If I did full time forensics I would be much less worried about having to get a license than the ambiguous legal landscape that existed when I did some cases in the mid 90s. You can't preserve the rule of law by breaking it. And even if you do keep to legal methods you have to be sure that you can prove that is what you did or else you can find the criminal you are trying to stop suddenly turns the tables on you.
I don't think anyone should have to worry about investigating their own machine. But what if you are going to trace the attack to the source? At what point does that become hacking? What if you have someone hand you information that has maybe been obtained by dubious methods? In the 1990s nobody knew where the line was drawn.
What happens if you hire someone to do that type of work? Are you going to be liable if they use pretexting or the like?
If Clifford Stoll was using the same techniques today he might well have had some legal issues. Even if you don't break the law you can still ruin the chances of a successful prosecution by contaminating evidence.
I don't want to have people who are working for me acting as vigilantes. I don't want them to collect information in ways that disrupts Law Enforcement efforts. This is a professional business now and we have to act like professionals. People need to understand that there is a line and consequences for crossing it.
The rise in OS/X has nothing to do with OS/X or UNIX. OS/X is not much different from Windows any more unless you have already joined the Jobs cult.
Sales of Apple computers are being driven by the iPod and other Apple gear, not the other way round. There is no way that I would have considered buying an Apple machine for a minute until I bought the iPod. Once you have an iPod and use it for a couple of years and see how it is clearly superior to the Archos or RCA devices you had before it becomes much easier to think about buying a Mac.
The reasons I did not are 1) I use my right mouse button all the time and don't feel like switching and 2) I write code and don't feel like learning an alternative to Visual Studio 3) I don't see the superior style of the Apple gear justifies those costs 4) at the time I bought Apple did not meet my performance requirements. It is no longer a matter of price, the price markup on the Voodoo kit I bought was rather more than the Apple markup.
The other trend underway here is that Apple is not selling computers, they are selling home computing appliances. These are not desktops, it is not about desks at all. Couch-side is closer to the mark.
Spamming is theft, and any company involved in it is not legit, by definition.
By legitimate in this context I mean a company that is willing to provide their registered place of business, the names and addresses of the directors and that it operates in a country where the rule of law applies, process can be served etc.
It is a low bar, according to this definition even Enron would pass. But 98% plus of the spam comes from companies that could not come close to meeting it. The vast majority of spam today is phishing fraud, advance fee fraud, malware attacks, sale of hijacked software, etc. etc. In part this is a result of CANSPAM which effectively criminalized the only remaining grey-area uses of spam, in particular peddling porn, but its where the market was headed in any case.
At one time there were interminable arguments as to the definition of 'spam'. There were grey areas. So for example, I mention that I just wrote a book on stopping Internet crime in this thread where it is on topic, most people would not consider that spam. If on the other hand I write a robot to respond to every article in Slashdot repeatedly mentioning my book that is spam. Inbetween there is a grey area. When spam was first recognized as a problem there were plenty of people who were setting themselves up as the supreme arbiters of where exactly the line should be drawn and threatening 'zero-tollerance' of anyone who refused to comply with their demands. They were a bunch of self appointed little-Hittlers. It wasn't about stopping spam anymore, it was about projecting their control and authority.
There is a small amount of spam that comes from legitimate companies. It is mostly due to incompetent and corrupt middle managers who are desperate to make their number at the end of the quarter. It is very bad practice and quite a few companies are deploying compliance checking systems to prevent this type of spamming. But spam has become such an ineffective marketting tool that it is an insignificant part of the signal. Anti-spam vigilantism is a bigger problem than this type of spam.
The anwser to spam is accountability. First authenticate the email sender, then determine if their reputation and/or other accreditations demonstrate that they are an accountable sender. Finaly if a sender spams, then consequences. The likes of Ralsky are only going to respond to civil or criminal proceedings. But legitimate companies will respond more quickly to the threat of having their mail rejected by receivers.
That is why we have spent so much time on SPF/SenderID and DKIM.
It's fairly easy to blame the victim, until it's someone you know.
Admittedly, the cited scams seem fairly outlandish, but there are some quality hustlers out there.
I have not read the indictment yet, but it might not be a pure confidence trick.
What we have seen with a lot of recent pump and dump schemes is that the scammers send out some pump spam, then quickly buy some stock themselves, then they then they buy lots more stock from other people's stock broking accounts that they have bought phished credentials for, selling their own stock into the bubble they create.
As I said, I don't know if this is alleged here but it is very hard to prove, they can explain their peculiar purchases by claiming that they acted on the email tip. It is plausible deniability.
So don't blame the prosecutors for only charging what they can prove, there could be more to it.
My book, The dotCrime Manifesto: How to Stop Internet Crime was published today. There is a whole host of spam scams described. But at this point spam is pretty much 98% hard core organized crime. The amount of spam from half-way legit companies is a rounding error.
Mod me down if you wish, but The IRA don't wear turbans or crash planes into buildings or ramble about 72 virgins in heaven.
No, but they killed more people than Al Qaeda have to date.
And as Giuliani himself points out, terrorists help each other. He probably knows that the IRA and the PLO have been allied for decades, but his base does not.
Its hard to see how Giuliani improves US-UK relations when he gave a humanitarian award to the man who tried and almost succeeded in murdering Her Majesties Government. It is not as if the US has exactly got a wealth of allies left after seven years of W.
It is also a character issue. Yes, character does matter. And no, a man like Giuliani who raises money for murderers just to pander for a few votes is not someone the US needs in any office.
Maybe it's actually more people under 30 get their news from Jon Stewart than from any other source BECAUSE OF the fact that Stewart's fake news is better than the real news. Jon Stewart probably spends a lot more time discussing important topics than mainstream media. He might do so in a humorous way, but the content is still there.
Well yes, that was my point.
It is also a point Jon Stewart keeps making himself. Not to set his own coverage up as good but to ask the establishment news media to improve. He did this when he appeared on what became the edition of crossfire that shut the show down. "Please stop, you are hurting the country", yes conflict is fun for a while, but its also tedious when every news item is turned into drama.
I love the Daily Show, but juxtaposing clips of persons saying completely different things isn't news because in the real world, situations change and it's often useful to behave inconsistently (cue Emerson's "a foolish consistency is the hobgoblin of little minds" quote). Further, the Daily Show's juxtapositions are not always valid -- I've seen quite a few old quotes taken out of context, but that's okay because it's not real news.
The point is that these contradictions are ignored by the mainstream media.
Fact: Before 9/11 Rudy Giuliani was a supporter of and fundraiser for a terrorist organization.
This isn't hypothesis or inference. Giuliani attended numerous IRA fundraising events and these were reported in the New York Times at the time. Giuliani attended the events to be reported. I don't think that Giuliani ever seriously supported the methods of the IRA but he was willing to at least pretend that he did in order to court the NYC Irish vote.
The IRA caused more deaths than Al Qaeda has to date.
Giuliani even gave Gerry Adams, the leader of Sinn Fein, the political wing of the IRA a 'humanitarian' award. A few months later Gerry and his boys bombed a shopping mall. Rudy never condemned the attack on civilians. Not good for his votes you see. Bin Laden is probably asking himself 'hey where is my Crystal Apple'.
Giuliani has set himself up as an expert on terrorism. He has attacked Islamic 'charities' that are in fact funraising fronts for organizations such as Hamas and Al Qaeda. Yet nobody seems to have challenged his efforts to raise funds for NORAID, the IRA's US fundraising arm.
It isn't just a matter of one man's terrorist being another's freedom fighter. It is also a question of what the best way to fight terror actually is. The IRA had several ceasefires before 9/11 but it was when the US funraising line was severed that they were finaly forced to pack it in. When I first came to Boston pretty much every irish themed pub would have a NORAID fundraiser advertised. Every single one of the posters disappeared within days of 9/11.
Giuliani is currently trying to relaunch his campaign on the back of the assasination of Bhutto, another round of bad anti-terrorist proposals, I blogged on the idiocy of his proposal for cyber-warfare against AQ yesterday. There are two ways to fight terrorism, the way the British responded to the IRA in the 1970s and the way the West Germans responded to Baader-Meinhof. The British used the tactics of torture and internment (sound familiar) which only made the situation worse. The IRA gained supporters worldwide, including US appologists like Giuliani himself. the West German approach of using police powers and absolutely refusing to recognize terrorists as political prisoners did work. That is why the British switched to the west German tactics and why the US should do the same against Al Qaeda. But this whole debate is not one that the US establishment media will ever allow.
So why won't the establishment media ask Giuliani why he supported the terrorist organization that attempted to murder my family?
Its because it does not fit their script. According to the script Gore was a liar, Bush was dumb but good company and Giuliani is the fearless crusader against terrorism. No mention of course of the fact that he tried to make his mobbed-up partner DHS secretary and he positioned the emergency control room in the WTC complex so that it was in easy walking distance of city hall for his shag-fests with Judith and the rest of the harem. Those facts don't fit the script. They only get asked by the establishment media at all because Josh Marshall at TPM and the rest of the blogosphere have insisted on it.
I am sorry Cobain who? Who cares? Just another pop/rock/hollywood star. We have way to many to care about them. Give me an sciences/political figure. I other word someone who changes our lives.
Maybe if you had a real news service available you would not be so ignorant about culture. Cobain and Nirvana led grunge rock which pushed the last creaky vestiges of glam rock and such off the stage. Cobain's suicide was the 90s equivalent of Sid Vicious's murder of Nancy Spungin followed by his own suicide.
The sudden death of Anna Nichole Smith was certainly a news story, but it wasn't breaking news and it was never justification for the saturation coverage it received.
And yes, there were plenty of other stories being dropped, but if you read the article you would have seen that the lack of a story on Cobain was only one of the examples where coverage was lacking, and a minor one at that. NBC wasn't passing up a story on Kurt Cobain to do indepth coverage of the rise of the Taleban or such. They were passing it up in favor of their usual vaccuous crud.
No, what's really ironic is that an article summary complaining about the lack of "serious" and "important" news on TV uses the example of a rock star killing himself as "important" news.
Kurt Cobain was a vastly more important figure in the rock scene than Brintey/Paris/Nichole. Not mentioning his death would be like not mentioning the deat of Pavarotti.
The point in the article though was not that NBC should have done saturation coverage on Cobain but that it should have been covered as news. It would only be considered news if there was a tie in to some primetime show. Cobain dies in 1994, before Iraq/Afghanistan/Paul were stories of any sort.
More people under 30 get their news from Jon Stewart than any other source. Worse though is the fact that Stewart's fake news is better than the real news.
People should call into Stewart to suggest that he come back on the air and does a straight news show until the writers return.
question your knowledge.... You say XP followed ME. That isn't remotely true.
No, what the original poster was saying is that Vista is to XP what ME is to 98. There are certainly some advantages, being able to use USB for example but nothing like the Windows 95 upgrade or the XP launch.
If you have the hardware that will cope with it, Vista is a really nice O/S to run. But there isn't the same incentive to upgrade an existing machine as there was with XP.
Why? Newer operating systems can implement fine-grained sandboxes. In OLPC Bitfrost, each application package specifies the capabilities it requests. The first time the user runs a program, it shows a list of checkboxes, with the capabilities it needs checked.
Maybe Slashdot readers can cope with that level of security but most people cannot. We have had fine grained security for 25 years and it certaily has real value, but not as an end user configuration.
Fine grained security models work really well with signed code. If you know who provided the code and what level of privileges it requires you can get a pretty good idea of the level of risk involved in running it. If you load up a game and it demands kernel level access you can probably figure out that the correct response should be 'no thanks'. Signing the code allows this to be outsourced.
If all software that uses a gratis cert is copylefted, paranoid people can read the source code and warn other users.
Been there, done that, seen it fail. As Jeff Schiller always points out when this claim is made, Kerberos was always open source, it was always subject to peer review by a huge number of people yet some very fundamental architectural and coding errors went undetected for a decade.
Open source facilitates a secure coding model but it turns out to be neither a necessary nor a sufficient condition for security.
It will probably need each app to be signed by the holder of a code signing certificate.
Apple would be very ill advised to allow unsigned code on the device. The question is whether the set of trusted roots is closed or open.
This issue is currently being examined by every cell phone platform provider. The potential for damage caused by malicious code on the handsets is real, particularly in places like Scandinavia where the cell phone is routinely used as a payment device. Carriers are understandably concerned that there might be premium rate fraud applications like the Beavis and Butthead screensaver that silently dialed a premium rate number in Moldovia.
The advice I have been giving people is that they should insist that all code be signed but allow for configuration of the list of trusted signing roots so that it is possible for anyone to load any code they choose but not possible for drive by code to install itself without their knowledge.
This will in turn mean that there will need to be some process for acquiring code signing certificates for development purposes and for distribution of open source software. The two issues are different though, supporting developers is easier since they are assumed to be technically competent and can be told to go through a complicated procedure to generate and install a self signed root.
Providing code signing certs for distribution of open source code is trickier. The problem is not the cost, that can be taken care of, the cost of providing certs for open source applications can be carried by a small increase in the price of commercial code signing certs. The problem is that while some open source enterprises like Apache or Mozilla have very good internal processes that I would have no problem issuing certs to those efforts, I can validate their credentials and any injured party knows where to send a writ. They are accountable. Most of the 100,000 or so open source efforts are not in that category, they are small, informal and most likely to fold long before delivering useful code. If efforts of that type can easily obtain a code signing credential the whole purpose could be lost, the Internet criminals would simply present themselves as open source efforts and roll malware into that code.
Incidentaly, we do not know for sure that the alleged code is genuine. While only Apple will have the hardware containing their private key there is another way to get an update onto the device - substitute the Apple public key on the device for another one.
I suspect however that the leak is genuine and deliberate. Its a way for Apple to tell people that they should expect their unlocked iPhone to stop working in the near future.
Just out of curiosity, what makes the Airport Extreme worth the extra $80 compared to a non-Apple 802.11n router?
None of the people I know with an Airport have had the hardware fail.
I have had 6 Linksys, Netgear, D-Link etc. routers and every single one has failed after about 18 months. The build quality is abysmal. I paid the same for the Airport that I paid for a Linksys 300 Pre-N routed 18 months back. Thing has died completely.
People carrying guns help solve the problem of criminality,
Not unless they are law abiding. Non law abiding people carrying guns increases the problem of criminality.
Its like one of those anti-spam peer to peer filtering schemes which work perfectly provided that you have no spammers or agenda pushers moderating the messages. As soon as you allow for the fact that there are bad people in the world you need to be much more careful about who you empower.
Seriously, that is a lame run-on. If you can't think of a good one to put in the summary, don't.
I bought an Apple Airport Extreme at the Apple Store on Monday. Its not hard to see how they make retail pay: they build a product that fits into a shopping mall alongside the rest of the stuff on sale. Most computer companies don't even try. They build products with features chosen by marketers and designed by engineers.
The only problem with the Apple store is the cultish atmosphere.
My point exactly, I have no idea why I've even been modded Funny! Same applies to mass shootings by the way, if say one out of ten persons would carry a handgun at all times I don't see how a mass shooting could go very far.
You mean that if the US looked more like Iraq the number of shootings would go down?
Rawlpindi is a garisson city. No shortage of arms there. Yet the suicide bomber still managed to kill rather more than any US spree shooter.
I would suggest a good DVD writer. There is lots of room, you can schedule backups, and all the people need to do is to remember to put in a new DVD every week or on whatever schedule you/they set up.
Lets see. My WHS has 2.5 Tb of storage. That would be 250 or so DVDs. Where do I keep them all? How do I manage them? Plus DVD*RW is not exactly a reliable or fast medium.
Nobody who has actually used Windows Home Server would compare it to Network Attached Storage. There really is no comparison. Sure you can do some backup but you don't get the management features.
Sure you can find some open source alternatives but they don't save that much cash. I paid $550 for the base server and another $550 for a couple of 1Tb disks for a total of $1100. The cost of the Home Server license is at most $100 out of that, or 10% of the system cost.
From the release: The SCO Group is a leading provider of UNIX software technology and mobile services.
Guess that means Microsoft can declare victory then.
Printed SCO stock certificates will probably be worth something in years to come as curiosity items, only problem is that very few paper certificates are likely to exist. Most stock is held in street names these days.
Novell will end up with slightly more than the furniture, they will obtain title to all SCO copyright material. At this point the safest thing to do is probably to put them in the public domain.
Well those crossbow bolts weren't going to penetrate anything. The tips were razor-thin, they just turned immediately, which would deflect the arrow's force/
They would might have cut through a steel breastplate that was thin enough for someone to wear and fight in.
Synthetic saphire is really tough. I have a watch with a synthetic saphire glass and it does not have a single scratch after fifteen years.
But a true period crossbow required a huge amount of force to load it - 500 pound or more, more than anyone could manage by hand, they had a winding mechanism. A good bowman might have two or three winders reloading for him so he could concentrate on aiming.
Also a proper period crossbow has a bolt rather than an arrow. The arrows in the video were the sort you would use for target practice, not taking out a knight on horseback. The easiest way to do that being to take out the horse. Its a bit difficult walking about in full armour, take out the horse and you disable the rider. So the bolt would either have a quarrel, four sided head to allow it to embed as deep as possible in the horse flesh or a compact barbed head of hardened steel for armour piercing.
But its all irrelevant as today your monitor is far more likely to take a stray bullet from an AK47 than a crossbow.
Been a long time since I used my Russian, here is a (very rough) translation
Welcome to TechnoDay. Is your monitor possessed? How can you tell and if so what can you do about it?
We took a standard LCD monitor that had become possessed after an all night LAN-party playing oblivion. (some discussion about exorcism I could not make out)
We tried writing (the exorcism?) on the screen in permanent marker. But the state of demonic possession prevented the ink from sticking, it just wiped off with a small amount of holy water.
We tried smashing the monitor with a hammer.
Research on Wikipedia told us that the only way to undo the demonic possession was with a silver tipped arrow. Fortunately I was able to win a crossbow on EBay, but the arrows supplied are steel, not silver.
You can see the power of the crossbow shooting into wood. Now lets try against the monitor. One! Two!
As you can see Wikipedia was right, if you are faced with demonic possession you have to go with the silver, steel simply does not work. We will try that next week.
Err - "The" pyramids / Sphynx are in Giza (near Cairo).
Luxor is hundreds of miles/km away where you'll find Luxor & Karnak temples and across the river is the Valley of the Kings.
Actually you will find The Luxor next to Ceasar's Palace, it the black Pyramid with frick'in laser beams.
How will you ignore it? Thanks to the US Government, they must take Egypt's copyright claims seriously if they demand that other countries take ours seriously (and even let us infiltrate their citizen's lives CIA-style).
Actually the copyright laws are regulated by international treaty and this particular claim is not supported by the treaty. So the reverse is true, Egypt has zero chance of applying this particular law outside its own borders.
But thats probably not what they are after. After some haggling the owners of the Luxor will come up with some form of face saving deal that throws a little money towards preserving the originals and in return the Egyptian government will loan them some stuff.
Standards? I find it ironic that the EFF is going after Microsoft. Netscape in its heyday was notorious for ignoring the standards and creating their own. They would constantly add features and do-dads that would only work in the Netscape browser. I remember when frames and tables were added. It sent browsers like Mosaic into a tailspin.
Quite so, and in addition Netscape had this enormous plagarism issue. Andressen never mentions Tim Berners-Lee except to bash him. They had a book written 'architects of the Web' that has chapters on each 'architect' acording to the Netscape history but not Berners-Lee or Dan Connoly or Dave Ragget or anyone else involved in the CERN or W3C end.
The history of the invention of SSL leaves out the fact that Alan Schiffman and myself demolished SSL 1.0 in less than ten minutes. There was no integrity protection at all and Marc didn't understand the problem.
Microsoft on the other hand were fully behind the W3C efforts, they were engaged in the process, Netscape did not bother to turn up.
The whole anti-trust suit was really no more than an alibi for Clark and McNeally, they had run their companies onto the rocks and they thought it would look better to blame Microsoft. Sun's problems in particular came from Linux, not Redmond. Netscape's problem was that they were trying to make money off the server, not the browser and they never got the fact that both ends would become comodities.
The biggest problem with the Cark/McNeally approach is that they brough the whole corruption of Congress and put it right in the center of the technology industry. Suddenly people realized that they could win battles in Congress or the EU that they had lost in the market.
The EU suit to protect RealPlayer's product was particularly bad. For the past five years I have had RealPlayer's site locked out at the firewall to stop people downloading the code onto the machines in the house. It is just so loaded up with cramware that I consider it malware at this point.
Given Opera's recent behavior in the HTML 4/5 situation I don't think that they are in a position to criticze others for not following new standards proposals. Its not really about standards, its about seeing if they can persuade the EU to throw up a non tarrif barrier to help them.
I am quite happy to have these arguments in the industry and on Slashdot. But anyone who goes crying to Congress or the EU is a much bigger problem than any industry player in my view. The process is not quite as corrupt as it was in DeLay's day when there was an actual bribe tarif chart circulated by Cunningham, Ney and others. But it is still pretty corrupt.
If you are going to take the game to a place where the outcome is determined by the longest purse, guess who is going win in the end?
Slashdot Mirror
I don't think anyone should have to worry about investigating their own machine. But what if you are going to trace the attack to the source? At what point does that become hacking? What if you have someone hand you information that has maybe been obtained by dubious methods? In the 1990s nobody knew where the line was drawn.
What happens if you hire someone to do that type of work? Are you going to be liable if they use pretexting or the like?
If Clifford Stoll was using the same techniques today he might well have had some legal issues. Even if you don't break the law you can still ruin the chances of a successful prosecution by contaminating evidence.
I don't want to have people who are working for me acting as vigilantes. I don't want them to collect information in ways that disrupts Law Enforcement efforts. This is a professional business now and we have to act like professionals. People need to understand that there is a line and consequences for crossing it.
Sales of Apple computers are being driven by the iPod and other Apple gear, not the other way round. There is no way that I would have considered buying an Apple machine for a minute until I bought the iPod. Once you have an iPod and use it for a couple of years and see how it is clearly superior to the Archos or RCA devices you had before it becomes much easier to think about buying a Mac.
The reasons I did not are 1) I use my right mouse button all the time and don't feel like switching and 2) I write code and don't feel like learning an alternative to Visual Studio 3) I don't see the superior style of the Apple gear justifies those costs 4) at the time I bought Apple did not meet my performance requirements. It is no longer a matter of price, the price markup on the Voodoo kit I bought was rather more than the Apple markup.
The other trend underway here is that Apple is not selling computers, they are selling home computing appliances. These are not desktops, it is not about desks at all. Couch-side is closer to the mark.
By legitimate in this context I mean a company that is willing to provide their registered place of business, the names and addresses of the directors and that it operates in a country where the rule of law applies, process can be served etc.
It is a low bar, according to this definition even Enron would pass. But 98% plus of the spam comes from companies that could not come close to meeting it. The vast majority of spam today is phishing fraud, advance fee fraud, malware attacks, sale of hijacked software, etc. etc. In part this is a result of CANSPAM which effectively criminalized the only remaining grey-area uses of spam, in particular peddling porn, but its where the market was headed in any case.
At one time there were interminable arguments as to the definition of 'spam'. There were grey areas. So for example, I mention that I just wrote a book on stopping Internet crime in this thread where it is on topic, most people would not consider that spam. If on the other hand I write a robot to respond to every article in Slashdot repeatedly mentioning my book that is spam. Inbetween there is a grey area. When spam was first recognized as a problem there were plenty of people who were setting themselves up as the supreme arbiters of where exactly the line should be drawn and threatening 'zero-tollerance' of anyone who refused to comply with their demands. They were a bunch of self appointed little-Hittlers. It wasn't about stopping spam anymore, it was about projecting their control and authority.
There is a small amount of spam that comes from legitimate companies. It is mostly due to incompetent and corrupt middle managers who are desperate to make their number at the end of the quarter. It is very bad practice and quite a few companies are deploying compliance checking systems to prevent this type of spamming. But spam has become such an ineffective marketting tool that it is an insignificant part of the signal. Anti-spam vigilantism is a bigger problem than this type of spam.
The anwser to spam is accountability. First authenticate the email sender, then determine if their reputation and/or other accreditations demonstrate that they are an accountable sender. Finaly if a sender spams, then consequences. The likes of Ralsky are only going to respond to civil or criminal proceedings. But legitimate companies will respond more quickly to the threat of having their mail rejected by receivers.
That is why we have spent so much time on SPF/SenderID and DKIM.
I have not read the indictment yet, but it might not be a pure confidence trick.
What we have seen with a lot of recent pump and dump schemes is that the scammers send out some pump spam, then quickly buy some stock themselves, then they then they buy lots more stock from other people's stock broking accounts that they have bought phished credentials for, selling their own stock into the bubble they create.
As I said, I don't know if this is alleged here but it is very hard to prove, they can explain their peculiar purchases by claiming that they acted on the email tip. It is plausible deniability.
So don't blame the prosecutors for only charging what they can prove, there could be more to it.
My book, The dotCrime Manifesto: How to Stop Internet Crime was published today. There is a whole host of spam scams described. But at this point spam is pretty much 98% hard core organized crime. The amount of spam from half-way legit companies is a rounding error.
No, but they killed more people than Al Qaeda have to date.
And as Giuliani himself points out, terrorists help each other. He probably knows that the IRA and the PLO have been allied for decades, but his base does not.
Its hard to see how Giuliani improves US-UK relations when he gave a humanitarian award to the man who tried and almost succeeded in murdering Her Majesties Government. It is not as if the US has exactly got a wealth of allies left after seven years of W.
It is also a character issue. Yes, character does matter. And no, a man like Giuliani who raises money for murderers just to pander for a few votes is not someone the US needs in any office.
Well yes, that was my point.
It is also a point Jon Stewart keeps making himself. Not to set his own coverage up as good but to ask the establishment news media to improve. He did this when he appeared on what became the edition of crossfire that shut the show down. "Please stop, you are hurting the country", yes conflict is fun for a while, but its also tedious when every news item is turned into drama.
The point is that these contradictions are ignored by the mainstream media.
Fact: Before 9/11 Rudy Giuliani was a supporter of and fundraiser for a terrorist organization.
This isn't hypothesis or inference. Giuliani attended numerous IRA fundraising events and these were reported in the New York Times at the time. Giuliani attended the events to be reported. I don't think that Giuliani ever seriously supported the methods of the IRA but he was willing to at least pretend that he did in order to court the NYC Irish vote.
The IRA caused more deaths than Al Qaeda has to date.
Giuliani even gave Gerry Adams, the leader of Sinn Fein, the political wing of the IRA a 'humanitarian' award. A few months later Gerry and his boys bombed a shopping mall. Rudy never condemned the attack on civilians. Not good for his votes you see. Bin Laden is probably asking himself 'hey where is my Crystal Apple'.
Giuliani has set himself up as an expert on terrorism. He has attacked Islamic 'charities' that are in fact funraising fronts for organizations such as Hamas and Al Qaeda. Yet nobody seems to have challenged his efforts to raise funds for NORAID, the IRA's US fundraising arm.
It isn't just a matter of one man's terrorist being another's freedom fighter. It is also a question of what the best way to fight terror actually is. The IRA had several ceasefires before 9/11 but it was when the US funraising line was severed that they were finaly forced to pack it in. When I first came to Boston pretty much every irish themed pub would have a NORAID fundraiser advertised. Every single one of the posters disappeared within days of 9/11.
Giuliani is currently trying to relaunch his campaign on the back of the assasination of Bhutto, another round of bad anti-terrorist proposals, I blogged on the idiocy of his proposal for cyber-warfare against AQ yesterday. There are two ways to fight terrorism, the way the British responded to the IRA in the 1970s and the way the West Germans responded to Baader-Meinhof. The British used the tactics of torture and internment (sound familiar) which only made the situation worse. The IRA gained supporters worldwide, including US appologists like Giuliani himself. the West German approach of using police powers and absolutely refusing to recognize terrorists as political prisoners did work. That is why the British switched to the west German tactics and why the US should do the same against Al Qaeda. But this whole debate is not one that the US establishment media will ever allow.
So why won't the establishment media ask Giuliani why he supported the terrorist organization that attempted to murder my family?
Its because it does not fit their script. According to the script Gore was a liar, Bush was dumb but good company and Giuliani is the fearless crusader against terrorism. No mention of course of the fact that he tried to make his mobbed-up partner DHS secretary and he positioned the emergency control room in the WTC complex so that it was in easy walking distance of city hall for his shag-fests with Judith and the rest of the harem. Those facts don't fit the script. They only get asked by the establishment media at all because Josh Marshall at TPM and the rest of the blogosphere have insisted on it.
Maybe if you had a real news service available you would not be so ignorant about culture. Cobain and Nirvana led grunge rock which pushed the last creaky vestiges of glam rock and such off the stage. Cobain's suicide was the 90s equivalent of Sid Vicious's murder of Nancy Spungin followed by his own suicide.
The sudden death of Anna Nichole Smith was certainly a news story, but it wasn't breaking news and it was never justification for the saturation coverage it received.
And yes, there were plenty of other stories being dropped, but if you read the article you would have seen that the lack of a story on Cobain was only one of the examples where coverage was lacking, and a minor one at that. NBC wasn't passing up a story on Kurt Cobain to do indepth coverage of the rise of the Taleban or such. They were passing it up in favor of their usual vaccuous crud.
Kurt Cobain was a vastly more important figure in the rock scene than Brintey/Paris/Nichole. Not mentioning his death would be like not mentioning the deat of Pavarotti.
The point in the article though was not that NBC should have done saturation coverage on Cobain but that it should have been covered as news. It would only be considered news if there was a tie in to some primetime show. Cobain dies in 1994, before Iraq/Afghanistan/Paul were stories of any sort.
People should call into Stewart to suggest that he come back on the air and does a straight news show until the writers return.
No, what the original poster was saying is that Vista is to XP what ME is to 98. There are certainly some advantages, being able to use USB for example but nothing like the Windows 95 upgrade or the XP launch.
If you have the hardware that will cope with it, Vista is a really nice O/S to run. But there isn't the same incentive to upgrade an existing machine as there was with XP.
Maybe Slashdot readers can cope with that level of security but most people cannot. We have had fine grained security for 25 years and it certaily has real value, but not as an end user configuration.
Fine grained security models work really well with signed code. If you know who provided the code and what level of privileges it requires you can get a pretty good idea of the level of risk involved in running it. If you load up a game and it demands kernel level access you can probably figure out that the correct response should be 'no thanks'. Signing the code allows this to be outsourced.
If all software that uses a gratis cert is copylefted, paranoid people can read the source code and warn other users.
Been there, done that, seen it fail. As Jeff Schiller always points out when this claim is made, Kerberos was always open source, it was always subject to peer review by a huge number of people yet some very fundamental architectural and coding errors went undetected for a decade.
Open source facilitates a secure coding model but it turns out to be neither a necessary nor a sufficient condition for security.
Apple would be very ill advised to allow unsigned code on the device. The question is whether the set of trusted roots is closed or open.
This issue is currently being examined by every cell phone platform provider. The potential for damage caused by malicious code on the handsets is real, particularly in places like Scandinavia where the cell phone is routinely used as a payment device. Carriers are understandably concerned that there might be premium rate fraud applications like the Beavis and Butthead screensaver that silently dialed a premium rate number in Moldovia.
The advice I have been giving people is that they should insist that all code be signed but allow for configuration of the list of trusted signing roots so that it is possible for anyone to load any code they choose but not possible for drive by code to install itself without their knowledge.
This will in turn mean that there will need to be some process for acquiring code signing certificates for development purposes and for distribution of open source software. The two issues are different though, supporting developers is easier since they are assumed to be technically competent and can be told to go through a complicated procedure to generate and install a self signed root.
Providing code signing certs for distribution of open source code is trickier. The problem is not the cost, that can be taken care of, the cost of providing certs for open source applications can be carried by a small increase in the price of commercial code signing certs. The problem is that while some open source enterprises like Apache or Mozilla have very good internal processes that I would have no problem issuing certs to those efforts, I can validate their credentials and any injured party knows where to send a writ. They are accountable. Most of the 100,000 or so open source efforts are not in that category, they are small, informal and most likely to fold long before delivering useful code. If efforts of that type can easily obtain a code signing credential the whole purpose could be lost, the Internet criminals would simply present themselves as open source efforts and roll malware into that code.
Incidentaly, we do not know for sure that the alleged code is genuine. While only Apple will have the hardware containing their private key there is another way to get an update onto the device - substitute the Apple public key on the device for another one.
I suspect however that the leak is genuine and deliberate. Its a way for Apple to tell people that they should expect their unlocked iPhone to stop working in the near future.
None of the people I know with an Airport have had the hardware fail.
I have had 6 Linksys, Netgear, D-Link etc. routers and every single one has failed after about 18 months. The build quality is abysmal. I paid the same for the Airport that I paid for a Linksys 300 Pre-N routed 18 months back. Thing has died completely.
Not unless they are law abiding. Non law abiding people carrying guns increases the problem of criminality.
Its like one of those anti-spam peer to peer filtering schemes which work perfectly provided that you have no spammers or agenda pushers moderating the messages. As soon as you allow for the fact that there are bad people in the world you need to be much more careful about who you empower.
I bought an Apple Airport Extreme at the Apple Store on Monday. Its not hard to see how they make retail pay: they build a product that fits into a shopping mall alongside the rest of the stuff on sale. Most computer companies don't even try. They build products with features chosen by marketers and designed by engineers.
The only problem with the Apple store is the cultish atmosphere.
You mean that if the US looked more like Iraq the number of shootings would go down?
Rawlpindi is a garisson city. No shortage of arms there. Yet the suicide bomber still managed to kill rather more than any US spree shooter.
Lets see. My WHS has 2.5 Tb of storage. That would be 250 or so DVDs. Where do I keep them all? How do I manage them? Plus DVD*RW is not exactly a reliable or fast medium.
Nobody who has actually used Windows Home Server would compare it to Network Attached Storage. There really is no comparison. Sure you can do some backup but you don't get the management features.
Sure you can find some open source alternatives but they don't save that much cash. I paid $550 for the base server and another $550 for a couple of 1Tb disks for a total of $1100. The cost of the Home Server license is at most $100 out of that, or 10% of the system cost.
Guess that means Microsoft can declare victory then.
Printed SCO stock certificates will probably be worth something in years to come as curiosity items, only problem is that very few paper certificates are likely to exist. Most stock is held in street names these days.
Novell will end up with slightly more than the furniture, they will obtain title to all SCO copyright material. At this point the safest thing to do is probably to put them in the public domain.
Sid, not Augustus.
They would might have cut through a steel breastplate that was thin enough for someone to wear and fight in.
Synthetic saphire is really tough. I have a watch with a synthetic saphire glass and it does not have a single scratch after fifteen years.
But a true period crossbow required a huge amount of force to load it - 500 pound or more, more than anyone could manage by hand, they had a winding mechanism. A good bowman might have two or three winders reloading for him so he could concentrate on aiming.
Also a proper period crossbow has a bolt rather than an arrow. The arrows in the video were the sort you would use for target practice, not taking out a knight on horseback. The easiest way to do that being to take out the horse. Its a bit difficult walking about in full armour, take out the horse and you disable the rider. So the bolt would either have a quarrel, four sided head to allow it to embed as deep as possible in the horse flesh or a compact barbed head of hardened steel for armour piercing.
But its all irrelevant as today your monitor is far more likely to take a stray bullet from an AK47 than a crossbow.
Welcome to TechnoDay. Is your monitor possessed? How can you tell and if so what can you do about it?
We took a standard LCD monitor that had become possessed after an all night LAN-party playing oblivion. (some discussion about exorcism I could not make out)
We tried writing (the exorcism?) on the screen in permanent marker. But the state of demonic possession prevented the ink from sticking, it just wiped off with a small amount of holy water.
We tried smashing the monitor with a hammer.
Research on Wikipedia told us that the only way to undo the demonic possession was with a silver tipped arrow. Fortunately I was able to win a crossbow on EBay, but the arrows supplied are steel, not silver.
You can see the power of the crossbow shooting into wood. Now lets try against the monitor. One! Two!
As you can see Wikipedia was right, if you are faced with demonic possession you have to go with the silver, steel simply does not work. We will try that next week.
Actually you will find The Luxor next to Ceasar's Palace, it the black Pyramid with frick'in laser beams.
Actually the copyright laws are regulated by international treaty and this particular claim is not supported by the treaty. So the reverse is true, Egypt has zero chance of applying this particular law outside its own borders.
But thats probably not what they are after. After some haggling the owners of the Luxor will come up with some form of face saving deal that throws a little money towards preserving the originals and in return the Egyptian government will loan them some stuff.
Quite so, and in addition Netscape had this enormous plagarism issue. Andressen never mentions Tim Berners-Lee except to bash him. They had a book written 'architects of the Web' that has chapters on each 'architect' acording to the Netscape history but not Berners-Lee or Dan Connoly or Dave Ragget or anyone else involved in the CERN or W3C end.
The history of the invention of SSL leaves out the fact that Alan Schiffman and myself demolished SSL 1.0 in less than ten minutes. There was no integrity protection at all and Marc didn't understand the problem.
Microsoft on the other hand were fully behind the W3C efforts, they were engaged in the process, Netscape did not bother to turn up.
The whole anti-trust suit was really no more than an alibi for Clark and McNeally, they had run their companies onto the rocks and they thought it would look better to blame Microsoft. Sun's problems in particular came from Linux, not Redmond. Netscape's problem was that they were trying to make money off the server, not the browser and they never got the fact that both ends would become comodities.
The biggest problem with the Cark/McNeally approach is that they brough the whole corruption of Congress and put it right in the center of the technology industry. Suddenly people realized that they could win battles in Congress or the EU that they had lost in the market.
The EU suit to protect RealPlayer's product was particularly bad. For the past five years I have had RealPlayer's site locked out at the firewall to stop people downloading the code onto the machines in the house. It is just so loaded up with cramware that I consider it malware at this point.
Given Opera's recent behavior in the HTML 4/5 situation I don't think that they are in a position to criticze others for not following new standards proposals. Its not really about standards, its about seeing if they can persuade the EU to throw up a non tarrif barrier to help them.
I am quite happy to have these arguments in the industry and on Slashdot. But anyone who goes crying to Congress or the EU is a much bigger problem than any industry player in my view. The process is not quite as corrupt as it was in DeLay's day when there was an actual bribe tarif chart circulated by Cunningham, Ney and others. But it is still pretty corrupt. If you are going to take the game to a place where the outcome is determined by the longest purse, guess who is going win in the end?