And just because this guy is with 2600, does not mean he's in the right.
True. However, that still doesn't automatically mean he was in the wrong, as some people seem to believe whenever the name "2600" comes up.
Every American has a right to peaceable assemble. They don't, however, have a right to block intersections, and so forth.
...oh, I'm sorry, I thought you were talking about Shapeshifter for a moment, not people who were actually seen blocking the intersections.
From the 2600 article:
[The cop] claimed to have seen McGuckin in a crowd of people talking on a cell phone. The officer claimed he saw the defendant point in a certain direction and that the 10-15 people in his group moved in that direction. However, the officer failed to capture any of this on his video camera. (my italics) He claimed that McGuckin then proceeded to the corner of 12th and Arch where he again spoke on his cell phone.
At this point, Parisi described a demonstration on 13th and Arch where protestors blocked an intersection for around 20 minutes. The implication was that McGuckin was coordinating this demonstration, even though he was never even seen by the officer at this intersection nor was he overheard saying anything to anyone. (again, my italics)
That's worth $500 000 bail? Remind me never to litter in Philadelphia; they might shoot me on the spot.
There is absolutely no evidence ShapeShifter blocked a road, nor any that he actually co-ordinated any protests. A cop only saw him speak on a cell phone, then point in a direction. None of this was captured on the video camera the cop was using.
Also, seeing that he DID make bail, it obviously wasn't an impossible hardship.
Users on Windoze boxen who want something that renders their most commonly-referenced web pages anywhere near as fast as IE.
Having used recent Mozilla nightlies under Win95 a couple times recently (girlfriend still lives in Windows), I can tell you that Mozilla is almost, if not just as, fast as IE at page rendering.
Basically, anyone without an Athlon at 1.2 GHz and 256M of RAM.
I'm running a PII-266, 96 MB of RAM. Your point?
Seriously, I haven't run into many pages where the standards compliance of Mozilla has prevented me from viewing a badly-written page. Joe Luzer should have few to no problems using Mozilla (can't speak for Netscape 6, since Moz is a bit farther ahead) to view their favorite pages. -------------
I haven't heard much about the parties' stance on the Internet and digital rights/privacy issues, but then again, I haven't been poring over campaign literature either.
And while I don't think we have to worry too much about situations like the presidential mess in Florida, I'm starting to wonder if the Liberals are going to win with a much slimmer majority this go-around - or even if someone could get stuck with a minority government! Wouldn't that just be a kick in the pants, that 2000's least controversial North American election ends up being Mexico's (kudos for dropping the PRI like a giant maggot, BTW)!
Who do I plan on voting for? Good question; none of the four "major" parties set my pants on fire, and I don't know too much about the smaller-party and independent candidates in my area. Suppose I should find out and practice what I preach, non? -------------
Try downloading a theme from the Theme Park using a Mozilla nightly.
That's right, Netscape wants you to download its own browser before you install a theme. That seems to also exclude Mozilla, the browser it's built on.
I'm pretty sure this restriction was put in by Netscape, as the EarlyBlue theme can be downloaded from x.themes.org just fine.
No thanks, I don't want net2phone, cruft, etc... -------------
It's been the job of the green propaganda machine to entrench the message that "A vote for Nader is _not_ a vote for Bush; they're both the same, and suck, at that."
And it's been the job of the Gore propaganda machine to convince Green voters they should choose Gore over Nader. Obviously, they failed at that.
For those of you who voted for Nader because Nader was the candidate who best supported your views, you bet on a losing horse from the start
"Bet"? "Losing horse"? It's not a horse race! It's an election - you choose the person you feel like choosing, not the person you think will win. If you vote that way, you're truly throwing away your vote.
Of the people who voted Nader, exit polls show that 25% would simply not have voted, while of the remaining 75%, 5 out of every 6 people would have voted for Gore. Had Nader stepped down, Gore would have won the election soundly, no questions asked.
However, he didn't step down. He kept campaigning, as is his right, and those voters apparently felt he was the better choice. Again, Gore's fault for not appealing to those voters enough to turn their choice to him.
You have accomplished -nothing- beyond satisfying your own smug little idealistic worldview.
They voted their conscience. You have a problem with that? If Bush loses, who's to say Buchanan didn't cost him the election in Florida? Hell, let's just ban third, fourth and fifth parties so this kind of stuff doesn't happen!
Wait. This is supposedly a democracy. Everyone is allowed to have their choice, no matter how much a chance the candidate has of winning in an election, even if someone else could use those votes. I see no problem here.
[...] the US will effectively have a one party government (they have the Legislative Branch still, they'll have the Executive branch, and would soon have the Judicial branch, as well.)
And from your post, you seem to support a two-party government, nothing more. You also forget that party members don't always vote on party lines, and the House and Senate look very close, at least closer than last election.
I think Green voters will be quite satisfied with what happened. If they wanted Gore to get in, they would have voted for him, now wouldn't they?
Nader did his job to attract support for himself and his party - about 2.5 million shows of support. It was up to Gore to campaign well enough to attract potential Green votes. It wasn't Nader's job to do that for him.
If Gore loses, he has no one to blame but himself. -------------
Not ridiculous. You may not like Nader, for good reason. However, clearly Gore couldn't convince those 90 000 Green voters to choose him over Nader.
It's not Nader's fault Gore couldn't drum up support from those people. Run that one through your head four or five times - Greens have no duty to get Gore elected, they have no duty to the Democratic party, and they certainly shouldn't be forced to vote for someone they don't want just because another candidate could use their votes and possibly win. Last I heard, it was still technically a democracy down there, not a two-party oligarchy.
If Gore loses, he or his successor will simply have to do a better job attracting Green votes next time. That's reality in a democracy. -------------
I can already see the self-righteous posts now. "Nader took the presidency away from Gore!" "It's Nader's fault we have Bush!" "Nader sucks!" "Hot grits!"
I will make this short and sweet:
It's not Nader's fault Gore didn't get enough votes. It's Gore's fault he couldn't attract the necessary votes. Clearly, Green voters who chose Nader found Gore wanting. Not Nader's fault.
If Gore wins, s/Gore/Bush and s/Nader/Buchanan or s/Nader/Browne -------------
That's strange, NS4.7x's unreliability is exactly what drove me to drop it the moment I became aware of the PSM module for SSL/https support. I haven't used 4.7x in a couple months, and I'm much happier with the results. -------------
Not all of us run Windows, so we can't beta-test IE 6 unless MS suddenly decides to start supporting platforms outside of Windows and Macintosh. In any event, Mozilla nightlies are just as good by now; that the Mozilla crew has developed a cross-platform, standards-compliant, feature-filled, modern web browser in about 2.5 years from the ground up is just amazing. That Netscape/AOL is pissing in it doesn't surprise me, but then, I use Mozilla nightlies, not NS6.
Mozilla != Netscape, but Netscape is being built on Mozilla. -------------
That would probably mostly depend on how large the object is. At most, it would probably create a nice, new crater for us to look at, along with lots of dust to block the view of that nice, new crater. Even a 6-mile object only made a dent in this rock we live on; the Moon could probably take a 10-mile object and laugh it off.
I would think we could get a nice shower of Moon rock blasted from the impact.
You would probably need a 100-mile object before things get worrisome.
Then again, I Am Not An Astronomer, But I Play One On Slashdot. -------------
Object 1999 AN10 will slip by Earth on Aug. 7, 2027 at about 7 AM GMT at a distance of 0.002652 astronomical units - about 246 521 miles. Check it out for yourself at this page.
The Moon is about 246 000 miles away.
In astronomical terms, that's a bullet passing five millimeters above your head. -------------
You can possibly hit CheapBytes and get a 7.0 CD cheap, though I dunno if they deliver to Britain. I remember having to drop $10 for shipping because I live in Canada...blah.
The problem is, 7.0 RPMs are built against a new glibc, using a development gcc. Mandrake's also moving to the new glibc. Most new packages from developers and vendors are still being built under 6.x, so you can probably get the latest software without having to upgrade your distro. -------------
While I personally support the open source paradigm, I also support the right of individuals or corporations not to take part in it.
That's nice. This has nothing to do with "open source". This is about a balance between a company's right to internal privacy and that company's customers' right to know how and why they're being treated in a certain way.
Was Wesley liable for posting those documents? Most likely, even before the DMCA. Was he right to do it? In this case, I say "yes" - customers are being treated in a way they perceive as inappropriate for a company they're giving their money to, and these documents give them firm answers. Wesley will get punished (already has, actually), but his actions were right, since he brought out the truth. @Home is justifiably angry since it was their stuff posted. However, they should also be hanging their heads in shame for having policies that turn their customers - the people who give them money so it can continue to exist - into just another problem to be avoided as quickly as possible. There's a reason @Home has something of a reputation for lackluster service, and it's policies like these that put corporate comfort over customer satisfaction that are the cause.
For the record...Rogers@Home farms their tech support out to a call centre here in Toronto, which has its own crappy reputation. But I seem to have had more luck than many users of the service. -------------
You mean the banning of links to illegal material.
Correction: illegal in the US. Norway has already shown they don't find DeCSS "illegal material" by releasing and apologizing to Jon Johansen, who originally distributed the software, because it was found the laws he was charged under didn't apply at all. Ignoring the ill-advised IP conventions my country has signed for a minute, there is no law like the DMCA making DeCSS illegal in my country, either. -------------
HOw about adding ALL: ALL to/etc/hosts.deny? Is there a way around that?
Unfortunately, it also locks yourself out of services you might want, such as lpd or X. Then you have to set some permissions in hosts.allow, and there are way to spoof even localhost.
Alos install port sentry, soon as someone portscans you they'll be locked out by the time they reach port 20.
Sooner if it's set up properly. However, a lot of the scans that hit me came from people looking for open Netbus ports. Got the occasional scan looking for something else once in a while, along with the usual Wingate detection from IRC servers and @home scans for open NNTP ports.
Since when do viruses appear in text files? When I type "vi LIFE-STAGES.TXT", will my computer explode?
It a trojan that affect mIRC only. It relies on people accepting the file, usually because they have auto-DCC set to on. Really annoying, even for those of us who actually check what gets sent to us before accepting it.
In windows, if you share (for example), your mp3 directory, as world readable, is there an exploit?
Not sure, but it wouldn't surprise me to find out one shared directory can be used as a jumping-off point through the use of an exploit to fool Windows into thinking a remote viewer is, in fact, local. It's the same reason *nix people shut down nfsd; you don't even give potential attackers the opportunity to get a beachead on your system.
A healthy dose of paranoia is acceptable, but is it worth reducing usablility?
An ounce of prevention is better than a pound of cure.
DHCP just makes you a slightly moving target, and if an attacker is looking for victims, they probably won't restrict their portscans and probes to single addresses, but IP ranges. I occasionally do a sweep of my university's residence network just for yuks, and I've run across a few unsecured boxen, Windows and Linux alike (the guy in Pitman Hall who just installed Debian, this means you!)
However, there are some simple ways to make your broadband connection a little bit less like swiss cheese:
1) Disable file sharing and remote login - Running Windows? Take a look for any folder or file with that little hand icon, and un-share them. Even better, just go into Control Panel -> Network and shut it off completely. Don't think passwords on your shares will help you, as a recent bug was discovered in Win9X share-level password protection where a one-byte character string can be used to bypass a protected share should that byte happen to match the first byte of the actual password. If you're on Linux/*BSD, for the love of Bob shut off NFS, ftpd, telnetd, Apache, and the like until you know what you're doing! Can you say "backdoor"? Even experienced admins leave the occasional hole, and default installs aren't often known for being secure (OpenBSD people, stuff it while I make a point for everyone else:).
2) Don't let anything run automatically - Java and ActiveX in IE and Netscape installing and running automagically? Kill it. Auto-DCC in IRC clients? Un-auto it. Run attachments on preview in Outlook, or run macros in Word documents? You know the drill. Don't let a damn thing run automatically unless you actually know what's taking place. If I ever see LIFE-STAGES.TXT offered to me by DCC again, I'm going to reach through the monitor and shove a virus scanner up the patoot of the victim. The world doesn't need another Melissa or backdoor being passed around just by opening an e-mail in a brain-dead-by-default program.
3) Check for patches and follow directions - MS didn't tell people to change their Outlook settings while it took them a month to patch the program in the wake of ILOVEYOU because it was fun for everyone. Red Hat isn't releasing megs of updates for Red Hat 7 so you can sit there and kvetch about buggy.0 releases. You don't think the latest macro virus craze can get you? Think again, spam-boy; why do you think Unix/Linux vendors have been going batshit looking for format string holes in their software offerings? The exploits may be merely theoretical, but it's best to close them up before the theoretical becomes practical (with apologies to the L0pht).
4) Extra steps if you're really careful and/or paranoid - Old 486: $50. Geek on a caffeine high: $5, $0 if s/he's already jacked on coffee. OpenBSD or Slackware burned on a CD: $0. A kickass firewall to confound the kiddiez with the latest 'sploits and nmap: priceless.
5) Ignore the DSL/cable pissing contest - Nothing to see here, move along...
I'm glad to say most cable installers where I live have a brain, and hence make sure filesharing is turned off in Win9x when they set up your system. Linux/BSD geeks usually have to take matters into their own hands, but most usually know enough to at least kill nfsd and ftpd if they're not going to be used. (Incidentally, this is also why Red Hat and others need to stop enabling every conceivable service by default.)
Closing your box off to kiddies is acutallly pretty easy. However, back-patting fluff like this Excite dropping does way more harm than good by instilling that false sense of security that leads people to think its OK to let attachments run automatically, or leave all those services running on their new Mandrake box. Hard advice is better than press releases and misrepresenting technologies as security measures. -------------
You figure for the $5 million or so NASA probably flushed down the can for that Waste Collection Unit, it could handle whatever seven astronauts can fire at it. Or at least dump $100 to make sure shoulder-length gloves are available.
Either that, or ban freeze-dried beans and cabbage from the next flight.
Talk about pissing away your money.
But maybe this will put $400 Department of Defense-approved toilet seats in perspective.
Or maybe it's just the same old crap. -------------
They left the BSD community a long time ago and haven't given us enough credit or spotlight since then.
Now, why does this make me think of Richard Stallman kvetching because "Linux" is preferred over "GNU/Linux"? Nothing against you; it just triggered a connection in my badly-wired brain.
If some of the rumblings I've read in the linux-kernel mailing list mean anything, FreeBSD may be about to get a lot of credit should the kernel hackers try to create a similar VM to the one in FreeBSD's kernel for 2.5/2.6. Dig through the past two months or so of archives; at least one maintainer (Rik van Riel?) mentioned the excellence of FreeBSD's VM...and anyone who reads test kernel changelogs knows all about the headaches Linus and crew have had with the Linux VM lately:) -------------
Slashdot Mirror
Look here for the source and binaries of the GPL'd version of StarOffice.
-------------
And just because this guy is with 2600, does not mean he's in the right.
True. However, that still doesn't automatically mean he was in the wrong, as some people seem to believe whenever the name "2600" comes up.
Every American has a right to peaceable assemble. They don't, however, have a right to block intersections, and so forth.
...oh, I'm sorry, I thought you were talking about Shapeshifter for a moment, not people who were actually seen blocking the intersections.
From the 2600 article:
[The cop] claimed to have seen McGuckin in a crowd of people talking on a cell phone. The officer claimed he saw the defendant point in a certain direction and that the 10-15 people in his group moved in that direction. However, the officer failed to capture any of this on his video camera. (my italics) He claimed that McGuckin then proceeded to the corner of 12th and Arch where he again spoke on his cell phone.
At this point, Parisi described a demonstration on 13th and Arch where protestors blocked an intersection for around 20 minutes. The implication was that McGuckin was coordinating this demonstration, even though he was never even seen by the officer at this intersection nor was he overheard saying anything to anyone. (again, my italics)
That's worth $500 000 bail? Remind me never to litter in Philadelphia; they might shoot me on the spot.
There is absolutely no evidence ShapeShifter blocked a road, nor any that he actually co-ordinated any protests. A cop only saw him speak on a cell phone, then point in a direction. None of this was captured on the video camera the cop was using.
Also, seeing that he DID make bail, it obviously wasn't an impossible hardship.
That was never mentioned anywhere.
Neither this AP story nor this/a& gt; Philly.com story mention the videotape angle, and why the prosecution didn't use any of it that showed Shifter (a single shot of him walking down a sidewalk).
-------------
Users on Windoze boxen who want something that renders their most commonly-referenced web pages anywhere near as fast as IE.
Having used recent Mozilla nightlies under Win95 a couple times recently (girlfriend still lives in Windows), I can tell you that Mozilla is almost, if not just as, fast as IE at page rendering.
Basically, anyone without an Athlon at 1.2 GHz and 256M of RAM.
I'm running a PII-266, 96 MB of RAM. Your point?
Seriously, I haven't run into many pages where the standards compliance of Mozilla has prevented me from viewing a badly-written page. Joe Luzer should have few to no problems using Mozilla (can't speak for Netscape 6, since Moz is a bit farther ahead) to view their favorite pages.
-------------
...there's an election taking place, and oh my kosh are the hot buttons being pushed.
I haven't heard much about the parties' stance on the Internet and digital rights/privacy issues, but then again, I haven't been poring over campaign literature either.
And while I don't think we have to worry too much about situations like the presidential mess in Florida, I'm starting to wonder if the Liberals are going to win with a much slimmer majority this go-around - or even if someone could get stuck with a minority government! Wouldn't that just be a kick in the pants, that 2000's least controversial North American election ends up being Mexico's (kudos for dropping the PRI like a giant maggot, BTW)!
Who do I plan on voting for? Good question; none of the four "major" parties set my pants on fire, and I don't know too much about the smaller-party and independent candidates in my area. Suppose I should find out and practice what I preach, non?
-------------
Interesting twist:
Try downloading a theme from the Theme Park using a Mozilla nightly.
That's right, Netscape wants you to download its own browser before you install a theme. That seems to also exclude Mozilla, the browser it's built on.
I'm pretty sure this restriction was put in by Netscape, as the EarlyBlue theme can be downloaded from x.themes.org just fine.
No thanks, I don't want net2phone, cruft, etc...
-------------
You're right, we should continue to risk the lives of men and women in battle!
Hey, if you're going to make it easier to kill other men and women under the guise of war, you should be willing to risk your own life.
Perhaps one only realizes the value of all life when one's own has been put in danger, or sacrificed.
-------------
...that if NS 6 final was really being released, it would be mentioned somewhere on this page.
And it would almost certainly be noted here.
Stick with Mozilla anyway - it's not like you need AIM or net2phone or all the other cruft anyway.
-------------
This 140 GB disc wouldn't by any chance be the
same technology described in this story?
-------------
It's been the job of the green propaganda machine to entrench the message that "A vote for Nader is _not_ a vote for Bush; they're both the same, and suck, at that."
And it's been the job of the Gore propaganda machine to convince Green voters they should choose Gore over Nader. Obviously, they failed at that.
For those of you who voted for Nader because Nader was the candidate who best supported your views, you bet on a losing horse from the start
"Bet"? "Losing horse"? It's not a horse race! It's an election - you choose the person you feel like choosing, not the person you think will win. If you vote that way, you're truly throwing away your vote.
Of the people who voted Nader, exit polls show that 25% would simply not have voted, while of the remaining 75%, 5 out of every 6 people would have voted for Gore. Had Nader stepped down, Gore would have won the election soundly, no questions asked.
However, he didn't step down. He kept campaigning, as is his right, and those voters apparently felt he was the better choice. Again, Gore's fault for not appealing to those voters enough to turn their choice to him.
You have accomplished -nothing- beyond satisfying your own smug little idealistic worldview.
They voted their conscience. You have a problem with that? If Bush loses, who's to say Buchanan didn't cost him the election in Florida? Hell, let's just ban third, fourth and fifth parties so this kind of stuff doesn't happen!
Wait. This is supposedly a democracy. Everyone is allowed to have their choice, no matter how much a chance the candidate has of winning in an election, even if someone else could use those votes. I see no problem here.
[...] the US will effectively have a one party government (they have the Legislative Branch still, they'll have the Executive branch, and would soon have the Judicial branch, as well.)
And from your post, you seem to support a two-party government, nothing more. You also forget that party members don't always vote on party lines, and the House and Senate look very close, at least closer than last election.
I think Green voters will be quite satisfied with what happened. If they wanted Gore to get in, they would have voted for him, now wouldn't they?
Nader did his job to attract support for himself and his party - about 2.5 million shows of support. It was up to Gore to campaign well enough to attract potential Green votes. It wasn't Nader's job to do that for him.
If Gore loses, he has no one to blame but himself.
-------------
Ridiculous.
Not ridiculous. You may not like Nader, for good reason. However, clearly Gore couldn't convince those 90 000 Green voters to choose him over Nader.
It's not Nader's fault Gore couldn't drum up support from those people. Run that one through your head four or five times - Greens have no duty to get Gore elected, they have no duty to the Democratic party, and they certainly shouldn't be forced to vote for someone they don't want just because another candidate could use their votes and possibly win. Last I heard, it was still technically a democracy down there, not a two-party oligarchy.
If Gore loses, he or his successor will simply have to do a better job attracting Green votes next time. That's reality in a democracy.
-------------
I can already see the self-righteous posts now. "Nader took the presidency away from Gore!" "It's Nader's fault we have Bush!" "Nader sucks!" "Hot grits!"
I will make this short and sweet:
It's not Nader's fault Gore didn't get enough votes. It's Gore's fault he couldn't attract the necessary votes. Clearly, Green voters who chose Nader found Gore wanting. Not Nader's fault.
If Gore wins, s/Gore/Bush and s/Nader/Buchanan or s/Nader/Browne
-------------
That's strange, NS4.7x's unreliability is exactly what drove me to drop it the moment I became aware of the PSM module for SSL/https support. I haven't used 4.7x in a couple months, and I'm much happier with the results.
-------------
Actually, I had a chance to try a Mozilla nightly under Win95 recently, which is what I based my statement on.
-------------
Not all of us run Windows, so we can't beta-test IE 6 unless MS suddenly decides to start supporting platforms outside of Windows and Macintosh. In any event, Mozilla nightlies are just as good by now; that the Mozilla crew has developed a cross-platform, standards-compliant, feature-filled, modern web browser in about 2.5 years from the ground up is just amazing. That Netscape/AOL is pissing in it doesn't surprise me, but then, I use Mozilla nightlies, not NS6.
Mozilla != Netscape, but Netscape is being built on Mozilla.
-------------
That would probably mostly depend on how large the object is. At most, it would probably create a nice, new crater for us to look at, along with lots of dust to block the view of that nice, new crater. Even a 6-mile object only made a dent in this rock we live on; the Moon could probably take a 10-mile object and laugh it off.
I would think we could get a nice shower of Moon rock blasted from the impact.
You would probably need a 100-mile object before things get worrisome.
Then again, I Am Not An Astronomer, But I Play One On Slashdot.
-------------
Try this one:
Object 1999 AN10 will slip by Earth on Aug. 7, 2027 at about 7 AM GMT at a distance of 0.002652 astronomical units - about 246 521 miles. Check it out for yourself at this page.
The Moon is about 246 000 miles away.
In astronomical terms, that's a bullet passing five millimeters above your head.
-------------
You can possibly hit CheapBytes and get a 7.0 CD cheap, though I dunno if they deliver to Britain. I remember having to drop $10 for shipping because I live in Canada...blah.
The problem is, 7.0 RPMs are built against a new glibc, using a development gcc. Mandrake's also moving to the new glibc. Most new packages from developers and vendors are still being built under 6.x, so you can probably get the latest software without having to upgrade your distro.
-------------
Compilations consisting of lists of websites blocked by filtering software applications
Hold up...does this mean CPHack is legal in the US? A big middle finger in red neon fifty feet high burning in the face of Mattel?
Or are we still not that lucky?
-------------
While I personally support the open source paradigm, I also support the right of individuals or corporations not to take part in it.
That's nice. This has nothing to do with "open source". This is about a balance between a company's right to internal privacy and that company's customers' right to know how and why they're being treated in a certain way.
Was Wesley liable for posting those documents? Most likely, even before the DMCA. Was he right to do it? In this case, I say "yes" - customers are being treated in a way they perceive as inappropriate for a company they're giving their money to, and these documents give them firm answers. Wesley will get punished (already has, actually), but his actions were right, since he brought out the truth. @Home is justifiably angry since it was their stuff posted. However, they should also be hanging their heads in shame for having policies that turn their customers - the people who give them money so it can continue to exist - into just another problem to be avoided as quickly as possible. There's a reason @Home has something of a reputation for lackluster service, and it's policies like these that put corporate comfort over customer satisfaction that are the cause.
For the record...Rogers@Home farms their tech support out to a call centre here in Toronto, which has its own crappy reputation. But I seem to have had more luck than many users of the service.
-------------
You mean the banning of links to illegal material.
Correction: illegal in the US. Norway has already shown they don't find DeCSS "illegal material" by releasing and apologizing to Jon Johansen, who originally distributed the software, because it was found the laws he was charged under didn't apply at all. Ignoring the ill-advised IP conventions my country has signed for a minute, there is no law like the DMCA making DeCSS illegal in my country, either.
-------------
HOw about adding ALL: ALL to /etc/hosts.deny? Is there a way around that?
Unfortunately, it also locks yourself out of services you might want, such as lpd or X. Then you have to set some permissions in hosts.allow, and there are way to spoof even localhost.
Alos install port sentry, soon as someone portscans you they'll be locked out by the time they reach port 20.
Sooner if it's set up properly. However, a lot of the scans that hit me came from people looking for open Netbus ports. Got the occasional scan looking for something else once in a while, along with the usual Wingate detection from IRC servers and @home scans for open NNTP ports.
Since when do viruses appear in text files? When I type "vi LIFE-STAGES.TXT", will my computer explode?
It a trojan that affect mIRC only. It relies on people accepting the file, usually because they have auto-DCC set to on. Really annoying, even for those of us who actually check what gets sent to us before accepting it.
In windows, if you share (for example), your mp3 directory, as world readable, is there an exploit?
Not sure, but it wouldn't surprise me to find out one shared directory can be used as a jumping-off point through the use of an exploit to fool Windows into thinking a remote viewer is, in fact, local. It's the same reason *nix people shut down nfsd; you don't even give potential attackers the opportunity to get a beachead on your system.
A healthy dose of paranoia is acceptable, but is it worth reducing usablility?
An ounce of prevention is better than a pound of cure.
-------------
DHCP just makes you a slightly moving target, and if an attacker is looking for victims, they probably won't restrict their portscans and probes to single addresses, but IP ranges. I occasionally do a sweep of my university's residence network just for yuks, and I've run across a few unsecured boxen, Windows and Linux alike (the guy in Pitman Hall who just installed Debian, this means you!)
.0 releases. You don't think the latest macro virus craze can get you? Think again, spam-boy; why do you think Unix/Linux vendors have been going batshit looking for format string holes in their software offerings? The exploits may be merely theoretical, but it's best to close them up before the theoretical becomes practical (with apologies to the L0pht).
However, there are some simple ways to make your broadband connection a little bit less like swiss cheese:
1) Disable file sharing and remote login - Running Windows? Take a look for any folder or file with that little hand icon, and un-share them. Even better, just go into Control Panel -> Network and shut it off completely. Don't think passwords on your shares will help you, as a recent bug was discovered in Win9X share-level password protection where a one-byte character string can be used to bypass a protected share should that byte happen to match the first byte of the actual password. If you're on Linux/*BSD, for the love of Bob shut off NFS, ftpd, telnetd, Apache, and the like until you know what you're doing! Can you say "backdoor"? Even experienced admins leave the occasional hole, and default installs aren't often known for being secure (OpenBSD people, stuff it while I make a point for everyone else:).
2) Don't let anything run automatically - Java and ActiveX in IE and Netscape installing and running automagically? Kill it. Auto-DCC in IRC clients? Un-auto it. Run attachments on preview in Outlook, or run macros in Word documents? You know the drill. Don't let a damn thing run automatically unless you actually know what's taking place. If I ever see LIFE-STAGES.TXT offered to me by DCC again, I'm going to reach through the monitor and shove a virus scanner up the patoot of the victim. The world doesn't need another Melissa or backdoor being passed around just by opening an e-mail in a brain-dead-by-default program.
3) Check for patches and follow directions - MS didn't tell people to change their Outlook settings while it took them a month to patch the program in the wake of ILOVEYOU because it was fun for everyone. Red Hat isn't releasing megs of updates for Red Hat 7 so you can sit there and kvetch about buggy
4) Extra steps if you're really careful and/or paranoid - Old 486: $50. Geek on a caffeine high: $5, $0 if s/he's already jacked on coffee. OpenBSD or Slackware burned on a CD: $0. A kickass firewall to confound the kiddiez with the latest 'sploits and nmap: priceless.
5) Ignore the DSL/cable pissing contest - Nothing to see here, move along...
I'm glad to say most cable installers where I live have a brain, and hence make sure filesharing is turned off in Win9x when they set up your system. Linux/BSD geeks usually have to take matters into their own hands, but most usually know enough to at least kill nfsd and ftpd if they're not going to be used. (Incidentally, this is also why Red Hat and others need to stop enabling every conceivable service by default.)
Closing your box off to kiddies is acutallly pretty easy. However, back-patting fluff like this Excite dropping does way more harm than good by instilling that false sense of security that leads people to think its OK to let attachments run automatically, or leave all those services running on their new Mandrake box. Hard advice is better than press releases and misrepresenting technologies as security measures.
-------------
With apologies to Dave Barry, I Am Not Making This Up:
On the phone with my girlfriend right now, telling her about some of the quickies. This gem just kinda rolled out of my mouth...
"[...] there's a site called the pantscam, but it's down..."
-------------
You figure for the $5 million or so NASA probably flushed down the can for that Waste Collection Unit, it could handle whatever seven astronauts can fire at it. Or at least dump $100 to make sure shoulder-length gloves are available.
Either that, or ban freeze-dried beans and cabbage from the next flight.
Talk about pissing away your money.
But maybe this will put $400 Department of Defense-approved toilet seats in perspective.
Or maybe it's just the same old crap.
-------------
They left the BSD community a long time ago and haven't given us enough credit or spotlight since then.
Now, why does this make me think of Richard Stallman kvetching because "Linux" is preferred over "GNU/Linux"? Nothing against you; it just triggered a connection in my badly-wired brain.
If some of the rumblings I've read in the linux-kernel mailing list mean anything, FreeBSD may be about to get a lot of credit should the kernel hackers try to create a similar VM to the one in FreeBSD's kernel for 2.5/2.6. Dig through the past two months or so of archives; at least one maintainer (Rik van Riel?) mentioned the excellence of FreeBSD's VM...and anyone who reads test kernel changelogs knows all about the headaches Linus and crew have had with the Linux VM lately:)
-------------