It's no different from saying, "Hey! You're poor man, go do manual labour, you ain't fit for all this education and research."
They fail to conveniently mention that the primary reasons such nations were made poor is because of colonialization by so many countries for hundreds of years, literally looting the colonies.
They fail to mention that the number system that they use originated in India, including the zero. They fail to think that Indians had found Pi much before anybody, and that the contributions of Indians in every other field has been hampered only because of "them poor third world nation".
Come on, prove me wrong. If India had the resources that other nations had at their disposal, we'd have been one of the leading pioneers. But no, US has to cap India at every step. US has to force Russia not to sell us cryogenic technology. Fine, we made our own. And US had to stop Russia and France from selling technologies for making supercomputers and guidance systems, we made that too. You don't give us nuclear capability? Fine, we make that too.
So far, almost everything that India has achieved has been indigenous - in a multicultural "developing" society which is looked down upon by much of the world with an eeks! third world nation attitude, I think that's very very commendable.
And what's this nonsense about competition with Pakistan? We have had Nobel Laureates in almost every field (Physics, Literature, Economics...) and have had excellent progress in education, science and technology. We probably have more engineers passing out that any other country, with thousands of engineering institutions. And a significant majority of the world's IT workforce is Indian. Agreed, we've had occasional communal riots, but hey in a society with thousands of religions and thousands of languages, these do happen once in a while.
And we have proved that our democracy works time and again, tell me any other country where the President is a long haired rocket scientist geek belonging to a minority community.
And India has -not- annexed a single piece of land in thousands of years, even if we have waged a war, the claimed land has been returned, and we have a long standing tradition of tolerance, peace and non-violence. If anything, we've been forced into developing self-defence mechanisms.
And ofcourse, US supports countries which openly wage wars and oppose minorities, and US itself sells weapons and just can't wait to bomb the hell out of some poor "third world nation" which is definitely ruled by an evil dictator who is making all those bio weapons that's gonna destroy the world. And you call us a potential threat that should be suppressed? DUH!
I think it's very unfair on part of the world in large to treat a nation such as India as though it were some terrorist state that's gonna nuke the world to kingdom come.
Exactly my point, what I mean to say is that the net is already teeming with cops, armies and criminals.
What is Carnivore? A benevolent government plan? Bullshit, it's just for a government to spy on it's own people.
The people of China and the Arab world know a very different net from others. And their armies are already there, or rather, it's almost like only their armies are there.
Just how much worse can it get? There is no need for any armies to come, because they're already here.
We certainly do need to keep our guard up to prevent the mafia/state from getting a foothold here.
I agree, but the trouble is that they'd come here immaterial of what we try to do. It's true for any communication media. The primary reason they're here is because the media is so wide spread and penetrating.
I am not arguing complacency. Eternal vigilance is the price of liberty. Even here.
Although I really wish that was not the case, it's unfortunate that we really are not very different from the days when Socrates was given poison.
Free thinking? Duh. Liberty and radicals are always hated by those who fear change, and consequently the intellectual community.
But keep your guns, cops and armies out of this cyberspace, because we're doing just fine without them.
Are we, really? We have multitude of agencies looking into what we do, tracking users, literally being stalked by "agencies bound to protect the citizens."
Whoever says that the net is a peaceful halcyon is crapping.
And there are significant number of perky pimply faced teenaged crackers who just can't wait to get into your system and forward all your girlfriend's mails to bulletin boards.
Despite what you'd like to believe, yes, the net is already teeming with armies and cops and robbers too, or maybe an "armed terror space" to paraphrase Bruce Sterling.
Are these people that "small" a percentage on the net? It definitely does not seem so.
The trouble here is the J.Random user would not really care. Is he really bothered about the DMCA, or does he even know about it? And what is he doing about it? Despite everything that happens, it's always those evil hackers who get the boot.
You'd be surprised by what ppl are ready to give up for that little extra comfort.
This is bad not just for the US, but for a whole lot of other economies in other countries.
Just as an example, VSNL, a semi-govt. owned organization in India and the biggest ISP, had deals worth billions with WorldCom.
Now, VSNL is unsure whether it would get the services or the money. The crux of the matter is that this would affect the shares here a whole lot more, since there are a lot of companies that use the services from VSNL, which in itself is paid for.
And unfortunately, who pays for this? The second and third tier customers in developing countries, who have to endure a whole lot more than their counterparts. Because, they too would be accountable, and I'm just waiting for the VSNL stock prices to plummet, along with others.
I think the executives of Multinationals should be held responsible and should be put to something of an international tribunal that analyses the consequences of their actions, worldwide.
Maybe the punishment should be to throw them in some third world country's prison with hardly a square meal a day and no water to drink, then they'd understand what the hell they were doing.
I'm not eager to have Sony keeping track of the games and music I'm playing on my PlayStation. This is a good opportunity for Nintendo to distinguish themselves by embracing freedom.
Unfortunately, little does this have anything to do with 'embracing' freedom or supporting anything that even vaguely resembles it.
It's got everything to do with marketing, and money. Sony is probably testing waters by introducing such DRM "sensitive" devices into all their products. When all the capitalistic forces jump onto the bandwagon (if it works out for Sony), the actions of other companies would be guided by market forces.
Even assuming that Nintendo does take an openview of things and says Go EFF, it'd still not do much good for Nintendo for 2 reasons -
a] The fraction of population that actually understands what Nintendo is trying to do, and buys things to help them do so would be very very small indeed. Besides, it's a good product that sells, based on the needs, immaterial of how laudable your goals are. Look what happened to Loki. They made very good products, and definitely had a great vision. But just that does not suffice in an evergrowing corpy environment.
b] If all the big players take on such measures, then Nintendo will have to follow suit, else they risk being sued/litigated to kingdom come. If some performer claimed that because Nintendo lacked the technology to prevent abuse, people were pirating, Nintendo would be up against the wall.
Also, in the article - "OpenMG X" flexibly adapts to the distribution of content to PCs, as well as services which distribute content directly to AV and mobile devices.
Now that would be a killer. Because, right now the only people who can actually help you here are the PC Industry manufacturers. As long as they don't stick up an OEM deal to you that voids your hardware if you do not own their "h4xor pr00f 4nt1 p1r4cy" software or something like that, it's good for us. But once you get embedded software onto the ROMs that would do something along the lines of what Sony is suggesting, then the bells start tolling.
There was something similar done by a guy called Luke Dahl, only it was for audio.
It was a Markhov chain extrapolation of the 3d sound as perceived by a 3d being and using a series of normalizations and transforms.
It was called Frobenius Norm, and was a composition of how a 4-d sound would sound to a 5-d being, I think. I just remember it being "spiffy" and very addictive!:-)
(Which used to be a good, technical show but now is filled to the brim with unemployed dotcom kiddies)
Dot commies? What nonsense. It's more professional and academia oriented, that's 'coz most of the crowd there is professional graphics programmers.
And SIGGRAPH is supposed to be pretty cool these days, and now they've even started getting shows on DemoScene.
Check out the Demoscene Outreach Group which performed at this year's SIGGRAPH, cool stuff. If you hate SIGGRAPH so much, maybe you should try the GDC. In fact I'd say SIGGRAPH should become even more professional, they do not seem to be handling a lot of cool & new math stuff and techniques which a lot of European schools, like MPI for example, seem to be working on.
Yup, not just that, there's another very essential point.
Contrary to popular belief, there is a very very significant tech-savvy population of farmers and others in India.
I think it would be great if they could get information regarding the weather, crops, harvest and the like in a much more accessible forms. Right now, there are counters and phone centers who answer such queries for them, if the simputer could make their task easier, then what's the problem? The returns would be way higher.
And some poster had commented about illiteracy, that an illterate populace does not need such stuff. You know, you do not weed out illiteracy by saying, "Hey! You don't deserve this coz you don't read." You try and motivate people. And by the way, who the hell gave you this crap that most Indians are illiterate? In the southern state of Kerala, there's more than 99% literacy. There are a lot of states and union territories which boast of 90%+ literacy.
And literacy for us is a very different thing altogether, a lot of the so called illiterate people do math, but can't write and read. Why? Because that's the way the culture and the society is. A guy running a family businesss here just knows what he needs to, nothing more nothing less. Just that they've not had the opportunity to exploit their capabilities does not mean that they should not be.
And besides, I'm sure that the govt. would introduce subsidies and banks would gladly give loans to the needy. Already a lot of subsidies with really reduced interest rates exist for small scale industries by banks with both public and private holdings. With enough help from the govt. Simputer could be really made available to the masses. More than a geek or hacker to fiddle with, this could mean a whole lot more to a farmer or a fisherman to know the status of the weather and the crop. Think about it.
It's said that Hardy died a happy man, very happy that none of his pure math was ever used by applied mathematicians.
He's said to have gloated over the fact that atleast for quite sometime into the future, applied mathematicians would leave the realm research done by pure mathematicians alone.:-)
"1.5 billion is the expectation for the final match -- accumulated for the 64 matches we expect more than 40 billion spectators," said Home Broadcast Services' (HBS) chief executive Francis Tellier on Saturday.
40 Billion. Is that just in the Milky way, or are we including the poor things in the other parts of the universe which we are filling with such transmissions?
I've always said that corpys had deals with aliens! See! See! See!:-/
In fact, it's not very tough designing something like that. Anybody who's tried designing games or game levels, even simple ones would know how easy this is.
For example, look at NeHe's simple 3d engine demo - you could easily build any structure you want for one of these, with sufficient skill modeling your house wouldn't be any more difficult than mapping a few co-ordinates. It'd be cooler still if you could import some format like DXF or VRML or the like into a suitable map.
About the first point, I'd say it's a question of perspective. I think a curious scientist meddling with "risky stuff" contributes a whole lot more to society than any good samaritanish work, or any kind of public service. Atleast that's my opinion, so it's entirely objective.
Since when did Stephen Hawking risk anyone's life? Brian Greene?
Huh dude... those are theoretical physicists you're talking about! There is a very big difference working with your hands and working on paper. I do agree that both are important (I do theoretical physics myself) but I feel that we're losing out on people who can work with their hands. Who can actually build good stuff. This guy may not be great, but he's got a streak of initiative which a whole lot of people do not have.
And I find your use of three exclamation points in the section I have not quoted inflamatory;-).
Ahem! I respect intellectuals!:-P;-)
Yes, I do agree that smartness and wisdom are relative terms. And in the end you say that smart people can do really stupid things. You know, a lot of people said that to Jules Verne abt his book "From Earth to the Moon".
And it is some of those stupidities that sometime give us wonderful things:-) Relativity at work, I suppose...
You seem to stress on the fact that the guy should have been denied the award just because he stole a few small things and lied?
Give me a break! Tell me, would he have done this if he had direct access to these materials in the first place? I find it disgusting that you'd place more importance to such trivialities of character, rather than his scientific spirit.
In this context, this quote by HL Mencken comes to mind --
The value the world sets upon motives is often grossly unjust and inaccurate. Consider, for example, two of them: mere insatiable curiosity and the desire to do good. The latter is put high above the former, and yet it is the former that moves one of the most useful men the human race has yet produced: the scientific investigator. What actually urges him on is not some brummagem idea of Service, but a boundless, almost pathological thirst to penetrate the unknown, to uncover the secret.... His prototype is not the liberator releasing slaves, the good Samaritan lifting up the fallen, but a dog sniffing tremendously at an infinite series of rat-holes. -- H. L. Mencken
The guy has to be more than just admired for the fact that with little or no resources, he's built something that's definitely worth commending.
2) What he did was really, really stupid and dangerous. This is not an inspiring tale of a brilliant young man, but a cautionary tale of how a little knowledge and not much common sense can cause lots of trouble.
Huh? You know something? Any path that does not involve risk ultimately leads to stagnation. It's only the people who take risks, who are unafraid to break through the odds who help humanity progress.
You cannot hope to build a rocket without risking it crashing somewhere. If that's the case, then most of the world's greatest scientists are idiots by your scale.
If I didn't know better, I'd probably say you're jealous of this guy. Come on man! You're supposed to be an astrophysist (atleast that's what I gather from your site), you should know this of all people!!!
All said and done, he's one smart dude. Naive yes, and a little ignorant too, but one of the smarter ones with a creative streak.
I agree that I could have linked to the article, my mistake:-)
But then again, a lot of times Slashdot filters have really come in the way, I do agree that they are a necessity, but sometimes I feel like it's an overkill.
I've been trying to post the Bugtraq's version of this bug, and all I keep getting is Your comment has too few characters per line.
Internet Security Systems Security Alert May 21, 2002 - Microsoft SQL Spida Worm Propagation Synopsis: ISS X-Force has learned of a worm that is spreading via Microsoft SQL servers. The Spida worm is responsible for large amounts of Internet traffic as well as millions of TCP/IP probes at the time of this alert's publication. This worm attempts to locate and login to MS/SQL servers with the "sa" account and a blank password. Once a vulnerable computer is found, the worm will infect that target, send its configuration and password information to an external host, and begin scanning for new targets.
Impact: Although the Spida worm is not destructive to the infected host, it may generate a damaging level of network traffic when it scans for additional targets. The scanner bundled with the worm is multi-threaded and is capable of scanning with 100 threads. A large amount of network traffic is created by the worm, which scans both internal and external IP addresses for vulnerable servers.
Description: The Spida worm propagates via Microsoft SQL installations with administrator accounts that have no passwords defined. Although Microsoft recommends that the "sa" account be set upon installation, many servers are not properly secured. If the worm finds a vulnerable server, it will attempt to execute its startup script by running the "xp_cmdshell" function, which is the SQL call used to execute system commands within SQL queries.
The main function of the Spida worm is to export an infected server's SAM password database and forward information about its network and database configuration.
The worm installs all of its files into the \Windows\system32 directory except for services.exe, which is installed into the \Windows\system32\drivers directory. Each of these files has a distinct function which is outlined below:
sqlprocess.js - This is the worm's main payload. It holds IP address arrays which are later used in the services.exe scanner. It executes "ipconfig/all" and appends this information to send.txt. This script then runs sqldir.js and appends all of the server's database information to send.txt. It then executes pwdump2 and appends the password hashes to send.txt, then runs clemail.exe and mails send.txt to ixltd@postone.com. After the email is sent, send.txt is destroyed and services.exe is run to scan for other vulnerable servers. This information is appended to rdata.txt, which the worm uses to attempt to propagate with the username "sa" and a null password. The sqlprocess.js file sets the registry value dbmssocn to configure the SQL server to use the Winsock TCP/IP library instead of the default DBNETLIB library: (HKLM\\software\\microsoft\\mssqlserver\ \client\\c onnectto\\dsquery). It also turns on the NetDDE service, allowing SQL to use the DDE protocol.
sqlexec.js - This is a script used by sqlprocess.js to execute xp_cmdshell. sqlinstall.bat is run within this instance of xp_cmdshell.
sqldir.js - Collects a list of databases on the infected system. Later, sqlprocess.js writes this information in send.txt to send to ixltd@postone.com.
run.js - This script passes time information to and from timer.dll.
sqlinstall.bat - Installs the worm then hides the files.
clemail.exe - Simple mail program used to email out the send.txt file.
services.exe - Scanner used by the worm to scan for other SQL servers on port 1433. This information is appended into the rdata.txt file. This file is multi-threaded and scans internal IP addresses before performing an external IP address sweep.
pwdump2.exe - Injects samdump.dll into lsass.exe (a Windows program that performs the authentication of log-on credentials) in order to grab raw NTpassword hashes.
samdump.dll - Uses the same API that msv1_0.dll uses to capture Windows password hashes.
timer.dll - A counter used for installation and other functionality of the worm.
Recommendations:
Microsoft SQL Server customers should refer to the following address for information and securing Microsoft SQL Server: http://www.microsoft.com/sql/techinfo/adm inistrati on/2000/security.asp.
ISS Database Scanner product implemented a check for a blank administrator password in December of 1998. Database Scanner customers are encouraged to enable this check if they have not done so. For more information, refer to: http://www.iss.net/products_services/enterpri se_pr otection/vulnerability _assessment/scanner_databa se.php
ISS RealSecure Network Sensor customers may use the following connection event to detect access attempts to the SQL Server port. Follow the instructions below to apply the connection event to your policy. This connection event will detect legitimate connection attempts to MS/SQL servers. 1. Choose a policy you want to use, and click Customize. 2. Select the Connection Events tab. 3. Click Add on the right hand side of the dialog box. 4. Create a Connection Event. 5. Type in a name of the event, such as "MS/SQL Port Probe". 6. In the Response field for the event, select the responses you want to use. In the Protocol field, select TCP. In the Dest Port/Type field click the pull down box and create an entry for TCP port 1433: a. Click Add. b. Select TCP Protocol. c.Name the service "MS/SQL Port Probe". d. Use 1433 for the port number. e. Click OK. f. Select the entry just created. 7. Save changes and close the window. 8. Click Apply to Sensor or Apply to Engine depending on the version of RealSecure.
To create a user-defined event RealSecure Server Sensor: 1. Open the desired policy. 2. Expand the Connections tree on the Protect view. 3. Expand the User Defined Suspect Connections branch. 4. Click Add to add a new User Defined Suspect Connections event 5. Name the event, SQL_Connection. 6. Select the desired responses under the response column. 7. Enter "1433" under the port column. 8. Save the Policy and apply it to the sensor.
ISS BlackICE customers should monitor and/or enable the "SQL Port Probe" event. This event will detect probes by the Spida worm.
ISS X-Force will provide assessment support for this vulnerability in an upcoming X-Press Update for Internet Scanner.
______
About Internet Security Systems (ISS) Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a pioneer and world leader in software and services that protect critical online resources from an ever-changing spectrum of threats and misuse. Internet Security Systems is headquartered in Atlanta, GA, with additional operations throughout the Americas, Asia, Australia, Europe and the Middle East.
Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved worldwide.
Permission is hereby granted for the electronic redistribution of this document. It is not to be edited or altered in any way without the express written consent of the Internet Security Systems X-Force. If you wish to reprint the whole or any part of this document in any other medium excluding electronic media, please email xforce@iss.net for permission.
Disclaimer: The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net of Internet Security Systems, Inc.
His proposals for improving the situation included:
The oft-heard suggestion to make software manufacturers liable for defects. .... (Note: software companies are doing their damnedest to move in the opposite direction, by pushing UCITA laws that would let them get away with releasing known defects.) .... Making other companies liable for their own systems as well. They'd act differently if they knew they could be sued when their customers' social security numbers were released.
Oh sounds great. So we get to sue the crappy coders. Nice. How about having a huge fine for companies that release crappy code? That sounds great too!
Except that Microsoft could afford to pay up the fine AND face any huge lawsuits by sheer muscle power. As would Sun. Or for that matter any of the bigger companies. It would mean nothing to them, and people would still continue to buy their stuff.
But what about Opensource? Whom would you hold responsible? If it becomes a law for one, it's law for another.
As Schneier said, "Security is a people problem, not a technical problem." Actually, the people he was referring to at that moment were not the malicious crackers themselves, but the crowds of negligent programmers, managers, data centers, and policy-makers who tolerate weak security.
Yeah, but please note that it is not just corporates who churn out bad code, not just companies. And if it did become a law that bad code will be punished, corporates can fight. A lonely hacker cannot, atleast not that easily. It would hit the OSS community and companies based on the movement a whole lot worse than the big guys.
Which is exactly what they've done in the paper. They've depicted on how the mesh could possibly collapse.
They have depicted an 8-gon curve which satisfies the intersection properties, extrapolate using a 2 vertex model and use that to show the possible collapse. They've not depicted the collapse per-se in action tho.:-(
Excellent! Very very well said.
It's no different from saying, "Hey! You're poor man, go do manual labour, you ain't fit for all this education and research."
They fail to conveniently mention that the primary reasons such nations were made poor is because of colonialization by so many countries for hundreds of years, literally looting the colonies.
They fail to mention that the number system that they use originated in India, including the zero. They fail to think that Indians had found Pi much before anybody, and that the contributions of Indians in every other field has been hampered only because of "them poor third world nation".
Come on, prove me wrong. If India had the resources that other nations had at their disposal, we'd have been one of the leading pioneers. But no, US has to cap India at every step. US has to force Russia not to sell us cryogenic technology. Fine, we made our own. And US had to stop Russia and France from selling technologies for making supercomputers and guidance systems, we made that too. You don't give us nuclear capability? Fine, we make that too.
So far, almost everything that India has achieved has been indigenous - in a multicultural "developing" society which is looked down upon by much of the world with an eeks! third world nation attitude, I think that's very very commendable.
And what's this nonsense about competition with Pakistan? We have had Nobel Laureates in almost every field (Physics, Literature, Economics...) and have had excellent progress in education, science and technology. We probably have more engineers passing out that any other country, with thousands of engineering institutions. And a significant majority of the world's IT workforce is Indian. Agreed, we've had occasional communal riots, but hey in a society with thousands of religions and thousands of languages, these do happen once in a while.
And we have proved that our democracy works time and again, tell me any other country where the President is a long haired rocket scientist geek belonging to a minority community.
And India has -not- annexed a single piece of land in thousands of years, even if we have waged a war, the claimed land has been returned, and we have a long standing tradition of tolerance, peace and non-violence. If anything, we've been forced into developing self-defence mechanisms.
And ofcourse, US supports countries which openly wage wars and oppose minorities, and US itself sells weapons and just can't wait to bomb the hell out of some poor "third world nation" which is definitely ruled by an evil dictator who is making all those bio weapons that's gonna destroy the world. And you call us a potential threat that should be suppressed? DUH!
I think it's very unfair on part of the world in large to treat a nation such as India as though it were some terrorist state that's gonna nuke the world to kingdom come.
Exactly my point, what I mean to say is that the net is already teeming with cops, armies and criminals.
:-)
What is Carnivore? A benevolent government plan? Bullshit, it's just for a government to spy on it's own people.
The people of China and the Arab world know a very different net from others. And their armies are already there, or rather, it's almost like only their armies are there.
Just how much worse can it get? There is no need for any armies to come, because they're already here.
We certainly do need to keep our guard up to prevent the mafia/state from getting a foothold here.
I agree, but the trouble is that they'd come here immaterial of what we try to do. It's true for any communication media. The primary reason they're here is because the media is so wide spread and penetrating.
I am not arguing complacency. Eternal vigilance is the price of liberty. Even here.
Although I really wish that was not the case, it's unfortunate that we really are not very different from the days when Socrates was given poison.
Free thinking? Duh. Liberty and radicals are always hated by those who fear change, and consequently the intellectual community.
This too shall pass
But keep your guns, cops and armies out of this cyberspace, because we're doing just fine without them.
Are we, really? We have multitude of agencies looking into what we do, tracking users, literally being stalked by "agencies bound to protect the citizens."
Whoever says that the net is a peaceful halcyon is crapping.
And there are significant number of perky pimply faced teenaged crackers who just can't wait to get into your system and forward all your girlfriend's mails to bulletin boards.
Despite what you'd like to believe, yes, the net is already teeming with armies and cops and robbers too, or maybe an "armed terror space" to paraphrase Bruce Sterling.
Are these people that "small" a percentage on the net? It definitely does not seem so.
Hah! And who's gonna tell them that?
The trouble here is the J.Random user would not really care. Is he really bothered about the DMCA, or does he even know about it? And what is he doing about it? Despite everything that happens, it's always those evil hackers who get the boot.
You'd be surprised by what ppl are ready to give up for that little extra comfort.
This is bad not just for the US, but for a whole lot of other economies in other countries.
Just as an example, VSNL, a semi-govt. owned organization in India and the biggest ISP, had deals worth billions with WorldCom.
Now, VSNL is unsure whether it would get the services or the money. The crux of the matter is that this would affect the shares here a whole lot more, since there are a lot of companies that use the services from VSNL, which in itself is paid for.
And unfortunately, who pays for this? The second and third tier customers in developing countries, who have to endure a whole lot more than their counterparts. Because, they too would be accountable, and I'm just waiting for the VSNL stock prices to plummet, along with others.
I think the executives of Multinationals should be held responsible and should be put to something of an international tribunal that analyses the consequences of their actions, worldwide.
Maybe the punishment should be to throw them in some third world country's prison with hardly a square meal a day and no water to drink, then they'd understand what the hell they were doing.
I'm not eager to have Sony keeping track of the games and music I'm playing on my PlayStation. This is a good opportunity for Nintendo to distinguish themselves by embracing freedom.
Unfortunately, little does this have anything to do with 'embracing' freedom or supporting anything that even vaguely resembles it.
It's got everything to do with marketing, and money. Sony is probably testing waters by introducing such DRM "sensitive" devices into all their products. When all the capitalistic forces jump onto the bandwagon (if it works out for Sony), the actions of other companies would be guided by market forces.
Even assuming that Nintendo does take an openview of things and says Go EFF, it'd still not do much good for Nintendo for 2 reasons -
a] The fraction of population that actually understands what Nintendo is trying to do, and buys things to help them do so would be very very small indeed. Besides, it's a good product that sells, based on the needs, immaterial of how laudable your goals are. Look what happened to Loki. They made very good products, and definitely had a great vision. But just that does not suffice in an evergrowing corpy environment.
b] If all the big players take on such measures, then Nintendo will have to follow suit, else they risk being sued/litigated to kingdom come. If some performer claimed that because Nintendo lacked the technology to prevent abuse, people were pirating, Nintendo would be up against the wall.
Also, in the article -
"OpenMG X" flexibly adapts to the distribution of content to PCs, as well as services which distribute content directly to AV and mobile devices.
Now that would be a killer. Because, right now the only people who can actually help you here are the PC Industry manufacturers. As long as they don't stick up an OEM deal to you that voids your hardware if you do not own their "h4xor pr00f 4nt1 p1r4cy" software or something like that, it's good for us. But once you get embedded software onto the ROMs that would do something along the lines of what Sony is suggesting, then the bells start tolling.
Until them, we have some (borrowed?) time.
See powerlabs, http://www.powerlabs.org/. Amazing hi-power electrical and other interesting stuff.
Yeah... and here's the quote that Slashdot provides me for this article - ;-)
"Here comes Mr. Bill's dog." -- Narrator, Saturday Night Live
Yup! That's the one. I remember it being featured in Geisswerks. Extraordinary piece of work!
Moderators pls mod parent up.
There was something similar done by a guy called Luke Dahl, only it was for audio.
:-)
It was a Markhov chain extrapolation of the 3d sound as perceived by a 3d being and using a series of normalizations and transforms.
It was called Frobenius Norm, and was a composition of how a 4-d sound would sound to a 5-d being, I think. I just remember it being "spiffy" and very addictive!
It was also featured in Woodstockhausen 2000.
(Which used to be a good, technical show but now is filled to the brim with unemployed dotcom kiddies)
Dot commies? What nonsense. It's more professional and academia oriented, that's 'coz most of the crowd there is professional graphics programmers.
And SIGGRAPH is supposed to be pretty cool these days, and now they've even started getting shows on DemoScene.
Check out the Demoscene Outreach Group which performed at this year's SIGGRAPH, cool stuff. If you hate SIGGRAPH so much, maybe you should try the GDC. In fact I'd say SIGGRAPH should become even more professional, they do not seem to be handling a lot of cool & new math stuff and techniques which a lot of European schools, like MPI for example, seem to be working on.
For books on AI, I'd definitely recommend -
Artificial Intelligence - Elaine Rich & Austin Knight
Artificial Intelligence - Patrick Henry Winston
If you're serious abt AI, I'd also recommend that you also read these auxillary ones -
Natural Language Understanding - James Allen (awesome book)
Compilers: Principles, techniques and tools - Aho, Sethi & Ulman
Graph Theory - Narsingh Deo
These books would give you a general idea about AI, and then specializing into any area would be fairly less difficult.
If you are planning on using LISP in AI, I'd again recommend Patrick Henry Winston & Berthold Klaus Paul Horn's book on LISP.
And in graphics, I'd recommend 2 must-read books -
Computer graphics: Principles & Practice - Foley, van Dam, Feiner & Hughes
Graphics Programming Black Book - Michael Abrash
(ok, although this is very outdated, he mentions some amazing techniques on optimization like bit compression, culling and the like, good anyday!)
Ofcourse, in almost all areas of comp sci, having the three volumes of Knuth would also be very handy indeed, if only as a reference material.
Yeah, what's with this sudden changes?
:-/ 50 gave you a sense of accomplishment, excellent sounds awful ;-)
But then CmdrTaco has updated the FAQ abt the new changes.
Sheesh, I miss my Karma
Yup, not just that, there's another very essential point.
Contrary to popular belief, there is a very very significant tech-savvy population of farmers and others in India.
I think it would be great if they could get information regarding the weather, crops, harvest and the like in a much more accessible forms. Right now, there are counters and phone centers who answer such queries for them, if the simputer could make their task easier, then what's the problem? The returns would be way higher.
And some poster had commented about illiteracy, that an illterate populace does not need such stuff. You know, you do not weed out illiteracy by saying, "Hey! You don't deserve this coz you don't read." You try and motivate people. And by the way, who the hell gave you this crap that most Indians are illiterate? In the southern state of Kerala, there's more than 99% literacy. There are a lot of states and union territories which boast of 90%+ literacy.
And literacy for us is a very different thing altogether, a lot of the so called illiterate people do math, but can't write and read. Why? Because that's the way the culture and the society is. A guy running a family businesss here just knows what he needs to, nothing more nothing less. Just that they've not had the opportunity to exploit their capabilities does not mean that they should not be.
And besides, I'm sure that the govt. would introduce subsidies and banks would gladly give loans to the needy. Already a lot of subsidies with really reduced interest rates exist for small scale industries by banks with both public and private holdings. With enough help from the govt. Simputer could be really made available to the masses. More than a geek or hacker to fiddle with, this could mean a whole lot more to a farmer or a fisherman to know the status of the weather and the crop. Think about it.
It's said that Hardy died a happy man, very happy that none of his pure math was ever used by applied mathematicians.
:-)
He's said to have gloated over the fact that atleast for quite sometime into the future, applied mathematicians would leave the realm research done by pure mathematicians alone.
"1.5 billion is the expectation for the final match -- accumulated for the 64 matches we expect more than 40 billion spectators," said Home Broadcast Services' (HBS) chief executive Francis Tellier on Saturday.
:-/
40 Billion. Is that just in the Milky way, or are we including the poor things in the other parts of the universe which we are filling with such transmissions?
I've always said that corpys had deals with aliens! See! See! See!
Look at Paul Rajlich's VR model of his home for his CAVE here.
In fact, it's not very tough designing something like that. Anybody who's tried designing games or game levels, even simple ones would know how easy this is.
For example, look at NeHe's simple 3d engine demo - you could easily build any structure you want for one of these, with sufficient skill modeling your house wouldn't be any more difficult than mapping a few co-ordinates. It'd be cooler still if you could import some format like DXF or VRML or the like into a suitable map.
Just because you can do something, does not mean you have to.
Sometimes we geeks end up doing things just because we can, often without giving a thought about what would such a device achieve.
Time & money on technology that could be better spent otherwise.
:-/
About the first point, I'd say it's a question of perspective. I think a curious scientist meddling with "risky stuff" contributes a whole lot more to society than any good samaritanish work, or any kind of public service. Atleast that's my opinion, so it's entirely objective.
;-) .
:-P ;-)
:-) Relativity at work, I suppose...
Since when did Stephen Hawking risk anyone's life? Brian Greene?
Huh dude... those are theoretical physicists you're talking about! There is a very big difference working with your hands and working on paper. I do agree that both are important (I do theoretical physics myself) but I feel that we're losing out on people who can work with their hands. Who can actually build good stuff. This guy may not be great, but he's got a streak of initiative which a whole lot of people do not have.
And I find your use of three exclamation points in the section I have not quoted inflamatory
Ahem! I respect intellectuals!
Yes, I do agree that smartness and wisdom are relative terms. And in the end you say that smart people can do really stupid things. You know, a lot of people said that to Jules Verne abt his book "From Earth to the Moon".
And it is some of those stupidities that sometime give us wonderful things
You seem to stress on the fact that the guy should have been denied the award just because he stole a few small things and lied?
Give me a break! Tell me, would he have done this if he had direct access to these materials in the first place? I find it disgusting that you'd place more importance to such trivialities of character, rather than his scientific spirit.
In this context, this quote by HL Mencken comes to mind --
The value the world sets upon motives is often grossly unjust and inaccurate. Consider, for example, two of them: mere insatiable curiosity and the desire to do good. The latter is put high above the former, and yet it is the former that moves one of the most useful men the human race has yet produced: the scientific investigator. What actually urges him on is not some brummagem idea of Service, but a boundless, almost pathological thirst to penetrate the unknown, to uncover the secret.... His prototype is not the liberator releasing slaves, the good Samaritan lifting up the fallen, but a dog sniffing tremendously at an infinite series of rat-holes.
-- H. L. Mencken
The guy has to be more than just admired for the fact that with little or no resources, he's built something that's definitely worth commending.
2) What he did was really, really stupid and dangerous. This is not an inspiring tale of a brilliant young man, but a cautionary tale of how a little knowledge and not much common sense can cause lots of trouble.
Huh? You know something? Any path that does not involve risk ultimately leads to stagnation. It's only the people who take risks, who are unafraid to break through the odds who help humanity progress.
You cannot hope to build a rocket without risking it crashing somewhere. If that's the case, then most of the world's greatest scientists are idiots by your scale.
If I didn't know better, I'd probably say you're jealous of this guy. Come on man! You're supposed to be an astrophysist (atleast that's what I gather from your site), you should know this of all people!!!
All said and done, he's one smart dude. Naive yes, and a little ignorant too, but one of the smarter ones with a creative streak.
University of North Carolina at Chapel Hill has an interesting project on using Haptic Brushes for virtual painting, which is pretty neat.
They have something called Interactive Haptic Painting with 3D Virtual Brushes which was also presented at Siggraph. Very cool.
I agree that I could have linked to the article, my mistake :-)
But then again, a lot of times Slashdot filters have really come in the way, I do agree that they are a necessity, but sometimes I feel like it's an overkill.
Slashdot's filters SUCK like HELL.
/all" and appends this information to send.txt. This script then runs sqldir.js and appends all of the server's database \ \client\\c onnectto\\dsquery).
m inistrati on/2000/security.asp.
i se_pr otection/vulnerabilitya se.php
.Name the service "MS/SQL Port Probe".
I've been trying to post the Bugtraq's version of this bug, and all I keep getting is Your comment has too few characters per line.
Internet Security Systems Security Alert May 21, 2002 - Microsoft SQL Spida Worm Propagation
Synopsis:
ISS X-Force has learned of a worm that is spreading via Microsoft SQL
servers. The Spida worm is responsible for large amounts of Internet traffic as well as millions of TCP/IP probes at the time of this alert's publication. This worm attempts to locate and login to MS/SQL servers with the "sa" account and a blank password. Once a vulnerable computer is found, the worm will infect that target, send its configuration and password information to an external host, and begin scanning for new targets.
Impact:
Although the Spida worm is not destructive to the infected host, it may generate a damaging level of network traffic when it scans for additional targets. The scanner bundled with the worm is multi-threaded and is capable of scanning with 100 threads. A large amount of network traffic is created by the worm, which scans both internal and external IP addresses for vulnerable servers.
Description:
The Spida worm propagates via Microsoft SQL installations with administrator accounts that have no passwords defined. Although Microsoft recommends that the "sa" account be set upon installation, many servers are not properly secured. If the worm finds a vulnerable
server, it will attempt to execute its startup script by running the "xp_cmdshell" function, which is the SQL call used to execute system
commands within SQL queries.
The main function of the Spida worm is to export an infected server's SAM password database and forward information about its network and
database configuration.
The worm installs all of its files into the \Windows\system32 directory except for services.exe, which is installed into the
\Windows\system32\drivers directory. Each of these files has a distinct function which is outlined below:
sqlprocess.js - This is the worm's main payload. It holds IP address arrays which are later used in the services.exe scanner. It executes
"ipconfig
information to send.txt. It then executes pwdump2 and appends the password hashes to send.txt, then runs clemail.exe and mails send.txt to ixltd@postone.com.
After the email is sent, send.txt is destroyed and services.exe is run to scan for other vulnerable servers. This information is appended to rdata.txt, which the worm uses to attempt to propagate with the username "sa" and a null password. The sqlprocess.js file sets the registry value dbmssocn to configure the SQL server to use the Winsock TCP/IP library
instead of the default DBNETLIB library:
(HKLM\\software\\microsoft\\mssqlserver
It also turns on the NetDDE service, allowing SQL to use the DDE protocol.
sqlexec.js - This is a script used by sqlprocess.js to execute xp_cmdshell. sqlinstall.bat is run within this instance of xp_cmdshell.
sqldir.js - Collects a list of databases on the infected system. Later, sqlprocess.js writes this information in send.txt to send to ixltd@postone.com.
run.js - This script passes time information to and from timer.dll.
sqlinstall.bat - Installs the worm then hides the files.
clemail.exe - Simple mail program used to email out the send.txt file.
services.exe - Scanner used by the worm to scan for other SQL servers
on
port 1433. This information is appended into the rdata.txt file. This file is multi-threaded and scans internal IP addresses before performing
an external IP address sweep.
pwdump2.exe - Injects samdump.dll into lsass.exe (a Windows program
that
performs the authentication of log-on credentials) in order to grab raw NTpassword hashes.
samdump.dll - Uses the same API that msv1_0.dll uses to capture Windows password hashes.
timer.dll - A counter used for installation and other functionality of the worm.
Recommendations:
Microsoft SQL Server customers should refer to the following address for information and securing Microsoft SQL Server:
http://www.microsoft.com/sql/techinfo/ad
ISS Database Scanner product implemented a check for a blank administrator password in December of 1998. Database Scanner customers are encouraged to enable this check if they have not done so. For more information, refer to:
http://www.iss.net/products_services/enterpr
_assessment/scanner_datab
ISS RealSecure Network Sensor customers may use the following connection event to detect access attempts to the SQL Server port. Follow the
instructions below to apply the connection event to your policy. This connection event will detect legitimate connection attempts to MS/SQL
servers.
1. Choose a policy you want to use, and click Customize.
2. Select the Connection Events tab.
3. Click Add on the right hand side of the dialog box.
4. Create a Connection Event.
5. Type in a name of the event, such as "MS/SQL Port Probe".
6. In the Response field for the event, select the responses you want
to
use.
In the Protocol field, select TCP.
In the Dest Port/Type field click the pull down box and create an entry
for TCP port 1433:
a. Click Add.
b. Select TCP Protocol.
c
d. Use 1433 for the port number.
e. Click OK.
f. Select the entry just created.
7. Save changes and close the window.
8. Click Apply to Sensor or Apply to Engine depending on the version of
RealSecure.
To create a user-defined event RealSecure Server Sensor:
1. Open the desired policy.
2. Expand the Connections tree on the Protect view.
3. Expand the User Defined Suspect Connections branch.
4. Click Add to add a new User Defined Suspect Connections event
5. Name the event, SQL_Connection.
6. Select the desired responses under the response column.
7. Enter "1433" under the port column.
8. Save the Policy and apply it to the sensor.
ISS BlackICE customers should monitor and/or enable the "SQL Port
Probe"
event. This event will detect probes by the Spida worm.
ISS X-Force will provide assessment support for this vulnerability in
an
upcoming X-Press Update for Internet Scanner.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If
you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard
to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet
Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Please send suggestions, updates, and comments to: X-Force
xforce@iss.net of Internet Security Systems, Inc.
His proposals for improving the situation included:
The oft-heard suggestion to make software manufacturers liable for defects.
....
(Note: software companies are doing their damnedest to move in the opposite direction, by pushing UCITA laws that would let them get away with releasing known defects.)
....
Making other companies liable for their own systems as well. They'd act differently if they knew they could be sued when their customers' social security numbers were released.
Oh sounds great. So we get to sue the crappy coders. Nice. How about having a huge fine for companies that release crappy code? That sounds great too!
Except that Microsoft could afford to pay up the fine AND face any huge lawsuits by sheer muscle power. As would Sun. Or for that matter any of the bigger companies. It would mean nothing to them, and people would still continue to buy their stuff.
But what about Opensource? Whom would you hold responsible? If it becomes a law for one, it's law for another.
As Schneier said, "Security is a people problem, not a technical problem." Actually, the people he was referring to at that moment were not the malicious crackers themselves, but the crowds of negligent programmers, managers, data centers, and policy-makers who tolerate weak security.
Yeah, but please note that it is not just corporates who churn out bad code, not just companies. And if it did become a law that bad code will be punished, corporates can fight. A lonely hacker cannot, atleast not that easily. It would hit the OSS community and companies based on the movement a whole lot worse than the big guys.
Utopian, yes. Pragmatic? No.
Which is exactly what they've done in the paper. They've depicted on how the mesh could possibly collapse.
:-(
They have depicted an 8-gon curve which satisfies the intersection properties, extrapolate using a 2 vertex model and use that to show the possible collapse. They've not depicted the collapse per-se in action tho.