Outbound requests (URLs, requests for pages, FTP addresses, mail sent, etc.) are sent to the Internet through the OUTBOUND connection (phone line, ISDN, etc.) to the Internet Service Provider (ISP). The results of these requests are then returned to the router (and your network users) via the high-speed satellite link.
A sure technological break through. Sign up for internet service, purchase an expensive "router" and your off to see the wizard
Helius Satellite Routers include Virtual Technician (SM) service for remote management. This suite of tools allows Helius or remote support centers to connect to, configure, diagnose, manage and remotely reboot a Helius router.
Well I'll be... Spyware. The thought of having a company remotely manage anything on my networks sends an bad vibe down my spine. I wonder if their tech support people are trained enough to diagnose hardcore problems, and if their trustworthy enough (Helius that is) to allow them this sort of access. No mention of whether or not this can be disabled either.
Even if local network or satellite connections are down, Helius satellite routers can be accessed for reconfiguration or restarting through a dial-in
connection.
The power of marketing!!! Sure they won't tell a possible client off hand if a network or satellite connection is down "We will reconfigure your router, but hey dude, you won't have Internet access!", I wonder how many non technical people will fall for this ploy and think a fully redundant Internet connection with this appliance.
Helius Satellite Routers can be integrated into
any IP environment. They work in any operating
system environment including Microsoft NT,
Novell NetWare, Apple Macintosh, Unix, Linux,
and Solaris.
sigh... Poor *BSD's no mention of them at all. I'm sure it'll work either alone or with Lin compat tweaks but its sad to see companies overlook the BSD's.
Helius satellite routers use Caldera's Linux OS kernel and are compatible with all open Linux-based Internet applications and services.
Now wait just a second. I 've used Caldera and its horrible as all hell. I would rather use MS than Caldera, I wonder if its tweakable to either do a boot install of another OS, theres no mention of it, maybe someone can ask for a test drive of this product.
Anyways sorry for more rants, its Tuesday, raining in New York and my stock portfolio is in a Six Flags Amusement Park roller coaster ride so I feel edgy.
After all, most American firms left the business in the 1970s not because they could not innovate but because their shareholders could not stomach the poor earnings.
I beg to differ on this note, I believe most American firms outsourced their business to foreign firms since it was much cheaper to go that route as opposed to American's spending so much and getting little in return as opposed to say that American companies turned "poor earnings". This can be seen with Zenith who for years made products in America, although not as good or as cheap as the Asian counterparts, nevertheless they still had a market.
Consumer-electronics devices are among the fastest to commoditise, as Asian firms quickly copy technology and drive prices down. The success of the Japanese can be partly explained by a capital structure that has allowed them to survive with little profit.
Not only are their structuring plans pretty well rounded, but if you take a look at academia abroad, you will notice the will of foreigners such as Japanese who try to go out and expand, look at America, we glorify glamour, and most of the students here aren't as willing to learn as foreign counterparts. (this is again my thoughts so flame on)
But here, too, digital may turn out to be different. As with the PC itself, most of the value turns out to be not in hardware but in software and related services.
Nonsense this is a very huge MS'ish based arguement, not all software demands revenue as show with the Open Source Movement. To think that computing relies on solely vendors such as Microsoft, MacIntosh, or Sun Microsystems is bogus.
Palm's strategy is eventually to make most of its money from licensing its technology, selling content and software to be used on its devices, and providing services such as wireless Internet access.
Sorry to remind so many people, but Palm is not a neccessity, furthermore for the company to rely on selling content, well take a look at Yahoo's slow fall last week. Along with that take note that wireless is too NOT a neccessity.
The new system is a wireless application which employs mobile phone technology.
I'm not too crazy about wireless and its insecurities, nevertheless I guess its possibly the only means to have this work while the cops are out on patrol.
Police forces, struggling to maintain patrol levels outside city centres, have welcomed the development as it will allow them to keep an eye on rural and suburban areas at low cost.
Out here in New York City there was mention of "secretive" cameras around the city area which did the same and there was a slight uproar from privy groups.
"It means that we can get cameras into more difficult and isolated areas without having to spend loads of money or digging up the neighbourhood."
Sounds to me like Britain is or has become(ing) a police state. I can see the "want" for authorities to have these cameras but are so many neccessary, and the way the article is written, "struggling to maintain patrol levels", one would think Britain is filled with dark-ages-like criminals roaming everywhere.
"Our plan is not to tackle crime as such but to reduce the fear of crime - and to
that end this system was ideal," said PC Harry Wilkinson, crime prevention officer in Hexham.
Ouch I know I'm going to be bitched at for saying this but it sounds to me like British officials are flat out saying "ALL YOUR PRIVACY ARE BELONG TO US" (I had to so sue me)
police officers to spot crimes as they ahppen
Why look here... George Bush wrote this story. ISPELL!@!
Ok so this post was off base what can I say, its 4am do you know where your privacy is?
they get their Internet connection from somewhere.
Whether they've laid fiber-optic under the channel or they're using a two-way satellite transmission, they have to be connecting to somebody who's selling them the bandwidth. And that somebody is most likely located in a Berne Convention nation and/or a nation where the big five record companies do business. If they thought it necessary, the big five could sue to have the Internet connection to the Fairtunes OpenNap server blocked. They may not be able to get to the server, but they can ensure that nobody gets to it.
The author has most of the right points, but one thing he seems to have forgotten is that not all countries will abide by the rules especially those who have interests in simply going against others' thought process and what exactly constitutes free speech especially when dealing with American companies.
One solution for him would be to offer some sort of payment form via some banner or advertising to record companies which I haven't seen on any article. So far I've seen billion dollar promises which does little for the artist, and many record co's weren't keen on it anyway. Another method would be for him to stop specifically using Nap* to trade only MP3 based files. He could open the program up to all file sharing specs and turn a blind eye to what gets traded, this way he isn't targeted, etc.
Either way he doesn't have the money nor resources to go up against these guys and their lawyers will batter him. His intentions may seem noble to those who use the service, and free speech buffs, but he has to remember money talks, and money he doesn't have. coming soon
Microsoft's move brought some good ideas, and bad ideas to mind.
Good Ideas
Developers can assist with bugs, assist with security issues, shows initiative from MS and their willingness to open up on their inventions (code), gives small companies opportunity to place themselves on the map (giving MS assistance).
Bad Ideas
Developers will be scared by NDA & lawsuits, MS can turn around and attempt a buyout or slander the company for making a slightly bad NDA breach, can code really be patented and or copywritten? (even if someone distorts it to an insane method and capitalizes?), competitors may gain an insight to future MS products and capitalize on it.
MS has done good on its own for many years (yes they have done good after all check their market cap), and opening up even with an NDA sounds good but NDA's out here in the US may not mean anything in a foreign market, will MS's move hurt them or will it help them? To be honest I don't think it would do much at this point, right now MS isn't even working with the Windows2000 source code any more other than fixing bugs, maybe its good for benchmarking the next release, as for W2000 in its current state, guess bug patches will have to do.
At the moment, there is no direct relationship between us and Sierra. They know that we exist, and we suppose that they still exist by the time you read this, but that's about it. We have asked for SCI specs, but they assured us that they did not have any documentation pertaining SCI available. On the bright side, they haven't tried to sue us, either.
I wonder why some of these gaming companies don't take the initiative of assisting developers port their software to unsupported systems such as Linux, and the BSD's.
The upsides to doing so would:
Cost nothing in their own budgets
Create more exposure for their companies
Could create revenue next time around for new games
Open a new market other gaming companies don't have. (Linux, BSD's)
Its a bit odd to see that most gaming companies are still on the MS bandwagon, when significant articles, studies, polls, show that Linux and BSD's have gained ground within the past few years. I'm sure if there were more games available there would be a bigger boom of *nix users.
Anyone from a gaming company here care to comment?
This was submitted almost 3 weeks ago, anyways, its nice to see that people are still interested in the BSD's.
Recently I optioned on either buying two more Nokia 650 firewalls for my network and installed three new OpenBSD boxes using a combination of Trex, and IPF. While Checkpoint is a pretty cool firewall, I figured we (my company) didn't need to go out and spend more loot on firewalls. Sure IPF and Trex don't have true stateful inspections, and sure you can't do as much as you can with Checkpoint, but here are some of the neat things I managed to fiddle with. (posting this for this who do the fw things ya know)
On my Checkpoint FW I'm allowed the ability to mainpulate time based rules. (meaning I can allow in, out, block, on certain times of the day etc.) Being that at night (in case things go bonkers) servers go down, I made a simple shell script that is cron'd to open a connection at 8pm daily (when I'm home away from work) to my home subnet. This is pretty similar to Checkpoint's time based rules.
Not a major hack but it does me justice
Using a combination of FreeBSD, NetBSD, and OpenBSD at work (I'm senior admin so I get to use whatever I want) I also took the liberty of stunneling just about everything I could with OpenSSL so even if someone got unto out network, traffic is pretty secure for the most part.
Anyone else care to share some tweaks, tips and stuff on this boring Sunday?
I remember when I went to Sillycone Valley last year for a company I was working for, and while searching for prospectable employees for my department I noticed the majority of resumes coming via fax had employment histories for some people as little as about 3-4 months.
After talking with management then arguing with them about why I did not want someone with 4 months experience here and there in my department (security based), they told me to take a quick look around at where I was. Sillycone Valley, home of dot.com computing land, where anyone could lose a job today and have about 2 more the same day.
Well it may have been true late 90's and early 2000, but most of the companies as we all know are history. Its sad to see these things happen (companies going out of business) and that does not set a record though for shortest amount of time in a company.
True story
When I was about 15 years old, I went for a job at Wendy's (hamburger fast food joint). After being interviewed I got the job and was instructed to come back for work later that night. Upon me getting back later that night, I was shown how to clean grills, wash dishes, etc. Then told to buy some black shoes, and some shirts and ties for work (no bs). The whole rundown of job tasks took about 40 minutes.
After I was told how to do everything, I was told to get lunch and hurry back for work. So I ordered lunch sat down and ate, thinking whether or not I would stay. I decided I didn't want to work there. So I quite after eating (hehe).
Total time employed, less than 2 hours. AND I was sent a check for a whole day too.
The way the numbers are generated, you would need the person's password to have a number generated, which means that if you broke into someone's email, pc, etc., to gather information on em, chances are you could figure out their password and then generate the number.
Its a bad idea for credit card companies to go the route of having a user generate a random number based on a password, as history shows us people are simple, and will often rely on choosing simple passwords.
Again, a simple fix for this would be to have the credit card company pre-determine a block of numbers via mail or fax to the person, then afterwards have the person verify them when they intend to use them by phone if possible where caller ID can be used to ensure its the correct person.
Upon verifying the information, the credit card co., can then activate the numbers for use.
Shoppers have two security concerns. First, they worry that their credit-card numbers will be stolen. As a practical matter, that's a minor issue.
A minor issue? The author must be on some super drugs. The reasoning for these new advances in credit card protection schemes is for these minor issues else they wouldn't worry about it altogether.
By law, they're liable only for the first $50 spent by a thief, and most card issuers waive even that.
Regardless if they have to pay any fees at all, someone has still gotten ahold of their information, and depending on the criminal intelligence behind the person who has gotten ahold of the credit card number, they can escalate to identity theft, which has a big market.
The second, far greater problem is identity theft. If crooks get your name, credit card number, Social Security number and other identifiers, they can create a virtual you - open accounts in your name, charge up a storm and ignore the bills.
You'll be dunned and sued. It can take a year or more to straighten out the mess. ID thieves steal credit card numbers from many places - stores, restaurants, mail-order businesses. But the Web lets them steal wholesale, by breaking into the
databases of the merchants themselves, hence the appeal of card numbers good for only one use.
Even with thieves stealing information from insecure websites, its an unheard of issue of credit card companies going after the website which was breached. Little is done to sites who don't secure their systems from the possibility of a breach, and they should be held somewhat responsible for the integrity of their data.
The card pops onto your screen and you enter your name and password. You then get a one-time number for the single purchase you intend to make. Once used, it isn't good any more. Your real number is hidden away at the bank, where you hope hackers can't go.
This is still a problem as if a "cracker" has somehow gotten ahold of any kind of information on a person, they can leverage this to enter their own username and password to get a "one time" number". What would be nice, is if some of the credit card companies would pre-issue about 20 numbers per month with a 30 day period before their deleted. This was nothing is transferred over the wire and even a temp number can't be generated.
If hackers broke in, they couldn't use the virtual number without your password - which the merchant doesn't have - and it couldn't be circulated to other sites.
Well what about the crackers who go the full route to get all of a person's information including the password? I guess all these concepts go right down the drain.
<rant>
Being a strong advocate of cryptography, I would advise many to use it on a daily basis for
one of many reasons. Signatures for one are a definite identifier, and one can almost (99% percent
of the time) be sure the sender is legitimate, it can even save you in a legal bind, unless of
course a man in the middle attack took place
beforehand (then you'd have to prove that which is extremely difficult).
Having worked in the industry for some time now, I've had to send out confidential information
based on a company's plan to provide certain services relating to business, and in order to make
sure no one else gained access, whereas the company could lose a foothold in its market, I've used
PGP religiously. Even when sending normal messages from my account I always at least sign email by
default to ensure the recipient it is me and no one else sending them data, after all this is the
companies bread and butter, so why should anyone think we've something to hide on a criminal sense
other than the fact that we would enjoy it if our data was for our eyes only. </rant>
Another problem with many crypto offerings is that they can leave you vulnerable to forensic-grade
tools that can pull data from supposedly deleted files, including the temporary files that your
e-mail application uses as a placeholder for the message before it's encrypted. It seems to me
that the only way to get a truly secure solution is to write a mail application that has the
encryption built in at the most fundamental level, so that even if temporary files are recovered,
they may be rendered useless.
<fyi>
Well it seems this may be a Windows based problem. Using a combination of scripts, I make sure things are gone when I want them
gone. I've heard this on a security list before though, and although when it comes to Windows I
wouldn't know how to answer this. The latest versions of Mutt, and Pine provide its users with a
lot better protection than a Windows based program. (No this is not a Windows flame) </fyi>
At the same time, I don't want to think about how many people are using weak passphrases -- a
sequence that is hashed with random numbers to produce the encipherment key -- which might be easy
to remember, but won't stand up under a brute-force attack.
<note>
Familiarity is a problem for most, as simplicity can sometimes be even more deadly. One would
think that in the digital age, with all the evolving constantly going on, people would think twice
about using terms, words, number combinations to ensure their passwords are as safe as can
be. Sadly it isn't, what can be a nice approach is for some of the developers to generate a
passphrase along with the user, maybe use their MAC address along with their word or number,
etc. to make it a bit more difficult to break, however due to the fact people love simplicity,
they'd probably scribble it on a post it pad and leave it lying around like dumb
asses .
</note>
<assessment>
Government's outlook on crypto has always seemed to disturb me. Anything they cannot get their
paws on, they seem to despise and attempt to discredit, shame it by any means using all their
resources. This was recently seen when the NSA stated, Usama bin
Laden was using high tech crypto and steganography to hide his actions. While I don't doubt this,
crypto has been around for a long time, and even if they outlawed it, it'd become so taboo in the
digital age I think people would crave for it.
They tried passing a law which stated something like encryption when used in the commission of a
crime will result in more penalties or something to that extent earlier this year under the
public's nose.
5+ I'm too lazy to change my DNS for Disgraced.org so I can't use my account there. Too lazy to fix my mail for Deficiency.org so I can't use that account. I left a company which I had my email address posted there, so I can't use that one either. My account with AntiOffline's email address but I get spammed immediately after I use it here!!! and its listed with dontspam.antioffline.com in front.
So I would say over 5+ I've been meaning to figure out what my passwords were for the other ones, but being on so many systems (20+ personal 300+ work related) each with different passwords in clusters, I forget which is which, finally giving up and creating a new nick
I had that link posted as there are tons of visitors who get linked from search engines in search of kiddie porn, not to worry though, it works like this with the Customs link, according to "someone" who knows. What happens when someone gets linked there, is generally they are ignored first and second time around, however, multiple visits will likely be looked at closely.
It came to mind about 5 minutes after I posted the article and I quickly removed it, so once again sincerest apologies (to all for that matter).
Now as for the trolling, the songs (parodies of songs) were things I did post as I found humor in them however I noticed that there were posts I did not put here and I could only attribute it to someone I rmuser'd on my machine who probably sudo'd something somewhere down the line during one of my rootwars with friends. I don't even bother posting the songs anymore though since many don't seem to have a sense of humor nowadays.
Once again though sincerest apologies, and yes SpeedyGrl is my wife and yes she is Swedish, I'm not though I'm a native New Yorker (hispanic) but I can speak, read and write Swedish, Spanish, and currently learning Russian.
You should not hold a 3rd party ISP responsible for individual's actions. Holding the communication provider responsible causes ISPs to try to implement their own form of protections that erode my personal privacy and hinder my rights.
Your absolutely right. Maybe we should just turn the other cheek while some of these companies turn profit at the expense of someone elses life. I mean after all no one told those kids to grow into the life of being an abused child.
Personal Experience: I worked at a huge domain hosting company with about 700,000 domains (no bs), and I encountered a specific domain who had some pretty disgusting pictures up on the server. Well being the admin their, my first impulse was to remove it completely and wipe it, but I followed protocol, contacted the CEO of the company, U.S. Customs, etc. Turns out the owner of the domain was a friend of the CEO who in turn called the customer up and solely told him to move (not delete) the pictures to avoid drawing up a stir.
I was pissed since I didn't know this until weeks later when I noticed traffic going to another one of his domains. Well when I checked it was the same pictures, and I went back to my CEO who said flat out "That site brings in a lot of revenue." Well I rereported it to U.S. Customs along with all the information I had and was suspended from work. My CEO knew about it and chose to make money from it, and since I didn't delete the information Custom's department did a thorough investigation and I don't know what happened to the domain owner, but I know nothing happened to the CEO.
After I had left there however whenever that company came up from a prospectable employer I got the crappiest reviews but I could care less.
As for your privacy, were you complaining about this before you purchased your PC, or is it because somewhere in your mind you think a PC is a must have, everyday neccessity. Give me a break you can have privacy if you wanted to.
In a 4-3 decision, Florida's high court said the Communications Decency Act gives the Internet service provider, a unit of AOL Time Warner, immunity from a lawsuit filed by a Florida woman, whose 11-year-old son appeared in a lewd videotape sold by one AOL subscriber to another.
Just goes to show the lack of understanding the justice system has when assessing technology based crimes. Somewhere down the line I wonder if it had been a mom and pop ISP if the scenario would have been the same.
The mother alleged that AOL violated Florida criminal law, which prohibits the distribution of
pornography, and was negligent by not knowing that one of its subscribers was a seller of child
pornography and for not stopping him once complaints had been made.
Well not knowing the full details surrounding this occurance, I can say that it does take a while for something like this to be investigated, and I know this because my wife is on the board of Ethical Hackers Against Pedophilia, if AOL did acknowledge the complaint and partaken in an investigation of some sort they should be held liable, and an appeal with proof of their investigation would prove the complaintants case.
"The interpretation adopted today provides a foundation for far-ranging forms of illegal
conduct...which (ISPs) can, very profitably and with total immunity, knowingly allow their customers to operate through their Internet services," he wrote.
Indeed the laws regarding most computer based crimes are very broad and can easily be misconstrued, its sad however to see that judges play the robotic role of following "the book" but use little to no ethical, or humanlike qualities when dealing with any type of criminal case.
He said AOL has an elaborate system to encourage members to report child pornography.
Many people don't often understand the implications of reporting child porn and its importance, and many will often turn a blind eye on a notion someone else will report it. It can also be assessed that some may be embarrassed to report something as pedophilia out of fear they themselves may be considered pedophiles.
I've seen plenty of times people attempt to do what they feel it "the right thing" and totally screw things up for law enforcement. For example I won't name any particulars, but there is a group right now with anti child pornography intentions but their methods are wrong. Surely we would love to see child porn go by any means, and the attitudes these guys have taken is to break into a pedophile based server and delete them.
Bad move acts like these can compromise an investigation, and what some of these groups don't realize is, as quick as you can delete it, the pedophiles can quickly throw up ten mirrors. Not only did they themselves commit a crime by breaking in, the also committed the crime of evidence tampering, and the list goes on.
Personally I think some of these laws need a definite 2 year revision before things became a bit more chaotic than they are now.
You purchase a software program, at a store or on the Internet, and begin to install. Almost immediately you are confronted with a dialog box saying you have to agree to a long, dense legal document in order to proceed. Having better things to do with your life, you don't bother reading it and instead just click "OK" to continue the installation. After you're done, you discover the product doesn't work for whatever reason. Too bad, the software publisher tells you, by clicking "OK" you signed away any rights you might have to return the product.
In essence, this is what UCITA is all about. From the early days of personal computers, many packaged software products have come with "shrinkwrap" licenses - a set of terms written by the software publisher that usually disclaim all responsibility for delivering a functioning product other than perhaps warranting the delivery media be defect free for 30 days. As the purchaser is only able to read the license after the product is purchased and the package opened (hence the name shrinkwrap), the customer has theoretically given up all rights to demand a return or repair by the time he or she actually begins using the product.
In practice, however, it's not been that simple. Courts have historically frowned on such "contracts of adhesion" - non-negotiable terms presented post sale. Instead, they have often chosen to disregard shrinkwrap licenses totally or in part and apply other legal principles from common law, copyright law or laws regarding the sale of goods to disputes involving software products. As a result, there is a great deal of uncertainty about just what laws do apply to software transactions. And with the emergence of e-commerce, open source software and business-to-business Internet transactions, the need for more certainty in the laws governing a variety of software-based transactions has become even more critical.
What is now called UCITA was originally conceived for the entirely laudable purpose of clarifying the rules in this murky area of the law. UCITA is not federal law -- it is a proposed uniform law for each state to consider enacting. While the name has changed more than once (for many years it was known as Article 2B and was intended to become part of the Uniform Commercial Code), the project of drafting the law has been in the works for a decade under the auspices of the National Conference of Commissioners of Uniform State Laws (NCCUSL), a body of 300-plus commissioners appointed by their respective states.
Personally speaking, congress won't let this fly as its an unfair practice, and judging from this articles stance on a company not caring about any mistake you make when clicking something, its BS.
For a company to not honor a request, complaint, etc would leave a sour taste in anyones mouth. Its more (UCITA) than just an agreement between vendor and client, and it certainly won't deter reverse engineering or piracy. One thing people STILL seem to miss in these articles is, the WORLD DOES NOT revolve around U.S. laws.
Besides, there are far, far more effective ways to compromise information than a direct technology attack. Sideband attacks, social engineering, tempest readings, bribery, etc. I am of the opinion that the reason the NSA are not as up in arms as they used to be about encryption is that they have other means of obtaining that same information.
Well it could also be an invitation to a plausible deniability should someone find anything within the coding of the OS as they've had assistance from other students. Simply stated they could point the blame elsewhere. Why in the world would the world's uptmose techie based agency need any assistance whatsoever?
Something that struck me which you pointed out is "Just because the source is available, doesn't mean that people will examine it, nor does it mean that the people who do examine it are competent to do so." one of my exact points which I should have mentioned. I highly doubt anyone will undertake the task of going through a code by code audit of the OS, since if anything IS by chance found, the OS is on the NSA's webserver anyways, so its very easy to switch up source or redirect anything they'd like.
One of the things concerning the NSA's release of SE Linux is, in some
instances, they complain that terrorists, and criminals are hindering
their (the US
Government) efforts to investigate, and or monitor crimes,
and they go and release this distribution of Linux.
Think about that for a quick second with an open mind if you
will, and look at exactly what was said in this article
CIA director George Tenet said individuals such as Osama bin Laden
- the man alleged to have been behind the 1998 bombings of US embassies in
East Africa - are using the internet to cloak communications within their
organisations. "You recruit people on internet sites and you use
encryption," Tenet said. "You move your operational planning and
judgements over internet sites' use of encryption. You raise
money."
Bin Laden inspires particular alarm in the US. National Security Agency
chief Mike Hayden says his own organisation is "behind the curve in
keeping up with the global telecommunications revolution", which bin Laden
is able to exploit. Hayden blamed this gap for the US's failure to prevent
the 1998 embassy attacks, which killed 224 people.
If things are so bad for NSA officials to keep tabs on terrorists and the
way they commit digital crimes in association with their acts, then why
would they release an OS that could further help these terrorists
hide/secure their data. Sure you can look at this post and claim its a
conspiracy of some sort to point out these findings, but lets take a look
at how many 1k bytes of code could be inserted throughout the SE Linux OS
to have them somewhere down the line be combined in order for the NSA to
open a backdoor of some sort.
We all know about the OpenSource arguements and whether or not OpenSource
solidifies security, the fact remains, no one has gone line for line on
the NSA's code for SE Linux to determine whether or not they've done
something shady to hide their underlying actions for creating this
OS.
Now back to the OS in general, I would like to see a comparison between
say SE Linux vs. OpenBSD, or SE Linux
vs. TrustedBSD. Personally I would
option for OpenBSD, as Trusted is an overlay for FreeBSD.
Again, one should wonder about the facts, the NSA claims people
like Usama bin Laden and Fidel
Castro are giving them headaches with
technology, and yet they release something which could help them? Typical
politics wouldn't you say. Hey, here's some thoughts to consider for NSA
naming conventions this millenium.
The original Iridium phones cost about $3,000 while air time ranged from $2 to $10 a minute, and only 15,000 customers signed up. The new service is expected to charge about $1.50 a minute, with phones starting at about $1,000.
No wonder we pay such high taxes in the US, our government is again overspending.
Well one thing thats for sure is, its nice to see a company ressurected before it was completely dead, however one has to question the sanity of the company who went out and brought a company who burned 5billion US without ever even having a product to show for it. Removing the dot in . com
This amazing piece of technology, which I
tested while huddled against the elements at
a train station in New Jersey, is made largely of paper.
Secret Service officials have asked to see this phone recently, I think the article was on Cryptome.org or something similar. Odd that such high ranking government officials would want to see this. See way I figure, if its used in the commission of a crime, there's no trace back to the cellular, nor is there a way for them to monitor a conversation. So expect some sort of fallout between government and the inventor.
As a result, it's incredibly cheap. You'll be able to buy one for maybe 10 bucks, and it will come with 60 minutes of air time. When that time runs
out, you can throw it away, or just punch a button to add another 60 minutes of time.
It is a nifty idea by all means, but again law enforcement will see this as a problem as they may not be able to use ECHELON based programs to monitor whats going on, thereby leaving another means of circumvention of laws by criminals.
Basically, this is a calling card with a telephone built in. And the technological advances it's based on--22 patents have been awarded to its developers--are going to have a dramatic impact on many things we take for granted.
?
I disagree with this, how is taking a cellular phone for granted, its not a neccessity in life, and although we use it in every day life, we've been fine without it in the past, so I see this statement as overkill.
The phone, conceived by Randice-Lisa Altschul, relies on a technique that allows a standard electronic circuit to be literally printed on material using magnetic ink.
So a binary reader may be able to gain information on the innards of this phone, giving people the ability to tinker with it some. Well leave it up to the next Defcon, or other Con where someone will figure out the workings on this, then we can guess government won't like this idea too much.
she's already got worldwide orders for 100 million of the devices and three factories standing by as soon as she receives approval for the device from the Federal Communications Commission. It's a fairly routine assessment guaranteeing things such as the device won't unduly interfere with other technology.
I think she has more to worry about than the FCC when its concerning this type of product, again I wish I could find that article, so people can see what I mean.
For instance, these phones are pretty much untraceable, like a call from a pay phone. That's great if you're concerned about privacy but bad if you're worried that bad guys will use stuff such as this to make it harder for law enforcement to catch them.
Well there's small mention of law enforcement here, but again I will search for the prior article on the Secret Service's concern over these phones, and its not like its the FBI or something, these guys (Secret Service) don't normally get involved with these issues, which made me think about, what exactly is going to happen when these phones (if these phones) are released.
Uh... OpenBSD is not created solely by one developer. I happen to know about 4 developers of the OS and they're cool as all hell. So you would rather run an insecure Operating System solely because the developer is an ass? Damn you just described Bill Gates in his completeness.
I don't care who is writing it as long as my data is safe I have no concerns over someones attitude.
Its perhaps feasible, but the company (if its the same one who created the single atom transistor) would lose out on the money it put into creating the original, so chances are if it IS created, I'm sure the company won't release it until it gains capital.
In the largest criminal Internet attack to date, a group of Eastern European hackers has spent a year systematically exploiting known Windows NT vulnerabilities to steal customer data.
Theres not much to study, if Microsoft took the initiative and released secure products from the beginning this wouldn't have taken place. Take a quick look at the wonderous task developers at OpenBSD have taken in releasing a secure OS. All this and theirs is a free operating system with the minute amount of resources as MS
The FBI and Secret Service are taking the unprecedented step of releasing detailed forensic information from ongoing investigations because of the importance of the attacks.
Can someone explain the legalities of the FBI getting involved at crimes that occur from European or other places around the world, when they seldomly contend with the issues we have here. What exactly can they do to someone say in the Phillipines which we've found has no laws regarding computing, as was shown with the Melissa virus creator.
Within a day or two, the Center for Internet Security will release a small tool that you can use to check your systems for the vulnerabilities and also to look for files the FBI has found present on many compromised systems - indicating your system may have already been compromised by the attacker group.
I think I would pass based on experience with using anything the government has their hands on. Call it paranoia, but I know how to download my own patches, which I don't have to since I don't use MS products.
Now as to why admins don't install patches, it could stem from a lack of knowledge regarding security, their too busy assessing everything else and are understaffed, or their simply lazu bofh's who think that it hasn't happened to them and probably won't. Bad move. Being in the industry for such a short time, I've seen the attitudes to be "I have a firewall" or "We're a small company so it won't happen." This is what kills me, is that when the sh## hits the fan, many could've avoided the situation by applying a patch that would've taken no time at all.
I understand companies have networks the size of small counties, but I think their workers should take the initiative and secure their networks as a matter or unofficial policy or principal. Otherwise its not a crackers fault (crackers will be crackers) but their own ignorance.
And you can expect a huge number of misinformed reporters to repeat the myths and misunderstandings expressed by fearful users.
Ive always expected misunderstanding, FUD, and myths about Mickeysoft products, its the way the company (MS) decides to provide clarity on what it is actually doing.
In three consecutive columns, I plan to tackle the product activation issue head-on. This week, I'll look at some of the unjustified fears engendered by this new policy. Next week, I'll focus on the legitimate concerns and unanswered questions raised by this policy. Finally, in two weeks, I'll use your suggestions to tell Microsoft how they ought to run this scheme.
Not such a bad idea to go and tell Microsoft how to address issues regarding their company, after all I'm sure their entourage of highly paid employees haven't assessed these matters previously.
First, here's an overview of how product activation is supposed to work. When you install Windows XP or Office XP from a retail CD, you'll have 30 days to contact Microsoft to get an activation code. For most users with an Internet
connection, this will happen automatically. The activation process generates a "fingerprint" based on the hardware in your system and associates that with your 25-character Product ID. If you reinstall the software on the same system, you can reactivate it automatically. If you try to install the software on another machine with substantially different hardware, however, you may have to call Microsoft to get a new activation code.
So whats the big hooplah about, Microsoft wants to ensure no one is going to pirate their work. One thing a lot of people don't seem to zero in on, is Microsoft is not like the Unixes, it is not OpenSource and they don't have to answer to anyone at any given time. What if it were your program, would you feel slighted if someone stole your work and took money out of your pocket? I'm sure you would, now how would you feel if people we're ranting on because you want to make sure this doesn't happen? Why does this seem to always be a double edged sword?
Every time you reinstall Windows, you'll need a new code. R. Kinner is already prepared to join a class action lawsuit against Microsoft:
Here we go again with suits waisting tax payer dollars. Solution if the product bugs you that much don't use it.
"If I, as a home user, am forced over the course of a year to reinstall XP five times, and MS refuses me a sixth code, they are the ones breaking the commerce contract that was begun when I purchased the software."
Solution: Move away from using Microsoft products, whats the horror in this. If its so damn bad toss it.
You'll need to call MS for permission every time you replace a piece of hardware. Member PRT wrote, "It could be a nightmare if each install on the hardware generates a different key, requiring a new activation.
NOW THIS IS BS!!! and I'm glad I don't have to use Microsoft. I think MS will know the downfalls of doing this and find a better solution. (hopefully for their sake)
Slashdot Mirror
A sure technological break through. Sign up for internet service, purchase an expensive "router" and your off to see the wizard
Well I'll be... Spyware. The thought of having a company remotely manage anything on my networks sends an bad vibe down my spine. I wonder if their tech support people are trained enough to diagnose hardcore problems, and if their trustworthy enough (Helius that is) to allow them this sort of access. No mention of whether or not this can be disabled either.
The power of marketing!!! Sure they won't tell a possible client off hand if a network or satellite connection is down "We will reconfigure your router, but hey dude, you won't have Internet access!", I wonder how many non technical people will fall for this ploy and think a fully redundant Internet connection with this appliance.
sigh... Poor *BSD's no mention of them at all. I'm sure it'll work either alone or with Lin compat tweaks but its sad to see companies overlook the BSD's. Now wait just a second. I 've used Caldera and its horrible as all hell. I would rather use MS than Caldera, I wonder if its tweakable to either do a boot install of another OS, theres no mention of it, maybe someone can ask for a test drive of this product.
Anyways sorry for more rants, its Tuesday, raining in New York and my stock portfolio is in a Six Flags Amusement Park roller coaster ride so I feel edgy.
Where in the world is my wife
I beg to differ on this note, I believe most American firms outsourced their business to foreign firms since it was much cheaper to go that route as opposed to American's spending so much and getting little in return as opposed to say that American companies turned "poor earnings". This can be seen with Zenith who for years made products in America, although not as good or as cheap as the Asian counterparts, nevertheless they still had a market.
Not only are their structuring plans pretty well rounded, but if you take a look at academia abroad, you will notice the will of foreigners such as Japanese who try to go out and expand, look at America, we glorify glamour, and most of the students here aren't as willing to learn as foreign counterparts. (this is again my thoughts so flame on)
Nonsense this is a very huge MS'ish based arguement, not all software demands revenue as show with the Open Source Movement. To think that computing relies on solely vendors such as Microsoft, MacIntosh, or Sun Microsystems is bogus.
Sorry to remind so many people, but Palm is not a neccessity, furthermore for the company to rely on selling content, well take a look at Yahoo's slow fall last week. Along with that take note that wireless is too NOT a neccessity.
Anyways my rantings are over.
Britains Most Wanted
I'm not too crazy about wireless and its insecurities, nevertheless I guess its possibly the only means to have this work while the cops are out on patrol.
Out here in New York City there was mention of "secretive" cameras around the city area which did the same and there was a slight uproar from privy groups.
Sounds to me like Britain is or has become(ing) a police state. I can see the "want" for authorities to have these cameras but are so many neccessary, and the way the article is written, "struggling to maintain patrol levels", one would think Britain is filled with dark-ages-like criminals roaming everywhere.
Ouch I know I'm going to be bitched at for saying this but it sounds to me like British officials are flat out saying "ALL YOUR PRIVACY ARE BELONG TO US" (I had to so sue me)
Why look here
Ok so this post was off base what can I say, its 4am do you know where your privacy is?
Protecting the privacy of (l)users worldwide
they get their Internet connection from somewhere. Whether they've laid fiber-optic under the channel or they're using a two-way satellite transmission, they have to be connecting to somebody who's selling them the bandwidth. And that somebody is most likely located in a Berne Convention nation and/or a nation where the big five record companies do business. If they thought it necessary, the big five could sue to have the Internet connection to the Fairtunes OpenNap server blocked. They may not be able to get to the server, but they can ensure that nobody gets to it. The author has most of the right points, but one thing he seems to have forgotten is that not all countries will abide by the rules especially those who have interests in simply going against others' thought process and what exactly constitutes free speech especially when dealing with American companies.
One solution for him would be to offer some sort of payment form via some banner or advertising to record companies which I haven't seen on any article. So far I've seen billion dollar promises which does little for the artist, and many record co's weren't keen on it anyway. Another method would be for him to stop specifically using Nap* to trade only MP3 based files. He could open the program up to all file sharing specs and turn a blind eye to what gets traded, this way he isn't targeted, etc.
Either way he doesn't have the money nor resources to go up against these guys and their lawyers will batter him. His intentions may seem noble to those who use the service, and free speech buffs, but he has to remember money talks, and money he doesn't have.
coming soon
Microsoft's move brought some good ideas, and bad ideas to mind.
Good Ideas
Developers can assist with bugs, assist with security issues, shows initiative from MS and their willingness to open up on their inventions (code), gives small companies opportunity to place themselves on the map (giving MS assistance).
Bad Ideas
Developers will be scared by NDA & lawsuits, MS can turn around and attempt a buyout or slander the company for making a slightly bad NDA breach, can code really be patented and or copywritten? (even if someone distorts it to an insane method and capitalizes?), competitors may gain an insight to future MS products and capitalize on it.
MS has done good on its own for many years (yes they have done good after all check their market cap), and opening up even with an NDA sounds good but NDA's out here in the US may not mean anything in a foreign market, will MS's move hurt them or will it help them? To be honest I don't think it would do much at this point, right now MS isn't even working with the Windows2000 source code any more other than fixing bugs, maybe its good for benchmarking the next release, as for W2000 in its current state, guess bug patches will have to do.
Big Breach
I wonder why some of these gaming companies don't take the initiative of assisting developers port their software to unsupported systems such as Linux, and the BSD's.
The upsides to doing so would:
Cost nothing in their own budgets
Create more exposure for their companies
Could create revenue next time around for new games
Open a new market other gaming companies don't have. (Linux, BSD's)
Its a bit odd to see that most gaming companies are still on the MS bandwagon, when significant articles, studies, polls, show that Linux and BSD's have gained ground within the past few years. I'm sure if there were more games available there would be a bigger boom of *nix users.
Anyone from a gaming company here care to comment?
Where in the world is my wife
This was submitted almost 3 weeks ago, anyways, its nice to see that people are still interested in the BSD's.
Recently I optioned on either buying two more Nokia 650 firewalls for my network and installed three new OpenBSD boxes using a combination of Trex, and IPF. While Checkpoint is a pretty cool firewall, I figured we (my company) didn't need to go out and spend more loot on firewalls. Sure IPF and Trex don't have true stateful inspections, and sure you can't do as much as you can with Checkpoint, but here are some of the neat things I managed to fiddle with. (posting this for this who do the fw things ya know)
On my Checkpoint FW I'm allowed the ability to mainpulate time based rules. (meaning I can allow in, out, block, on certain times of the day etc.) Being that at night (in case things go bonkers) servers go down, I made a simple shell script that is cron'd to open a connection at 8pm daily (when I'm home away from work) to my home subnet. This is pretty similar to Checkpoint's time based rules.
Not a major hack but it does me justice
Using a combination of FreeBSD, NetBSD, and OpenBSD at work (I'm senior admin so I get to use whatever I want) I also took the liberty of stunneling just about everything I could with OpenSSL so even if someone got unto out network, traffic is pretty secure for the most part.
Anyone else care to share some tweaks, tips and stuff on this boring Sunday?
I remember when I went to Sillycone Valley last year for a company I was working for, and while searching for prospectable employees for my department I noticed the majority of resumes coming via fax had employment histories for some people as little as about 3-4 months.
After talking with management then arguing with them about why I did not want someone with 4 months experience here and there in my department (security based), they told me to take a quick look around at where I was. Sillycone Valley, home of dot.com computing land, where anyone could lose a job today and have about 2 more the same day.
Well it may have been true late 90's and early 2000, but most of the companies as we all know are history. Its sad to see these things happen (companies going out of business) and that does not set a record though for shortest amount of time in a company.
True story
When I was about 15 years old, I went for a job at Wendy's (hamburger fast food joint). After being interviewed I got the job and was instructed to come back for work later that night. Upon me getting back later that night, I was shown how to clean grills, wash dishes, etc. Then told to buy some black shoes, and some shirts and ties for work (no bs). The whole rundown of job tasks took about 40 minutes.
After I was told how to do everything, I was told to get lunch and hurry back for work. So I ordered lunch sat down and ate, thinking whether or not I would stay. I decided I didn't want to work there. So I quite after eating (hehe).
Total time employed, less than 2 hours. AND I was sent a check for a whole day too.
The way the numbers are generated, you would need the person's password to have a number generated, which means that if you broke into someone's email, pc, etc., to gather information on em, chances are you could figure out their password and then generate the number.
Its a bad idea for credit card companies to go the route of having a user generate a random number based on a password, as history shows us people are simple, and will often rely on choosing simple passwords.
Again, a simple fix for this would be to have the credit card company pre-determine a block of numbers via mail or fax to the person, then afterwards have the person verify them when they intend to use them by phone if possible where caller ID can be used to ensure its the correct person.
Upon verifying the information, the credit card co., can then activate the numbers for use.
Just my two cents.
Where in the world is my wife
A minor issue? The author must be on some super drugs. The reasoning for these new advances in credit card protection schemes is for these minor issues else they wouldn't worry about it altogether.
Regardless if they have to pay any fees at all, someone has still gotten ahold of their information, and depending on the criminal intelligence behind the person who has gotten ahold of the credit card number, they can escalate to identity theft, which has a big market. Even with thieves stealing information from insecure websites, its an unheard of issue of credit card companies going after the website which was breached. Little is done to sites who don't secure their systems from the possibility of a breach, and they should be held somewhat responsible for the integrity of their data.
This is still a problem as if a "cracker" has somehow gotten ahold of any kind of information on a person, they can leverage this to enter their own username and password to get a "one time" number". What would be nice, is if some of the credit card companies would pre-issue about 20 numbers per month with a 30 day period before their deleted. This was nothing is transferred over the wire and even a temp number can't be generated.
Well what about the crackers who go the full route to get all of a person's information including the password? I guess all these concepts go right down the drain.
Anyways...
The Big Breach -- Richard Tomlinson (ex MI6 agent)
<rant>
Being a strong advocate of cryptography, I would advise many to use it on a daily basis for one of many reasons. Signatures for one are a definite identifier, and one can almost (99% percent of the time) be sure the sender is legitimate, it can even save you in a legal bind, unless of course a man in the middle attack took place beforehand (then you'd have to prove that which is extremely difficult).
Having worked in the industry for some time now, I've had to send out confidential information based on a company's plan to provide certain services relating to business, and in order to make sure no one else gained access, whereas the company could lose a foothold in its market, I've used PGP religiously. Even when sending normal messages from my account I always at least sign email by default to ensure the recipient it is me and no one else sending them data, after all this is the companies bread and butter, so why should anyone think we've something to hide on a criminal sense other than the fact that we would enjoy it if our data was for our eyes only.
</rant>
<fyi>
Well it seems this may be a Windows based problem. Using a combination of scripts, I make sure things are gone when I want them gone. I've heard this on a security list before though, and although when it comes to Windows I wouldn't know how to answer this. The latest versions of Mutt, and Pine provide its users with a lot better protection than a Windows based program. (No this is not a Windows flame)
</fyi> <note>
Familiarity is a problem for most, as simplicity can sometimes be even more deadly. One would think that in the digital age, with all the evolving constantly going on, people would think twice about using terms, words, number combinations to ensure their passwords are as safe as can be. Sadly it isn't, what can be a nice approach is for some of the developers to generate a passphrase along with the user, maybe use their MAC address along with their word or number, etc. to make it a bit more difficult to break, however due to the fact people love simplicity, they'd probably scribble it on a post it pad and leave it lying around like dumb asses
. </note>
<assessment>
Government's outlook on crypto has always seemed to disturb me. Anything they cannot get their paws on, they seem to despise and attempt to discredit, shame it by any means using all their resources. This was recently seen when the NSA stated, Usama bin Laden was using high tech crypto and steganography to hide his actions. While I don't doubt this, crypto has been around for a long time, and even if they outlawed it, it'd become so taboo in the digital age I think people would crave for it.
They tried passing a law which stated something like encryption when used in the commission of a crime will result in more penalties or something to that extent earlier this year under the public's nose.
5+ I'm too lazy to change my DNS for Disgraced.org so I can't use my account there. Too lazy to fix my mail for Deficiency.org so I can't use that account. I left a company which I had my email address posted there, so I can't use that one either. My account with AntiOffline's email address but I get spammed immediately after I use it here!!! and its listed with dontspam.antioffline.com in front.
So I would say over 5+ I've been meaning to figure out what my passwords were for the other ones, but being on so many systems (20+ personal 300+ work related) each with different passwords in clusters, I forget which is which, finally giving up and creating a new nick
I had that link posted as there are tons of visitors who get linked from search engines in search of kiddie porn, not to worry though, it works like this with the Customs link, according to "someone" who knows. What happens when someone gets linked there, is generally they are ignored first and second time around, however, multiple visits will likely be looked at closely.
It came to mind about 5 minutes after I posted the article and I quickly removed it, so once again sincerest apologies (to all for that matter).
Now as for the trolling, the songs (parodies of songs) were things I did post as I found humor in them however I noticed that there were posts I did not put here and I could only attribute it to someone I rmuser'd on my machine who probably sudo'd something somewhere down the line during one of my rootwars with friends. I don't even bother posting the songs anymore though since many don't seem to have a sense of humor nowadays.
Once again though sincerest apologies, and yes SpeedyGrl is my wife and yes she is Swedish, I'm not though I'm a native New Yorker (hispanic) but I can speak, read and write Swedish, Spanish, and currently learning Russian.
Just goes to show the lack of understanding the justice system has when assessing technology based crimes. Somewhere down the line I wonder if it had been a mom and pop ISP if the scenario would have been the same.
Well not knowing the full details surrounding this occurance, I can say that it does take a while for something like this to be investigated, and I know this because my wife is on the board of Ethical Hackers Against Pedophilia, if AOL did acknowledge the complaint and partaken in an investigation of some sort they should be held liable, and an appeal with proof of their investigation would prove the complaintants case.
Indeed the laws regarding most computer based crimes are very broad and can easily be misconstrued, its sad however to see that judges play the robotic role of following "the book" but use little to no ethical, or humanlike qualities when dealing with any type of criminal case.
Many people don't often understand the implications of reporting child porn and its importance, and many will often turn a blind eye on a notion someone else will report it. It can also be assessed that some may be embarrassed to report something as pedophilia out of fear they themselves may be considered pedophiles.
I've seen plenty of times people attempt to do what they feel it "the right thing" and totally screw things up for law enforcement. For example I won't name any particulars, but there is a group right now with anti child pornography intentions but their methods are wrong. Surely we would love to see child porn go by any means, and the attitudes these guys have taken is to break into a pedophile based server and delete them.
Bad move acts like these can compromise an investigation, and what some of these groups don't realize is, as quick as you can delete it, the pedophiles can quickly throw up ten mirrors. Not only did they themselves commit a crime by breaking in, the also committed the crime of evidence tampering, and the list goes on.
Personally I think some of these laws need a definite 2 year revision before things became a bit more chaotic than they are now.
Kiddie Porn
More on UCITA
Personally speaking, congress won't let this fly as its an unfair practice, and judging from this articles stance on a company not caring about any mistake you make when clicking something, its BS.
For a company to not honor a request, complaint, etc would leave a sour taste in anyones mouth. Its more (UCITA) than just an agreement between vendor and client, and it certainly won't deter reverse engineering or piracy. One thing people STILL seem to miss in these articles is, the WORLD DOES NOT revolve around U.S. laws.
Besides, there are far, far more effective ways to compromise information than a direct technology attack. Sideband attacks, social engineering, tempest readings, bribery, etc. I am of the opinion that the reason the NSA are not as up in arms as they used to be about encryption is that they have other means of obtaining that same information.
Well it could also be an invitation to a plausible deniability should someone find anything within the coding of the OS as they've had assistance from other students. Simply stated they could point the blame elsewhere. Why in the world would the world's uptmose techie based agency need any assistance whatsoever?
Something that struck me which you pointed out is "Just because the source is available, doesn't mean that people will examine it, nor does it mean that the people who do examine it are competent to do so." one of my exact points which I should have mentioned. I highly doubt anyone will undertake the task of going through a code by code audit of the OS, since if anything IS by chance found, the OS is on the NSA's webserver anyways, so its very easy to switch up source or redirect anything they'd like.
CIA mining your data
One of the things concerning the NSA's release of SE Linux is, in some instances, they complain that terrorists, and criminals are hindering their (the US Government) efforts to investigate, and or monitor crimes, and they go and release this distribution of Linux.
Think about that for a quick second with an open mind if you will, and look at exactly what was said in this article If things are so bad for NSA officials to keep tabs on terrorists and the way they commit digital crimes in association with their acts, then why would they release an OS that could further help these terrorists hide/secure their data. Sure you can look at this post and claim its a conspiracy of some sort to point out these findings, but lets take a look at how many 1k bytes of code could be inserted throughout the SE Linux OS to have them somewhere down the line be combined in order for the NSA to open a backdoor of some sort.
We all know about the OpenSource arguements and whether or not OpenSource solidifies security, the fact remains, no one has gone line for line on the NSA's code for SE Linux to determine whether or not they've done something shady to hide their underlying actions for creating this OS.
Now back to the OS in general, I would like to see a comparison between say SE Linux vs. OpenBSD, or SE Linux vs. TrustedBSD. Personally I would option for OpenBSD, as Trusted is an overlay for FreeBSD.
Again, one should wonder about the facts, the NSA claims people like Usama bin Laden and Fidel Castro are giving them headaches with technology, and yet they release something which could help them? Typical politics wouldn't you say. Hey, here's some thoughts to consider for NSA naming conventions this millenium.
Newer Stealth Arrangements
Never See Anything
Next Superpower Agency
New Snooping Applications
Nothing's Secret Anymore
/[a-z]['")]*[.!?]+['")]*\s/g) {
while($information =~
$conspiracy++;
}
print "Your $information is filled with $conspiracy theories\n";
Where in the world is SpeedyGrl
No wonder we pay such high taxes in the US, our government is again overspending.
Well one thing thats for sure is, its nice to see a company ressurected before it was completely dead, however one has to question the sanity of the company who went out and brought a company who burned 5billion US without ever even having a product to show for it.
Removing the dot in . com
Secret Service officials have asked to see this phone recently, I think the article was on Cryptome.org or something similar. Odd that such high ranking government officials would want to see this. See way I figure, if its used in the commission of a crime, there's no trace back to the cellular, nor is there a way for them to monitor a conversation. So expect some sort of fallout between government and the inventor. It is a nifty idea by all means, but again law enforcement will see this as a problem as they may not be able to use ECHELON based programs to monitor whats going on, thereby leaving another means of circumvention of laws by criminals. ? I disagree with this, how is taking a cellular phone for granted, its not a neccessity in life, and although we use it in every day life, we've been fine without it in the past, so I see this statement as overkill. So a binary reader may be able to gain information on the innards of this phone, giving people the ability to tinker with it some. Well leave it up to the next Defcon, or other Con where someone will figure out the workings on this, then we can guess government won't like this idea too much. I think she has more to worry about than the FCC when its concerning this type of product, again I wish I could find that article, so people can see what I mean. Well there's small mention of law enforcement here, but again I will search for the prior article on the Secret Service's concern over these phones, and its not like its the FBI or something, these guys (Secret Service) don't normally get involved with these issues, which made me think about, what exactly is going to happen when these phones (if these phones) are released.
Patent Pending
Uh... OpenBSD is not created solely by one developer. I happen to know about 4 developers of the OS and they're cool as all hell. So you would rather run an insecure Operating System solely because the developer is an ass? Damn you just described Bill Gates in his completeness.
I don't care who is writing it as long as my data is safe I have no concerns over someones attitude.
Its perhaps feasible, but the company (if its the same one who created the single atom transistor) would lose out on the money it put into creating the original, so chances are if it IS created, I'm sure the company won't release it until it gains capital.
Now if only they could put a rush on this and send some of these to the poor folks in California suffering by powerco induced outages ;)
CIA snoopages
Theres not much to study, if Microsoft took the initiative and released secure products from the beginning this wouldn't have taken place. Take a quick look at the wonderous task developers at OpenBSD have taken in releasing a secure OS. All this and theirs is a free operating system with the minute amount of resources as MS
Can someone explain the legalities of the FBI getting involved at crimes that occur from European or other places around the world, when they seldomly contend with the issues we have here. What exactly can they do to someone say in the Phillipines which we've found has no laws regarding computing, as was shown with the Melissa virus creator.
I think I would pass based on experience with using anything the government has their hands on. Call it paranoia, but I know how to download my own patches, which I don't have to since I don't use MS products.
Now as to why admins don't install patches, it could stem from a lack of knowledge regarding security, their too busy assessing everything else and are understaffed, or their simply lazu bofh's who think that it hasn't happened to them and probably won't. Bad move. Being in the industry for such a short time, I've seen the attitudes to be "I have a firewall" or "We're a small company so it won't happen." This is what kills me, is that when the sh## hits the fan, many could've avoided the situation by applying a patch that would've taken no time at all.
I understand companies have networks the size of small counties, but I think their workers should take the initiative and secure their networks as a matter or unofficial policy or principal. Otherwise its not a crackers fault (crackers will be crackers) but their own ignorance.
Request for Comments on Script Kiddiots
Ive always expected misunderstanding, FUD, and myths about Mickeysoft products, its the way the company (MS) decides to provide clarity on what it is actually doing.
Not such a bad idea to go and tell Microsoft how to address issues regarding their company, after all I'm sure their entourage of highly paid employees haven't assessed these matters previously.
So whats the big hooplah about, Microsoft wants to ensure no one is going to pirate their work. One thing a lot of people don't seem to zero in on, is Microsoft is not like the Unixes, it is not OpenSource and they don't have to answer to anyone at any given time. What if it were your program, would you feel slighted if someone stole your work and took money out of your pocket? I'm sure you would, now how would you feel if people we're ranting on because you want to make sure this doesn't happen? Why does this seem to always be a double edged sword?
Here we go again with suits waisting tax payer dollars. Solution if the product bugs you that much don't use it.
Solution: Move away from using Microsoft products, whats the horror in this. If its so damn bad toss it.
NOW THIS IS BS!!! and I'm glad I don't have to use Microsoft. I think MS will know the downfalls of doing this and find a better solution. (hopefully for their sake)