Every few weeks, I read another article here at
Slashdot about the hell of getting off AOL's
blacklist.
AOL can get away with this because they do this
filtering silently. Their users have no
idea what has gone on.
The solution? Stop accepting AOL email addresses
from clients. Put a great big blurb on your
webpage that you do NOT, under any
circumstances, accept signups from AOL email
addresses.
If only you do it, you'll lose a few customers
with no benefit in general (though with luck,
at least some percentage of those will understand
your goal and switch to a "real" ISP).
If, however, everyone started doing this,
AOL would have to change their policy very
quickly. Imagine AOL tech support getting
a few thousand calls each day, asking why every
web site an AOL user goes to says they can't
sign up simply because they use AOL... Yeah,
that would go over well.
Take a stand! Back in the day (jeezus, I sound
like a geezer), half the BBSs out there refused
traffic from AOL. Why has this changed? Their
user base certainly hasn't improved, and it would
appear that their admins have dropped down to the
legendary cluelessness level of their users. Well,
don't put up with it! All the "little guys" out
there need to tell AOL what they can do with their
blacklist. "You want to block us??? Let's
see what your users do when two out of three sites
they visit refuse to serve them because they use
AOL!"
Problem is the bandwidth. Many of
those stores are tethered by a DSL line
to Walmart.
So have the kiosk cache the top 80GB+ of
songs people buy. Cache based on overall
popularity (ie, Billboard's top 10,000
or something like that), as well as most
recently burned from the specific kiosk.
Sure, you'll have the occasional oddball
(which I would probably count as, though
since I have a strong aversion to visiting
Wallyworld I doubt I'd matter) that queues
up an entire CD of really obscure music, but
I expect most people would pick nothing but
top-40 singles.
And in other news, Water still feels wet,
the sky hasn't fallen, and SCO still hasn't
had all their cases dismissed with prejudice.
C'mon people, this doesn't even count as news
anymore. People violate copyrights, people get
sued. Let it go.
Now, what I consider the bigger "news" from
this involves the experiment the RIAA has run
on the level of stupidity in the general
population. 1977 suits so far, and people
still keep using Kazaa to download
this crap. Get a clue, Kazaa users! At the
very least, switch to a different P2P app.
Perferable one with at least a tad bit of
privacy, like FreeNet.
Or better yet, just go back to the way
that has worked for the past 30-40 years,
from the days before P2P - Swap music
and movies privately, offline,
with your friends. You can get the same
stuff, with absolutely no chance of an RIAA
nastygram as a resuly. You can even do so
as a sort of buying pool, where you and a
dozen friends agree not to overlap in your
purchases, thus maximizing your available
music library. "Need" to find something
really obscure, possibly out-of-press (print?
Whatever you call music that you can no
longer buy new, for any price)? Hook up
with a fan group, where you can get material
far more obscure than even Kazaa's bottom-20
list.
Or, best option of all, just buy from indie
labels. Hey, we all have a favorite band,
and I'll admit even I will buy whatever a
handful of RIAA-signed groups puts out. But
for the rest of the "fluffy listening" music,
look into companies like Magnatune, or go
direct to the artists' websites. The musician
gets a FAR bigger cut, you pay less ($5/cd on
average, in my experience, for buying direct
from the artist), and best of all, the RIAA
gets nothing.
You really thing the "trusted" driver will
let the card play a digital output from the
"trusted DVD"? Analog hole is all there is.
Not a card's "normal" digital output - Actually
take a feed directly before the DAC.
Very minor hardware mod, anyone that can ID
the DAC and ADC chips, and look up their
pinouts, could pull it off. Actually, such
a hack might also require tying the
clocks on the two cards together (if they
don't derive their clock from the system,
which would make such a hack a lot easier),
but again, just a matter of finding the
right pair of pins to connect.
Sure, hardware manufacturers might eventually
make even that difficult (if not impossible),
but you could do what I described on just
about any currently existing sound card.
To the host PC, it would "look" just like
analog out and analog in, to the host PC,
despite giving a bit-exact digital copy.
Well assuming that you will be playing this
audio under windows, what stops someone from
writing a "fake" audio card driver that does
nothing but dump audio into a wav file?
I don't think you "get" it...
Thanks to the Big Boys involved here doing their
best to lock out the actual consumers, your PC
will never even see the raw DVD-A data,
only the lossy-and-DRM'd AAC track.
However, even if you can get to the "real"
audio tracks, you'll need signed drivers to
decode them. Still theoretically spoofable,
but good luck - That counts as a feat
comparable to cracking the XBox key.
So, where does that leave us?
Buy a pair of cheap soundcards (the ADC and DAC
quality don't matter in the least). Tap the
digital input off card #1's DAC, and send it
to the output of card #2's ADC (you'll probably
need to cut the "real" output traces on card
#2). Presto, you can digitally sample, from
card #2, any audio going to card #1.
Who needs an "analog hole", when we still have
trivially exploitable digital "holes"?
Xiph is a group (I believe
European or something to get the
odd-to-my-USian-ear names) that puts
out codecs.
Sounds American to me.
From Xiph.org, "Xiphophorus helleri
is a small aquarium fish (the common
Swordtail)". They chose it mecause no one
else had used it (unlike, say, "phoenix"),
and it had an X in it (as all good project
names should).
And it comes from the Greek, xipho=sword,
phorus=bearer, and some guy named Heller
named the thing (the fish, not the
organization).
They can try to block whomever they want.
That does not mean the same as saying they "can"
block such people.
A number of simple workarounds exist, such as
disabling referrers in your browser altogether;
simply cutting-and-pasting the URL into your
browser's URL bar; using a fake referrer that
almost everyone accepts (such as Google); or my
personal favorite, always use a page as its own
referrer (I've seen a few sites the first two
will break, and can imagine some that might block
Google, but never a site that will block
itself).
In any case, this has little to do with "can" and
"cannot". It has to do with the very nature of the
web, and the idea of fair-use. The web exists
as links. Blocking some of them hurts everyone
on the web, not just one or two sites. As for
"unauthorized", sorry, but if you run a web site
without some form of password protection, you have
implicitly "authorized" the entire world to visit,
like it or not.
I do need to question the sanity of a site, which
derives its revenues from banner ad views, choosing
to reduce the number of ad views. But that doesn't
matter beyond "how stupid can people get?". Let them
shoot themselves in the wallet, doesn't much matter
to me. But preventing me from seeing their
site, just because I only learned about it from a
meta-news site? That I most certainly do
care about!
I'd need a PCI slot for a Hauppauge PVR-350
card for a MythTV (http://www.mythtv.org).
Well, technically, yes, you would.
However, USB and ethernet TV-tuner hardware
exists.
Additionally, for your particular use, you
need to consider the power supply...
At least with micro-ATX, you usually also get
a very weak power supply, on the order
of 80W (though you can certainly get a bigger
one, you'll start needing active cooling on
the PS, and if you use more, you'll
need active cooling in the case, too). Throw
in a pair of monster HDDs, and watch the PS
die.
I would also question why you need a tiny
board for such a use - A pizza-box style
ATX case fits in (physically and
thematically) just fine in a typical AV
setup.
So, I consider yours a valid point (I'd like
to do the same, eventually), but I'd have to
say that the combinations of non-motherboard
harware available still make a plain ol' ATX
board more suitable for use in a home-brew
PVR.
useless to me. No PCI, PCMCIA, or ISA slots?
Seems like just a toy.
With built-in IDE, USB, sound, ethernet, and
video, what do you need a PCI slot for? And
considering the trend micro-ATX boards took,
you can expect to see dual or quad ethernet
and SCSI support within a few months.
Yes, I realize devices other than those three
exist, but if you need them, you've probably
missed the point of such a small board... Low
power, passive cooling, quiet, small and
portable... Loading it up with other toys
(such as throwing in a high-end (and hot,
and power-sucking) video card for gaming)
kinda removes most of the advantages. If you
want a "real" high-end desktop-class machine,
you still need to get a standard ATX board.
And if you really need some expansion
capabilities, you always have USB - You
can get just about anything in a
USB form these days.
Re:I just put my tinfoil hat on....
on
SCO Aims For The Feds
·
· Score: 2, Interesting
SCO isn't suing BoA because they are scared
of what BoA could do to them. If not, why
announce the Fed-suit instead of going back
after BoA?
I agree with your reasoning, right up to this
line.
Pissing off the world's banks may make life
exceedingly difficult for most of us, but with
some care (ie, knowing you'll lose any semblance
of credit in the near future), people like Trump
(and even Darl, though not even in the same
ballpark) can prepare for such an event and
weather the storm.
Pissing off the Federal Government, however...
Well, no amount of preparing (short of applying
for and gaining political refugee status in a
semi-hostile nation, and even that will fail if
Uncle Sam wants someone badly enough) can save
you from that ball-o'-wrath. I'd bet the FTC and
the SEC may have a few choice words for Darl et
al, if they found themselves dragged into this
pump-n'-dump scam. And of course, with the
leaked internal memos, particularly with
Microsoft involved, I would not feel surprised
to hear about some vague antitrust and RICO
violations.
Not to mention that the Federal Government needs
to give its permission to sue it... So they can just
say "no, go away", and Darl can't do a damned thing
about it.
So yes, annoying BoA would hurt Darl's cause
(his real one, not the charade playing out in
the court system). But going after the feds
just begs for trouble that not even
other whole countries can easily
withstand (and I say that without a hint of
nationalistic pride, just matter-of-factly).
Actually, though, I have seen his page before.
really cool toys, but strikes me as
something most of us would probably not
want to play with.
Worry about the health risks of frequent
cell phone use? Doesn't even come close
to the RF this sucker puts off. Not to mention
ozone and the very real risk of simple death
from electrocution...
According to this new decision by the FCC,
any speech that is grossly offensive, whether
or not it has anything to do with sex or
excretion, is 'profane.'
Although I count as the last person to
accuse a government agency of using logic, by
that new definition, Bono's statement may not
count as either indecent or profane...
The new criterion includes "grossly offensive".
I do not consider "this is fucking brilliant"
the least bit offensive, nevermind "grossly".
Of course, I find very little offensive enough
to warrant complaining - I may not control the
content, but I control the TV itself. I can
change channels, or even just turn it off. IMO,
the FCC needs such a major overhaul we may have
an easier time just dissolving it and creating a
new agency, perferable with control ONLY,
over spectrum allocation, not content.
I never did understand how limiting content
fails to violate the 1st amendment, but hey,
what do I know?
"no law respecting an establishment of
religion" doesn't include giving my tax
dollars to the 700 club;
"the right of the people to keep and bear
arms" doesn't mean people can have guns;
"unreasonable searches and seizures" doesn't
include FBI backdoors into every ISP;
"without due process of law", "in all criminal
prosecutions", and "a speedy and public trial"
doesn't include anyone accused of terrorism or
"unlawful combatants";
"cruel and unusual punishments" doesn't
include sleep deprivation, inedibly bland
food, or blasting Bruce Springsteen at high
volume;
and "shall not be construed to deny or
disparage others retained by the people"
and "reserved to the states respectively,
or to the people" doesn't mean
anything.
Oh damn, you didn't want that cookie from
my website?
No, I don't. I'll just skip your site if I
can't use it without cookies.
If I really want something, I'll
enable cookies for the session, but then,
delete them and back to none.
Get real.
I suspect you meant that as a troll. If
you don't see the difference between a
cookie (which some people do dislike
enough to block) and tricking someone
into running a trojan, well, remind me
not to download anything from your
website...
All the tricks are fine, but there is no
way around it, you have to practice and keep
your skills up
True, but the tricks do help quite a lot,
in some cases.
For example, I expect most geeks can add,
subtract, and multiply arbitrarily long
numbers in their sleep. Division, however,
(at least for me) has always proved somewhat
tricky when the numbers grow beyond two or
three digits.
My solution? Look up "duplation" on Google.
The Egyptians used to use it to multiply
numbers, basically in what amounts to a
bitwise manner (though understanding binary
helps to speed up the process, you can do it
with nothing more complicated than "multiply
by two" and "greater than").
However, as I said, doing multiplication
doesn't present much of a problem. But you
can also do division by using the
inverse of duplation! You basically
can break an arbitrary largeish division
problem into a set of "divide by 2, compare"
operations. Basically just long division in
binary, but it requires a shorter mental
stack (which seems like the key to all
the tricks I've seen - ways to reduce the
number of items on the brain's stack during
the calculation).
So, I'll agree that nothing can beat plain ol'
practice for improving one's math skills. But
the tricks can make some operations go from
"annoyingly hard" to the almost mindlessly
easy "step a, step b, step c, repeat 5 times,
get an answer".
Okay... Hopefully this won't Slashdot the poor
server on which I keep my homepage (please, unless
you really want to see an example of what
Mozilla's "Personal toolbar" can do, don't click
this link! And don't mod this up, I already have
"excellent" karma, you'd only do me a disservice):
Note that the first, second, and eighth icon I
made myself (the first two for sites I run, and
the eighth I derived from a submission to
Pricewatch's current "design a T-Shirt" contest,
since they have no favicon), and the fourth and
last two I managed to "trick" into using the
32x32 icon (rather than the default 16x16 icon)
by saving the 32x32 icon locally, specifying the
icon manually in my bookmarks, and using a nonstandard
URL to prevent the icon from reloading when I visit
the site).
I also just cleaned my toolbar out a few days
ago, so it would have had a half dozen more last
week. Additionally, I use a 32 pixel high toolbar
(I know, a waste of space, but icons look so
much better compared to 16x16).
In case anyone cares, in order from left to right,
these load: (private), (private), Babelfish (should
that icon look like a fish?), dictionary.com, Logical
Fallacy Files at Nizkor (I have no idea what that icon
represents... A human stomach?), Google (advanced
search), Internet Movie Database, Pricewatch (my own
icon), Amazon, Fark, MemePool, MetaFilter, Rotten.com,
Slashdot, iFilm, Newgrounds, and Zophar's Domain.
You'll also notice I have a "Home" button on my main
toolbar... You can get that from
here,
just click on "Install Home Button" (he has his
links appear non-underlined, so you'll have to pay
attention to find it).
Even web browsing, the only feature I use
from the bar is to type in URLs. Back, forward,
refresh---all hotkeys.
Waaaaay offtopic (show some love, Mods), but
have you checked out the "Personal Toolbar" on
Mozilla since v1.4? Go into the about:config
and set "browser.chrome.favicons" to "true", and
"browser.chrome.load_toolbar_icons" to "2" (I
have no idea why Mozilla has these off by
default, with not even a regular preferences
option to turn them on). Now, all of the
bookmarks in your "Personal Toolbar" folder
will use icons (each will update after the next
time you click it), allowing you erase their
text description completely and still use them.
So, instead of fitting a dozen or so personal
favorites as a mere line of densely packed text,
you can fit almost 50 of them on a typical
screen.
For an extra 20 pixels of horizontal space, I
no longer need to use any of the bookmark
folders, and only rarely need to type in a URL.
And if the icons hit the end of the personal
toolbar, just do a "sort folder" by "last
visited", and get rid of the ones you never
use.
Truly wonderful. I too used to consider all
the stupid little toolbar icons as less than
useful (they take up screen space, after all!),
but since discovering you can basically have
an iconic representation of your most commonly
used bookmarks, I've "learned to love the bomb",
so to speak.
My only wish regarding the personal toolbar...
I figured out how to make it 32 pixels high
(just stick "toolbarbutton.bookmark-item >.toolbarbutton-icon{height: 32px !important;
width: 32px !important;}" in your userchrome.css),
but that just stretches the 16x16 icons rather than
using actual 32x32 icons. Though at least, if the
icon only includes a 32x32 icon, it will
use that correctly. But aside from that peeve,
I consider this the best thing to happen to
web browsers since standardized CSS support.
Do they provide you with a phone at your desk or nearby?
Sure we all have phones at our desk.
We don't all have the luxury of sitting at
our desks all day long, however. Between meetings,
needing to go on-site, lunch (you may consider that
frivolous, but I've returned from lunch more than
once to find the feces had hit the fan after something
broke and the VP-of-the-week couldn't get to his porn),
and things of that nature, many people only keep their
coat at their desks and see it for less than an hour
per day.
And that only includes work-hours problems. Many
higher level system/network admins need to keep their
machines up 24/7. Granted, in that situation, his
company really needs to spring for a pager,
but that seems like exactly the problem here - Whether
he uses his own or one they provided, his company
will no longer let him use it. Thus, "24/7" becomes
either "8/5" or "80-hour work weeks, with frequent
unpaid status checks during the other 88 hours per
week via VNC from home". Looks like a rather serious
problem, either way.
For systems that must stay live, telling
their admin he can't use phone alerts just
begs for a disaster.
What if the alert is about the mail server itself?
Then a cellphone alert wouldn't work either - All the
methods I know of for getting a call/page based
on a server problem involve sending email to the
cell/pager provider, which then relays the message
to the phone/pager.
How will they explain that gouvernments
and corporations need encryption but you
don't?
Perhaps more importantly, "hiding" encryption
(at least well enough to provide plausible
deniability) takes relatively little effort.
Let's say PGP becomes illegal - I could
personally, in under an hour, write a
program to embed the PGP data in a sound
clip of me saying "Hi $NAME, nice day today,
can I borrow a cup of sugar?". Not talking
about "real" steganography, but just pack
the encrypted data as the low-nibble per
sample. Wouldn't even produce a noticeable
level of distortion (compared to using a
consumer-grade PC microphone), and only
increases the data size by a factor of
four (for most typical emails without any
attachments, the simple three-second message
I wrote above would suffice - at the standard
CD rate of 16/44.1, it would hold 33k worth
of encrypted data).
Can the government detect that? Currently,
I would say "probably". Add in a good data
whitening filter to the encryption, along
with some "real" steganography, and the
actual message becomes indistinguishable from
a high noise floor, unless you know exactly
what to look for. Not only would you need
your password to decrypt the actual encoded
data, but it would also contain the parameters
needed just to find the encrypted data
in the first place.
Of course, all of this will become moot as
soon as people notice that having ISPs add a
back door almost certainly count as "boiling
the frog"... Non-geeks say, "well, this only
affects my ISP, not me, and it will help catch
$SCAPEGOAT_OF_THE_WEEK", so they don't care.
Next step, explain (slowly and carefully, so
as not to spook the sheep) that such measures
basically allow the government to see everything
people do online - Then propose such backdoors
in every PC. And people will once again
rationalize it, "Well, they can already see
everything I do, so if this will help catch
$SCAPEGOAT_OF_THE_WEEK, I guess I can accept
it".
And if you think that I overstate the
situation, I'd point out that the government
has already tried to jump right to
that last step, but the sheep got spooked.
So, this latest approach allows the gradual
introduction of what they wanted in the first
place.
Governments (and to a lesser degree, corporations)
have an advantage over we mere mortals - They can
plan for very long-term gains toward reaching
their intended goals. Simply causing enough people
to demand an end to this newest encroachment on our
liberties won't have any effect - Mostly because not
enough people can understand it, nevermind "do"
understand it. But also because the government will
just try again.
The best way to fight back involves presenting the
government with a "put the genie back in the bottle"
scenario - Before they manage to outlaw encryption
altogether, we need to make sure that every single
program that communicates with the outside world
uses encryption. People won't fight back at something
they don't perceive as a mere annoyance (such as
having those bothersomely-abstract 4th amendment
rights stripped away). If you force them to
replace 90% of the software on their computer
(which at best "scares" them out of lack of
understanding, at at worst they actually have no
clue how to comply with the law or even if they
have violated it), you'll see one hell of public
backlash.
All this crypto stuff is real nice and all,
but if "they" want the info, you will be locked
up until you give up the key.
True enough. However, at least currently,
locking a person up until they reveal their
key would require at least a court order (or
even an actual trial? Not sure on that one).
Providing an easy passive backdoor into every
ISP, on the other hand, makes it far
to easy to casually snoop around looking
for illegal material to follow up on.
If the FBI needs to investigate someone for an
actual crime, I have no problem with them
having the ability to obtain all relevant
evidence. Having all the evidence available
can prove innocence (funny idea, in a system
that presumes innocence until proven guilty)
just as readily as it can prove guilt. Not
a problem.
Without an active investigation, probably cause,
and a court order, however, we formerly
had protection under the fourth amendment from
precisely the activities such ISP backdoors
would permit. that I have a problem
with.
just watching where the traffic goes tells them
more than you can hide with crypto
A number of remailers, similar to anonymizing
HTTP proxies, already exist to deal with that
problem. Not exactly perfect, but it at least
means the government will (probably) only bother
working backward through the chain of redirections
to catch someone they really want.
Obviously, though, you have the right idea - If
"they" want you, kiss yer anal virginity goodbye.
But that doesn't mean we need to make what amounts
to government-sanctioned voyeurism any easier.
Now would be the time to get using PGP
and similar software.
Not a bad point at all - Such tools have
existed for well over a decade, yet very
few people use them. Time to really get on
the ball and start teaching our friends and
relatives - Even if we make it totally
automated at their end, the goal has changed
somewhat. Thanks to this new law, it doesn't
really matter if physical access to
either end compromises the connection, we
just need to make sure nothing goes out in
cleartext. So, even something as simple as
"Okay Mom, if a little box pops up saying
something about GPG, just type my birthday,
okay?" would represent a dramatic improvement
over our current situation.
However, we need to make the use of encryption
more ubiquitous than just email. For example,
almost no traffic leaves my house that doesn't
use SSL. However, for *incoming*, therein we
have the biggest flaw in security. Currently,
we have almost no way to prevent our ISP (or
the feds through them) from watching our
web browsing. Even using an anonymizing proxy
doesn't help much, if the traffic itself
comes to me in the clear.
Ah, I babble a bit. Overall, I just want
to make the point that we need to stop
talking about how we can get around
stupid laws like this with encryption, and
start doing so, before it
becomes a real problem. So, anyone reading
this... Don't put it off until tomorrow.
Install GPG on the PCs of everyone you know
today. Tell their browser to use an
anonymizing proxy that always uses
https (Do any? If you know of one,
please reply with a link). Outright remove
any telnet and FTP clients from their machine,
and replace them with SSH and SFTP clients.
Kill AIM, and replace it with the
encryption-enabled version of Trillian.
We need to make sure that everything
going in or out uses encryption.
As an aside, if everyone used encrypted
email, spam would cease to exist. It just
costs to much CPU time for the spammers to
encrypt ten million messages, thus making a
"perfect" email filter as simple as dumping
any unencrypted messages. Who needs Bill
Gates? We just need to start using the tools
already available.
A young boy's father wants the right to use
the boy's genetic embryo clone to develop a baby
who......will willingly submit to his constant
molestations. Michael Jackson will guest star
as himself.
Hey, whad'ya know, Google image search turned up a
production still of what Mikey will look like
in 25 years!
Ok, first of all, I'm pretty sure that
number is way too low
I disagree...
I just went to their demo page, just to see if
I had somehow "accidentally" blocked their content
(I use severeral ad-blocking techniques, and any
of them might have done the trick), since I have
yet to see one of their ads.
You need WMP7.1, Microsoft's (not Sun's or
IBM's) JRE, and MSIE.
Now, almost every Windows user has the first
and last, but the middle one? AFAIK, microsoft
can't even legally distribute it anymore, so
that seems like a rather self-limiting requirement.
Additionally, it would seem that even if you
do have all the necessary software, you
can avoid these ads simply by using Mozilla.
Never have I felt more pleased to find
"broken" content because I don't use MSIE.:-)
But overall, I would say those numbers don't
seem that low, for one reason - Only people who
wanted to see the ads (or have a somewhat
unusual combination of software on their system
purely by coincidence - IIRC, Microsoft's JRE
should only exist "stock" with WMP6, not 7)
would have seen them. So, how many people would
loudly complain about seeing something they
had to go out of their way to see?
Basically, you just need to keep clear
documentation indicating who owns the business
and who works for it.
Additionally, you may want to file for LLC status,
so if you and your girlfriend part ways on less
than friendly terms, she can't take the business
away from you.
If you just barely manage to stay afloat, this
doesn't really matter. But if you start making
good money (and to support three people, you
presumeably can't do all that bad),
CYA.
Of course, this only covers the business aspects
of the arrangement. If things do go sour, you
may end up estranged from family and your GF
leaving for completely financial reasons. But
you can't really do much to avoid that, short
of listening to your father (Gack! Did I just
say that? Damn, getting old, I guess...)
PS, IANAL, which for any discussion like this,
we could all save time by just sticking that
in our sigs.;-)
Sedna? No. Plenty of people in this thread
have complained about two facts - One, our
planets have names derived from the Roman,
not Inuit, panthon. And two, we already have a
planet named after a sea-god, ie, Neptune.
So, I propose that in protest to such a blatant
attempt at PC Multiculturalism, we as a community
refer to the tenth planet as Nox, the
Roman goddess of night. Since it lies
the furthest from the sun, that actually fits
it, in a descriptive sense.
Sedna... Whatever. Remember, we hear about
this stuff months before your typical
Fox news junkie, and people tend to respect
us as sources of information. So spread the
word - We have a new, tenth planet, named
Nox. Sedna? Nope, they must have heard
wrong. Nox. Nox? Nox!
Every few weeks, I read another article here at Slashdot about the hell of getting off AOL's blacklist.
AOL can get away with this because they do this filtering silently. Their users have no idea what has gone on.
The solution? Stop accepting AOL email addresses from clients. Put a great big blurb on your webpage that you do NOT, under any circumstances, accept signups from AOL email addresses.
If only you do it, you'll lose a few customers with no benefit in general (though with luck, at least some percentage of those will understand your goal and switch to a "real" ISP).
If, however, everyone started doing this, AOL would have to change their policy very quickly. Imagine AOL tech support getting a few thousand calls each day, asking why every web site an AOL user goes to says they can't sign up simply because they use AOL... Yeah, that would go over well.
Take a stand! Back in the day (jeezus, I sound like a geezer), half the BBSs out there refused traffic from AOL. Why has this changed? Their user base certainly hasn't improved, and it would appear that their admins have dropped down to the legendary cluelessness level of their users. Well, don't put up with it! All the "little guys" out there need to tell AOL what they can do with their blacklist. "You want to block us??? Let's see what your users do when two out of three sites they visit refuse to serve them because they use AOL!"
Problem is the bandwidth. Many of those stores are tethered by a DSL line to Walmart.
So have the kiosk cache the top 80GB+ of songs people buy. Cache based on overall popularity (ie, Billboard's top 10,000 or something like that), as well as most recently burned from the specific kiosk.
Sure, you'll have the occasional oddball (which I would probably count as, though since I have a strong aversion to visiting Wallyworld I doubt I'd matter) that queues up an entire CD of really obscure music, but I expect most people would pick nothing but top-40 singles.
And in other news, Water still feels wet, the sky hasn't fallen, and SCO still hasn't had all their cases dismissed with prejudice.
C'mon people, this doesn't even count as news anymore. People violate copyrights, people get sued. Let it go.
Now, what I consider the bigger "news" from this involves the experiment the RIAA has run on the level of stupidity in the general population. 1977 suits so far, and people still keep using Kazaa to download this crap. Get a clue, Kazaa users! At the very least, switch to a different P2P app. Perferable one with at least a tad bit of privacy, like FreeNet.
Or better yet, just go back to the way that has worked for the past 30-40 years, from the days before P2P - Swap music and movies privately, offline, with your friends. You can get the same stuff, with absolutely no chance of an RIAA nastygram as a resuly. You can even do so as a sort of buying pool, where you and a dozen friends agree not to overlap in your purchases, thus maximizing your available music library. "Need" to find something really obscure, possibly out-of-press (print? Whatever you call music that you can no longer buy new, for any price)? Hook up with a fan group, where you can get material far more obscure than even Kazaa's bottom-20 list.
Or, best option of all, just buy from indie labels. Hey, we all have a favorite band, and I'll admit even I will buy whatever a handful of RIAA-signed groups puts out. But for the rest of the "fluffy listening" music, look into companies like Magnatune, or go direct to the artists' websites. The musician gets a FAR bigger cut, you pay less ($5/cd on average, in my experience, for buying direct from the artist), and best of all, the RIAA gets nothing.
You really thing the "trusted" driver will let the card play a digital output from the "trusted DVD"? Analog hole is all there is.
Not a card's "normal" digital output - Actually take a feed directly before the DAC. Very minor hardware mod, anyone that can ID the DAC and ADC chips, and look up their pinouts, could pull it off. Actually, such a hack might also require tying the clocks on the two cards together (if they don't derive their clock from the system, which would make such a hack a lot easier), but again, just a matter of finding the right pair of pins to connect.
Sure, hardware manufacturers might eventually make even that difficult (if not impossible), but you could do what I described on just about any currently existing sound card. To the host PC, it would "look" just like analog out and analog in, to the host PC, despite giving a bit-exact digital copy.
Well assuming that you will be playing this audio under windows, what stops someone from writing a "fake" audio card driver that does nothing but dump audio into a wav file?
I don't think you "get" it...
Thanks to the Big Boys involved here doing their best to lock out the actual consumers, your PC will never even see the raw DVD-A data, only the lossy-and-DRM'd AAC track.
However, even if you can get to the "real" audio tracks, you'll need signed drivers to decode them. Still theoretically spoofable, but good luck - That counts as a feat comparable to cracking the XBox key.
So, where does that leave us?
Buy a pair of cheap soundcards (the ADC and DAC quality don't matter in the least). Tap the digital input off card #1's DAC, and send it to the output of card #2's ADC (you'll probably need to cut the "real" output traces on card #2). Presto, you can digitally sample, from card #2, any audio going to card #1.
Who needs an "analog hole", when we still have trivially exploitable digital "holes"?
From Xiph.org, "Xiphophorus helleri is a small aquarium fish (the common Swordtail)". They chose it mecause no one else had used it (unlike, say, "phoenix"), and it had an X in it (as all good project names should).
And it comes from the Greek, xipho=sword, phorus=bearer, and some guy named Heller named the thing (the fish, not the organization).
they can block whoever they want
No.
They can try to block whomever they want. That does not mean the same as saying they "can" block such people.
A number of simple workarounds exist, such as disabling referrers in your browser altogether; simply cutting-and-pasting the URL into your browser's URL bar; using a fake referrer that almost everyone accepts (such as Google); or my personal favorite, always use a page as its own referrer (I've seen a few sites the first two will break, and can imagine some that might block Google, but never a site that will block itself).
In any case, this has little to do with "can" and "cannot". It has to do with the very nature of the web, and the idea of fair-use. The web exists as links. Blocking some of them hurts everyone on the web, not just one or two sites. As for "unauthorized", sorry, but if you run a web site without some form of password protection, you have implicitly "authorized" the entire world to visit, like it or not.
I do need to question the sanity of a site, which derives its revenues from banner ad views, choosing to reduce the number of ad views. But that doesn't matter beyond "how stupid can people get?". Let them shoot themselves in the wallet, doesn't much matter to me. But preventing me from seeing their site, just because I only learned about it from a meta-news site? That I most certainly do care about!
I'd need a PCI slot for a Hauppauge PVR-350 card for a MythTV (http://www.mythtv.org).
Well, technically, yes, you would.
However, USB and ethernet TV-tuner hardware exists.
Additionally, for your particular use, you need to consider the power supply... At least with micro-ATX, you usually also get a very weak power supply, on the order of 80W (though you can certainly get a bigger one, you'll start needing active cooling on the PS, and if you use more, you'll need active cooling in the case, too). Throw in a pair of monster HDDs, and watch the PS die.
I would also question why you need a tiny board for such a use - A pizza-box style ATX case fits in (physically and thematically) just fine in a typical AV setup.
So, I consider yours a valid point (I'd like to do the same, eventually), but I'd have to say that the combinations of non-motherboard harware available still make a plain ol' ATX board more suitable for use in a home-brew PVR.
useless to me. No PCI, PCMCIA, or ISA slots? Seems like just a toy.
With built-in IDE, USB, sound, ethernet, and video, what do you need a PCI slot for? And considering the trend micro-ATX boards took, you can expect to see dual or quad ethernet and SCSI support within a few months.
Yes, I realize devices other than those three exist, but if you need them, you've probably missed the point of such a small board... Low power, passive cooling, quiet, small and portable... Loading it up with other toys (such as throwing in a high-end (and hot, and power-sucking) video card for gaming) kinda removes most of the advantages. If you want a "real" high-end desktop-class machine, you still need to get a standard ATX board.
And if you really need some expansion capabilities, you always have USB - You can get just about anything in a USB form these days.
SCO isn't suing BoA because they are scared of what BoA could do to them. If not, why announce the Fed-suit instead of going back after BoA?
I agree with your reasoning, right up to this line.
Pissing off the world's banks may make life exceedingly difficult for most of us, but with some care (ie, knowing you'll lose any semblance of credit in the near future), people like Trump (and even Darl, though not even in the same ballpark) can prepare for such an event and weather the storm.
Pissing off the Federal Government, however... Well, no amount of preparing (short of applying for and gaining political refugee status in a semi-hostile nation, and even that will fail if Uncle Sam wants someone badly enough) can save you from that ball-o'-wrath. I'd bet the FTC and the SEC may have a few choice words for Darl et al, if they found themselves dragged into this pump-n'-dump scam. And of course, with the leaked internal memos, particularly with Microsoft involved, I would not feel surprised to hear about some vague antitrust and RICO violations.
Not to mention that the Federal Government needs to give its permission to sue it... So they can just say "no, go away", and Darl can't do a damned thing about it.
So yes, annoying BoA would hurt Darl's cause (his real one, not the charade playing out in the court system). But going after the feds just begs for trouble that not even other whole countries can easily withstand (and I say that without a hint of nationalistic pride, just matter-of-factly).
No posts yet, but already slashdotted.
Actually, though, I have seen his page before. really cool toys, but strikes me as something most of us would probably not want to play with.
Worry about the health risks of frequent cell phone use? Doesn't even come close to the RF this sucker puts off. Not to mention ozone and the very real risk of simple death from electrocution...
According to this new decision by the FCC, any speech that is grossly offensive, whether or not it has anything to do with sex or excretion, is 'profane.'
Although I count as the last person to accuse a government agency of using logic, by that new definition, Bono's statement may not count as either indecent or profane...
The new criterion includes "grossly offensive". I do not consider "this is fucking brilliant" the least bit offensive, nevermind "grossly".
Of course, I find very little offensive enough to warrant complaining - I may not control the content, but I control the TV itself. I can change channels, or even just turn it off. IMO, the FCC needs such a major overhaul we may have an easier time just dissolving it and creating a new agency, perferable with control ONLY, over spectrum allocation, not content.
I never did understand how limiting content fails to violate the 1st amendment, but hey, what do I know? "no law respecting an establishment of religion" doesn't include giving my tax dollars to the 700 club; "the right of the people to keep and bear arms" doesn't mean people can have guns; "unreasonable searches and seizures" doesn't include FBI backdoors into every ISP; "without due process of law", "in all criminal prosecutions", and "a speedy and public trial" doesn't include anyone accused of terrorism or "unlawful combatants"; "cruel and unusual punishments" doesn't include sleep deprivation, inedibly bland food, or blasting Bruce Springsteen at high volume; and "shall not be construed to deny or disparage others retained by the people" and "reserved to the states respectively, or to the people" doesn't mean anything.
Oh damn, you didn't want that cookie from my website?
No, I don't. I'll just skip your site if I can't use it without cookies.
If I really want something, I'll enable cookies for the session, but then, delete them and back to none.
Get real.
I suspect you meant that as a troll. If you don't see the difference between a cookie (which some people do dislike enough to block) and tricking someone into running a trojan, well, remind me not to download anything from your website...
All the tricks are fine, but there is no way around it, you have to practice and keep your skills up
True, but the tricks do help quite a lot, in some cases.
For example, I expect most geeks can add, subtract, and multiply arbitrarily long numbers in their sleep. Division, however, (at least for me) has always proved somewhat tricky when the numbers grow beyond two or three digits.
My solution? Look up "duplation" on Google. The Egyptians used to use it to multiply numbers, basically in what amounts to a bitwise manner (though understanding binary helps to speed up the process, you can do it with nothing more complicated than "multiply by two" and "greater than").
However, as I said, doing multiplication doesn't present much of a problem. But you can also do division by using the inverse of duplation! You basically can break an arbitrary largeish division problem into a set of "divide by 2, compare" operations. Basically just long division in binary, but it requires a shorter mental stack (which seems like the key to all the tricks I've seen - ways to reduce the number of items on the brain's stack during the calculation).
So, I'll agree that nothing can beat plain ol' practice for improving one's math skills. But the tricks can make some operations go from "annoyingly hard" to the almost mindlessly easy "step a, step b, step c, repeat 5 times, get an answer".
Okay... Hopefully this won't Slashdot the poor server on which I keep my homepage (please, unless you really want to see an example of what Mozilla's "Personal toolbar" can do, don't click this link! And don't mod this up, I already have "excellent" karma, you'd only do me a disservice):
A screenshot of my Mozilla 1.6 Personal Toolbar
Note that the first, second, and eighth icon I made myself (the first two for sites I run, and the eighth I derived from a submission to Pricewatch's current "design a T-Shirt" contest, since they have no favicon), and the fourth and last two I managed to "trick" into using the 32x32 icon (rather than the default 16x16 icon) by saving the 32x32 icon locally, specifying the icon manually in my bookmarks, and using a nonstandard URL to prevent the icon from reloading when I visit the site).
I also just cleaned my toolbar out a few days ago, so it would have had a half dozen more last week. Additionally, I use a 32 pixel high toolbar (I know, a waste of space, but icons look so much better compared to 16x16).
In case anyone cares, in order from left to right, these load: (private), (private), Babelfish (should that icon look like a fish?), dictionary.com, Logical Fallacy Files at Nizkor (I have no idea what that icon represents... A human stomach?), Google (advanced search), Internet Movie Database, Pricewatch (my own icon), Amazon, Fark, MemePool, MetaFilter, Rotten.com, Slashdot, iFilm, Newgrounds, and Zophar's Domain.
You'll also notice I have a "Home" button on my main toolbar... You can get that from here, just click on "Install Home Button" (he has his links appear non-underlined, so you'll have to pay attention to find it).
Even web browsing, the only feature I use from the bar is to type in URLs. Back, forward, refresh---all hotkeys.
.toolbarbutton-icon{height: 32px !important;
width: 32px !important;}" in your userchrome.css),
but that just stretches the 16x16 icons rather than
using actual 32x32 icons. Though at least, if the
icon only includes a 32x32 icon, it will
use that correctly. But aside from that peeve,
I consider this the best thing to happen to
web browsers since standardized CSS support.
Waaaaay offtopic (show some love, Mods), but have you checked out the "Personal Toolbar" on Mozilla since v1.4? Go into the about:config and set "browser.chrome.favicons" to "true", and "browser.chrome.load_toolbar_icons" to "2" (I have no idea why Mozilla has these off by default, with not even a regular preferences option to turn them on). Now, all of the bookmarks in your "Personal Toolbar" folder will use icons (each will update after the next time you click it), allowing you erase their text description completely and still use them. So, instead of fitting a dozen or so personal favorites as a mere line of densely packed text, you can fit almost 50 of them on a typical screen.
For an extra 20 pixels of horizontal space, I no longer need to use any of the bookmark folders, and only rarely need to type in a URL. And if the icons hit the end of the personal toolbar, just do a "sort folder" by "last visited", and get rid of the ones you never use.
Truly wonderful. I too used to consider all the stupid little toolbar icons as less than useful (they take up screen space, after all!), but since discovering you can basically have an iconic representation of your most commonly used bookmarks, I've "learned to love the bomb", so to speak.
My only wish regarding the personal toolbar... I figured out how to make it 32 pixels high (just stick "toolbarbutton.bookmark-item >
Do they provide you with a phone at your desk or nearby?
Sure we all have phones at our desk.
We don't all have the luxury of sitting at our desks all day long, however. Between meetings, needing to go on-site, lunch (you may consider that frivolous, but I've returned from lunch more than once to find the feces had hit the fan after something broke and the VP-of-the-week couldn't get to his porn), and things of that nature, many people only keep their coat at their desks and see it for less than an hour per day.
And that only includes work-hours problems. Many higher level system/network admins need to keep their machines up 24/7. Granted, in that situation, his company really needs to spring for a pager, but that seems like exactly the problem here - Whether he uses his own or one they provided, his company will no longer let him use it. Thus, "24/7" becomes either "8/5" or "80-hour work weeks, with frequent unpaid status checks during the other 88 hours per week via VNC from home". Looks like a rather serious problem, either way.
For systems that must stay live, telling their admin he can't use phone alerts just begs for a disaster.
What if the alert is about the mail server itself?
Then a cellphone alert wouldn't work either - All the methods I know of for getting a call/page based on a server problem involve sending email to the cell/pager provider, which then relays the message to the phone/pager.
How will they explain that gouvernments and corporations need encryption but you don't?
Perhaps more importantly, "hiding" encryption (at least well enough to provide plausible deniability) takes relatively little effort.
Let's say PGP becomes illegal - I could personally, in under an hour, write a program to embed the PGP data in a sound clip of me saying "Hi $NAME, nice day today, can I borrow a cup of sugar?". Not talking about "real" steganography, but just pack the encrypted data as the low-nibble per sample. Wouldn't even produce a noticeable level of distortion (compared to using a consumer-grade PC microphone), and only increases the data size by a factor of four (for most typical emails without any attachments, the simple three-second message I wrote above would suffice - at the standard CD rate of 16/44.1, it would hold 33k worth of encrypted data).
Can the government detect that? Currently, I would say "probably". Add in a good data whitening filter to the encryption, along with some "real" steganography, and the actual message becomes indistinguishable from a high noise floor, unless you know exactly what to look for. Not only would you need your password to decrypt the actual encoded data, but it would also contain the parameters needed just to find the encrypted data in the first place.
Of course, all of this will become moot as soon as people notice that having ISPs add a back door almost certainly count as "boiling the frog"... Non-geeks say, "well, this only affects my ISP, not me, and it will help catch $SCAPEGOAT_OF_THE_WEEK", so they don't care. Next step, explain (slowly and carefully, so as not to spook the sheep) that such measures basically allow the government to see everything people do online - Then propose such backdoors in every PC. And people will once again rationalize it, "Well, they can already see everything I do, so if this will help catch $SCAPEGOAT_OF_THE_WEEK, I guess I can accept it".
And if you think that I overstate the situation, I'd point out that the government has already tried to jump right to that last step, but the sheep got spooked. So, this latest approach allows the gradual introduction of what they wanted in the first place.
Governments (and to a lesser degree, corporations) have an advantage over we mere mortals - They can plan for very long-term gains toward reaching their intended goals. Simply causing enough people to demand an end to this newest encroachment on our liberties won't have any effect - Mostly because not enough people can understand it, nevermind "do" understand it. But also because the government will just try again.
The best way to fight back involves presenting the government with a "put the genie back in the bottle" scenario - Before they manage to outlaw encryption altogether, we need to make sure that every single program that communicates with the outside world uses encryption. People won't fight back at something they don't perceive as a mere annoyance (such as having those bothersomely-abstract 4th amendment rights stripped away). If you force them to replace 90% of the software on their computer (which at best "scares" them out of lack of understanding, at at worst they actually have no clue how to comply with the law or even if they have violated it), you'll see one hell of public backlash.
All this crypto stuff is real nice and all, but if "they" want the info, you will be locked up until you give up the key.
True enough. However, at least currently, locking a person up until they reveal their key would require at least a court order (or even an actual trial? Not sure on that one).
Providing an easy passive backdoor into every ISP, on the other hand, makes it far to easy to casually snoop around looking for illegal material to follow up on.
If the FBI needs to investigate someone for an actual crime, I have no problem with them having the ability to obtain all relevant evidence. Having all the evidence available can prove innocence (funny idea, in a system that presumes innocence until proven guilty) just as readily as it can prove guilt. Not a problem.
Without an active investigation, probably cause, and a court order, however, we formerly had protection under the fourth amendment from precisely the activities such ISP backdoors would permit. that I have a problem with.
just watching where the traffic goes tells them more than you can hide with crypto
A number of remailers, similar to anonymizing HTTP proxies, already exist to deal with that problem. Not exactly perfect, but it at least means the government will (probably) only bother working backward through the chain of redirections to catch someone they really want.
Obviously, though, you have the right idea - If "they" want you, kiss yer anal virginity goodbye. But that doesn't mean we need to make what amounts to government-sanctioned voyeurism any easier.
Now would be the time to get using PGP and similar software.
Not a bad point at all - Such tools have existed for well over a decade, yet very few people use them. Time to really get on the ball and start teaching our friends and relatives - Even if we make it totally automated at their end, the goal has changed somewhat. Thanks to this new law, it doesn't really matter if physical access to either end compromises the connection, we just need to make sure nothing goes out in cleartext. So, even something as simple as "Okay Mom, if a little box pops up saying something about GPG, just type my birthday, okay?" would represent a dramatic improvement over our current situation.
However, we need to make the use of encryption more ubiquitous than just email. For example, almost no traffic leaves my house that doesn't use SSL. However, for *incoming*, therein we have the biggest flaw in security. Currently, we have almost no way to prevent our ISP (or the feds through them) from watching our web browsing. Even using an anonymizing proxy doesn't help much, if the traffic itself comes to me in the clear.
Ah, I babble a bit. Overall, I just want to make the point that we need to stop talking about how we can get around stupid laws like this with encryption, and start doing so, before it becomes a real problem. So, anyone reading this... Don't put it off until tomorrow. Install GPG on the PCs of everyone you know today. Tell their browser to use an anonymizing proxy that always uses https (Do any? If you know of one, please reply with a link). Outright remove any telnet and FTP clients from their machine, and replace them with SSH and SFTP clients. Kill AIM, and replace it with the encryption-enabled version of Trillian.
We need to make sure that everything going in or out uses encryption.
As an aside, if everyone used encrypted email, spam would cease to exist. It just costs to much CPU time for the spammers to encrypt ten million messages, thus making a "perfect" email filter as simple as dumping any unencrypted messages. Who needs Bill Gates? We just need to start using the tools already available.
A young boy's father wants the right to use the boy's genetic embryo clone to develop a baby who... ...will willingly submit to his constant
molestations. Michael Jackson will guest star
as himself.
Hey, whad'ya know, Google image search turned up a production still of what Mikey will look like in 25 years!
Ok, first of all, I'm pretty sure that number is way too low
:-)
I disagree...
I just went to their demo page, just to see if I had somehow "accidentally" blocked their content (I use severeral ad-blocking techniques, and any of them might have done the trick), since I have yet to see one of their ads.
You need WMP7.1, Microsoft's (not Sun's or IBM's) JRE, and MSIE.
Now, almost every Windows user has the first and last, but the middle one? AFAIK, microsoft can't even legally distribute it anymore, so that seems like a rather self-limiting requirement. Additionally, it would seem that even if you do have all the necessary software, you can avoid these ads simply by using Mozilla. Never have I felt more pleased to find "broken" content because I don't use MSIE.
But overall, I would say those numbers don't seem that low, for one reason - Only people who wanted to see the ads (or have a somewhat unusual combination of software on their system purely by coincidence - IIRC, Microsoft's JRE should only exist "stock" with WMP6, not 7) would have seen them. So, how many people would loudly complain about seeing something they had to go out of their way to see?
Basically, you just need to keep clear documentation indicating who owns the business and who works for it.
;-)
Additionally, you may want to file for LLC status, so if you and your girlfriend part ways on less than friendly terms, she can't take the business away from you.
If you just barely manage to stay afloat, this doesn't really matter. But if you start making good money (and to support three people, you presumeably can't do all that bad), CYA.
Of course, this only covers the business aspects of the arrangement. If things do go sour, you may end up estranged from family and your GF leaving for completely financial reasons. But you can't really do much to avoid that, short of listening to your father (Gack! Did I just say that? Damn, getting old, I guess...)
PS, IANAL, which for any discussion like this, we could all save time by just sticking that in our sigs.
Sedna? No. Plenty of people in this thread have complained about two facts - One, our planets have names derived from the Roman, not Inuit, panthon. And two, we already have a planet named after a sea-god, ie, Neptune.
So, I propose that in protest to such a blatant attempt at PC Multiculturalism, we as a community refer to the tenth planet as Nox, the Roman goddess of night. Since it lies the furthest from the sun, that actually fits it, in a descriptive sense.
Sedna... Whatever. Remember, we hear about this stuff months before your typical Fox news junkie, and people tend to respect us as sources of information. So spread the word - We have a new, tenth planet, named Nox. Sedna? Nope, they must have heard wrong. Nox. Nox? Nox!