Is $1.00 per 24 hours of captcha decoding too expensive for you? This is what it costs my friend. Spamming blog comments is as simple as popping a captcha image to some third world country and have them do it for $1.00/day.
If they allow this, they might as well also put a video camera and microphone around the guy's neck and record his interactions for the rest of his life.
The win32 installer has several dependencies, making it nearly impossible to get installed on many systems (anything prior to WinXP)... There are even several web sites dedicated to workarounds to deal with the broken installer. Obviously, with such a broken installer, its a real show stopper for a lot of people on win32 systems at least. Not to mention that they don't yet even have a linux release. Obviously whoever wrote the installer and the requirements for the app really dropped the ball on generic win32 compatibility.
Not sure how this is better than what grsec and selinux does... They might be better suited to writing selinux modules than trying to reinvent the wheel here with what basically sounds like role based access control (RBAC) found in selinux
Also, just because you know a particular routers MAC address, doesn't mean it has any useful purpose past the first hop, as your local MAC address of your router will never get transmitted past the first hop. By the time the TCP/IP packet arrives at its destination, the MAC address on the sending side will be of the last hop router. So, basically, although creating a huge database of MAC addresses to GPS coordinates might seem to be clever, in reality it is very useless because no one is going to be seeing the MAC address of my router past the first hop.
Sounds like they forgot about the oldest running hacker conference, Pumpcon, held every year in Philly since about 1987... I guess it's too underground (less than 200 people show up every year) -- although the who's who of the hacker world has probably been there at some point, no doubt.
if you've got too many people hogging an access point, maybe you should think about implementing some kind of bandwidth throttling or traffic shaping. man tc.
just like hammers can be used for doing construction projects or they can be used to bash peoples heads in, the same can be said with these controversial tools.
As long as packets can traverse from one point to another, it will be impossible to prevent automation tools from being used to automate various interfaces to access public online systems. If web sites think they can get rid of people by putting various challenges in their way, i.e. captcha, they are wrong. Given enough resources, people will get around this.
Not everyone is a terrorist or criminal gang, some people are just trying to access systems that otherwise would be impossible to accomplish by hand. I've been writing and using automation tools for dozens of application for decades now, so I always think its funny when some online site tries to prevent me from accessing their network -- they will 100% of the time be on the losing end of this battle.
Sites like Craigslist (especially), MySpace, Facebook, GMail that go to great lengths to hire large groups of staff who sit there and write software tools that prevent people from using their site, all they do at the end of the of the day is push people away who are legitimately trying to use their site, and eventually they lose market share because people will find something less cumbersome to use. One of Backpage.com, Kijiji.com and other sites selling points is that they don't have 100 different filters in place to prevent you from posting your ad.
It's a real waste of time when you have to use a site like craigslist and spend your whole daying to post 10 ads and only one of them shows up on the site -- for 20 minutes until it gets auto-flagged off their anti-spam aka "anti-use" tools...
It's kind of pathetic really -- the majority of the work that Craig Newmark has done over the last five years has been to prevent people from using his site... I've seen large groups of people who used to post ads regularly promoting their business on that site who have been driven away because the ads just don't stay up anymore because of Craig's overuse of anti-use tools.
Based on my own personal experiences with dealing with google, I would never trust anything besides their search engine... If you have ever tried to make contact with google staff about a real issue, you'll soon notice there is no customer service, no help desk, you will be greeted by an arrogant 16-year-old who tells you to goto the google.com site to resolve whatever issue you're calling about. Also, if you've ever tried using Google Checkout (what a joke), they put arbitrary holds on the money and attempts to resolve issues (again, no customer service here) take weeks and months. Google has a great search engine, but thats about it. Don't put your eggs in one basket by using anything that they put out. They're good at writing crawlers and indexers, not good at much else.
I stopped using Yahoo about 4-5 years ago because of problems with inbox delivery. After many tests, their mail servers would respond that the message was Sent when in fact it was never delivered. I've tested it about 20-30 times since then and have the same issues. Even if you send mail from supposedly vanity domains like Gmail.com, the mail still never gets delivered. Yahoo has had problems before with the profiles.yahoo.com site getting infiltrated by spammers about 5-7 years ago, a problem they never solved. It seems like the problems don't go away -- they only get worse. This story is just one example.
It does not matter whether the data is stored at co-lo or webhost. The point is that you are giving your private data to a third party and assuming that they are not copying it. Probably there is more privacy in a co-lo environment than a webhost, but they still both have the ability to copy your data whenever they want.
there isn't much you can do. if you choose to co-locate your server at another location, be prepared to have other people looking at your stuff all day. If you have issues with that, either encrypt your private data, or dont co-locate your data at some hosting provider.
When someone wants to play internet bully with me, I usually start off with unleashing the full force of my skillz upon them, which means turning off their electricity, ordering lots of stuff on their credit cards, war dialing them with different ANI's every minute, 24 hours a day for many months, forwarding their phone number to the dungeon (+1 800-800-8900), setting up ATT Alliance conference bridges and billing it to them ($7000/day), sending hundreds of magazine subscriptions to their house, getting them fired from their job, rm'ing the backup tapes at their job and then rm'ing all the servers one by one, rm'ing their home machines, sending the cops to their house (the old "shots fired" trick), monitoring their IP connection by owning their ISP, hijacking their session and injecting random taunts into the stream is always fun too, among other things.... after that, I usually verbally taunt them until they start to cry and beg for my forgiveness... Read the Brotherhood of Warez newsletters for more information.
I think that all Bjorne has really done to the C language is cause more and more fragmentation, forking and division... He created fragmentation with C++, and he again created more fragmentation with "C++0x". This guy should be banned from creating languages. Instead of making new languages, why not improve on the C language standard? He doesn't want to do that, he wants to make a name for himself by creating all these different languages... I don't think what he has done has done anything to better the world of computer science.
Right, ANI is different than CID... However, almost all VOIP services that route calls on the PSTN set the ANI to the CID value... Therefore, ANI == CID in most situations for outbound VOIP...
It's fairly trivial to setup an asterisk box with a SIP client and make up any outbound caller-ID you want... It's a stretch to say that someone who does this is a "hacker" comparable to what someone could do with switch access... Being able to forward/unforward a phone arbitrarily from within a switch -- this is power. Does anyone remember the "Phone Masters" guys Zibby, Gatsby, etc? -- That's the most recent example of hacking/phreaking that I can think. This is some kid playing around with asterisk and making prank phone calls.
Maybe I'm doing something wrong, but here is my initial results:
brian@brian-laptop:~/Desktop/micropolis-activity$./Micropolis
Starting Micropolis in/home/brian/Desktop/micropolis-activity... ./Micropolis: line 4: 17236 Floating point exception(core dumped) res/sim $*
brian@brian-laptop:~/Desktop/micropolis-activity$
This is on a stock ubuntu install... I'll play with it some more and hopefully figure out why./res/sim is segfaulting... Either way, it appears really rough.
I don't use the corporate LAN at work... I use a laptop and connect with a PCMCIA cellular modem from Sprint PCS... When I need to access the corporate LAN, I VPN in in plug in my ethernet cable... There is no reason to be on the corporate LAN. It just allows others to snoop (or tcpdump) on what your doing.
These stories come up every couple months, about people shining green lasers at aircraft and then getting arrested for it... I think the situation that the FBI is really concerned about, which is why people who shine lasers at aircraft should all be caught and prosecuted, is that shining a 10mW laser at an aircraft is one thing, shining a kW laser is another. If these people shined a high powered kW laser at the aircraft, it *WOULD* blind the pilot, and it *COULD* destroy the aircraft... We're going to have real problems when kW lasers come down in price to the point where you can get them cheap on ebay for a couple hundred bucks.
Slashdot Mirror
Is $1.00 per 24 hours of captcha decoding too expensive for you? This is what it costs my friend. Spamming blog comments is as simple as popping a captcha image to some third world country and have them do it for $1.00/day.
If counterpane is a storage company, then microsoft is a furniture company.
If they allow this, they might as well also put a video camera and microphone around the guy's neck and record his interactions for the rest of his life.
do they have access to the internet up there? If they don't, that might partly explain their boredom/depression issues...
The win32 installer has several dependencies, making it nearly impossible to get installed on many systems (anything prior to WinXP)... There are even several web sites dedicated to workarounds to deal with the broken installer. Obviously, with such a broken installer, its a real show stopper for a lot of people on win32 systems at least. Not to mention that they don't yet even have a linux release. Obviously whoever wrote the installer and the requirements for the app really dropped the ball on generic win32 compatibility.
Not sure how this is better than what grsec and selinux does... They might be better suited to writing selinux modules than trying to reinvent the wheel here with what basically sounds like role based access control (RBAC) found in selinux
Also, just because you know a particular routers MAC address, doesn't mean it has any useful purpose past the first hop, as your local MAC address of your router will never get transmitted past the first hop. By the time the TCP/IP packet arrives at its destination, the MAC address on the sending side will be of the last hop router. So, basically, although creating a huge database of MAC addresses to GPS coordinates might seem to be clever, in reality it is very useless because no one is going to be seeing the MAC address of my router past the first hop.
Sounds like they forgot about the oldest running hacker conference, Pumpcon, held every year in Philly since about 1987... I guess it's too underground (less than 200 people show up every year) -- although the who's who of the hacker world has probably been there at some point, no doubt.
email spammers also probably parse out email addresses that dont start with alpha characters...
if you've got too many people hogging an access point, maybe you should think about implementing some kind of bandwidth throttling or traffic shaping. man tc.
just like hammers can be used for doing construction projects or they can be used to bash peoples heads in, the same can be said with these controversial tools.
As long as packets can traverse from one point to another, it will be impossible to prevent automation tools from being used to automate various interfaces to access public online systems. If web sites think they can get rid of people by putting various challenges in their way, i.e. captcha, they are wrong. Given enough resources, people will get around this.
Not everyone is a terrorist or criminal gang, some people are just trying to access systems that otherwise would be impossible to accomplish by hand. I've been writing and using automation tools for dozens of application for decades now, so I always think its funny when some online site tries to prevent me from accessing their network -- they will 100% of the time be on the losing end of this battle.
Sites like Craigslist (especially), MySpace, Facebook, GMail that go to great lengths to hire large groups of staff who sit there and write software tools that prevent people from using their site, all they do at the end of the of the day is push people away who are legitimately trying to use their site, and eventually they lose market share because people will find something less cumbersome to use. One of Backpage.com, Kijiji.com and other sites selling points is that they don't have 100 different filters in place to prevent you from posting your ad.
It's a real waste of time when you have to use a site like craigslist and spend your whole daying to post 10 ads and only one of them shows up on the site -- for 20 minutes until it gets auto-flagged off their anti-spam aka "anti-use" tools...
It's kind of pathetic really -- the majority of the work that Craig Newmark has done over the last five years has been to prevent people from using his site... I've seen large groups of people who used to post ads regularly promoting their business on that site who have been driven away because the ads just don't stay up anymore because of Craig's overuse of anti-use tools.
Based on my own personal experiences with dealing with google, I would never trust anything besides their search engine... If you have ever tried to make contact with google staff about a real issue, you'll soon notice there is no customer service, no help desk, you will be greeted by an arrogant 16-year-old who tells you to goto the google.com site to resolve whatever issue you're calling about. Also, if you've ever tried using Google Checkout (what a joke), they put arbitrary holds on the money and attempts to resolve issues (again, no customer service here) take weeks and months. Google has a great search engine, but thats about it. Don't put your eggs in one basket by using anything that they put out. They're good at writing crawlers and indexers, not good at much else.
I stopped using Yahoo about 4-5 years ago because of problems with inbox delivery. After many tests, their mail servers would respond that the message was Sent when in fact it was never delivered. I've tested it about 20-30 times since then and have the same issues. Even if you send mail from supposedly vanity domains like Gmail.com, the mail still never gets delivered. Yahoo has had problems before with the profiles.yahoo.com site getting infiltrated by spammers about 5-7 years ago, a problem they never solved. It seems like the problems don't go away -- they only get worse. This story is just one example.
It does not matter whether the data is stored at co-lo or webhost. The point is that you are giving your private data to a third party and assuming that they are not copying it. Probably there is more privacy in a co-lo environment than a webhost, but they still both have the ability to copy your data whenever they want.
there isn't much you can do. if you choose to co-locate your server at another location, be prepared to have other people looking at your stuff all day. If you have issues with that, either encrypt your private data, or dont co-locate your data at some hosting provider.
When someone wants to play internet bully with me, I usually start off with unleashing the full force of my skillz upon them, which means turning off their electricity, ordering lots of stuff on their credit cards, war dialing them with different ANI's every minute, 24 hours a day for many months, forwarding their phone number to the dungeon (+1 800-800-8900), setting up ATT Alliance conference bridges and billing it to them ($7000/day), sending hundreds of magazine subscriptions to their house, getting them fired from their job, rm'ing the backup tapes at their job and then rm'ing all the servers one by one, rm'ing their home machines, sending the cops to their house (the old "shots fired" trick), monitoring their IP connection by owning their ISP, hijacking their session and injecting random taunts into the stream is always fun too, among other things.... after that, I usually verbally taunt them until they start to cry and beg for my forgiveness... Read the Brotherhood of Warez newsletters for more information.
sounds like a major privacy violation, I hope they get sued into oblivion.
I think that all Bjorne has really done to the C language is cause more and more fragmentation, forking and division... He created fragmentation with C++, and he again created more fragmentation with "C++0x". This guy should be banned from creating languages. Instead of making new languages, why not improve on the C language standard? He doesn't want to do that, he wants to make a name for himself by creating all these different languages... I don't think what he has done has done anything to better the world of computer science.
Sounds like its not going to be cheap!
Right, ANI is different than CID... However, almost all VOIP services that route calls on the PSTN set the ANI to the CID value... Therefore, ANI == CID in most situations for outbound VOIP...
It's fairly trivial to setup an asterisk box with a SIP client and make up any outbound caller-ID you want... It's a stretch to say that someone who does this is a "hacker" comparable to what someone could do with switch access... Being able to forward/unforward a phone arbitrarily from within a switch -- this is power. Does anyone remember the "Phone Masters" guys Zibby, Gatsby, etc? -- That's the most recent example of hacking/phreaking that I can think. This is some kid playing around with asterisk and making prank phone calls.
Maybe I'm doing something wrong, but here is my initial results:
./Micropolis /home/brian/Desktop/micropolis-activity ...
./Micropolis: line 4: 17236 Floating point exception(core dumped) res/sim $*
./res/sim is segfaulting... Either way, it appears really rough.
brian@brian-laptop:~/Desktop/micropolis-activity$
Starting Micropolis in
brian@brian-laptop:~/Desktop/micropolis-activity$
This is on a stock ubuntu install... I'll play with it some more and hopefully figure out why
Did anyone think Intel would behave differently? They are competing for the same customers...
I don't use the corporate LAN at work... I use a laptop and connect with a PCMCIA cellular modem from Sprint PCS... When I need to access the corporate LAN, I VPN in in plug in my ethernet cable... There is no reason to be on the corporate LAN. It just allows others to snoop (or tcpdump) on what your doing.
These stories come up every couple months, about people shining green lasers at aircraft and then getting arrested for it... I think the situation that the FBI is really concerned about, which is why people who shine lasers at aircraft should all be caught and prosecuted, is that shining a 10mW laser at an aircraft is one thing, shining a kW laser is another. If these people shined a high powered kW laser at the aircraft, it *WOULD* blind the pilot, and it *COULD* destroy the aircraft... We're going to have real problems when kW lasers come down in price to the point where you can get them cheap on ebay for a couple hundred bucks.