Say that this passes. What will happen? Do they honestly think that all hardware manufacturers are going to start implementing copyprotections?
I think they will do nothing. I think that the hardware manufacturers are going to keep selling their hardware without copyprotection until they are forced to stop. At this point, I think that they will simply stop selling it in the US. If this happens, I'm sure that this law will become one of these useless laws that exists but is never followed.
Maybe I'm a little too optimistic, but I think this law is so outrageously stupid, that it's unlikely to be followed if it passes.
My, my, look at the influence our reactionary government has on the kids these days. He's gonna grow up to be just like Dubya. His daddy must be so proud.
Not that I have a clue who "Dubya" is... but I have to say that we should all do what we can. Doing something is better than doing nothing.
Here's a whois from xenu.net
Administrative Contact, Billing Contact:
Operation Clambake
Aardalsgata 5
N-4014 Stavanger
Norway
We all know that the DMCA does NOT apply in Norway. Therefore, xenu.net cannot be shut down. I guess the stupid Scientology church knows this, so they went after the search-engines.
Now, if google wants to remove this page from their database, they should remove ALL pages that contain anything that breaks the DMCA.
A search on "DeCSS" on google gives several hundred results, here are the first ones:
Gallery of CSS Descramblers
DeCSS for Linux and DVD
Pigdog Journal - DeCSS Distribution Center
Basically, my point is that this is completly and utterly rediciolous. Google know's that DeCSS is illegal in the US, yet they have hundreds of pages with DeCSS in their database?? Either they religiously remove all pages that contains something that breaks the DMCA (wouldn't be much left), or they leave them ALL in there. Alternatively, they fight because it is not up to them to stop pages from having illegal material. I used to like google, even installed their toolbar. However, after seeing that they give in to threats without even trying to fight, the google toolbar is gone from my browser. I think I'm gonna see how good Yahoo is nowadays.
Trojan horses are not virii, yet they are detected all the same.
Please explain this, because I don't know any product myself that will detect a trojan as a virus.
Despite the fact that this does not replicate, the end result is that it is not beneficial to the user, and anyone who knew what he was up to would not want it on his Windows boxen.
I agree. However, it doesn't make it right to call everything we don't want on our computers "viruses". I, for example, would not want to have Office installed on my computer. Does that make Office a virus?
You could not be more wrong. This is nothing like a virus. A virus is defined as a piece of code that replicates. Since this does not follow the definition, it is NOT a virus.
I can only laugh at the pitiful wreck that the company/corporation-based P2P programs have become.
Actuallt, I don't find it too surprising that they are bundling spyware and installing "secret" plugins. I mean, they have to earn money in some way, and it's not like people are going to pay for the apps:)
Fuck again. Switch back to Grokster, use AdAware.
Sadly, this doesn't work for Kazaa. Stupid Kazaa re-ads the regkeys directly after they are removed. Also, it won't run if the cydoor (that's the spyware app) dll file is removed.
Personally, I use a script that removes the regkeys and renames the dll. Then, when I want to use kazaa, I run another script file that puts the crap back. Kinda suxx, but the best sollution I could come up with.
Anyone up for hacking kazaa so that it can run without the cydoor dll file (cd_clint.dll).
I think that batteries have improved significantly over the last few years. I remember buying my first minidisk (Sony MZ-50) a few years back. I could get about 20hours playtime out of it. Recently I bought the new sony minidisk (still MZ series, don't remember the model), and I can easily get over 50 hours playtime with a battery that weights less.
There are a lot of examples on how batteries have improved. Just look at mobile phones. I had 6 or so batteries for my Ericsson 337 mobile. For the Nokia 8310 that I have now, I have one battery. I think that this one battery easily beats the time I used to get out of the 6 batteries I had for the 337.
I am aware of the fact that the electronics in these devices have improved such that it uses less power. However, the batteries HAVE improved aswell (they are all Li-ion now, so they can be recharged without beeing decharged completly).
I think it would be very hard for batteries to follow moore's law. The reason is that batteries have been around for a lot longer, and there is no real driving-force for getting better batteries than the ones we have.
I mean, it would be nice to get 200hours workingtime on the laptop, but really, what difference does it make? I mean, just buy more batteries. Is anyone willing to pay a lot of extra money for a battery with 200hours instead of 10?
This *additonal* behavior that affects.NET enabled computers is the part that could possibly be written in C#, and it looks like it's not responsible for any of the bulk emailing...
You are correct, this is the only part that is written in.NET compiled down to MSIL. Here's a cut from the Symantec writeup: The replication code of the virus is written in C# and compiled to MSIL...
The emailing routine is done by dropping a VBS file that enumerates the outlook addressbook sending an email to everyone in there.
This is said to be the second virus that infects.NET files. The first one was W32.Donut (even though W32.Donut doesn't actually infect the MSIL part of the executable, but the one containing the normal X86 code).
In my opinion, we still haven't seen the first *true*.NET virus. When there is a virus that infects the MSIL (Microsoft Intermediate Language) code, then I think it qualifies as a.NET virus. All the.NET virus we have seen so far appear to be attempts by viruswriters to get media attention, and as we can see, it worked:-/
I believe that they did something like this in Australia. They brought over some kind of frogs from some other country to get rid of some parasite flies they had over there. However, the frogs figured that a normal living fly was better to eat than the parasite flies.
In the end, the frogs "took over" big areas, almost extiguishing the normal fly it started to eat, without affecting the parasite flies at all.
It's NEVER a good idea to release any kind of animals in places they do not belong. No matter what we think we know, we have no clue what's gonna happen ones they get there.
I can add that I only have a vague recollection of this incident. Maybe someone else can explain exactly what they did over there...
I'm sure I'm one of the few, but I don't think it's bad at all.
When I first saw the/. article, I got scared. I use mediaplayer to keep track of my CD's. I also rip my CD's into wma format using mediaplayer (I'm sure atleast half the people on/. hates me now). I use it because it's convinient, and I think the GUI is nice.
However, after reading the article in the Washington Post, I don't think it's bad at all. I expected that the album and songnames downloaded to my computer would be stored in a file somewhere. Kinda hard to apply the names to the songs without storing them somewhere. I think this is another one of those Microsoft bashing stories. I mean, come on, if Microsoft says they are not using the information for marketing purposes, then I believe them.
I have used linux, I know how program in Assembly and I still spend most of my time in a DOS box. I'm not a "new GUI user", but I don't think that Microsoft are bad and evil. I like some of their products, and I use the ones I like. Mediaplayer happens to be one of them.
Re:Good for some, nightmare for others
on
Peek-a-Boo(ty)
·
· Score: 2
Hmm...
Even though I must say that your way of presenting the information is impressive, you seem to only look at this from one side.
On the bad side, makes life harder for pointy haired bosses who feel that lunch breaks spent playing cards are fine but lunch breaks surfing porn are an abomination.
You think that the only securityhazard of this is that people surf porn??
This enables people in companies to break company reglations. This can cause securityholes in the company network, enable people to download malware, enable people to hog network bandwidth by downloading things they are otherwise restricted from downloading etc etc etc.
Inside a company, the company rules apply. The reason for this is mainly because they pay for the bandwidth. This tool will enable people to break the rules, thus making it a hacktool.
The question is, will big companies pressure antivirus vendors to add detection for this?
This should not be released under the cDc name.
on
Peek-a-Boo(ty)
·
· Score: 2, Insightful
I heard about this program a year ago. Back then I wasn't sure what to think about it, because cDc isn't one of the "software producers" I trust. Personally, I would never install anyhing written by them on my computer.
Peek-a-booty appears to be a valid program, and may even be really useful for people who have governments blocking them from freely accessing the internet. However, I do think that they should get rid of the cDc name, mainly because cDc is associated with lame backdoor trojans by a lot of people. Also, if it ever got mainstream media attention, it is likely that they would start the article by saying something like: "cDC, the makers of the infamous backdoor trojan program Backorifice...". This is likely to scare people from installing it.
What they are asking for is a major project. I think it would take a while to finish a project like this. Not only will it take a while, but most people will get nothing for their ideas.
Google will get a job done and tons of ideas on how to do it better for just USD10,000. That's pretty cheap if you ask me.
Before the end of the year we will have full access to all the hardware on both systems and have full system specs
I wish you we're right. However, with Sony going after the NEO chip creators and threatening to sue anyone else who decides to create modchips, Microsoft threatning anyone that has a dump of the X-Box BIOS to sue them, the DMCA and the European Union on the edge of getting a law similar to the incredibly stupid DMCA, I think I lack the hope you have.
Re:They're not preventing AIM integration
on
AOL vs. Trillian
·
· Score: 2
What they are doing is preventing 3rd party clients from using OSCAR, which is AOL's "private" protocol for AIM.
Ehh...
The AIM protocol is not called OSCAR, but FLAP! Oscar is the name of the server, and BOS (Basic Oskar Services) is the name of the services.
I have never heard of TOC before, and I have no idea what it is. Please explain what TOC is (to me it sounds like your mixing up AIM with burning CD-R's or something).
Re:How Are the Changes Being Made?
on
AOL vs. Trillian
·
· Score: 4, Informative
Can anyone explain to me how AOL is changing their protocol without breaking their own IM?
I don't work for AOL or CeruleanStudios, so what I'm stating here are my asumptions.
I think that the first thing that AOL did was to analyze the data. If they found a Trillian SecrureIM package, then disconnect the user. This is why disabling SecureIM solved the problem at first.
I'm not sure what happened in the second step, but one theory is that they started checking the version number submitted in the Authentication request(or something similar).
Right now, Trillian seems to be working (Version 0.721). However, I believe that AIM has a CRC capability. The server will send a CRC request to the client with an offset and a length argument. The client will CRC the number of bytes specified by length starting from the specified offset, and send back the result. If the CRC doesn't match, then disconnect the user. It would be very hard to reverse-engineer the CRC algorithm. I believe that this is how Jabber was stopped in the end.
To be really honest with you, I don't even live in Ireland. I am however moving there in a few months, and what I have found in regards to internet access in Ireland is horrifying, to say the least.
I currently live in the Netherlands, where I have a 1024/256 ADSL line that I pay USD70/month for. I think I'm downloading about 15gigs/month.
Since I've lived in Sweden before, I thought that internet access in the Netherlands was expensive, but after seeing the Irish prices, I love my ADSL connection.
I guess I'll drink beer for the first few months, and by that time, maybe they will launch a reasonably priced ADSL service in Ireland.
In Sweden, who also has the problem of reaching remote users, you can get a 5MBit/2,5MBit connection for roughly USD100 in the bigger towns. ADSL is available to more than half the population, and it goes for less than USD 35 / month. DL limits are unheard of for any highspeed connection I can think of.
If you think that Australia has it bad, take a look at how Broadband is doing in Ireland. The prices are like USD100/month for a 512/128 kbit connection with a 3 GIG DL LIMIT!!!!
If you feel sorry for broadband users in Australia, I don't think I have words for what you should feel for broadband users in Ireland.
I do however think it's time for on article about slashdot on slashdot, so maybe the editors can learn about what people think about slashdot and what can be done to make it better.
For a long time I've been saying that in the future there will be no linux users or vegetarians, and the world will be ruled by a company called McAOLSoft.
> I thought that the antivirus companies had AGREED to NOT make their programs detect "Magic Latern"???
No! You, like so many other people, didn't read the quotes well enough. To start with, everything was hypothetical (and that was made clear in the articles). All AV vendors were saying that they had not been contacted by anyone from the FBI, and the all also said that they did not know if there was a thing like Magic Lantern.
Now, some people in Network Associates and Symantec said that if the FBI gave them a copy of Magic Lantern, then they would avoid detecting it (I'm asuming using an MD5 sum or something similar so hacked versions won't escape detection).
Later, "higher" people in the same companies said that they WOULD detect magic lantern.
If we asume that the internal communication issue has been resolved and this has been discussed internally, the latter statements are probably the ones that will be followed.
End conclusion, AV programs WILL detect Magic Lanter if they get their hands on it.
Slashdot Mirror
Say that this passes. What will happen? Do they honestly think that all hardware manufacturers are going to start implementing copyprotections?
I think they will do nothing. I think that the hardware manufacturers are going to keep selling their hardware without copyprotection until they are forced to stop. At this point, I think that they will simply stop selling it in the US. If this happens, I'm sure that this law will become one of these useless laws that exists but is never followed.
Maybe I'm a little too optimistic, but I think this law is so outrageously stupid, that it's unlikely to be followed if it passes.
My, my, look at the influence our reactionary government has on the kids these days. He's gonna grow up to be just like Dubya. His daddy must be so proud.
Not that I have a clue who "Dubya" is... but I have to say that we should all do what we can. Doing something is better than doing nothing.
Here's a whois from xenu.net
Administrative Contact, Billing Contact: Operation Clambake Aardalsgata 5 N-4014 Stavanger Norway
We all know that the DMCA does NOT apply in Norway. Therefore, xenu.net cannot be shut down. I guess the stupid Scientology church knows this, so they went after the search-engines.
Now, if google wants to remove this page from their database, they should remove ALL pages that contain anything that breaks the DMCA.
A search on "DeCSS" on google gives several hundred results, here are the first ones:
Gallery of CSS Descramblers
DeCSS for Linux and DVD
Pigdog Journal - DeCSS Distribution Center
Basically, my point is that this is completly and utterly rediciolous. Google know's that DeCSS is illegal in the US, yet they have hundreds of pages with DeCSS in their database?? Either they religiously remove all pages that contains something that breaks the DMCA (wouldn't be much left), or they leave them ALL in there. Alternatively, they fight because it is not up to them to stop pages from having illegal material. I used to like google, even installed their toolbar. However, after seeing that they give in to threats without even trying to fight, the google toolbar is gone from my browser. I think I'm gonna see how good Yahoo is nowadays.
Trojan horses are not virii, yet they are detected all the same.
Please explain this, because I don't know any product myself that will detect a trojan as a virus.
Despite the fact that this does not replicate, the end result is that it is not beneficial to the user, and anyone who knew what he was up to would not want it on his Windows boxen.
I agree. However, it doesn't make it right to call everything we don't want on our computers "viruses". I, for example, would not want to have Office installed on my computer. Does that make Office a virus?
http://www.project-insomnia.com/grokster.html Has a link to a site with a fake cd_clint.dll to make it think Cydoor is there :)
:)
This is excellent!! Thanx a lot!!
The truth of it is this could be seen as a virus.
You could not be more wrong. This is nothing like a virus. A virus is defined as a piece of code that replicates. Since this does not follow the definition, it is NOT a virus.
I can only laugh at the pitiful wreck that the company/corporation-based P2P programs have become.
:)
Actuallt, I don't find it too surprising that they are bundling spyware and installing "secret" plugins. I mean, they have to earn money in some way, and it's not like people are going to pay for the apps
Fuck again. Switch back to Grokster, use AdAware.
Sadly, this doesn't work for Kazaa. Stupid Kazaa re-ads the regkeys directly after they are removed. Also, it won't run if the cydoor (that's the spyware app) dll file is removed.
Personally, I use a script that removes the regkeys and renames the dll. Then, when I want to use kazaa, I run another script file that puts the crap back. Kinda suxx, but the best sollution I could come up with.
Anyone up for hacking kazaa so that it can run without the cydoor dll file (cd_clint.dll).
I think that batteries have improved significantly over the last few years. I remember buying my first minidisk (Sony MZ-50) a few years back. I could get about 20hours playtime out of it. Recently I bought the new sony minidisk (still MZ series, don't remember the model), and I can easily get over 50 hours playtime with a battery that weights less.
There are a lot of examples on how batteries have improved. Just look at mobile phones. I had 6 or so batteries for my Ericsson 337 mobile. For the Nokia 8310 that I have now, I have one battery. I think that this one battery easily beats the time I used to get out of the 6 batteries I had for the 337.
I am aware of the fact that the electronics in these devices have improved such that it uses less power. However, the batteries HAVE improved aswell (they are all Li-ion now, so they can be recharged without beeing decharged completly).
I think it would be very hard for batteries to follow moore's law. The reason is that batteries have been around for a lot longer, and there is no real driving-force for getting better batteries than the ones we have.
I mean, it would be nice to get 200hours workingtime on the laptop, but really, what difference does it make? I mean, just buy more batteries. Is anyone willing to pay a lot of extra money for a battery with 200hours instead of 10?
This *additonal* behavior that affects .NET enabled computers is the part that could possibly be written in C#, and it looks like it's not responsible for any of the bulk emailing...
.NET compiled down to MSIL. Here's a cut from the Symantec writeup: The replication code of the virus is written in C# and compiled to MSIL...
.NET files. The first one was W32.Donut (even though W32.Donut doesn't actually infect the MSIL part of the executable, but the one containing the normal X86 code).
.NET virus. When there is a virus that infects the MSIL (Microsoft Intermediate Language) code, then I think it qualifies as a .NET virus. All the .NET virus we have seen so far appear to be attempts by viruswriters to get media attention, and as we can see, it worked :-/
You are correct, this is the only part that is written in
The emailing routine is done by dropping a VBS file that enumerates the outlook addressbook sending an email to everyone in there.
This is said to be the second virus that infects
In my opinion, we still haven't seen the first *true*
I believe that they did something like this in Australia. They brought over some kind of frogs from some other country to get rid of some parasite flies they had over there. However, the frogs figured that a normal living fly was better to eat than the parasite flies.
In the end, the frogs "took over" big areas, almost extiguishing the normal fly it started to eat, without affecting the parasite flies at all.
It's NEVER a good idea to release any kind of animals in places they do not belong. No matter what we think we know, we have no clue what's gonna happen ones they get there.
I can add that I only have a vague recollection of this incident. Maybe someone else can explain exactly what they did over there...
I'm sure I'm one of the few, but I don't think it's bad at all.
/. article, I got scared. I use mediaplayer to keep track of my CD's. I also rip my CD's into wma format using mediaplayer (I'm sure atleast half the people on /. hates me now). I use it because it's convinient, and I think the GUI is nice.
When I first saw the
However, after reading the article in the Washington Post, I don't think it's bad at all. I expected that the album and songnames downloaded to my computer would be stored in a file somewhere. Kinda hard to apply the names to the songs without storing them somewhere. I think this is another one of those Microsoft bashing stories. I mean, come on, if Microsoft says they are not using the information for marketing purposes, then I believe them.
I have used linux, I know how program in Assembly and I still spend most of my time in a DOS box. I'm not a "new GUI user", but I don't think that Microsoft are bad and evil. I like some of their products, and I use the ones I like. Mediaplayer happens to be one of them.
Hmm...
Even though I must say that your way of presenting the information is impressive, you seem to only look at this from one side.
On the bad side, makes life harder for pointy haired bosses who feel that lunch breaks spent playing cards are fine but lunch breaks surfing porn are an abomination.
You think that the only securityhazard of this is that people surf porn??
This enables people in companies to break company reglations. This can cause securityholes in the company network, enable people to download malware, enable people to hog network bandwidth by downloading things they are otherwise restricted from downloading etc etc etc.
Inside a company, the company rules apply. The reason for this is mainly because they pay for the bandwidth. This tool will enable people to break the rules, thus making it a hacktool.
The question is, will big companies pressure antivirus vendors to add detection for this?
I heard about this program a year ago. Back then I wasn't sure what to think about it, because cDc isn't one of the "software producers" I trust. Personally, I would never install anyhing written by them on my computer.
Peek-a-booty appears to be a valid program, and may even be really useful for people who have governments blocking them from freely accessing the internet. However, I do think that they should get rid of the cDc name, mainly because cDc is associated with lame backdoor trojans by a lot of people. Also, if it ever got mainstream media attention, it is likely that they would start the article by saying something like: "cDC, the makers of the infamous backdoor trojan program Backorifice...". This is likely to scare people from installing it.
Just my two cents...
What they are asking for is a major project. I think it would take a while to finish a project like this. Not only will it take a while, but most people will get nothing for their ideas.
Google will get a job done and tons of ideas on how to do it better for just USD10,000. That's pretty cheap if you ask me.
41746C65617374206865206973206D6F 726520636C65766572207468616E2074 68652061766572616765207379737465 6D2061646D696E6973747261746F722E 205768656E20492077617320776F726B 696E6720696E20746563686E6963616C 20737570706F72742C20776520757365 6420746F2068617665202264756D6265 73742063616C6C206F66207468652077 65656B222E2049742773206A75737420 616D617A696E67207768617420736F6D 65206F662074686573652070656F706C 6520636F6D6520757020776974682E
Before the end of the year we will have full access to all the hardware on both systems and have full system specs
I wish you we're right. However, with Sony going after the NEO chip creators and threatening to sue anyone else who decides to create modchips, Microsoft threatning anyone that has a dump of the X-Box BIOS to sue them, the DMCA and the European Union on the edge of getting a law similar to the incredibly stupid DMCA, I think I lack the hope you have.
What they are doing is preventing 3rd party clients from using OSCAR, which is AOL's "private" protocol for AIM.
Ehh...
The AIM protocol is not called OSCAR, but FLAP! Oscar is the name of the server, and BOS (Basic Oskar Services) is the name of the services.
I have never heard of TOC before, and I have no idea what it is. Please explain what TOC is (to me it sounds like your mixing up AIM with burning CD-R's or something).
Can anyone explain to me how AOL is changing their protocol without breaking their own IM?
I don't work for AOL or CeruleanStudios, so what I'm stating here are my asumptions.
I think that the first thing that AOL did was to analyze the data. If they found a Trillian SecrureIM package, then disconnect the user. This is why disabling SecureIM solved the problem at first.
I'm not sure what happened in the second step, but one theory is that they started checking the version number submitted in the Authentication request(or something similar).
Right now, Trillian seems to be working (Version 0.721). However, I believe that AIM has a CRC capability. The server will send a CRC request to the client with an offset and a length argument. The client will CRC the number of bytes specified by length starting from the specified offset, and send back the result. If the CRC doesn't match, then disconnect the user. It would be very hard to reverse-engineer the CRC algorithm. I believe that this is how Jabber was stopped in the end.
To be really honest with you, I don't even live in Ireland. I am however moving there in a few months, and what I have found in regards to internet access in Ireland is horrifying, to say the least.
I currently live in the Netherlands, where I have a 1024/256 ADSL line that I pay USD70/month for. I think I'm downloading about 15gigs/month.
Since I've lived in Sweden before, I thought that internet access in the Netherlands was expensive, but after seeing the Irish prices, I love my ADSL connection.
I guess I'll drink beer for the first few months, and by that time, maybe they will launch a reasonably priced ADSL service in Ireland.
In Sweden, who also has the problem of reaching remote users, you can get a 5MBit/2,5MBit connection for roughly USD100 in the bigger towns. ADSL is available to more than half the population, and it goes for less than USD 35 / month. DL limits are unheard of for any highspeed connection I can think of.
If you think that Australia has it bad, take a look at how Broadband is doing in Ireland. The prices are like USD100/month for a 512/128 kbit connection with a 3 GIG DL LIMIT!!!!
If you feel sorry for broadband users in Australia, I don't think I have words for what you should feel for broadband users in Ireland.
Every time after reading slashdot I have to run Windows Update... it's getting annoying :)
... use linux... Blah Blah Blah
Reply:
Blah Blah Blah
This whole thread should be marked OFF TOPIC!!!
I do however think it's time for on article about slashdot on slashdot, so maybe the editors can learn about what people think about slashdot and what can be done to make it better.
Guess I have an offtopic mod coming towards me...
For a long time I've been saying that in the future there will be no linux users or vegetarians, and the world will be ruled by a company called McAOLSoft.
Dump linux, use AOL and eat hamburgers
> I thought that the antivirus companies had AGREED to NOT make their programs detect "Magic Latern"???
No! You, like so many other people, didn't read the quotes well enough. To start with, everything was hypothetical (and that was made clear in the articles). All AV vendors were saying that they had not been contacted by anyone from the FBI, and the all also said that they did not know if there was a thing like Magic Lantern.
Now, some people in Network Associates and Symantec said that if the FBI gave them a copy of Magic Lantern, then they would avoid detecting it (I'm asuming using an MD5 sum or something similar so hacked versions won't escape detection).
Later, "higher" people in the same companies said that they WOULD detect magic lantern.
If we asume that the internal communication issue has been resolved and this has been discussed internally, the latter statements are probably the ones that will be followed.
End conclusion, AV programs WILL detect Magic Lanter if they get their hands on it.