I did not see this thread. It (like many) seems to have a lot of useless info, but that DNS issues is probably key. We use open DNS here, and I did not even think to change DNS. If it recurs I will certainly check that. You sir deserve a +1.
Yesterday in my repair shop I started getting a 0x80246002 error when checking for updates. Only on Win 7, (8 and vista were unaffected). This first occurred on a customer box that had a malware infection. The KB for this error simply states:
This problem may occur if Windows Update or Microsoft Update determines there is a file hash mismatch when you try to search for available updates from the Windows Update Web site or from the Microsoft Update Web site.
I spent a couple hours down the rabbit hole, thinking malware had broken updates on this box. Not unusual, and normally fixable by one of several means. When all attempts failed, and then another box presented the same error, I checked, every single windows 7 box would not check for updates.
I found that it was not something strange in our router or firewall, and it even occurred on other building tenants computers using a separate internet connection. Everyone in the building is on Comcast. Even more interesting, if I connected a computer to another ISP (tethering on my phone in this instance), the update check would succeed. You could then reconnect to comcast and download and install the updates.
Further all of these computers were running Windows Update Agent 7.6.7600.320, which is a recent (KB less and not able to be skipped) update to Windows update, that you cannot roll back easily. However, by going to a restore point prior to this update, checking for updates magically worked again, until this Agent updated itself and it was broken again.
So somehow, for whatever reason, the way Windows Update on Win 7 with this version of the agent checks for updates was being blocked by Comcast (Business class). Try explaining that to a comcast support rep. Fortunately today it seems to be working again.
Pretty interesting idea and a nice slashvertisement. How about instead, using an emulator,pushing a resolution that looks good onyour panel, and even possibly applying AA and other filters till it looks how YOU like, You have far more options for less cash that way. This reeks of monster cableitis to me.
I work in a repair shop. I see this every single day, and it is accelerating. Many are cold calls, but a surprising number are found in google searches. I had one today where someone was looking for outlook help as they could not access their email.
In my experience, most do 'semi' legitimate work, using normal tools for disinfection and optimization. These tools are things like hitman, MBAM, ccleaner, etc. Unfortunately, the techs do not seem very skilled, sometines causing damage, and more importantly they lie in a very convincing confidence game to get payment info and perform service. While I have yet to see anyone have extra fraudulent charges placed on them, the initial bill is fradulent given that the work never needed to be performed.
Also, if these "services" are so unethical as to lie to get you to pay, it is a small step to later using that payment information or selling it to third parties.
The worst one I saw is from a personal friend who called one of these services for assistance, paid 300 dollars for 3 years of remote assistance. One onthe to the day later, another company cold called him (he thought it was the first company). He allowed them remote access, and then when they wanted payment and he realized it was not the first company he asked them to disconnect. He was emotional and turned off his surge protector when they became pressuring and refused to disconnect. He left the room failing to realize it was a laptop and still on. The 'tech' then proceeded to delete most of the recently dated files in his user profile. These were very important files, and I was only able to recover about 85% with file recovery tools.
Unfortunately all these companies need to operate is a phone number and a simple VOIP system..maybe a quick templated website and domain. They can be set up in a very quick time, and exist outside of any willing jurisdiction to fight them. Education is the ONLY way at this time.
Industry math? 700k downloads does not equal 700k movie tickets or DVD purchases or rentals. Some significant portion of that number would never have bought the movie, whether available for download or not. Regardless of your views on criminal/violent punishment for non-violent IP crimes (I disagree on that level personally), basing any punishment on a false metric is the worst kind of injustice.
Perhaps, he should take the most money he made (legally) on any one day of his life, then counter sue for lost wages for every single day incarcerated. I mean if he made 1500 on that lottery ticket one day, then he should have made 1500 every other day including weekends!
Chrome/chromium on windows uses the Windows Crypto API to install and verify certs. This bypasses the TOR proxy and allows for a MITM attack with no user knowledge. Changing this requires more work then what they have to do with FF.
My questions are thus... why not move to a model where the entire OS is forced through the tor proxy, This could be done with the use of a dummy network adapter and disabling the current adapter while tor is in use. Yes it would likely break certain OS features during that time, but there it is.
TFA also discusses putting a dumbed down security 'slider' on the browser, but still the default is to allow JIT/JS. Currently you have noscript installed, but not turned off in a fresh install. A few lines of JS is enough to identify an IP or fingerprint more of the system. The default should be most secure with warnings to open it up. Period. At install time you already explin that things do not work like you are used to and then allow the user to decide to reduce security. Anything else provides an illusion of security to a naive user, but still allows an adversary easy means of detection.
This.. a thousand times this. as grandparent to this thread, I cannot moderate, but I do not believe that the state should issues ANY edicts regarding a religious ceremony and joining.
There should be laws regarding contracts and benefits between groups of people, and nothing else. Leave marriage to the priests, and if that church does not believe in your type of union, find another.
Its not just working at google scale, its human-nets paid pennies by spammers to solve captchas. If it is machine-unsolvable this will happen as long as there are people poor enough to work at such menial tasks for low wages.
This is/. Just mentioning a paywall IS trolling here. We are the tough geeks and will browse into that rough patch on the interwebs to get our fix of data. We will risk malware and viruses to pirate the latest films. We will walk into a biker bar and call the biggest pagan mother fucker a gay little bitch.
Oh wait, maybe not that last one.
Seriously though.. what is considered a troll, or offensive is subjective. If I do not want imposed censorship, I sure as shit am not going to pay for it directly.
This sounds like a case of the left hand doesn't know what the right is doing. While neither collection method sounds constitutional to me I am not surprised.
Let's guess who gets in trouble...
The employee selling the data..check (low level scape goat)
Maybe an IT guy that allowed excessive permission.. maybe he just gets fired...
Any DEA agents or upper level management who authorized illegal and warrant-less data collection? NO
Any Amtrak executives for allowing it to be provided (through the employee or the terminal in the DEA office?) NO
If we are lucky we will hear some strong words at a congressional hearing, and that will be the end of it.
If a civilisation could create a Dyson sphere, don't you think they'd have some use for all the wasted energy "radiating in infrared"? Perhaps a large portion of the star's output is used for their energy needs, and efficiency rules the day? Perhaps the drive to attain the best efficiency possible is required of a civilisation before they can reach a stage advanced enough to buld something on this scale.
Rather than provide fancy new 'heads up' displays for drivers or
built-in smart phone driver docking stations for drivers with
their 'heads up' their ass, we should be working on roadside electronic
surveillance and longer prison sentences for the drivers who kill
people while using their smartphone.
While I agree that distraction is an issue, and solutions should be found, and I also agree that this device sounds like more distraction, longer prison terms solve nothing. Incarceration does not stop drug use, threat of life in prison does not deter murderers of bank robbers. No matter the differences in incarceration percentage or average length of incarceration, developed countries crime rates stay relatively stable. The few things being tougher on any crime does do well is break up families, provide jobs to the prison workers, and create a hated underclass that is likely to turn to crime again.
This is not to say that there should be no punishment for crime, but to say the money would likely be much better spent on proper prevention. Not more police, swat toys, and police programs, but things like education, family planning , job training, addiction recovery, even driver training, etc. For the cost of putting 2-3 people in prison for a year, a town could hire a person to do distracted driver training and testing on a closed course. All you need is an empty parking lot and some cones.
I have no idea if this guy did this or not (innocent until proven right?) It looks like he did, but consider the following
.
Registered sex offenders in most states have to register their email address. Sometimes even so much as providing the password.
With legal (or cracked) access to anyone's email account (sex offender or not) lets see how easy it is to plant evidence.
1. Access account, add a folder or label (preferably hidden buy being buried in default sort order or under another folder).
2. Set filter with obscure rule to automatically route certain emails to said folder.
3. Send "illicit" or "evidentiary" messages that match said filter. These can be sent from self or whatever generated entity seems appropriate.
4. Access account again from various public IP addresses (or from target's own wifi). Read already read email, plus messages in target folder.
5. Remove filter. Have Google 'find' the evidence. Arrest wrongdoer.
This is not that far fetched. The chain of evidence doe not prove that the target is guilty, but can be made to look enough like it to convince a judge or jury. From the vantage of Google or a jury, it looks as though the subject sent or had sent, expected, and read the messages.
Just about anyone here could do this with the creds to an account - which in most situations are not terribly hard to garner.
Before you say you would notice the folder in your account, think of this. I have over 100 folders in my email account, some rarely opened, and never all visible on the screen. I wouldn't have noticed - but I may have enough knowledge to fight - a little anyway. How about a novice, when a folder named 'Archived Messages' appears. Would he/she even think twice?
I did not RTFA, but I know google uses their image search algos for blocking known child porn sites. It is not a hard step to run that against email messages. How about when the NSA/CIA/FBI tells google (via a NSL) scan all messages for x terms. How about when said terms are sent to and from hacked accounts as a matter of course?
It is important to realize that absolutely no communication that is unencrypted is private, but how about whe forged open communications can make you a criminal?
Joshua Wright, an FTC commissioner who dissented in a recent settlement with Apple, says a 15-minute open purchase window produced "obvious and intuitive consumer benefits" and that the FTC "simply substituted its own judgment for a private firm's decision as to how to design a product to satisfy as many shareholdersas possible."
This is all true, but the distribution model is different now.
Online distribution, plus online communities and ranking systems make it sometimes easier to separate out the chaff.
Do not confuse my statement. I never said the IP is a person. I said banning it affects multiple people including innocent bystanders. A crowd is not a person. Do we bomb a crowd because a few are bad actors?
We should always err on the side of least effect on innocent people, preferably no effect.
Slashdot Mirror
I did not see this thread. It (like many) seems to have a lot of useless info, but that DNS issues is probably key. We use open DNS here, and I did not even think to change DNS. If it recurs I will certainly check that. You sir deserve a +1.
This problem may occur if Windows Update or Microsoft Update determines there is a file hash mismatch when you try to search for available updates from the Windows Update Web site or from the Microsoft Update Web site.
I spent a couple hours down the rabbit hole, thinking malware had broken updates on this box. Not unusual, and normally fixable by one of several means. When all attempts failed, and then another box presented the same error, I checked, every single windows 7 box would not check for updates.
I found that it was not something strange in our router or firewall, and it even occurred on other building tenants computers using a separate internet connection. Everyone in the building is on Comcast. Even more interesting, if I connected a computer to another ISP (tethering on my phone in this instance), the update check would succeed. You could then reconnect to comcast and download and install the updates.
Further all of these computers were running Windows Update Agent 7.6.7600.320, which is a recent (KB less and not able to be skipped) update to Windows update, that you cannot roll back easily. However, by going to a restore point prior to this update, checking for updates magically worked again, until this Agent updated itself and it was broken again.
So somehow, for whatever reason, the way Windows Update on Win 7 with this version of the agent checks for updates was being blocked by Comcast (Business class). Try explaining that to a comcast support rep. Fortunately today it seems to be working again.
Pretty interesting idea and a nice slashvertisement. How about instead, using an emulator,pushing a resolution that looks good onyour panel, and even possibly applying AA and other filters till it looks how YOU like, You have far more options for less cash that way. This reeks of monster cableitis to me.
The 'impossible' is just something that hasn't been done yet.
Nothing is impossible eh? Go slam a revolving door.
Because 'Blackies' is such an endearing sweet term for African Americans. I mean colored folk.. oh whatever. It is how the term is used man.
In my experience, most do 'semi' legitimate work, using normal tools for disinfection and optimization. These tools are things like hitman, MBAM, ccleaner, etc. Unfortunately, the techs do not seem very skilled, sometines causing damage, and more importantly they lie in a very convincing confidence game to get payment info and perform service. While I have yet to see anyone have extra fraudulent charges placed on them, the initial bill is fradulent given that the work never needed to be performed.
Also, if these "services" are so unethical as to lie to get you to pay, it is a small step to later using that payment information or selling it to third parties.
The worst one I saw is from a personal friend who called one of these services for assistance, paid 300 dollars for 3 years of remote assistance. One onthe to the day later, another company cold called him (he thought it was the first company). He allowed them remote access, and then when they wanted payment and he realized it was not the first company he asked them to disconnect. He was emotional and turned off his surge protector when they became pressuring and refused to disconnect. He left the room failing to realize it was a laptop and still on. The 'tech' then proceeded to delete most of the recently dated files in his user profile. These were very important files, and I was only able to recover about 85% with file recovery tools.
Unfortunately all these companies need to operate is a phone number and a simple VOIP system..maybe a quick templated website and domain. They can be set up in a very quick time, and exist outside of any willing jurisdiction to fight them. Education is the ONLY way at this time.
Faster internet access means faster internet search results when cheating. Therefore the internet should be banned. /s
Perhaps, he should take the most money he made (legally) on any one day of his life, then counter sue for lost wages for every single day incarcerated. I mean if he made 1500 on that lottery ticket one day, then he should have made 1500 every other day including weekends!
Slashdot [Superprotection needed].
My questions are thus... why not move to a model where the entire OS is forced through the tor proxy, This could be done with the use of a dummy network adapter and disabling the current adapter while tor is in use. Yes it would likely break certain OS features during that time, but there it is.
TFA also discusses putting a dumbed down security 'slider' on the browser, but still the default is to allow JIT/JS. Currently you have noscript installed, but not turned off in a fresh install. A few lines of JS is enough to identify an IP or fingerprint more of the system. The default should be most secure with warnings to open it up. Period. At install time you already explin that things do not work like you are used to and then allow the user to decide to reduce security. Anything else provides an illusion of security to a naive user, but still allows an adversary easy means of detection.
This.. a thousand times this. as grandparent to this thread, I cannot moderate, but I do not believe that the state should issues ANY edicts regarding a religious ceremony and joining. There should be laws regarding contracts and benefits between groups of people, and nothing else. Leave marriage to the priests, and if that church does not believe in your type of union, find another.
Its not just working at google scale, its human-nets paid pennies by spammers to solve captchas. If it is machine-unsolvable this will happen as long as there are people poor enough to work at such menial tasks for low wages.
Guess I have to go to 4chan now to read gay hating misanthropic posts.
We are the tough geeks and will browse into that rough patch on the interwebs to get our fix of data.
We will risk malware and viruses to pirate the latest films.
We will walk into a biker bar and call the biggest pagan mother fucker a gay little bitch.
Oh wait, maybe not that last one.
Seriously though.. what is considered a troll, or offensive is subjective. If I do not want imposed censorship, I sure as shit am not going to pay for it directly.
Let's guess who gets in trouble...
The employee selling the data..check (low level scape goat)
Maybe an IT guy that allowed excessive permission.. maybe he just gets fired...
Any DEA agents or upper level management who authorized illegal and warrant-less data collection? NO
Any Amtrak executives for allowing it to be provided (through the employee or the terminal in the DEA office?) NO
If we are lucky we will hear some strong words at a congressional hearing, and that will be the end of it.
If a civilisation could create a Dyson sphere, don't you think they'd have some use for all the wasted energy "radiating in infrared"? Perhaps a large portion of the star's output is used for their energy needs, and efficiency rules the day? Perhaps the drive to attain the best efficiency possible is required of a civilisation before they can reach a stage advanced enough to buld something on this scale.
Maybe the author smoked one whole marijuana.
Rather than provide fancy new 'heads up' displays for drivers or built-in smart phone driver docking stations for drivers with their 'heads up' their ass, we should be working on roadside electronic surveillance and longer prison sentences for the drivers who kill people while using their smartphone.
While I agree that distraction is an issue, and solutions should be found, and I also agree that this device sounds like more distraction, longer prison terms solve nothing. Incarceration does not stop drug use, threat of life in prison does not deter murderers of bank robbers. No matter the differences in incarceration percentage or average length of incarceration, developed countries crime rates stay relatively stable. The few things being tougher on any crime does do well is break up families, provide jobs to the prison workers, and create a hated underclass that is likely to turn to crime again.
This is not to say that there should be no punishment for crime, but to say the money would likely be much better spent on proper prevention. Not more police, swat toys, and police programs, but things like education, family planning , job training, addiction recovery, even driver training, etc. For the cost of putting 2-3 people in prison for a year, a town could hire a person to do distracted driver training and testing on a closed course. All you need is an empty parking lot and some cones.
With legal (or cracked) access to anyone's email account (sex offender or not) lets see how easy it is to plant evidence.
1. Access account, add a folder or label (preferably hidden buy being buried in default sort order or under another folder).
2. Set filter with obscure rule to automatically route certain emails to said folder.
3. Send "illicit" or "evidentiary" messages that match said filter. These can be sent from self or whatever generated entity seems appropriate.
4. Access account again from various public IP addresses (or from target's own wifi). Read already read email, plus messages in target folder.
5. Remove filter. Have Google 'find' the evidence. Arrest wrongdoer.
This is not that far fetched. The chain of evidence doe not prove that the target is guilty, but can be made to look enough like it to convince a judge or jury. From the vantage of Google or a jury, it looks as though the subject sent or had sent, expected, and read the messages.
Just about anyone here could do this with the creds to an account - which in most situations are not terribly hard to garner.
Before you say you would notice the folder in your account, think of this. I have over 100 folders in my email account, some rarely opened, and never all visible on the screen. I wouldn't have noticed - but I may have enough knowledge to fight - a little anyway. How about a novice, when a folder named 'Archived Messages' appears. Would he/she even think twice?
I did not RTFA, but I know google uses their image search algos for blocking known child porn sites. It is not a hard step to run that against email messages. How about when the NSA/CIA/FBI tells google (via a NSL) scan all messages for x terms. How about when said terms are sent to and from hacked accounts as a matter of course?
It is important to realize that absolutely no communication that is unencrypted is private, but how about whe forged open communications can make you a criminal?
Joshua Wright, an FTC commissioner who dissented in a recent settlement with Apple, says a 15-minute open purchase window produced "obvious and intuitive consumer benefits" and that the FTC "simply substituted its own judgment for a private firm's decision as to how to design a product to satisfy as many shareholdersas possible."
FTFY
You have to keep up!
The word you are looking for is Waldo. http://en.wikipedia.org/wiki/R...
We should always err on the side of least effect on innocent people, preferably no effect.
A person made the edits. However,if you ban the IP or IP range, then you ban innocent bystanders. This is unacceptable. Period.
That IP had been vandalizing for years. That IP is not a person. Period.