the last one is of particular interest because it claims that Hotmail doesn't seem to do anything about these dictionary attacks:
They have discovered that MSN/Hotmail seems to allow spammers to run long-lived dictionary attacks, in one case extending over five months in duration.
as for software capable of launching this type of attack - there are already programs which exist for launching these attacks against authentication systems. those written in scripting languages (many of them are written in perl) are easily altered to attack a mail server.
One month later the box was *filled* with spam. My guess is that MS itself sold the account to spammers.
Microsoft actually might be at fault there. Spammers have been bruteforcing honeypot domains for a few years now, sending spam to any and all combinations of letters and numbers. what doesn't bounce gets added to a "cleared" list and passed along, so the spam accumulates from there.
There's nothing that stops someone from whipping open extra CD #7 and installing the obscure browser and mp3 player they like. But it is better of to start out clean and nice and pretty, and let someone customize it, than to start out bloated and force users to trim things out.
i couldn't agree more. it's absolutely ridiculous to present first-time users with a long list of applications and a one or two line description for each one - especially when the one or two line descriptions are often saying the same thing as the last ten applications!
asking admins to monitor their network more carefully is about one step semantically shy of asking them to keep up to date with patches. if you don't have time to keep up with patching, why would you have any time to watch your network more closely? if it's either/or, sure, take the high road and monitor, but if you're doing neither, nothing is solved.
later, he says that in a perfect world patches would automatically download, install, and always work. as for the automatically download and install, microsoft has that covered. but as for always working... well if that was the case, patches wouldn't be needed in the first place. there's a catch-22 there that he missed or ignored.
"But the philosophy of patching is fundamentally flawed and leaves people vulnerable, Cooper said."
can anyone explain to me a better method, since even thy mighty god linux is subject to the need occassionally along with every other major OS i can think of?
the paragraph continues with, "For example, Microsoft didn't follow its own advice as executives confirmed that an internal network was hit by the worm." to me, it seems that this statement doesn't support the previous. it would be better to place blame where it belongs, straight in the lap of the admins whose responsibility it is to keep their systems secure, and upon the heads of those who write exploitive code for the purpose of causing havoc.
i mean, more power to those who bring these issues to light, but doing so without perspective just looks like picking on an easy target.
that post is ridiculous. the US provides 1/3 of the food imported by the ENTIRE world. if anyone here is being lead by the media, it's you. the US is a pretty damn big country, and simply because only the coasts get on the news doesn't mean they're the only parts of the country doing anything.
if i had mod points, i'd mod you the troll that you are.
behringer makes an absolutely awesome virtual cab/direct box called the Ultra-G. retails for about $30. check it out sometime, i highly recommend it and use it myself.
if you're a troll to a troll...
on
Superbowl XXXVII
·
· Score: 1
does that counter-act the original troll making your post not a troll? honestly, that was pretty blatant trolling on michael's part. from now on, i think i'll start my posts with something baseless and inflammatory to grab attention.
...because no other OS has ever had an exploit. this is far-reaching because of wide-spread use, not because it's any more hole-ridden than any other OS. sign up to a few various security lists and marvel at the filling of your inbox.
Whining about what the copyright holders are doing to protect their legally sanctioned monopolies is not the way to go about fighting this kind of thing.
you say this as if having sole control of distribution and copyright of your work is a bad thing. of course it's a legally sanctioned monopoly, it's called copyright.
In Australia we have had a number of ISPs that have failed to honour the contracts they have made with their customers out of fear of litigation.
you mean the part of the contract that states users may not use the service provided to engage in unlawful behaviour?
It is the responsibility of our freedom loving society to avoid service providers who fail to protect that freedom.
please. protecting freedom doesn't apply here. tilting at windmills because someone's trying to make it less convenient for you to subvert payment on merchandise is not protecting freedom. you never had the freedom in the first place.
but isn't it obvious that regardless of how big or scary a company is, it has no jurisdiction outside of US.
wrong. wrong wrong wrong. major motion pictures are nearly universally registered under international copyright, and australia has MUCH stricter copyright law in terms of television and cinematic media. these studios have every right, jurisdiction, and cause to request that ISPs follow their TOS and not allow their users to engage in illegal activities.
Now, they can't prove yet (i think) how many times a work is transferred
well, one of the great things about law is that they still leave a lot of room for people to break the law in privacy. it's called intent to distribute, and when it doesn't exist, penalties are much lower than when it does. in the case of copyright, without intent to distribute, you'll do pretty OK under the umbrella of fair use. the problem here is that you're making the work available for distribution, instantly making a case for intent to distribute. even if nobody downloads it from you, you've still stepped outside of fair use.
the copyright owner doesn't need to prove you've distributed because you made it available for distribution. the minute a bootleg vendor extends the legs on his card table to set up shop on the street, he's breaking the law.
as for the power of copying/lending in terms of promotion, that's an entirely other conversation. are we discussing what the law is, or what the law should be?
not in civil cases. in both australia and the US, copyright is civil law.
If the authorities fail to do anything about it then the country can be sanctioned
let's say i hadn't mentioned the above. do you know how serious a move sanctions are? even with piracy, the studios still make money on units sold since no physical property is being stolen with filesharing. a sanction disconnects that country from the distribution network, ending all potential sales.
australia still has copyright law, and ISPs still tend to protect themselves by stating in their TOS that users who use the service to break a law are subject to termination of service. the majority of "hollywood" (read: major studio productions) are protected by international copyright, thus making it entirely legal and right for the american studio to inform the australian ISP of a user on their system violating copyright.
it's just as if you contacted an australian ISP and informed them of a user sending out SPAM. would you not expect the ISP to repremant the user, if not disconnect them entirely?
of COURSE the studios have legal clout. it's basic, every day copyright. you run a distribution system for movies protected by international copyright, you are breaking the law. this is not personal use. this is not fair use. this is an illegal distribution meant to subvert payment. framing it as anything else destroys every good-natured and honest approach to legal reasons for allowing filesharing. when you lie, you make a better case for filesharing to be illegal.
Powell said he intended to use the TiVo machine to record TV shows to play on other television sets in his home, and even suggested that he might share recordings with his sister if she were to miss a favorite show.
Now, you're the chairman of the FCC. You're deeply involved in the legality of the media business, which is currently chiefly concerned with the DMCA. You want to share recordings of television shows.
Do you seriously think he doesn't know the DMCA might be a problem there?
Slashdot Mirror
all brought down routinely by 5 line scripts :(
various references for your amusement:
1 32,00.html
http://www.wired.com/news/infostructure/0,1377,57
http://www.spamhaus.org/newsdog.lasso?article=114
http://www.unicom.com/chrome/a/000032.html
the last one is of particular interest because it claims that Hotmail doesn't seem to do anything about these dictionary attacks:
They have discovered that MSN/Hotmail seems to allow spammers to run long-lived dictionary attacks, in one case extending over five months in duration.
as for software capable of launching this type of attack - there are already programs which exist for launching these attacks against authentication systems. those written in scripting languages (many of them are written in perl) are easily altered to attack a mail server.
sorry about that ;)
One month later the box was *filled* with spam. My guess is that MS itself sold the account to spammers.
Microsoft actually might be at fault there. Spammers have been bruteforcing honeypot domains for a few years now, sending spam to any and all combinations of letters and numbers. what doesn't bounce gets added to a "cleared" list and passed along, so the spam accumulates from there.
i couldn't recall the term. the mods should have upped your post, it's much more informative.
i was under the impression that you cannot prosecute people for acts committed before they were made a crime. anyone have any info on that?
is that i can't spell AT ALL and the editors fixed all my mistakes :)
history repeats itself. :)
There's nothing that stops someone from whipping open extra CD #7 and installing the obscure browser and mp3 player they like. But it is better of to start out clean and nice and pretty, and let someone customize it, than to start out bloated and force users to trim things out.
i couldn't agree more. it's absolutely ridiculous to present first-time users with a long list of applications and a one or two line description for each one - especially when the one or two line descriptions are often saying the same thing as the last ten applications!
on a windows system (yeah, i know), i haven't found a better all around annoyance blocker than the proxomitron.
check it - http://www.proxomitron.org/
asking admins to monitor their network more carefully is about one step semantically shy of asking them to keep up to date with patches. if you don't have time to keep up with patching, why would you have any time to watch your network more closely? if it's either/or, sure, take the high road and monitor, but if you're doing neither, nothing is solved.
later, he says that in a perfect world patches would automatically download, install, and always work. as for the automatically download and install, microsoft has that covered. but as for always working... well if that was the case, patches wouldn't be needed in the first place. there's a catch-22 there that he missed or ignored.
"But the philosophy of patching is fundamentally flawed and leaves people vulnerable, Cooper said."
can anyone explain to me a better method, since even thy mighty god linux is subject to the need occassionally along with every other major OS i can think of?
the paragraph continues with, "For example, Microsoft didn't follow its own advice as executives confirmed that an internal network was hit by the worm." to me, it seems that this statement doesn't support the previous. it would be better to place blame where it belongs, straight in the lap of the admins whose responsibility it is to keep their systems secure, and upon the heads of those who write exploitive code for the purpose of causing havoc.
i mean, more power to those who bring these issues to light, but doing so without perspective just looks like picking on an easy target.
that post is ridiculous. the US provides 1/3 of the food imported by the ENTIRE world. if anyone here is being lead by the media, it's you. the US is a pretty damn big country, and simply because only the coasts get on the news doesn't mean they're the only parts of the country doing anything.
if i had mod points, i'd mod you the troll that you are.
behringer makes an absolutely awesome virtual cab/direct box called the Ultra-G. retails for about $30. check it out sometime, i highly recommend it and use it myself.
does that counter-act the original troll making your post not a troll? honestly, that was pretty blatant trolling on michael's part. from now on, i think i'll start my posts with something baseless and inflammatory to grab attention.
...because no other OS has ever had an exploit. this is far-reaching because of wide-spread use, not because it's any more hole-ridden than any other OS. sign up to a few various security lists and marvel at the filling of your inbox.
to make any jokes about his last name.
thank you for pointing that out. i was not specific enough in my reply.
Whining about what the copyright holders are doing to protect their legally sanctioned monopolies is not the way to go about fighting this kind of thing.
you say this as if having sole control of distribution and copyright of your work is a bad thing. of course it's a legally sanctioned monopoly, it's called copyright.
In Australia we have had a number of ISPs that have failed to honour the contracts they have made with their customers out of fear of litigation.
you mean the part of the contract that states users may not use the service provided to engage in unlawful behaviour?
It is the responsibility of our freedom loving society to avoid service providers who fail to protect that freedom.
please. protecting freedom doesn't apply here. tilting at windmills because someone's trying to make it less convenient for you to subvert payment on merchandise is not protecting freedom. you never had the freedom in the first place.
but isn't it obvious that regardless of how big or scary a company is, it has no jurisdiction outside of US.
wrong. wrong wrong wrong. major motion pictures are nearly universally registered under international copyright, and australia has MUCH stricter copyright law in terms of television and cinematic media. these studios have every right, jurisdiction, and cause to request that ISPs follow their TOS and not allow their users to engage in illegal activities.
Australia it is not illegal to give away copyrighted material, only if you sell it.
d f
you are 100% incorrect.
please brush up: http://www.copyright.org.au/PDF/InfoSheets/G010.p
Now, they can't prove yet (i think) how many times a work is transferred
well, one of the great things about law is that they still leave a lot of room for people to break the law in privacy. it's called intent to distribute, and when it doesn't exist, penalties are much lower than when it does. in the case of copyright, without intent to distribute, you'll do pretty OK under the umbrella of fair use. the problem here is that you're making the work available for distribution, instantly making a case for intent to distribute. even if nobody downloads it from you, you've still stepped outside of fair use.
the copyright owner doesn't need to prove you've distributed because you made it available for distribution. the minute a bootleg vendor extends the legs on his card table to set up shop on the street, he's breaking the law.
as for the power of copying/lending in terms of promotion, that's an entirely other conversation. are we discussing what the law is, or what the law should be?
usually the authorities are involved.
not in civil cases. in both australia and the US, copyright is civil law.
If the authorities fail to do anything about it then the country can be sanctioned
let's say i hadn't mentioned the above. do you know how serious a move sanctions are? even with piracy, the studios still make money on units sold since no physical property is being stolen with filesharing. a sanction disconnects that country from the distribution network, ending all potential sales.
prepare for karma burn...
australia still has copyright law, and ISPs still tend to protect themselves by stating in their TOS that users who use the service to break a law are subject to termination of service. the majority of "hollywood" (read: major studio productions) are protected by international copyright, thus making it entirely legal and right for the american studio to inform the australian ISP of a user on their system violating copyright.
it's just as if you contacted an australian ISP and informed them of a user sending out SPAM. would you not expect the ISP to repremant the user, if not disconnect them entirely?
of COURSE the studios have legal clout. it's basic, every day copyright. you run a distribution system for movies protected by international copyright, you are breaking the law. this is not personal use. this is not fair use. this is an illegal distribution meant to subvert payment. framing it as anything else destroys every good-natured and honest approach to legal reasons for allowing filesharing. when you lie, you make a better case for filesharing to be illegal.
Powell said he intended to use the TiVo machine to record TV shows to play on other television sets in his home, and even suggested that he might share recordings with his sister if she were to miss a favorite show.
Now, you're the chairman of the FCC. You're deeply involved in the legality of the media business, which is currently chiefly concerned with the DMCA. You want to share recordings of television shows.
Do you seriously think he doesn't know the DMCA might be a problem there?