Review: "Jon Katz's Review of Scream 3"
on
Review: "Scream 3"
·
· Score: 4
Review: "Jon Katz's Review of Scream 3"
from the can-we-apply-this-article-to-the-daily-"things-tha t-anonymous cowards-think-really-suck-at-slashdot"-quota-? dept.
Jon Katz's review of "Scream 3" is a perfect example of wasted bits and bytes on a neat nerd news portal site that has nothing to do with lame cinematic trilogies. It's asinine, creepy, and slightly poopy, IMHO. And you don't have to be a genius to guess the ending ("What about you?", "What do you think?", "Discuss this amongst yourselves.", etc...): Read more and post your own review: As a half dozen Anonymous Cowards point out below, the thing about a Jon Katz review is that, unlike a typical slashdot article, anything goes - nothing has to make sense and irrelevance is the norm, because the third element of a Jon Katz review is really the first.
In a way, Jon Katz's conceit is one of the things that makes this movie review work so well. It's funny, at points chilling, and at the same time oddly touching, as the movie review is basically saying goodbye to itself and, for the moment, the genre.
This movie review isn't quite as well written as the first two (Jon Katz switched spell checkers), and it's definitely time to move along. The idea of the movie-review-spoofing-the-slashdot-article-spoofin g-the-Jon-Katz-portrayal-of-life is so apt it humors me, but we sort of get the point already. By the end of the movie review, you might be getting a bit restless, not because it isn't well done, but because it isn't well done for the zillionth time and in much the same way. In a way, that's sort of the point. It's time for a new vehicle to spoof ourselves, our darkest fears and Jon Katz's techno-culture obsessed life. In each of the Jon Katz movie reviews, it's neat to watch the evolution of nothing, from poop to a central scatological theme. That's smart movie review making, especially given the audience.
Jon Katz's review is still great fun. Anyone who guesses the ending should come forth and say so - it's nearly insulting. This series is one of those rare journalistic occurrences - a horror that's run its course but which will never be sorely missed. I'd give it a 0 out of a possible 1. What about you?
2/23/2000 (AP) A report released by the FBI NIPC today indicates that 93% of the attractive women logging on to Internet Relay Chat (IRC) servers are actually men who fit the "lonely homosexual man" criminal profile.
An international man hunt has been launched in an attempt to locate a criminal using the alias "lolita69" in #netsex on EFNET.
"lolita69" is the suspected mastermind behind a recent campaign of distributed deception that has caused approximately 1.2 billion dollars in damage to major IRC servers throughout the United States.
there *is* some truth here ...
on
LonelyNet
·
· Score: 1
i have become so busy with my current (Internet/computer-related) job that...
- i rarely have time to go to chat rooms - i no longer idle on IRC - i no longer get auto-op'ed in #unix - my bot farm is severely depleted - i broke up with my last girlfriend because she spent too much time chatting on ICQ with some guy in Canada - i get email all the time from friends asking my why i no longer hang out at certain bbs's - my parents call and ask why i never email them any more - the last serious relationship i had involved a girl in France... who i had never actually seen in person - i frequently find myself "chatting" on internal work-related mailing lists and forums - i have not had cybersex in years
maybe you should just consider complying with the university policies (III,3.02,h and III,3.02,k) that implicitly forbid running personal web servers on school networks. i actually do empathize with you, but i have played both sides of the game you're in, and it is always a losing battle for the student. the more you fight for what you perceive to be your 'Net rights, the closer you'll come to permanently losing all of your university computer resource privileges.
we now know that 95% of the consumers who get ripped off online are in fact perverts, who make up approximately 80% of all web surfers. the other 20% of the web surfing population is composed of IT professionals who ensure that the perverts are able to download pr0n at high speeds, and in a secure and private computing environment. --
Date: Sat, 13 Nov 1999 21:11:54 -0800 From: Paul A Vixie Subject: Re: BIND bugs of the month (fwd)
please forward since i'm not on bugtraq
> Date: Sat, 13 Nov 1999 01:14:24 -0000 > From: D. J. Bernstein > To: BUGTRAQ@SECURITYFOCUS.COM > Subject: Re: BIND bugs of the month > >... > But all this cryptographic work accomplishes _nothing_ if the servers > are subject to buffer overflows! An attacker doesn't have to bother > guessing or sniffing query times and IDs, and forging DNS responses, > if he can simply take over the DNS server.
yes. see the proceedings of the fifth usenix security symposium for further evidence of this, and evidence that i agreed with this view even several years ago, well before the current events.
> This NXT buffer overflow isn't part of some old code that Paul Vixie > inherited from careless graduate students. It's new code. It's part of > BIND's DNSSEC implementation. I don't find the irony amusing. Obviously > ISC's auditing is inadequate.
at times, yes it is.
> Does anyone seriously believe that the current BIND code is secure? If > it isn't, adding DNSSEC to it doesn't help anybody. Is ISC going to > rewrite the client and server in a way that gives us confidence in > their security?
yes, this has been done over the past 18 months. the result is BIND 9. and yes, it's all new code, and yes, it's been audited, and yes, it's designed to be audited, and yes, things like the NXT bug are the reason.
> David R. Conrad writes: > > In addition, we recommend running your nameserver as non-root and > > chrooted (I know setting this up is non-trivial -- it'll be much, much > > easier in BINDv9). > > ``I wouldn't consider installing named any other way,'' I told Vixie in > September 1996. He didn't respond. Of course, DNSSEC is equally useless > either way; the only question is whether an attacker can also take over > the rest of the machine.
when i saw the linux chroot("../../../../../../../..") hole i about fell out of my chair. truly no place is safe any more.
just as i started reading "The Rare Glitch Project", my Wintendo 2000 began sending so many mysterious packets to every workstation on the subnet that it flooded the firewall logs, causing massive packet loss and effectively DoS'ing everybody on the subnet. --
this is even worse than the porn - mp3 connection. repeated exposure to live GWAR concerts eroded my moral values to the point that i lost my virginity before the age of 30. i'm a disgrace to all of the other ethically pure Philosophy grads from UNC Class of '90. --
ok, so maybe i regularly packed semi-automatic weapons at the Chess Club and Debate Team meetings. the only bastard who ever took one from me though was the bully in the Computer Club who hogged the 2400 (we only had a half dozen Apple ][e's and one modem). --
Feel free to ask me anything related to computer security, privacy, information warfare, or hackers. I'll do my best to answer your questions.
Please keep in mind that I am learning new things about security all the time, so check back often. If you think your company may be interested in helping teach me, see our affiliates page. Or, if you'd like to add me to your website, visit this page.
kw:
Is John Vranesevich a security expert?
Bub:
John Vranesevich is the founder and General Partner of AntiOnline.
He left the University of Pittsburgh after his freshman year to devote his full energies to AntiOnline. He considers himself an "information security enthusiast" who likes to help educate others about the importance of security, privacy, and responsiblity as it relates to computers and the internet. John has been quoted thousands of times on a variety of topics including by such organizations as: The New York Times, The CBS Evening News, The British Broadcasting Corporation, The Washington Post, The Boston Herald, National Public Radio, Wired News, and the San Francisco Chronicle.
He can be reached by sending an e-mail to jp@antionline.com.
kw:
What is an information security enthusiast?
Bub:
Just like with any other system, router's aren't bullet-proof. Take a look at AntiCode's Router Archive for examples of exploits which have effected these devices.
kw:
Bub, what is security?
Bub:
Just like with any other system, router's aren't bullet-proof. Take a look at AntiCode's Router Archive for examples of exploits which have effected these devices.
kw:
Are hackers inherently evil?
Bub:
Social Engineering isn't as romantic as it sounds. It basically involves the hacker lying to a user, in order for them to obtain information, in many cases, your password. AntiOnline's Figh-Back! section has more information about social engineering, and even gives a sample conversation between a hacker and a victim user.
kw:
Are your answers more accurate and enlightening than those provided by a magic eight ball?
i've got several hundred dead tapes, 2nd generation off the dead soundboard, from back when i toured with them in the early-late '80s, plus i've ggot a good selection of rarities from the 60s and 70s. email me if you want to convert them to mp3 - i just don't have the time to do it myself.
wait, i've got a hot date tomorrow night, my first date with the lady at that, so i probably won't require the oral services of the National Post after all
actually, i really like the concept of Linux World Domination. as long as i never have to buy a $5000 proprietary Linux Premium Customer Support package that would be the only way to get full source code, then i'm happy.
install RH 5.1 (or any version really), keep all of the default ports and settings, and go to #linux on IRC and ask for help on securing your box. you'll get rooted in no time.
in fact, when i want a free external security audit, i usually do exactly what i described above, but i of course make sure to lock the box down first. just sit back and watch the script kiddies thwap on yer firewall with their exploit scripts, over and over.....
Slashdot Mirror
Review: "Jon Katz's Review of Scream 3"
a t-anonymous cowards-think-really-suck-at-slashdot"-quota-? dept.
...): Read more and post your own review:
n g-the-Jon-Katz-portrayal-of-life is so apt it humors me, but we sort of get the point already. By the end of the movie review, you might be getting a bit restless, not because it isn't well done, but because it isn't well done for the zillionth time and in much the same way. In a way, that's sort of the point. It's time for a new vehicle to spoof ourselves, our darkest fears and Jon Katz's techno-culture obsessed life. In each of the Jon Katz movie reviews, it's neat to watch the evolution of nothing, from poop to a central scatological theme. That's smart movie review making, especially given the audience.
from the can-we-apply-this-article-to-the-daily-"things-th
Jon Katz's review of "Scream 3" is a perfect example of wasted bits and bytes on a neat nerd news portal site that has nothing to do with lame cinematic trilogies. It's asinine, creepy, and slightly poopy, IMHO. And you don't have to be a genius to guess the ending ("What about you?", "What do you think?", "Discuss this amongst yourselves.", etc
As a half dozen Anonymous Cowards point out below, the thing about a Jon Katz review is that, unlike a typical slashdot article, anything goes - nothing has to make sense and irrelevance is the norm, because the third element of a Jon Katz review is really the first.
In a way, Jon Katz's conceit is one of the things that makes this movie review work so well. It's funny, at points chilling, and at the same time oddly touching, as the movie review is basically saying goodbye to itself and, for the moment, the genre.
This movie review isn't quite as well written as the first two (Jon Katz switched spell checkers), and it's definitely time to move along. The idea of the movie-review-spoofing-the-slashdot-article-spoofi
Jon Katz's review is still great fun. Anyone who guesses the ending should come forth and say so - it's nearly insulting. This series is one of those rare journalistic occurrences - a horror that's run its course but which will never be sorely missed. I'd give it a 0 out of a possible 1. What about you?
1984 - Steve Jobs: "Let's make Apple look pretty."
1990 - Steve Balmer: "Let's make Windows look pretty."
"IRC Users Victimized"
2/23/2000 (AP)
A report released by the FBI NIPC today indicates that 93% of the attractive women logging on to Internet Relay Chat (IRC) servers are actually men who fit the "lonely homosexual man" criminal profile.
An international man hunt has been launched in an attempt to locate a criminal using the alias "lolita69" in #netsex on EFNET.
"lolita69" is the suspected mastermind behind a recent campaign of distributed deception that has caused approximately 1.2 billion dollars in damage to major IRC servers throughout the United States.
i have become so busy with my current (Internet/computer-related) job that ...
... who i had never actually seen in person
- i rarely have time to go to chat rooms
- i no longer idle on IRC
- i no longer get auto-op'ed in #unix
- my bot farm is severely depleted
- i broke up with my last girlfriend because she spent too much time chatting on ICQ with some guy in Canada
- i get email all the time from friends asking my why i no longer hang out at certain bbs's
- my parents call and ask why i never email them any more
- the last serious relationship i had involved a girl in France
- i frequently find myself "chatting" on internal work-related mailing lists and forums
- i have not had cybersex in years
maybe you should just consider complying with the university policies (III,3.02,h and III,3.02,k) that implicitly forbid running personal web servers on school networks. i actually do empathize with you, but i have played both sides of the game you're in, and it is always a losing battle for the student. the more you fight for what you perceive to be your 'Net rights, the closer you'll come to permanently losing all of your university computer resource privileges.
key word == privileges
I'm averaging 90+ hrs/wk these days. Who can top this? If you can, what are you doing, and do you like it *that* much?
we now know that 95% of the consumers who get ripped off online are in fact perverts, who make up approximately 80% of all web surfers. the other 20% of the web surfing population is composed of IT professionals who ensure that the perverts are able to download pr0n at high speeds, and in a secure and private computing environment.
--
Personally, I think the Mortal Kombat-style games are worst of all - but maybe that's because I don't play them.
...
I play them all the time.
I used to play them with my girlfriend
until she beat me at Mortal Kombat one day.
i ripped her spine out, ate her heart, and then shot balls of fire out my ass until she exploded all over the lving room floor.
yeah, those games make me real violent.
--
--------------------------------------------------
...
- --
- --
Date: Sat, 13 Nov 1999 21:11:54 -0800
From: Paul A Vixie
Subject: Re: BIND bugs of the month (fwd)
please forward since i'm not on bugtraq
> Date: Sat, 13 Nov 1999 01:14:24 -0000
> From: D. J. Bernstein
> To: BUGTRAQ@SECURITYFOCUS.COM
> Subject: Re: BIND bugs of the month
>
>
> But all this cryptographic work accomplishes _nothing_ if the servers
> are subject to buffer overflows! An attacker doesn't have to bother
> guessing or sniffing query times and IDs, and forging DNS responses,
> if he can simply take over the DNS server.
yes. see the proceedings of the fifth usenix security symposium for
further evidence of this, and evidence that i agreed with this view even
several years ago, well before the current events.
> This NXT buffer overflow isn't part of some old code that Paul Vixie
> inherited from careless graduate students. It's new code. It's part of
> BIND's DNSSEC implementation. I don't find the irony amusing. Obviously
> ISC's auditing is inadequate.
at times, yes it is.
> Does anyone seriously believe that the current BIND code is secure? If
> it isn't, adding DNSSEC to it doesn't help anybody. Is ISC going to
> rewrite the client and server in a way that gives us confidence in
> their security?
yes, this has been done over the past 18 months. the result is BIND 9.
and yes, it's all new code, and yes, it's been audited, and yes, it's
designed to be audited, and yes, things like the NXT bug are the reason.
> David R. Conrad writes:
> > In addition, we recommend running your nameserver as non-root and
> > chrooted (I know setting this up is non-trivial -- it'll be much, much
> > easier in BINDv9).
>
> ``I wouldn't consider installing named any other way,'' I told Vixie in
> September 1996. He didn't respond. Of course, DNSSEC is equally useless
> either way; the only question is whether an attacker can also take over
> the rest of the machine.
when i saw the linux chroot("../../../../../../../..") hole i about fell
out of my chair. truly no place is safe any more.
-----------------------------------------------
Alternative to BIND: http://www.dents.org/
-----------------------------------------------
all info courtesy of BUGTRAQ@securityfocus.com
--
the list would be much more meaningful and interesting if supercomps at Ft. Meade, and other classified TLA facilities, were included.
--
wonder if it'd be the same color as the one in the picture here: http://www.antionline.com/information/facilities/
--
yes, i have already read interviews recently on most of these people, but the interviews were very good and/or entertaining and i'd like to see more.
(in no particular order)
1. Fyodor, aka CyberPsychotic (insecure.org)
2. anybody from cDc (cultdeadcow.com)
3. anybody from L0pht Heavy Industries (l0pht.com)
4. Silicon Toad (Infinity Void, hackers.com)
5. Brian Martin, aka Jericho, aka cult_hero (Attrition.org)
6. Netmask (mindsec.com, 303.org)
7. Marcus Ranum (NFR.com)
8. John Young, of Cryptome fame (jya.com)
9. Aleph1, of BUGTRAQ (securityfocus.com)
10. Tim May
Bonus interviews:
any FBI agent
any NSA employee
any CIA operative
Hemos
--
Which iMac color would you recommend for aspiring "security enthusiasts"?
--
just as i started reading "The Rare Glitch Project", my Wintendo 2000 began sending so many mysterious packets to every workstation on the subnet that it flooded the firewall logs, causing massive packet loss and effectively DoS'ing everybody on the subnet.
--
say "bye" to privacy and "hello" to Big Brother, again.
--
this is even worse than the porn - mp3 connection. repeated exposure to live GWAR concerts eroded my moral values to the point that i lost my virginity before the age of 30. i'm a disgrace to all of the other ethically pure Philosophy grads from UNC Class of '90.
--
Taking Down the Internet in 30 Minutes for Dummies
IP Spoofing for Dummies
World Domination for Dummies
Attrition.org Gallery
Credits: Attrition.org
--
ok, so maybe i regularly packed semi-automatic weapons at the Chess Club and Debate Team meetings. the only bastard who ever took one from me though was the bully in the Computer Club who hogged the 2400 (we only had a half dozen Apple ][e's and one modem).
--
Bub:
Hey kw, I am Bub.
Feel free to ask me anything related to computer security, privacy, information warfare, or hackers. I'll do my best to answer your questions.
Please keep in mind that I am learning new things about security all the time, so check back often. If you think your company may be interested in helping teach me, see our affiliates page. Or, if you'd like to add me to your website, visit this page.
kw:
Is John Vranesevich a security expert?
Bub:
John Vranesevich is the founder and General Partner of AntiOnline.
He left the University of Pittsburgh after his freshman year to devote his full energies to AntiOnline. He considers himself an "information security enthusiast" who likes to help educate others about the importance of security, privacy, and responsiblity as it relates to computers and the internet. John has been quoted thousands of times on a variety of topics including by such organizations as: The New York Times, The CBS Evening News, The British Broadcasting Corporation, The Washington Post, The Boston Herald, National Public Radio, Wired News, and the San Francisco Chronicle.
He can be reached by sending an e-mail to jp@antionline.com.
kw:
What is an information security enthusiast?
Bub:
Just like with any other system, router's aren't bullet-proof. Take a look at AntiCode's Router Archive for examples of exploits which have effected these devices.
kw:
Bub, what is security?
Bub:
Just like with any other system, router's aren't bullet-proof. Take a look at AntiCode's Router Archive for examples of exploits which have effected these devices.
kw:
Are hackers inherently evil?
Bub:
Social Engineering isn't as romantic as it sounds. It basically involves the hacker lying to a user, in order for them to obtain information, in many cases, your password. AntiOnline's Figh-Back! section has more information about social engineering, and even gives a sample conversation between a hacker and a victim user.
kw:
Are your answers more accurate and enlightening than those provided by a magic eight ball?
Bub:
Yes!
--
Respectfully,
Ken Williams
i've got several hundred dead tapes, 2nd generation off the dead soundboard, from back when i toured with them in the early-late '80s, plus i've ggot a good selection of rarities from the 60s and 70s. email me if you want to convert them to mp3 - i just don't have the time to do it myself.
wait, i've got a hot date tomorrow night, my first date with the lady at that, so i probably won't require the oral services of the National Post after all
you forgot about the new www.linux-support.net web site.
now where's my endorsement fee for giving props to the new site, Marko? i usually charge $1000/endorsement - just donate it to GNU as usual.
actually, i really like the concept of Linux World Domination. as long as i never have to buy a $5000 proprietary Linux Premium Customer Support package that would be the only way to get full source code, then i'm happy.
looks like you're on a roll. this makes two excellent articles in a row. :-)
keep it up!
install RH 5.1 (or any version really), keep all of the default ports and settings, and go to #linux on IRC and ask for help on securing your box. you'll get rooted in no time.
in fact, when i want a free external security audit, i usually do exactly what i described above, but i of course make sure to lock the box down first. just sit back and watch the script kiddies thwap on yer firewall with their exploit scripts, over and over.....