The leaked code casts an unexpected shadow over the launch of Windows Server 2003. Microsoft is banking on the thrice-delayed operating system to increase its penetration into the enterprise market. But the stolen code show the difficulty the company faces in protecting its valuable intellectual property and potential sales from thieves.
This is bullshit. This only shows that the volume licenscee's security is seriously lacking. Allowing it's volume license key to be leaked could threaten their status with microsoft who could terminate their contract and force them to buy through other channels.
But granted, I think microsoft is a little naive in beleiving that this system is safe and noone will leak the keys. They shouldn't act suprised. Though my conspiracy theory is that this is intentional so they will have a direction to point a finger when sales of this product fall flat.
You'll soon see figures released claiming how the rampant piracy and this one leaked code have cause the company BILLIONS in damages.
The validation scheme for Windows XP keys has been reverse engineered so that one can brute force scan and find new valid keys. It takes roughly ~2min per key on my Athlon 800.
Generated key + rip of corporate edition = WPA is pointless...
Taco is doing this on purpose folks. After the 4th one I got the the message. I don't get the point since it's not really funny at all, except maybe to him.
PHP Is *not* an application server
on
Introduction to PHP5
·
· Score: 5, Informative
In PHP, all you have are scripts. Sure they may be optimized, compiled, pseudo-object-oriented and even obfuscated... but they are still scripts. They may even include eachother. But they are still *SCRIPTS*.
After executing, they forget all knowledge. There is no persistence, no threading, no transactional support. All attempts to improve efficiency are afterthoughts and hacks.
At one point I tried to implement in-memory "application" wide shared data. The concept is, something may need to be loaded when the site is first loaded, and then it should be kept in RAM, and we need exactly ONE instance of it.
I gave up... using shared memory was too tricky and isn't even platform independent. It's not part of the core language, and even if it worked, it would not turn PHP into an application. It still runs in a modular fashion.
Now with a Java servlet, you have an application that is running. Within your servlet you may define some data exist indepently of web requests. Servicing a request is just one aspect of it. Its much more like a real program, which is why it're referred to as an Application Server.
For very simple things, that don't need to scale, both in usage, and codebase, then PHP is ok. But for design real web applications, which need to be managed by more than a few developers, integrate with legacy systems, implement a full three tier architecure, etc, PHP just doesn't cut it.
A lot of the bad sites which go down easily when/.'d are simply bad coding. Making 16 database accesses per page is not bad when just a few people visit at once, but when the stampede comes, your toast. Most people don't develop with that in mind.
Java has some serious strengths in the Web department, it's proven technology, and is not very complicated at all. It's just that most people aren't used to writing structured code. JAva forces you to follow somewhat good practices and the extra work pays off in maintainability. PHP and Perl you can just hack away, without any strong typing, etc and get something done very quickly but in the end it will become a mess quite fast.
I'm not saying Java will solve your problems, but there is a strong base of best practices, design patterns and example code to help you keep your code in nice shape.
With PHP, it seems like everyone has their own code libraries, utility scripts, ways of coding, etc and its really tough to resuse someone elses code. Java Interfaces and Inheritence comes in very handy.
Ok... enough ranting. Anyway, I used to be a hardcore PHP supported because you could whip together things very easy, but as I learned more java and needed to do larger projects and learned more about efficient coding, I realized with PHP you will eventually just run into a wall and that's when it's time to look for better solutions.
Not doing much to improve my opinion... (/.'ed)
on
Introduction to PHP5
·
· Score: 3, Funny
The connection was refused when attempting to contact ny1.php.net
I tried to RTFA, and all I got was this lousy error message.
Dr. Cocteau: Be well, John Spartan. John Spartan: Be fucked. Moral Statute Machine: John Spartan, you are fined one credit for a violation of the Verbal Morality Statute. [Spartan shoots the machine]
I'm guessing it's supposed to be an RF Notch filter which will block the return channel. But think for a second. How can it selectively pass the request to actually order the PPV channel, while blocking billing from taking place.
It's just plain flawed logic. Digital descramblers (for Motorola systems especially) have been advertised as "Coming Soon" since there is no equivelent to the currently perfected "black box" made for standard analog "scrambling".
That's because digital uses strong crypto (relatively). So first off your not going to make a "black box" that will just work. The head end won't talk to it, and it can't decrypt without data addressed to it from the head end.
So that just leaves some kind of inline filter type approach. But this is also horribly flawed, the reason should be obvious, as I pointed out above. Also, you can't make an external "activator" like they've made for analog boxes since the crypto prevents spoofing of the head end signals, and even if you could, you don't have the codes to send the box in the first place.
It's hopeless. Give up. Pay for your cable you cheap bastards.
Or stick to analog.
My friend has an analog black box and gets every PPV+Premium channel for free. He's a college student, he has no money. I'm well employed and pay $120+/mon for my digital cable and cable internet access. I don't feel ripped off just cause I have to pay for it. I also don't call my friend a theif. If he couldn't get it for free, he wouldn't have cable at all, so I can't see how they claim they are "losing money" because of him. Lame.
1. connect 15 fast drives in a RAID5 configuration
2. perform a sequential read from a large file (like digital video)
3. you'll peak to full bandwidth
Any I think they ment 3 gigaBITS not gigabytes. SCSI only does 320MBytes/s today, so that would be more than an order of mangitude increase in bandwidth, not very likely.
I was in a local arcde walking around and saw an arcade machine being rebooted. I saw the Windows 2000 splash screen come up. I'm not sure but I think it was a standing up jet-ski or speedboat racing game.
Yep... I was running Postfix (redhat makes it ridiculously easy to switch MTAs). Redhat Network knew I didn't have sendmail installed and so I didnt have to waste any time checking out a security alert that didn't even apply to me. The benefits multiply if you manage a few hundred machines.
Why not take the SecureOS approach, and run the SMTP listener in a restricted capabilities role, where all your SMTPd can do is "accept()" TCP sessions on port 25, request DNS lookups, and queue messages to disk?
Mandatory Access Control is what you speak of and it's available in several forms for Linux.
It's still alive and well on it's original IP address. Unfortunately they only support HTTP/1.1 so you need to send a Host: header or you will get an error. That's why just http://66.201.243.172 wont work:
[root@wired Web root]# telnet 66.201.243.172 80 Trying 66.201.243.172... Connected to 66.201.243.172. Escape character is '^]'. GET / HTTP/1.1 Host: www.isonews.com
Sounds very ambitious. Assuming you had the computing power to decode in real time 2 HDTV channels it would only use roughly 4.5GB/hr (20Mbit/s/channel). Given the size of today's hardrives, that's not nearly a problem. (Note: I'm not 100% on the bitrate, I'v e seen from 20-40Mbit, so YMMV)
That's equivelant functionality to today's PVR systems for satellite receivers. Whether you want to add the ability to decode and save more channels simultaneously, is simply problem of computing power.
For those who miss the point
on
HDTV via GNU Radio
·
· Score: 4, Informative
Here's the quick version from the site:
GNU Radio is a collection of software that when combined with minimal hardware, allows the construction of radios where the actual waveforms transmitted and received are defined by software. What this means is that it turns the digital modulation schemes used in today's high performance wireless devices into software problems.
Read the site! This is very important stuff and could have a huge impact on technology.
I'm not 100% up to speed about this, but I saw the project explained at Defcon last year...
Bascially the aim is to drastically decrease cost and increase flexibility of radio signal reception and decoding by replacing lots of specialized electronics with software.
Now instead of a very expensive ATSC decoder for your HDTV-Ready TV, you will now have a box with an antenna, maybe a preamp, and a powerful DSP running in software.
The cool part is, you can reprogram or adjust the software as needed to create other capabilities, use other frequencies, or increase performance even after the product is shipped.
I'm sure I drastically oversimplified this, and probably don't realize the full scope of the benifits. Read up on it, use google.
But as applied to HDTV, this is an AMAZING accomplishment. We might soon have open-source HDTV decoding. I for one, would love to have the ability to directly access the native format of the TV signal, stream it to disk, multicast it on my home lan to the living room, whatever. COOL STUFF!
The only value I have seen in something like this is possibly for mailmen who normally walk their route or in large warehouses.
I finally saw one of these in real life. Police were using them to travel around Chicago's Ohaire airport. One passed by me heading out of the terminal. Minutes later he returned, riding the segway carrying coffee and donuts.
Slashdot Mirror
But granted, I think microsoft is a little naive in beleiving that this system is safe and noone will leak the keys. They shouldn't act suprised. Though my conspiracy theory is that this is intentional so they will have a direction to point a finger when sales of this product fall flat.
You'll soon see figures released claiming how the rampant piracy and this one leaked code have cause the company BILLIONS in damages.
*sigh*... it's getting old.
Generated key + rip of corporate edition = WPA is pointless...
*raises hand*
Taco is doing this on purpose folks. After the 4th one I got the the message.
I don't get the point since it's not really funny at all, except maybe to him.
*sigh*
Whee! First triple, april fool's day post:
I only wish it was a joke... *sigh*
In PHP, all you have are scripts. Sure they may be optimized, compiled, pseudo-object-oriented and even obfuscated... but they are still scripts. They may even include eachother. But they are still *SCRIPTS*.
/.'d are simply bad coding. Making 16 database accesses per page is not bad when just a few people visit at once, but when the stampede comes, your toast. Most people don't develop with that in mind.
After executing, they forget all knowledge. There is no persistence, no threading, no transactional support. All attempts to improve efficiency are afterthoughts and hacks.
At one point I tried to implement in-memory "application" wide shared data. The concept is, something may need to be loaded when the site is first loaded, and then it should be kept in RAM, and we need exactly ONE instance of it.
I gave up... using shared memory was too tricky and isn't even platform independent. It's not part of the core language, and even if it worked, it would not turn PHP into an application. It still runs in a modular fashion.
Now with a Java servlet, you have an application that is running. Within your servlet you may define some data exist indepently of web requests. Servicing a request is just one aspect of it. Its much more like a real program, which is why it're referred to as an Application Server.
For very simple things, that don't need to scale, both in usage, and codebase, then PHP is ok. But for design real web applications, which need to be managed by more than a few developers, integrate with legacy systems, implement a full three tier architecure, etc, PHP just doesn't cut it.
A lot of the bad sites which go down easily when
Java has some serious strengths in the Web department, it's proven technology, and is not very complicated at all. It's just that most people aren't used to writing structured code. JAva forces you to follow somewhat good practices and the extra work pays off in maintainability. PHP and Perl you can just hack away, without any strong typing, etc and get something done very quickly but in the end it will become a mess quite fast.
I'm not saying Java will solve your problems, but there is a strong base of best practices, design patterns and example code to help you keep your code in nice shape.
With PHP, it seems like everyone has their own code libraries, utility scripts, ways of coding, etc and its really tough to resuse someone elses code. Java Interfaces and Inheritence comes in very handy.
Ok... enough ranting. Anyway, I used to be a hardcore PHP supported because you could whip together things very easy, but as I learned more java and needed to do larger projects and learned more about efficient coding, I realized with PHP you will eventually just run into a wall and that's when it's time to look for better solutions.
I tried to RTFA, and all I got was this lousy error message.
Dr. Cocteau: Be well, John Spartan.
John Spartan: Be fucked.
Moral Statute Machine: John Spartan, you are fined one credit for a violation of the Verbal Morality Statute.
[Spartan shoots the machine]
Not sure about all aspects, but for MPEG2 encoding (making DVD's & SVCD's) it is a serious boost. Even Hyperthreading helps.
TMPGEnc w/ Hyperthreading
I'm guessing it's supposed to be an RF Notch filter which will block the return channel. But think for a second. How can it selectively pass the request to actually order the PPV channel, while blocking billing from taking place.
It's just plain flawed logic. Digital descramblers (for Motorola systems especially) have been advertised as "Coming Soon" since there is no equivelent to the currently perfected "black box" made for standard analog "scrambling".
That's because digital uses strong crypto (relatively). So first off your not going to make a "black box" that will just work. The head end won't talk to it, and it can't decrypt without data addressed to it from the head end.
So that just leaves some kind of inline filter type approach. But this is also horribly flawed, the reason should be obvious, as I pointed out above. Also, you can't make an external "activator" like they've made for analog boxes since the crypto prevents spoofing of the head end signals, and even if you could, you don't have the codes to send the box in the first place.
It's hopeless. Give up. Pay for your cable you cheap bastards.
Or stick to analog.
My friend has an analog black box and gets every PPV+Premium channel for free. He's a college student, he has no money. I'm well employed and pay $120+/mon for my digital cable and cable internet access. I don't feel ripped off just cause I have to pay for it. I also don't call my friend a theif. If he couldn't get it for free, he wouldn't have cable at all, so I can't see how they claim they are "losing money" because of him. Lame.
2. perform a sequential read from a large file (like digital video)
3. you'll peak to full bandwidth
Any I think they ment 3 gigaBITS not gigabytes. SCSI only does 320MBytes/s today, so that would be more than an order of mangitude increase in bandwidth, not very likely.
Can anyone confirm this?
Yep... I was running Postfix (redhat makes it ridiculously easy to switch MTAs). Redhat Network knew I didn't have sendmail installed and so I didnt have to waste any time checking out a security alert that didn't even apply to me. The benefits multiply if you manage a few hundred machines.
Mandatory Access Control is what you speak of and it's available in several forms for Linux.
GRSecurity
SELinux
(Anyone know of others?)
Previously, on Slashdot...
Tarpits for Microsoft Worms"
http://www.bsa.org/usa/report/report.php
add:
/etc/hosts /windows/system32/drivers/etc/HOSTS
www.isonews.com 66.201.243.172
to
or
They did NOT take the site down, just hijacked the DNS.
http://networks.org/?src=upi:20030226-011544-2856r :
.iSONEWS.com."
"As a condition of his plea, Rocci agreed to surrender to the government his public website,
http://www.google.com/search?q=%2Bcache%3Awww.ison ews.com%2Fportal.php3%3Ft%3D2
http://web.archive.org/web/*/http://www.isonews.co m
It's still alive and well on it's original IP address. Unfortunately they only support HTTP/1.1 so you need to send a Host: header or you will get an error. That's why just http://66.201.243.172 wont work :
>
[root@wired Web root]# telnet 66.201.243.172 80
Trying 66.201.243.172...
Connected to 66.201.243.172.
Escape character is '^]'.
GET / HTTP/1.1
Host: www.isonews.com
HTTP/1.1 200 OK
Date: Thu, 27 Feb 2003 14:32:46 GMT
Server: Apache/1.3.27 (Unix) mod_throttle/3.1.2 PHP/4.2.3
X-Powered-By: PHP/4.2.3
X-Accelerated-By: PHPA/1.3.3r1
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 27 Feb 2003 14:32:46 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
cd
<html>
<head>
<title>
[iSONEWS]
</title
</head>
<frameset rows="100%,*" frameborder=0 border=0 noresize>
<frame src="portal.php3?t=2" name="main"
scrolling="auto" noresize>
</frameset>
</html>
(Note: I'm not 100% on the bitrate, I'v e seen from 20-40Mbit, so YMMV)
That's equivelant functionality to today's PVR systems for satellite receivers. Whether you want to add the ability to decode and save more channels simultaneously, is simply problem of computing power.
GNU Radio is a collection of software that when combined with minimal hardware, allows the construction of radios where the actual waveforms transmitted and received are defined by software. What this means is that it turns the digital modulation schemes used in today's high performance wireless devices into software problems.
Read the site! This is very important stuff and could have a huge impact on technology.Bascially the aim is to drastically decrease cost and increase flexibility of radio signal reception and decoding by replacing lots of specialized electronics with software.
Now instead of a very expensive ATSC decoder for your HDTV-Ready TV, you will now have a box with an antenna, maybe a preamp, and a powerful DSP running in software.
The cool part is, you can reprogram or adjust the software as needed to create other capabilities, use other frequencies, or increase performance even after the product is shipped.
I'm sure I drastically oversimplified this, and probably don't realize the full scope of the benifits. Read up on it, use google.
But as applied to HDTV, this is an AMAZING accomplishment. We might soon have open-source HDTV decoding. I for one, would love to have the ability to directly access the native format of the TV signal, stream it to disk, multicast it on my home lan to the living room, whatever. COOL STUFF!
Care to tell us where one can find this sweet deal?
(Google wasn't much help)
I finally saw one of these in real life. Police were using them to travel around Chicago's Ohaire airport. One passed by me heading out of the terminal. Minutes later he returned, riding the segway carrying coffee and donuts.