You are most welcome to opt-out of this data gathering
And if that's not enough for the terminally paranoid amongst you... It's a *nix box, so you could always make the necessary mods to gain access and symlink syslog to/dev/null.
Hmm. Cheesy first film, somewhat like Star Wars (be honest), and what looks like a cracking second film (just like ESB). Just what is it with Lucas and trilogies anyway? It always seems to take him a film to get upto speed, then he makes another that rocks, and then runs out of steam for the third and throws in things like Ewoks.
You need a damn passport to get almost anything out of Microsoft now. Mailing list? Passport please! Email? Passport please! IM? Passport please! Plus the damn thing doesn't work properly if you've tweaked your security settings from the defaults (even with IE).
At least three of those passports are (were) mine. I signed up for some mailing lists, got a passport and I have no idea what random crap I pasted into the password field, deleted the crap it dumped to my hard drive and moved on. Ditto when I realised I'd missed a mailing list off the subscriptions. Plus my first attempt that barfed because my IE security settings had been customised from one of the preset defaults.
They might have 200m registrations, but how many of those became permanantly dormant the same day they were created?
I quite agree, hence the strongly worded disclaimer. However, you can gather a hell of a lot of information on a network without even tranmitting a single packet (I made an "ethernet" cable with the TX wires open while playing around with this - it's a great way to learn). If you *truly* just listen, there isn't an IDS in the world that is going to know you are there, and I doubt many IDSs are configured to pickup some of the the most basic probes, even if they are capable of doing so.
Besides isn't a statement like "when my IDS finds it. (And it WILL find it.)" akin to saying "Oracle is unbreakable" or "the Titanic is unsinkable"? Watch that trust level!
and if your on a switched network ? surely you wouldn't recieve any relevant traffic ?
You would initially just see broadcast traffic, and that gives you some IP information to get started from. You could then send a continuous stream of forged packet to the switch pretending to be from MAC addresses you can see. Depending on the switch you may be able to force it to fail and start acting as a hub, or receive packets intended for the legitimate hosts you are faking.
It's a technique known as ARP spoofing, for which there are plenty of tools such as Dugsong's DSniff suite. Get Ethereal as well, capture some packets and see what you can derive about the network - it should be quite a lot. Add a packet generator into the mix and, well, the sky's the limit really. I should also point out that you can very easily break the law with these tools; be careful what you do and where...
Like the Dilbert strip where Dilbert advises his boss to change the password to "******" to avoid having to explain why his keyboard puts the wrong characters on the screen when he types his password? And more importantly, what do you tell the same boss when he's upgraded to Windows XP and gets those natty blobs for his password "typo"? Typing "ALT+0183" (on the numeric keypad!) six times just doesn't seem like it's going to cut the mustard.
Try DHCP - if OK great, configure eth0 accordingly, if not, not a problem for now
Put eth0 into promiscuous mode
Capture some traffic
Look for where connections are being opened for port 53 (DNS), port 20/21 (FTP), 25 (SMTP)...
Look at the source IPs for local IP's / subnet
Look for where traffic off-net is being sent for the default gateway(s)
etc.
Fill in some blanks with the above
Present harvested info to the user and ask them to fill in any required unknowns, make corrections and confirm the final settings
This kind of thing isn't new, and there are lots of other tricks to farm data, like sending forged packets to illicit a response with useful data. Where you tend to come unstuck in what you can achieve though is when you plug the thing into a switch. It's a bit more difficult to find what you want when you can't see it...
I don't know about "one minute is really pushing it", Aardman did a pretty amusing set of TV animations for one of the UK's electricity companies some years back. They have also just been signed up to do a run of adverts for PG Tips tea bags, which have been very successfully marketed in the past (and for a *long* time) by a family of dressed up chimps, which is very popular in the UK.
I've not seen any of the new adverts on TV yet, but the press has got hold of it and there are advertising hoardings starting to appear featuring the three bird characters. The general style of the characters is very reminiscent of "Chicken Run", although there are three different kinds of birds, rather than just chickens. No doubt DivX versions will be coming to a web site near you Real Soon Now if they are any good.
Looking down that list, there is a large number of companies that have little or no connection with PCs. There are lot's of automotive manufacturers of all things, and other industries, and I'm sure that some of them probably refine the silicon that others turn into wafers that others... Sony might be citing 218 companies, but I doubt the number of consumer facing ones is into three digits.
It's not that I have anything against MemoryStick as such, it's just that other similar technologies are far more interoperable with a broader choice of devices, and surely "durability" is a secondary goal to "interoperability". It's an old chestnut, but you have to love standards; there are so many to chose from.:(
It's the Memory Stick that's turning me off Sony as well, although the two high-res colour models they now have are winning me over. This new model is just what I would want from a PDA with current tech levels as I don't need multimedia stuff, just an organizer that I can sync with my desktops/laptops and run a few other tools on to help with my job.
What I'm hoping for is that Palm's "community development" method will pay off and they will fold all the neat new Sony stuff, especially the screen, back into the general product line in time for the 515 launch around March. If not, then I'll probably end up getting the Clié and living with the semi-proprietary memory stick.
When I 'steal', software from Gnutella, I am depriving no one of their software, like I deprived your Mother of a car.
Sorry, but this argument is typical warez k1dd13 bullshit. Theft is when you illegally deprive someone of something that is rightfully theirs. Software piracy deprives the retailer, distributor and manufacturers of the software you stole of some revenue. You might get some satisfaction from hitting out at the evil corporations, but there is no avoiding the issue that piracy is still theft.
If you can't afford the software then you can either become a criminal, or, you can wake up, smell the roses, and move to the world of free software. It's not always a smooth ride to get there admittedly, but the destination makes it all worth while when you do.
I love automated letters. You can always tell who sold their mailing list when you start getting mail for "Firstname Lastname."
I *never* use "Firstname Lastname". I always work something to do with the company whose list it is in there, and none too subtly either, so that if it turns up in spam I know who to bitch at. I'd like to see the look on their face when "Firstname Lastname" turned out to be "Microsoft Corporation".;)
I'm not so sure it *is* a complete hoax. I think that what ZeoSync actually meant to say was that they think that have found a revolutionary new method of compressing audio/visual data, but their PR team badly mangled the text. Why AV? Because all the compression technologies cited in the press release are used in AV, that's why. Also, they don't actually state that they have acheived 100:1 compression, only that it might be possible, so take this statement with as large a pinch of salt as you wish.
I personally think that they do have something, but have doubts that their expectations are going to be realised. Reading between the "TM"s; I think it works like this:
Massage the data stream with the "Tuner"
Compress the data with the "Accelerator"
Write out the "BitPerfect" data file
As to all the claims about violating the work of Claude Shannon; lots of people seem to mis-interpret Shannon to say "you cannot compress random data". This is not true! A better way of expressing it is "you cannot compress all data sets of size n". I think ZeoSoft is talking about a random sample taken sub-set of all possible data, ie. an AV data stream of length n. It's the difference between saying "I can compress any document" (which violates Shannon) and "I can compress any Slashdot page source document" (which does not violate Shannon).
Reading through the press release it seems to imply that they take the "random" data, massage the data with the "Tuner" part, then compress it with the "Accelerator" part. This spits out "BitPerfect" which I assume is their data format. It's this "massaging" of the figures where it's going to sink or swim.
Take very large prime numbers and the like, huge strings of almost random numbers that can often be written as a trivial (2^n)-1 type formula. Maybe the massaging of the figures is simply finding a very large number that can be expressed like the above with an offset other than "-1" to get the correct "BitPerfect" data. I was toying around with this idea when there was a fad for expressing DeCSS code in unusual ways, but ran out of math before I could get it to work.
The above theory maybe bull when it comes to the crunch, but if it could be made to work, then the compression figures are bang in the ball park for this. They laughed at Goddard remember? But I have to admit, I think replacing Einstein with the Monty Python foot better fits my take on this at present...
Actually, they may be better off keeping the "pittance on the blank media" and dropping the copy protection altogether using this as face-saving excuse to drop their feeble attempts at copy protection.
Let's face it, copy-protecting audio CDs is an expensive waste of time and the studios must be realising it by now. They have the costs of licensing the copy protection scheme, the costs of the bad press it generates, the costs of dealing with returns from unhappy punters whose CD players don't work. And what do they get in return? A CD that can always be ripped simply by feeding the stereo line out of a CD player into the stereo line in of a soundcard and pressing "play" at one end and "record" at the other. Line noise? I'm Ogg/MP3ing anyway, you think I'm going to notice the little bit of line noise after compression has mangled it?
I think you've misunderstood; the key phrase was "without running 16 bit code", not that NT wasn't using 32 bit code. The NT/XP codebase is *still* not fully 32 bit as there are several initial steps of the OS boot process performed in real (16 bit) mode, including initial hardware detection by NTDETECT.COM, and if the underlying OS isn't yet fully 32 bit, then what is the liklihood all the applications are?
Getting techy for a minute, a PC's BIOS transfers control via a disk's boot sector to the boot loader in real mode, the boot loader (GRUB, LILO, NTLDR etc.) then loads the OS proper. Now, technically a boot loader could switch to protected (32 bit) mode before loading a fully 32 bit OS, but so far all mainstream PC OSs (yes, Linux and BSD too) run some initial boot code in real mode before making the switch to protected mode. Some make the switch sooner than others and I'm sure some of the experimental OS's out there make the switch immediately they gain control from the boot sector.
The main point though, was that for the 32 bit Windows platform (boot stubs aside) the process of Hardware support -> OS support -> decent app support has taken the best part of a decade. If you think the switch from 32 bit to 64 bit is going to happen much quicker, then you are probably going to be disappointed.
There may well be a slew of 64 bit chips by the years end, but I doubt you are going to see much non-specialist application support for some time. Sure PhotoShop and a few other desktop applications will arrive fairly quickly, but look at Windows and 32 bit support; Intel shipped the 80386 in 1985 and only now can you boot a Windows PC without running 16 bit code from the HDD.
Actually, even that's not strictly true, since according to the Resource Kit documentation Windows XP's initial configuration detection is *still* 16 bit.
I do. It means "Made or consisting of iron; partaking of iron; iron; as, irony chains; irony particles", but I think the definintion people need to understand is "Incongruity between what might be expected and what actually occurs", which is actually what is happening, isn't it? I for one would have expected to see a "Powered by VIM" button or whatever it says rather than an emacs logo.
Both the above definitions are cut and pasted from dictionary.com before you follow up.
I don't know about "it's believed the auction is the first of its kind in the world" but wasn't one of the new TLDs auctioned off? Sure, it got classed as an illegal lottery, but it was still an auction of domain names to the highest bidder.
Actually this makes a lot of sense to me; raise a shitload of cash for nothing and then watch the new owners of the vastly overvalued domain names struggle to recoup their investment while you laugh all the way to the bank. This scheme sounds suspiciously like the 3G mobile auctions in the UK a few years ago; the government got £26 *billion* for a few leases on the RF spectrum. Like, sure, there is £26 billion to recouped from 3G in a population of less than 60m...
Ever hear of something called a contract? Elton is probably unable to simply switch labels without being in clear breach of his contract. He might be able to simply do what he has done without repercussion; George Michael lost his case to actually sever ties with Sony, which is why he too no longer releases any music.
Have someone established that Linux users have the same surfing habits as other people?
I don't think it's habits at all, but rather that it's more down to ethos. I for one surf with Linux, yet if I had hit every single one of those sites used in the survey I would have no impact on the amount of "Linux on the desktop" reported. I have cookies switched off and hitbox.com is one of many sites my broswer thinks is 127.0.0.1
Add in those who have their browser lying about it's branding, as you suggest, to fool those sites that are "optimised for IE" and it's fairly obvious that any figures are going to cant towards Redmond. Remember, there are "lies, damned lies and benchmarks" and "95% of statistics are made up on the spot". I would think a few more percent to Linux is more realistic, but only a few.
Actually, only on paper. There was a big brouha in the UK press recently about Elton being so pissed about the money grubbing bastards in the music industry that he has decided never to record again. I guess this concert is the next stage in the fight.
I don't much like his style of music, but kudos to the guy for standing up to the biz. Go Elton!
Slashdot Mirror
And if that's not enough for the terminally paranoid amongst you... It's a *nix box, so you could always make the necessary mods to gain access and symlink syslog to /dev/null.
Hmm. Cheesy first film, somewhat like Star Wars (be honest), and what looks like a cracking second film (just like ESB). Just what is it with Lucas and trilogies anyway? It always seems to take him a film to get upto speed, then he makes another that rocks, and then runs out of steam for the third and throws in things like Ewoks.
At least three of those passports are (were) mine. I signed up for some mailing lists, got a passport and I have no idea what random crap I pasted into the password field, deleted the crap it dumped to my hard drive and moved on. Ditto when I realised I'd missed a mailing list off the subscriptions. Plus my first attempt that barfed because my IE security settings had been customised from one of the preset defaults.
They might have 200m registrations, but how many of those became permanantly dormant the same day they were created?
Besides isn't a statement like "when my IDS finds it. (And it WILL find it.)" akin to saying "Oracle is unbreakable" or "the Titanic is unsinkable"? Watch that trust level!
The Register is an effective mirror of the article too, but they also have a *tiny* bit more information.
You would initially just see broadcast traffic, and that gives you some IP information to get started from. You could then send a continuous stream of forged packet to the switch pretending to be from MAC addresses you can see. Depending on the switch you may be able to force it to fail and start acting as a hub, or receive packets intended for the legitimate hosts you are faking.
It's a technique known as ARP spoofing, for which there are plenty of tools such as Dugsong's DSniff suite. Get Ethereal as well, capture some packets and see what you can derive about the network - it should be quite a lot. Add a packet generator into the mix and, well, the sky's the limit really. I should also point out that you can very easily break the law with these tools; be careful what you do and where...
Like the Dilbert strip where Dilbert advises his boss to change the password to "******" to avoid having to explain why his keyboard puts the wrong characters on the screen when he types his password? And more importantly, what do you tell the same boss when he's upgraded to Windows XP and gets those natty blobs for his password "typo"? Typing "ALT+0183" (on the numeric keypad!) six times just doesn't seem like it's going to cut the mustard.
I suspect it's more like this:
Try DHCP - if OK great, configure eth0 accordingly, if not, not a problem for now
Put eth0 into promiscuous mode
Capture some traffic
Look for where connections are being opened for port 53 (DNS), port 20/21 (FTP), 25 (SMTP)...
Look at the source IPs for local IP's / subnet
Look for where traffic off-net is being sent for the default gateway(s)
etc.
Fill in some blanks with the above
Present harvested info to the user and ask them to fill in any required unknowns, make corrections and confirm the final settings This kind of thing isn't new, and there are lots of other tricks to farm data, like sending forged packets to illicit a response with useful data. Where you tend to come unstuck in what you can achieve though is when you plug the thing into a switch. It's a bit more difficult to find what you want when you can't see it...
I've not seen any of the new adverts on TV yet, but the press has got hold of it and there are advertising hoardings starting to appear featuring the three bird characters. The general style of the characters is very reminiscent of "Chicken Run", although there are three different kinds of birds, rather than just chickens. No doubt DivX versions will be coming to a web site near you Real Soon Now if they are any good.
It's not that I have anything against MemoryStick as such, it's just that other similar technologies are far more interoperable with a broader choice of devices, and surely "durability" is a secondary goal to "interoperability". It's an old chestnut, but you have to love standards; there are so many to chose from. :(
What I'm hoping for is that Palm's "community development" method will pay off and they will fold all the neat new Sony stuff, especially the screen, back into the general product line in time for the 515 launch around March. If not, then I'll probably end up getting the Clié and living with the semi-proprietary memory stick.
Sorry, but this argument is typical warez k1dd13 bullshit. Theft is when you illegally deprive someone of something that is rightfully theirs. Software piracy deprives the retailer, distributor and manufacturers of the software you stole of some revenue. You might get some satisfaction from hitting out at the evil corporations, but there is no avoiding the issue that piracy is still theft.
If you can't afford the software then you can either become a criminal, or, you can wake up, smell the roses, and move to the world of free software. It's not always a smooth ride to get there admittedly, but the destination makes it all worth while when you do.
I *never* use "Firstname Lastname". I always work something to do with the company whose list it is in there, and none too subtly either, so that if it turns up in spam I know who to bitch at. I'd like to see the look on their face when "Firstname Lastname" turned out to be "Microsoft Corporation". ;)
At least someone out there has an impressive marketing budget to spend in this year we're all expecting doom and gloom...
I personally think that they do have something, but have doubts that their expectations are going to be realised. Reading between the "TM"s; I think it works like this:
- Massage the data stream with the "Tuner"
- Compress the data with the "Accelerator"
- Write out the "BitPerfect" data file
As to all the claims about violating the work of Claude Shannon; lots of people seem to mis-interpret Shannon to say "you cannot compress random data". This is not true! A better way of expressing it is "you cannot compress all data sets of size n". I think ZeoSoft is talking about a random sample taken sub-set of all possible data, ie. an AV data stream of length n. It's the difference between saying "I can compress any document" (which violates Shannon) and "I can compress any Slashdot page source document" (which does not violate Shannon).Take very large prime numbers and the like, huge strings of almost random numbers that can often be written as a trivial (2^n)-1 type formula. Maybe the massaging of the figures is simply finding a very large number that can be expressed like the above with an offset other than "-1" to get the correct "BitPerfect" data. I was toying around with this idea when there was a fad for expressing DeCSS code in unusual ways, but ran out of math before I could get it to work.
The above theory maybe bull when it comes to the crunch, but if it could be made to work, then the compression figures are bang in the ball park for this. They laughed at Goddard remember? But I have to admit, I think replacing Einstein with the Monty Python foot better fits my take on this at present...
Let's face it, copy-protecting audio CDs is an expensive waste of time and the studios must be realising it by now. They have the costs of licensing the copy protection scheme, the costs of the bad press it generates, the costs of dealing with returns from unhappy punters whose CD players don't work. And what do they get in return? A CD that can always be ripped simply by feeding the stereo line out of a CD player into the stereo line in of a soundcard and pressing "play" at one end and "record" at the other. Line noise? I'm Ogg/MP3ing anyway, you think I'm going to notice the little bit of line noise after compression has mangled it?
Getting techy for a minute, a PC's BIOS transfers control via a disk's boot sector to the boot loader in real mode, the boot loader (GRUB, LILO, NTLDR etc.) then loads the OS proper. Now, technically a boot loader could switch to protected (32 bit) mode before loading a fully 32 bit OS, but so far all mainstream PC OSs (yes, Linux and BSD too) run some initial boot code in real mode before making the switch to protected mode. Some make the switch sooner than others and I'm sure some of the experimental OS's out there make the switch immediately they gain control from the boot sector.
The main point though, was that for the 32 bit Windows platform (boot stubs aside) the process of Hardware support -> OS support -> decent app support has taken the best part of a decade. If you think the switch from 32 bit to 64 bit is going to happen much quicker, then you are probably going to be disappointed.
Actually, even that's not strictly true, since according to the Resource Kit documentation Windows XP's initial configuration detection is *still* 16 bit.
I do. It means "Made or consisting of iron; partaking of iron; iron; as, irony chains; irony particles", but I think the definintion people need to understand is "Incongruity between what might be expected and what actually occurs", which is actually what is happening, isn't it? I for one would have expected to see a "Powered by VIM" button or whatever it says rather than an emacs logo.
Both the above definitions are cut and pasted from dictionary.com before you follow up.
Actually this makes a lot of sense to me; raise a shitload of cash for nothing and then watch the new owners of the vastly overvalued domain names struggle to recoup their investment while you laugh all the way to the bank. This scheme sounds suspiciously like the 3G mobile auctions in the UK a few years ago; the government got £26 *billion* for a few leases on the RF spectrum. Like, sure, there is £26 billion to recouped from 3G in a population of less than 60m...
Does anyone know how this new squid is going to help my web cache performance, and where are the changelog and download URLs?
Ever hear of something called a contract? Elton is probably unable to simply switch labels without being in clear breach of his contract. He might be able to simply do what he has done without repercussion; George Michael lost his case to actually sever ties with Sony, which is why he too no longer releases any music.
I don't think it's habits at all, but rather that it's more down to ethos. I for one surf with Linux, yet if I had hit every single one of those sites used in the survey I would have no impact on the amount of "Linux on the desktop" reported. I have cookies switched off and hitbox.com is one of many sites my broswer thinks is 127.0.0.1
Add in those who have their browser lying about it's branding, as you suggest, to fool those sites that are "optimised for IE" and it's fairly obvious that any figures are going to cant towards Redmond. Remember, there are "lies, damned lies and benchmarks" and "95% of statistics are made up on the spot". I would think a few more percent to Linux is more realistic, but only a few.
Actually, only on paper. There was a big brouha in the UK press recently about Elton being so pissed about the money grubbing bastards in the music industry that he has decided never to record again. I guess this concert is the next stage in the fight.
I don't much like his style of music, but kudos to the guy for standing up to the biz. Go Elton!