bigpat wrote: Having some sort of receipt just misses the point and seems overly complicated. But mostly it doesn't properly address privacy concerns and vote buying or coersion... if you have a receipt and the votes that correspond to that receipt are publicly released and you were told to vote a certain way by your union or boss, then you can be coerced to show your receipt to someone
You didn't read it right. You can't print out your throwaway half and see who you voted for. You can print out (from the website) a copy of the half you took with you, to confirm that your vote wasn't tampered with between you placing it and it getting to the central database or wherever. This sentence (from the article) confused me for a moment too, and I think you misunderstood it: "You would then be able to check for yourself that it has been posted correctly by, for instance, printing it out and overlaying the two and seeing that they are the same." They mean you can print out your half, not the other half that would reveal who you voted for.
The whole point of these fancy reciepts is that nobody can use your receipt to see who you voted for. They can only use your receipt to confirm your vote is on the site (and as such, that you voted).
(Mods should really mod the parent comment down as it's spreading a total misunderstanding of the concept).
Riight, lets punish the ignorant victims for their ignorance... 'Cause fining the richest man in the world, or his company that is the cause of most of the problems, why.. that... that would be crazy!
*shakes head*
This is a horrible idea for oh so many reasons. The first that comes to mind is that government mandates about ISP logging and packet blocking are a bad thing. Once a national infrastructure is in place that allows a government sponsored program to declare certain packets or application signatures "bad", what's to stop them from adding more things than just viruses? It would be trivial, technically, to write a 'virus definition' for p2p traffic. It would be almost as trivial, and only a bit more expensive, to get this done on a political level (a certain senator from disney would probably love to help out). When the DMCA crowd is done adding their firewall rules, maybe the Patriot Act fan club will want to throw in a few too... What it comes down to is that the U.S. government cannot be allowed to regulate the internet in this manner.
Which also brings up another point; being US-only, this system is pretty worthless for stopping attacks. To be effective, the law would need to require extensive "border" filtering at sites with international peers. See point above about why this is really bad. Fortunately, this whole proposition is such preposterous crazytalk that I don't think it actually has much of any chance at happening.
I think a better idea would be to implement new regulations surrounding software warranties. I don't know how exactly it should be done, but I do know that (a) if a company's ReallyExpensiveProduct routinely breaks and causes large financial damages for it's users, the company should be somehow held liable, and they shouldn't be able to get out of it with a clause in an EULA. But at the same time, (b) independent programmers who are giving their software away need to be able to do it without taking on liability, or they won't be able to do it at all, and we won't have Free software. The No Warranty clause of the GPL is a very important one. It would be great if paying for software meant you had more guarantee that it was going to work... it's really a bit bizarre that today the software you can get for free works better than the software that costs money. Perhaps a sliding scale price based warranty would help with that.
I wonder why they didn't just point DNS for the website to 127.0.0.1.
Better still, why not put 30 or 40 round robin DNS entries in? Symantec says there's about 228,000 infected boxes; with 40 different IPs on windowsupdate.com's DNS record, each server would be hit by less than 6,000 attackers. Surely, with the time they've had to prepare, they should have been able to handle this.. I'm really surprised that they actually took windowsupdate offline. I think any competent sysadmin with the financial resources of MS behind them should have been able to weather this storm without any loss of service.
I've been kind of wondering if there might not be some other exploit that some researcher is waiting to release, after everyone's auto update is broken...
Hmm... so are you saying that the events futures market (why does that sound so wierd to me?) is really a means of the government trolling for terrorists? Interesting way to combat terrorism...
If you read their TOS it probably says "if you bet on a terrorist act occurring, and then it occurs, we can detain you as a suspect indefinitely". Because only terrorists would bet against the USA.
Seriously though, I think this is an absolutely horrifyingly terribly offensive proposition, and if they actually go live with it I'll probably sign up and place some bets.
Yeah yeah, I know, they're trying to call it "trading" instead of "betting," but whatever...
I have a feeling that the apple boxen will still be better workstations for the money. These machines will be optimized for transactions per second.
If they can ship a quad-proc G5 for $3500, the apple boxen will definitely not be better for the money. Regardless of any server optimizations, I fail to see how these machines could _not_ make bad ass workstations.
Does anyone know if the $3500 price includes an SCO/Linux license though? Because I hear you need those nowadays, if you want to run the linux.
PDF is a native graphics format for MacOS X. open/System/Library/CoreServices/SystemStarter/QuartzD isplay.bundle/Resources/BootPanel.pdf Look familiar? (on preview: drop the space in "QuartzD isplay" that slashcode put there)
While your statements may have a grain of truth to them, uh, excuse me, do I know you? The statements I made to MADCOWbeserk were in response to information he had shared about his lifestyle. As far as I can recall, I've shared no such information.
Do you have any reason to believe I'm not writing this from a net cafe in a 3rd world country? (Granted, I'm not, but how do you know?)
And although I do probably rank in the upper 10% of the worlds consumers, as you stated, I'm certainly making a better effort to live a sustainable life than mister "gated community, house in the keys also" above.
I found a company there that uses 2.4ghz to broadcast 2.4ghz thoughout the island.
Many people do generally find that 2.4ghz is in fact the best carrier for their 2.4ghz applications.
<but-seriously>
Anyway I also live in gated community [...] By the way I also have a place in Marathon on the Florida keys
I know that Americans generally like to use more, but two homes? One in a gated community and one in the Keys? I mean, don't you ever feel like a evil, greedy, opulent sack of shit when you get up in the morning?
I live in a group house, and there's 9 of us with wireless ethernet running throughout the entire place. If RIAA sues because they suspect one of us is downloading something illegal, how do they decide who gets the blame, if all 9 of us are dhcp'd behind NAT, with only one publically addressable IP?
With many p2p networks, it is actually possible to (remotely) tell what a NATed client's internal IP is. I know this is the case with KaZaa at the very least, and probably others too. Now weather the RIAA would make use of that information to avoid prosecuting the wrong people, is another matter entirely...
You can't fathomably put it all on the one sap who registered for the DSL connection can you?
I don't know. Have you read your AUP? I suspect it is quite fathomable.
From reading the article, it looks like they didn't even bother using WEP
Aside from the fact that WEP is breakable and thus useless, if they had used WEP (and it wasn't broken) the data still would have been accessible to the legitimate wifi users (unless this was a special AP for people who need to see this data). They said the data was accessible to unauthorized users inside the network, too. And they fixed it by turning off the AP?
I salute the newspaper for taking the initive (and, perhaps, the risk) of accessing the data themselves. But I wish they would have spun it more as a "piss poor security" issue than a "wireless security" issue. As far as I can tell, this has hardly anything to do with wireless at all. It's certainly not a reason for schools to not run open networks. They just need to secure their wired networks just like they should have before wireless!
This is great news! While mp3 technology may soon be illegal in the U.S., the conservatives have shown they are highly dedicated to protecting our god-given right to carry an assault riffle! I can't wait until I have to hide my mp3s in an Ak-47 to keep the secret police from finding them...
This ruling is extra notable because Powell, the FCC Chairman, publicly disagrees [yahoo.com] with their decision: "An FCC chairman has not dissented from a high-profile FCC ruling for roughly 15 years." Powell was a very strong proponent for deregulation, and it seems this time around, state regulators and Bell want the status quo.
Keep in mind though, powell wanted to deregulate it even more, as in no line sharing discounts for anyone. As it is, this change only fucks DSL competitiors. If powell had his way, they would've fucked local telco competitors too (which actually do exist in many markets now). Powell is Colon's son, btw (I wonder if that whole family is evil oreo motherfuckers?).
The "local" competitors that this change doesn't fuck over, though, are largly made up of big corporations anyway. MCI, att, etc, all offer local phone service in my area now. And PacBell (now SBC), who has been our longtime local carrier, is offering long distance too. It's all very strange.
I was really disappointed by Dennis' answers. The man that created C describes his current coding activities as "I fix things now and then, more often tweak HTML and make scripts to do things."
But, Dennis, thats what _I_ do! Unless my textbooks have seriously misled me, this guy is one of the two most important people the history of computing. And he sits around writing HTML and browsing the web on a WinNT box?! This is just depressing.
If Apple has really done this with a wrapper, could this mean, that we may get a lot more qt programs ported to MacOS X?!? Another reason to buy a Mac?
You don't need a wrapper for Qt on the mac. Qt/Mac has been out for some time now, though it's gotten surprisingly little press. It's source compatible with Qt/Windows, and provides *real* native aqua controls (unlike MacGtk) via carbon. Yes, "Another reason to buy a mac". Is someone keeping a list somewhere?
hesiod says:
Is he saying that "Gobbles" runs Bugtraq.org? Am I missing something here, or is he full of shit?
Jesus fuck, people on slashdot are fucking stupid!
Facts:
1. Gobbles are not stupid, they've come up with many innovative
exploits, and are without a doubt very talented hackers. You may remember them from such classics as the linuxslapper worm (based on their apache-scalper code), or the nifty ettercap remote-root-via-irc exploit. 2. Obviously, the RIAA didn't hire them to "hack back". If the RIAA hired people to hack, they wouldn't talk about it on a fucking mailing list. (Furthermore, the bill that hinted at such "hack backs" wasn't ever passed.) 3. Gobbles is prone to making hilarious outlandish claims. Clearly, this is a simple mpg123 exploit preceeded with a very funny joke to make the RIAA look bad. 4. Yes, gobbles runs "bugtraq.org". That has nothing to do with the securityfocus mailinglist called bugtraq, however. It's just a domain name.
Suggested reading:
- BugTraq post with the funny RIAA bit, followed by actual mpg123 exploit code
- Gobbles Homepage (sometimes available at bugtraq.org, but currently down there, and up here)
So, in conclusion, the news here is this:
mpg123 has a vuln. Gobbles are some funny guys. The p2p networks are not 0wned. (And, oh yeah, both the register and slashdot got trolled again. But thats not news anymore than "it's raining in seattle".)
praying to god that the Supreme courts find for the plaintifs.
Checkitout, instead of silently "praying" to "god", why don't you write a letter to someone who matters, like a judge or politician? This case is mostly about jurisdiction, and last I checked imaginary beings don't have any in our legal system.
People in Washington are just using terrorism as an excuse to push an agenda that has nothing to do with terrorism and existed long before 9/11. LLNL, for example, has been an irritation for the Bush administration, and that kind of government funded research doesn't fit too well into their philosophy anyway; that's why they like to play football with it.
1. It's a typo. They're not getting shutdown. 2. Defense Contractors don't fit into the Bush administration's philosophy? Wtf are you smoking? 3. There is no step three.
USB 1.1 transfers at a maximum rate of 12Mbit/sec whereas USB 2.0 (which the T/M uses, at least according to the story write-up) can transfer at a maximum rate of 480Mbit/sec (or 60MByte/sec).
Thats nice and all, but my laptop has usb1 and firewire, and doesn't have usb2, so I'm still stuck at that 12MBit/sec (and even that is a theoretical max I'll likely never get close to).
Has usb2 really been adopted very widely yet?!
In any case, I'll take a firewired Apple iPod over one of these any day.
The big selling point for the slashdot crowd seems to be that it runs linux, but with a proprietary front end running on that 4-lines-of-text screen, and fat32 for the filesystem, I hardly think thats very cool. The instructions don't even mention how you'd connect it to anything besides windows; this isn't really a linux (or mac) user targeted product at all. Methinks they went with linux not for the "love of the game" but rather because it makes for a good cheap embedded OS.
btw, anyone know anything about hacking these things? ie actually getting a shell on it? (on your pc, of course, on it's own screen would be a joke)
Slashdot Mirror
One wonders what exactly happens during patent reviews.
bigpat wrote: Having some sort of receipt just misses the point and seems overly complicated. But mostly it doesn't properly address privacy concerns and vote buying or coersion... if you have a receipt and the votes that correspond to that receipt are publicly released and you were told to vote a certain way by your union or boss, then you can be coerced to show your receipt to someone
You didn't read it right. You can't print out your throwaway half and see who you voted for. You can print out (from the website) a copy of the half you took with you, to confirm that your vote wasn't tampered with between you placing it and it getting to the central database or wherever. This sentence (from the article) confused me for a moment too, and I think you misunderstood it: "You would then be able to check for yourself that it has been posted correctly by, for instance, printing it out and overlaying the two and seeing that they are the same." They mean you can print out your half, not the other half that would reveal who you voted for.
The whole point of these fancy reciepts is that nobody can use your receipt to see who you voted for. They can only use your receipt to confirm your vote is on the site (and as such, that you voted).
(Mods should really mod the parent comment down as it's spreading a total misunderstanding of the concept).
Riight, lets punish the ignorant victims for their ignorance... 'Cause fining the richest man in the world, or his company that is the cause of most of the problems, why.. that... that would be crazy!
*shakes head*
This is a horrible idea for oh so many reasons. The first that comes to mind is that government mandates about ISP logging and packet blocking are a bad thing. Once a national infrastructure is in place that allows a government sponsored program to declare certain packets or application signatures "bad", what's to stop them from adding more things than just viruses? It would be trivial, technically, to write a 'virus definition' for p2p traffic. It would be almost as trivial, and only a bit more expensive, to get this done on a political level (a certain senator from disney would probably love to help out). When the DMCA crowd is done adding their firewall rules, maybe the Patriot Act fan club will want to throw in a few too... What it comes down to is that the U.S. government cannot be allowed to regulate the internet in this manner.
Which also brings up another point; being US-only, this system is pretty worthless for stopping attacks. To be effective, the law would need to require extensive "border" filtering at sites with international peers. See point above about why this is really bad. Fortunately, this whole proposition is such preposterous crazytalk that I don't think it actually has much of any chance at happening.
I think a better idea would be to implement new regulations surrounding software warranties. I don't know how exactly it should be done, but I do know that (a) if a company's ReallyExpensiveProduct routinely breaks and causes large financial damages for it's users, the company should be somehow held liable, and they shouldn't be able to get out of it with a clause in an EULA. But at the same time, (b) independent programmers who are giving their software away need to be able to do it without taking on liability, or they won't be able to do it at all, and we won't have Free software. The No Warranty clause of the GPL is a very important one. It would be great if paying for software meant you had more guarantee that it was going to work... it's really a bit bizarre that today the software you can get for free works better than the software that costs money. Perhaps a sliding scale price based warranty would help with that.
I reckon the feds must be buying something from apple, anyway...
Windmill bird deaths are rare, you're repeating an urban legend someone told you. If you're going to argue, please bring facts.
I say we should sit tight and allow technologies to improve. Let's learn about all the nasty effects of these alternate sources of energies.
.
:)
Please, go on, tell us what kind of "nasty effects" wind and solar power have in store . .
(I know, I know, IHBT
I wonder why they didn't just point DNS for the website to 127.0.0.1.
Better still, why not put 30 or 40 round robin DNS entries in? Symantec says there's about 228,000 infected boxes; with 40 different IPs on windowsupdate.com's DNS record, each server would be hit by less than 6,000 attackers. Surely, with the time they've had to prepare, they should have been able to handle this.. I'm really surprised that they actually took windowsupdate offline. I think any competent sysadmin with the financial resources of MS behind them should have been able to weather this storm without any loss of service.
I've been kind of wondering if there might not be some other exploit that some researcher is waiting to release, after everyone's auto update is broken...
Hmm... so are you saying that the events futures market (why does that sound so wierd to me?) is really a means of the government trolling for terrorists? Interesting way to combat terrorism...
If you read their TOS it probably says "if you bet on a terrorist act occurring, and then it occurs, we can detain you as a suspect indefinitely". Because only terrorists would bet against the USA.
Seriously though, I think this is an absolutely horrifyingly terribly offensive proposition, and if they actually go live with it I'll probably sign up and place some bets.
Yeah yeah, I know, they're trying to call it "trading" instead of "betting," but whatever...
I have a feeling that the apple boxen will still be better workstations for the money. These machines will be optimized for transactions per second.
If they can ship a quad-proc G5 for $3500, the apple boxen will definitely not be better for the money. Regardless of any server optimizations, I fail to see how these machines could _not_ make bad ass workstations.
Does anyone know if the $3500 price includes an SCO/Linux license though?
Because I hear you need those nowadays, if you want to run the linux.
oh, fuck.
PDF is a native graphics format for MacOS X. /System/Library/CoreServices/SystemStarter/QuartzD isplay.bundle/Resources/BootPanel.pdf
open
Look familiar? (on preview: drop the space in "QuartzD isplay" that slashcode put there)
While your statements may have a grain of truth to them, uh, excuse me, do I know you? The statements I made to MADCOWbeserk were in response to information he had shared about his lifestyle. As far as I can recall, I've shared no such information.
Do you have any reason to believe I'm not writing this from a net cafe in a 3rd world country? (Granted, I'm not, but how do you know?)
And although I do probably rank in the upper 10% of the worlds consumers, as you stated, I'm certainly making a better effort to live a sustainable life than mister "gated community, house in the keys also" above.
<but-seriously> I know that Americans generally like to use more, but two homes? One in a gated community and one in the Keys? I mean, don't you ever feel like a evil, greedy, opulent sack of shit when you get up in the morning?
From reading the article, it looks like they didn't even bother using WEP
Aside from the fact that WEP is breakable and thus useless, if they had used WEP (and it wasn't broken) the data still would have been accessible to the legitimate wifi users (unless this was a special AP for people who need to see this data). They said the data was accessible to unauthorized users inside the network, too. And they fixed it by turning off the AP?
I salute the newspaper for taking the initive (and, perhaps, the risk) of accessing the data themselves. But I wish they would have spun it more as a "piss poor security" issue than a "wireless security" issue. As far as I can tell, this has hardly anything to do with wireless at all. It's certainly not a reason for schools to not run open networks. They just need to secure their wired networks just like they should have before wireless!
This is great news! While mp3 technology may soon be illegal in the U.S., the conservatives have shown they are highly dedicated to protecting our god-given right to carry an assault riffle! I can't wait until I have to hide my mp3s in an Ak-47 to keep the secret police from finding them...
This ruling is extra notable because Powell, the FCC Chairman, publicly disagrees [yahoo.com] with their decision: "An FCC chairman has not dissented from a high-profile FCC ruling for roughly 15 years." Powell was a very strong proponent for deregulation, and it seems this time around, state regulators and Bell want the status quo.
Keep in mind though, powell wanted to deregulate it even more, as in no line sharing discounts for anyone. As it is, this change only fucks DSL competitiors. If powell had his way, they would've fucked local telco competitors too (which actually do exist in many markets now). Powell is Colon's son, btw (I wonder if that whole family is evil oreo motherfuckers?).
The "local" competitors that this change doesn't fuck over, though, are largly made up of big corporations anyway. MCI, att, etc, all offer local phone service in my area now. And PacBell (now SBC), who has been our longtime local carrier, is offering long distance too. It's all very strange.
I was really disappointed by Dennis' answers. The man that created C describes his current coding activities as "I fix things now and then, more often tweak HTML and make scripts to do things."
But, Dennis, thats what _I_ do!
Unless my textbooks have seriously misled me, this guy is one of the two most important people the history of computing. And he sits around writing HTML and browsing the web on a WinNT box?! This is just depressing.
If Apple has really done this with a wrapper, could this mean, that we may get a lot more qt programs ported to MacOS X?!? Another reason to buy a Mac?
You don't need a wrapper for Qt on the mac. Qt/Mac has been out for some time now, though it's gotten surprisingly little press. It's source compatible with Qt/Windows, and provides *real* native aqua controls (unlike MacGtk) via carbon. Yes, "Another reason to buy a mac". Is someone keeping a list somewhere?
Facts:Suggested reading:
- BugTraq post with the funny RIAA bit, followed by actual mpg123 exploit code
- Gobbles Homepage (sometimes available at bugtraq.org, but currently down there, and up here)
So, in conclusion, the news here is this:You may now return to filesharing as usual.
Random question: Was that the same Jefferies for whom the (in)famous Jefferies tubes are named?
It is indeed. Google has more.
People in Washington are just using terrorism as an excuse to push an agenda that has nothing to do with terrorism and existed long before 9/11. LLNL, for example, has been an irritation for the Bush administration, and that kind of government funded research doesn't fit too well into their philosophy anyway; that's why they like to play football with it.
1. It's a typo. They're not getting shutdown.
2. Defense Contractors don't fit into the Bush administration's philosophy? Wtf are you smoking?
3. There is no step three.
NO FIGHTING IN THE WAR ROOM!!!
(lameness-filter-defeating text... (I'll yell if I want to, damnit))
USB 1.1 transfers at a maximum rate of 12Mbit/sec whereas USB 2.0 (which the T/M uses, at least according to the story write-up) can transfer at a maximum rate of 480Mbit/sec (or 60MByte/sec).
Thats nice and all, but my laptop has usb1 and firewire, and doesn't have usb2, so I'm still stuck at that 12MBit/sec (and even that is a theoretical max I'll likely never get close to).
Has usb2 really been adopted very widely yet?!
In any case, I'll take a firewired Apple iPod over one of these any day.
The big selling point for the slashdot crowd seems to be that it runs linux, but with a proprietary front end running on that 4-lines-of-text screen, and fat32 for the filesystem, I hardly think thats very cool. The instructions don't even mention how you'd connect it to anything besides windows; this isn't really a linux (or mac) user targeted product at all. Methinks they went with linux not for the "love of the game" but rather because it makes for a good cheap embedded OS.
btw, anyone know anything about hacking these things?
ie actually getting a shell on it?
(on your pc, of course, on it's own screen would be a joke)