areal densities that are working in R&D labs are significantly denser than what we have now and will allow for plenty of capacity growth if they can be mass produced cheaply enough. Sure, we're approaching a point where it's not going to be viable to go any further, but we're not going to arrive there for a while yet. There is also the option of making the platters sit closer together so you can fit more of them into a drive of course. If you really want or need >1TB on a single spindle then I think you'll need to wait just a few more years.
True enough, but that would entail actually *having* an Internet connected PC that I use IE to browse with, don't run any security tools on, and fail to firewall in any meaningful way. I haven't had a PC meeting any of those conditions for a very *long* while. I could prep my test box and surf some of the dodgier sites on the net for a few minutes while leaving that IP wide open on the firewall I suppose... But no, on the whole I think I'll wait until the next time I get a request to fix someone's "broken" PC before I try running the MS program first. :)
As to the resutls, it turfed up three bits of possible Spyware which Ad-Aware and Spybot were missing/ignoring. The first was what it thought was Kazaa, but was infact Kazaa Lite (I've never had the original Kazaa installed). Second was some legacy registry keys left behind by WeatherBug which had piggybacked its way onto my PC with some shareware some time ago - fixed and reported to Spybot/Ad-Aware. Finally, it detected something called SearchSquire, but this turned out to be part of the Immunization feature of Spybot.
So, aside from the conflicts with Spybot's Immunization feature and the false positive on Kazaa Lite's registry keys, both of which can be fixed by setting the detection to "Always Ignore" it's not a bad little tool at all. Expect of course, for the fact that Microsoft is clearly planning of getting people to pay for this tool according to the webpage and EULA. Hmm. Getting people to pay for cleaning up the mess that you helped create in the first place... Unless this product is *vastly* better than Spybot and Ad-Aware on a thoroughly owned PC, I don't think so, and even then I think not...
I think the first time I saw this was in the film "The Jackal") from 1997. That SUV was definitely coated in something that appeared to be white paint that washed off when a water jet was applied unless it was a *very* good special effect.
As far as I am concerned Paul Allen is the very best thing *ever* to come out of Microsoft.
CowbuoyNeal is a float? Somehow I'd always pictured him as a char...
No. What it *will* do is establish that the bearer is probably a member of the NSA/FBI to the DoA building's reception/security. How they handle it from there will depend on the DoA policies and proceedures in place at the site concerned. That could easily entail phoning a field office/superior if the person had simply turned up without prior arrangement. In any event, it's highly unlikely that those proceedures would extend to allowing unrestricted access to sensitive areas without some form of escort no matter who they claimed to work for.
Options "1" "b" and "III"? I'm guessing that you may have said "Cheers" a few times already this evening... ;)