The degree of ignorance demonstrated on this article almost left me speachless. Not only the logic, but the data he uses is so flawed, that I should be laughting hard right now, except for the possible consequences of the article.
Just because a Worm was released right after the patch was released, it mean that they used the patch to create the exploit ? That is simply being obtuse.
Real cracker (or whatever you like to call them) are not there to make their name. They are out there to make a profit. Simple as that. Those are the guys with real motivation (and I mean money) to explore all possibilities. I do agree that the kids that make the worms to became famous among their 13371 frieds won't spend days working on disassemble code, but you can be very sure someone willing to compromise an specific target (a bank, or a given company) will do that. Add a little social engeneering to the mix, and things get real ugly.
Usually, worms are released after the patch. True. That is usually when the so called "zero-day" exploit becames useless, or nearly so. Also, releasing a worm is a good way to divert the attention from the other bug the cracker will be exploiting. Believe me, I have seen companies with 400+ employess come nearly to a halt due to patch deployment after a new worm shows up.
So, slowing down patch releases will slow down new worms ? At first glance, yes. It will also multiply the number of active worms on the wild, and allow the bad-bad-bad guys to keep making money, and cause real trouble, the kind of trouble take can take a company out of the market.
I hope you don't use WinZip encryption (yes yes, been fixed, I suppose). Anyway, they have a nice cruster there. Computer power is something they are not lacking. Not that I think they would want to do that. My point is another entirely: just because some data is encrypted, it doesn't mean it is safe.
I might be wrong on this one, but I'm not sure I understand how threading is anything new. I have it since when I used ELM. Always had it on my usenet clients. I have it on Mutt.
Am I missing something ? Does GMail have another magic they are calling Threading ?
How about the USA lauching a GPS guided missile toward North Korea ? How about China lauching a missile toward North Korea ? Who will the all mighty USA side with ?
It's very well and good to look just to your own backyard, but the world is not USA. There are things outside, if you care to take a look.
We are no talking about USA jamming Galileo signal on USA territory. This is about USA being able to jam it ANYWERE.
Again: if the USA were going to be able to jam (or block) the Galileo signal on USA territory, then you can say it is a security measure, and a good(?) thing. But who gave USA rights to control signals on other countries ?
Looking at the moveabletype website, I just noticed they saying:
If you just want to get started with a full-featured weblog, we recommend TypePad, our simple weblog service, which is based on the Movable Type engine and requires no installation. TypePad weblogs are easy to customize and offer features like photo albums without requiring you to have a web server or any technical knowledge.
Haven't tried it, but looks like just what you want.
Don't know about you people, but most of the spams I receive don't have a contact e-mail address I can reply to. Many don't even have a web page. Only a phone number.
I have been involved in the past (last year) on this up to my neck. They are very serious about moving to Linux.
The President (Lula) is from PT (this political party). PT has been moving the IT infrastructure in several states then they have governors toward Linux. Rio Grande do Sul usualy is the case everyone mentions, but it not the only one.
The city of Sao Paulo adopted Linux on the computer labs in 900 municipal schools (mayor is a member of PT too).
I'm not a big fan of PT, so I'm nothing defending they here. But they are serious about Linux.
Brazil is the locus of script kiddies. People who spend too much time on IRC, talking on #warez-like channels, getting scripts to "hack" into other systems.
Yes, there are a few real hackers in Brazil. But not as many as people say.
We should probably add security reasons, employment reasons, resource reasons, government infrastructure reasons, political reasons, etc....etc...etc...
There are educational reasons as well, from what I've heard. But, I'm not sure I agree with that. Shouldn't studants have the oportunity to know and work we as many OSs as possible ?
Although I agree with "linux everywhere", at least on schools, dual boot (linux and windows) is still the right thing, from the educational point of view. If you can add to that other OSs, even better.
Actually, the major share holder of Conectiva is ABN AMRO BANK (from Netherlands), although, as far as I know, all development related decisions are still made by Brazilians.
Another point is that I never heard of any study about Conectiva being the most popular Linux distribution in LA. Conectiva claims are that it is the biggest linux solution provider in LA, which is in fact true.
Well, who am I to say all these thing. I actually use Conectiva Linux on all my machines, with no plans to migrate from it.
One thing I want to know is what the so called SCO Partners, like Conectiva and SuSE (the whole Unitedlinux shebang) is going to do about it.
Conectiva, at least, has issues a very vague stated saying they don't agree with SCO. But they are still working with them.
I'm sure there are many other companies that say they support the Linux comunity and the GPL, and are still working with SCO. Is that supposed to mean something ?
It maybe my bad english, but I don't think I ever said it was illegal. I said it would be a "legal bow". The point is that Microsoft is already being sued (by several parties) over "Anticompetitive practices" and other monopolistic behaviour.
This would not be a case by itself, but would probably hurt MS on the cases that are already on court.
But, once IANAL, I might be totally wrong about it.
Even for that greedy lot, I think that would be a little risky. If someone could produce real evidence of Microsoft's fingers on that one, it would be a severe legal bow.
Then again, I do hope this is true, and someone, somewho, will be able to get his hands on some irrefutable evidence.
I'm sure they are only doing it to help us, poor users. Yep, that must be it. Isn't that the only thing they do ? Users first, profits last ? Don't you just love all this selflessness we get theses days from these big, monopolistic corps ?
Is Verisign doing it to help us ? Great. Errr. Lets check that. Why don't ICANN gives an ok for Sitefinder, as long as it does not contain ANY advertisement (even Verisign own advertisement) ? If they are doing it only to help, I'm sure they will agree. The thing that really amazes me is not what Verisign is doing, but that people are really buying this crap about doing it to help the users.
I stand corrected. I always sucked at Chemistry and Biology at school.
On the other hand, 66.35.250.150 is not a DNS sequence. It is an IP sequence, if you want to call it that way:) A DNS sequence would be something like www.what_the_hell.are_we.talking_about.com:)
And yes, that was innocent:) Thank you for the vote of confidence.
DNA sequences always come in pairs. There are 7 letters in GATTACA, so it can't be a DNA sequence.
And, AFAIK (and I could be very wrong at this), you would never find a double-T DNA pair.
Based on the chamicals letters ? Yes. A DNS sequence ? Definitively no.
Slashdot Mirror
The degree of ignorance demonstrated on this article almost left me speachless. Not only the logic, but the data he uses is so flawed, that I should be laughting hard right now, except for the possible consequences of the article.
Just because a Worm was released right after the patch was released, it mean that they used the patch to create the exploit ? That is simply being obtuse.
Real cracker (or whatever you like to call them) are not there to make their name. They are out there to make a profit. Simple as that. Those are the guys with real motivation (and I mean money) to explore all possibilities. I do agree that the kids that make the worms to became famous among their 13371 frieds won't spend days working on disassemble code, but you can be very sure someone willing to compromise an specific target (a bank, or a given company) will do that. Add a little social engeneering to the mix, and things get real ugly.
Usually, worms are released after the patch. True. That is usually when the so called "zero-day" exploit becames useless, or nearly so. Also, releasing a worm is a good way to divert the attention from the other bug the cracker will be exploiting. Believe me, I have seen companies with 400+ employess come nearly to a halt due to patch deployment after a new worm shows up.
So, slowing down patch releases will slow down new worms ? At first glance, yes. It will also multiply the number of active worms on the wild, and allow the bad-bad-bad guys to keep making money, and cause real trouble, the kind of trouble take can take a company out of the market.
I hope you don't use WinZip encryption (yes yes, been fixed, I suppose).
Anyway, they have a nice cruster there. Computer power is something they are not lacking. Not that I think they would want to do that. My point is another entirely: just because some data is encrypted, it doesn't mean it is safe.
I might be wrong on this one, but I'm not sure I understand how threading is anything new. I have it since when I used ELM. Always had it on my usenet clients. I have it on Mutt.
Am I missing something ? Does GMail have another magic they are calling Threading ?
Of course we pressured them to make their system weak!
what blows my mind is that countries actually give in and do this!
I think these statements summarize the whole point, doesn't it ? After all, if the other countries do give in, the USA is already in control.
How about the USA lauching a GPS guided missile toward North Korea ? How about China lauching a missile toward North Korea ? Who will the all mighty USA side with ?
It's very well and good to look just to your own backyard, but the world is not USA. There are things outside, if you care to take a look.
We are no talking about USA jamming Galileo signal on USA territory. This is about USA being able to jam it ANYWERE.
Again: if the USA were going to be able to jam (or block) the Galileo signal on USA territory, then you can say it is a security measure, and a good(?) thing. But who gave USA rights to control signals on other countries ?
Please, grow up, and look outside your window.
Actually, the correct plural form for "virus", in latin, would be "viri" (one "i" only).
:)
PS: Can't get more off-topic than this
Looking at the moveabletype website, I just noticed they saying:
If you just want to get started with a full-featured weblog, we recommend TypePad, our simple weblog service, which is based on the Movable Type engine and requires no installation. TypePad weblogs are easy to customize and offer features like photo albums without requiring you to have a web server or any technical knowledge.
Haven't tried it, but looks like just what you want.
Link
Okey, lets post the correct link here, so we can help /.'ing it a bit.
drupal.org
Anybody else shocked ?
Actually, and sadly, no.
Caldera (now SCO) has been sueing people for a long time now. (See: Caldera x Microsoft)
Don't know about you people, but most of the spams I receive don't have a contact e-mail address I can reply to. Many don't even have a web page. Only a phone number.
As the late Frank Herbet wrong in one of his Dune books: "Slaves make terrible masters".
Yes, I get the picture. Lets just hope the diversity we have on the Linux world will prevent that from happening here too.
Try using the link I provided. It actually has www before the domainname. Not every side worth both ways. This one doesn't.
I hope you don't want it in English, couse you won't get it. It was printed by a small, unknown editorial company in Brazil.
You can get it on-line, for R$ 9,00 (aprox. US$ 3,00), here.
Actually, at least in this case, you are wrong.
I have been involved in the past (last year) on this up to my neck. They are very serious about moving to Linux.
The President (Lula) is from PT (this political party). PT has been moving the IT infrastructure in several states then they have governors toward Linux. Rio Grande do Sul usualy is the case everyone mentions, but it not the only one.
The city of Sao Paulo adopted Linux on the computer labs in 900 municipal schools (mayor is a member of PT too).
I'm not a big fan of PT, so I'm nothing defending they here. But they are serious about Linux.
If Brazil remains a locus of "grayhat" activity
Brazil is the locus of script kiddies. People who spend too much time on IRC, talking on #warez-like channels, getting scripts to "hack" into other systems.
Yes, there are a few real hackers in Brazil. But not as many as people say.
We should probably add security reasons, employment reasons, resource reasons, government infrastructure reasons, political reasons, etc....etc...etc...
There are educational reasons as well, from what I've heard. But, I'm not sure I agree with that. Shouldn't studants have the oportunity to know and work we as many OSs as possible ?
Although I agree with "linux everywhere", at least on schools, dual boot (linux and windows) is still the right thing, from the educational point of view. If you can add to that other OSs, even better.
Just so we don't miss the point:
Actually, the major share holder of Conectiva is ABN AMRO BANK (from Netherlands), although, as far as I know, all development related decisions are still made by Brazilians.
Another point is that I never heard of any study about Conectiva being the most popular Linux distribution in LA. Conectiva claims are that it is the biggest linux solution provider in LA, which is in fact true.
Well, who am I to say all these thing. I actually use Conectiva Linux on all my machines, with no plans to migrate from it.
One thing I want to know is what the so called SCO Partners, like Conectiva and SuSE (the whole Unitedlinux shebang) is going to do about it.
Conectiva, at least, has issues a very vague stated saying they don't agree with SCO. But they are still working with them.
I'm sure there are many other companies that say they support the Linux comunity and the GPL, and are still working with SCO. Is that supposed to mean something ?
It maybe my bad english, but I don't think I ever said it was illegal. I said it would be a "legal bow". The point is that Microsoft is already being sued (by several parties) over "Anticompetitive practices" and other monopolistic behaviour.
This would not be a case by itself, but would probably hurt MS on the cases that are already on court.
But, once IANAL, I might be totally wrong about it.
Even for that greedy lot, I think that would be a little risky. If someone could produce real evidence of Microsoft's fingers on that one, it would be a severe legal bow.
Then again, I do hope this is true, and someone, somewho, will be able to get his hands on some irrefutable evidence.
I wonder if I'll be able to run it under wine. Or cxoffice/plugin.
Any takers on that ?
I'm sure they are only doing it to help us, poor users.
Yep, that must be it. Isn't that the only thing they do ? Users first, profits last ?
Don't you just love all this selflessness we get theses days from these big, monopolistic corps ?
Is Verisign doing it to help us ? Great. Errr. Lets check that.
Why don't ICANN gives an ok for Sitefinder, as long as it does not contain ANY advertisement (even Verisign own advertisement) ? If they are doing it only to help, I'm sure they will agree.
The thing that really amazes me is not what Verisign is doing, but that people are really buying this crap about doing it to help the users.
I stand corrected. I always sucked at Chemistry and Biology at school.
:) A DNS sequence would be something like www.what_the_hell.are_we.talking_about.com :)
:) Thank you for the vote of confidence.
On the other hand, 66.35.250.150 is not a DNS sequence. It is an IP sequence, if you want to call it that way
And yes, that was innocent
Hence the name GATTACA is a sequence of DNA.
DNA sequences always come in pairs. There are 7 letters in GATTACA, so it can't be a DNA sequence.
And, AFAIK (and I could be very wrong at this), you would never find a double-T DNA pair.
Based on the chamicals letters ? Yes. A DNS sequence ? Definitively no.