I was put on neural feedback therapy for the purpose of controlling my "overactive imagination" as it was diagnosed - really just chronic daydreaming and distraction. I doubt it did anything at all, as there was nothing in my course of therapy about how to APPLY any of the control I supposedly learned.
I cannot help but to wonder if all it did was add to my antisocial behavior.
I simply do not believe that any website author has the right to upload any program on my computer as a condition of viewing content. I don't care what the software does.
I see your point, but there is a fault in your semantics. You act as if the IP addresses hosting the software is drawing your computer out of a hat, uploading whatever the hell they feel like, and executing it. This is wrong.
Your browser requested the data referenced in the HTML/JavaScript of the web page that you initiated a connection to. Your browser is configured to do this. You can configure your browser not to do this. I cannot think of a single website that forces you to install anything. I can think of many that recommend installation of third party closed software to properly interpret raw data coming down the pipe, and will install it IF you have your browser configured to allow such activity.
I do not like surreptitious installation of software or deceivingly 'free' programs. But when you get down to it, spyware plays by the rules set down by the configuration of YOUR browser.
Do not scream and bitch about invasion of privacy because you left up the "open house" sign after moving in.
My question: is RedSheriff running when you are NOT viewing a page at BBC, or is it only actively collecting data on viewing habits at BBC?
If it's the former, HOW IS THIS TECHNICALLY POSSIBLE? It is running in the Java sandbox. If Java is not running or loaded, how can this thing run?
If it's the latter, WHY IS THIS A BIG DEAL? It is just another method of gathering statistics on your own site; scripts and applications to do this that run in the web client have been around for years and relatively few people have been complaining.
I remember having a game (was it SimCity?) that had a lookup sheet that was dark red, making it impossible to copy (in those days - before good scanners and digital copy machines).
It was SimCity, and at the same time it came out, Thundervision released the Thunderscan, a hardware/software package for the Mac Plus that converted an ImageWriter into a scanner.
Said scanner used, as its light source, a red LED.
does anyone else get the eerie feeling that this may end up being a forecast of what will happen to the net when/if UUnet as a backbone goes dark as a result of the Worldcom bankruptcy?
we have seen working code that demonstrates how to get backdoor software onto an internal, secured network.
It's called spyware, and its deployment mechanism is Kazaa.
You want to root a bunch of machines? Write a piece of spyware, and hook it into the latest and greatest gnutella client. Grab the Gnotella source, patch your exploit into it, and release it, and the source to comply with GPL.
Do you know how many people blindly download and install GPL'd apps because the presence of source gives them a false sense of security? A lot. You know who installs closed-source, non-GPLed software because they think it looks cool or assume it's safe because they have a.com address with no ~ in the url? Even more.
One word: Webshots.
Webshots is on so many damned systems in internal, "secured" networks that you couldn't root it out if you tried. All it does is change the wallpaper for those too dumb to figure out how to do it themselves. It also installs a load of fun tracking and marketing tools. These people proved you can make software do something that IS ALREADY BUILT INTO THE OS and people will blindly download it and install it. And if the spyware you bundle with it isn't spyware and is instead a remote controller for DDOS attacks, have fun. It's a field day.
Whine about how "well, their network doesn't lock down their computers so they deserve it" all you want. This affects EVERYONE, not just the dumb receptionist who wants bonzi buddy on her laptop. If someone distributes a DDOS zombie client in a popular free download (like the next AIM or something), some poor dude who runs a blog on his bedroom DSL who has never even HEARD of these insecured networks is going to be on the receiving end of it.
And don't get me started on how easy it is to reset the local admin password on a locked down company laptop to give bonzi buddy admin rights.
Xarph's first law of root paranoia: There are more idiots with root in the world than there are locked-down users.
Xarph's second law of root paranoia: Everyone has console access to the dumb terminal they're sitting at.
Amen. There was NO REASON to dismantle.us - the last bastion of The Good Old Internet Community and make it into another corporate annex. It's like demolishing the old vacant lot that was at the 280/101 interchange in San Francisco to put up a mall. There is no reason to have a mall - it's the same shit in that mall that's in every other mall. At the vacant lot there were swap meets every week where hundreds of one of a kind items traded hands.
To HELL with verisign, neustar, and most egregious, ICANN.
Dontcha love how Apple just trickles this stuff out but when you put it all together, it's just unbelievable?
THIS is what the mac platform is all about. "Apple makes the whole widget," indeed. What Apple has done with Mac OS X and its other apps is build a software environment that is streamlined and effective because it is running on a guaranteed hardware configuration that is known to the developers. It's almost like coding for an appliance... you KNOW exactly what hardware this system will run on, you KNOW what that hardware is capable of, and you know exactly how to interface to it for maximum potential. This leads to a system that's reliable and almost immune to hardware problems or wildly divergent performance.
Apple does not need to maintain different kernels because some motherboards run interrupts in different ways. Apple does not need to have nearly 20 years of backwards hardware compatibility. Apple does not need to stake their reputation on bargain basement Taiwanese programmers writing drivers for the hardware their code will run on. Most importantly, Apple does not need to build an illegal monopoly to build an computing environment that works.
Try being productive under Windows running in Safe Mode. Now try using Mac OS with extensions disabled. Tell me Windows, at its bare core, is better than Mac OS. I dare you.
UPDATE: This seems to be a concerted effort to remove xenu.net from ALL search engines. The site is no longer in the Yahoo! Directory or archive.org. "Per request of the site owner" my ass.
does "company time" include paid sick and vacation days? if I wake up with an illness that requires medication that prevents me from going to work (i.e. "do not drive" or "may cause you to spend 8/9 hours on the toilet"), can projects of my own that I work on while I am indisposed in a professional capacity be claimed?
Short answer: Nintendo fears american warez kiddies.
Long answer: Most of the copy protection surrounding the Gamecube revolves around its 3 inch DVDs. The reason Nintendo picked an odd (but still standard) is the complete lack of blanks at that size. This will, for a little while at least, keep the Gamecube from having games copied, as DVD-R blanks won't fit in the machine.
Now we have the Q, which is a Gamecube modified to play DVD movies. DVD movies come on 5 inch discs. There are blank DVDs that are 5 inches. What will inevitably happen if the Q is released here is that warez kiddies will copy 3 inch Gamecube discs onto 5 inch DVD blanks, and run them on a modchipped Q. The whole bet Nintendo is hedging is that 3 inch blank DVDs will not be available for a while, and when they are, they will be prohibitively expensive to keep piracy at a minimum for a few more years, which is the expected lifespan of the GC.
Have the goverment set up standards and rateing for security in software (IE what DOD has done.)
Decent suggestion.
Require ALL O/S's, EMail, Firewall, and etc. Meet or exceed the rateing and put on their software package what Security rateing does the software have.
BAD. Bad, bad, bad, bad, BAD. This is what the proposed SSSCA was supposed to do - regulate software design. Regulating software design is a TERRIBLE idea, as it leads to the issues we are just now starting to see - software that's legal in one country is illegal in another. Another issue is the very idea of a logo/rating program - it would favor the commercial sector to an unhealthy degree. With the fact that all OSS has release schedules of NIGHTLY, keeping the software in check with the legislation would be nigh impossible and significantly impinge the ability of open developers to work on a project if they need government approval to release a new stepgap build.
People who can't figure out how to turn on ICS or plug in a NAT box will call their ISP to ask for help. All the ISP has to do is say, "It'll cost you $10/month/machine to have more than one computer." Clueless person says OK and asks for 2 additional seats. ISP turns on the NAT function of their "modem" and sets it for 3 machines and tells them to plug it into their hub.
This is how Telocity (now DirectTV DSL) worked. You got 1 IP for the price of service, then you can pay $X (forgot how much) to turn on the NAT feature in the proprietary modem they sent out. The NAT sucked too, if I recall.
If they expect users to actually use this thing, then they have two choices:
1) make it mandatory
force all users to upgrade to a CAT modem, advertising "use more than one computer at a time!" If this happens, it better be a protocol that contains blacklists and spyware to keep NAT off ALL the machines behind it. I forsee Hell freezing over before a protocol gains acceptance that can detect one daemon running on a completely separate network segment over a possibly heterogeneous LAN, especially if that daemon is running on a completely foreign operating system.
And I'll be damned if someone doesn't make an invisible hardware device that does NAT -> CAT.
2) make it more appealing
make the protocol a mini IPv6. Build some sort of proprietary addon to IPv4 into the protocol that allows a socket to directly address a machine on a translated subnet. This would break IPv4, so it probably won't happen. But then again, this is an industry that probably wouldn't care less about breaking IPv4 if it makes money.
The shows have devices ranging from the functional but pathetic (Bowser's rugby ball crossbow...
My uncle and I theorize that Bowser is a plant. He's been on the show and lost both times, the second time in an incredibly embarrassing manner (rugby launcher). I suspect the producers seeded him in the competition so there can always be someone losing horribly.
The contract/TOS/AUP is contained in the modem ROM and is shown before any account setup can commence. The modem physically does not allow any traffic until that TOS is agreed to and the setup procedure begins.
It is strange how some people seem to take the side of the company regardless of the circumstances or the law.
That's because the circumstances of the law defend the company. Ever hear of an AUP or TOS?
The gateway is almost certainly not worth $500.
Neither is my cable box, but the company that is renting it to me says it is. They are the only ones who matter.
The company does not appear to have given actual notice or even constructive notice of the return requirement
14. Equipment. Telocity will provide you a "gateway" or certain hardware and software that will allow you to access the Service and any additional services that you may order in the future (all equipment provided by Telocity will be referred to as the "Equipment"). You agree that this does not give you any ownership interest in or title to the Equipment or its accompanying software. You also agree that Telocity may upgrade the equipment and/or software from time to time by providing the upgrade to you. In that event, Telocity will provide you a means of returning the replaced Equipment.
You agree to facilitate the upgrades and return the equipment. At the end of the term of your Service, you agree to return the Equipment in the manner described by Telocity. In either case, if you fail to return the Equipment to Telocity as instructed, within thirty (30) days, then a $499 "Equipment Fee" will apply and will be charged to you in the manner described in Section 3.
The company unilaterally terminated the service contract
You agree to return the modem the instant the termination takes effect.
The company waited to long to request the return of the gateway.
There is no time limit. I'm surprised they don't turn things over to a collections agency after 1 month..
Best plan of attack is to send a registered letter to the CEO of Telocity at his home address (from the SEC documents) setting out the circumstances. Don't forget to mention that you will bring suit against him personally should the company trouble you again.
This will result in Hughes Electronics' lawyers laughing at you and either turning you over to a collections agency or drag you into court or arbitration.
-Lx?
I never SIGNED a contract (has anyone ever had to sign a DSL contract?) And what obligation do I have to a company that I had a year contract with which they in turn canceled. If I had ever seen a contract perhaps I would read it and see what it said about their ability to cancel service at will. I am not terribly inclined to adhere to a contract that was canceled.
When the service was installed, it would not function until the telocity box they sent you phoned home. The box would not do so until you had seen and acknowledged this, which contains all the AUP and termination fees and shit.
Slashdot Mirror
I was put on neural feedback therapy for the purpose of controlling my "overactive imagination" as it was diagnosed - really just chronic daydreaming and distraction. I doubt it did anything at all, as there was nothing in my course of therapy about how to APPLY any of the control I supposedly learned.
I cannot help but to wonder if all it did was add to my antisocial behavior.
How long does it take to dump a .vob to disk?
-Lx?
I see your point, but there is a fault in your semantics. You act as if the IP addresses hosting the software is drawing your computer out of a hat, uploading whatever the hell they feel like, and executing it. This is wrong.
Your browser requested the data referenced in the HTML/JavaScript of the web page that you initiated a connection to. Your browser is configured to do this. You can configure your browser not to do this. I cannot think of a single website that forces you to install anything. I can think of many that recommend installation of third party closed software to properly interpret raw data coming down the pipe, and will install it IF you have your browser configured to allow such activity.
I do not like surreptitious installation of software or deceivingly 'free' programs. But when you get down to it, spyware plays by the rules set down by the configuration of YOUR browser.
Do not scream and bitch about invasion of privacy because you left up the "open house" sign after moving in.
-Lx?
My question: is RedSheriff running when you are NOT viewing a page at BBC, or is it only actively collecting data on viewing habits at BBC?
If it's the former, HOW IS THIS TECHNICALLY POSSIBLE? It is running in the Java sandbox. If Java is not running or loaded, how can this thing run?
If it's the latter, WHY IS THIS A BIG DEAL? It is just another method of gathering statistics on your own site; scripts and applications to do this that run in the web client have been around for years and relatively few people have been complaining.
-Lx?
It was SimCity, and at the same time it came out, Thundervision released the Thunderscan, a hardware/software package for the Mac Plus that converted an ImageWriter into a scanner.
Said scanner used, as its light source, a red LED.
That copy protection didn't last long.
-Lx?
does anyone else get the eerie feeling that this may end up being a forecast of what will happen to the net when/if UUnet as a backbone goes dark as a result of the Worldcom bankruptcy?
-Lx?
we have seen working code that demonstrates how to get backdoor software onto an internal, secured network.
.com address with no ~ in the url? Even more.
It's called spyware, and its deployment mechanism is Kazaa.
You want to root a bunch of machines? Write a piece of spyware, and hook it into the latest and greatest gnutella client. Grab the Gnotella source, patch your exploit into it, and release it, and the source to comply with GPL.
Do you know how many people blindly download and install GPL'd apps because the presence of source gives them a false sense of security? A lot. You know who installs closed-source, non-GPLed software because they think it looks cool or assume it's safe because they have a
One word: Webshots.
Webshots is on so many damned systems in internal, "secured" networks that you couldn't root it out if you tried. All it does is change the wallpaper for those too dumb to figure out how to do it themselves. It also installs a load of fun tracking and marketing tools. These people proved you can make software do something that IS ALREADY BUILT INTO THE OS and people will blindly download it and install it. And if the spyware you bundle with it isn't spyware and is instead a remote controller for DDOS attacks, have fun. It's a field day.
Whine about how "well, their network doesn't lock down their computers so they deserve it" all you want. This affects EVERYONE, not just the dumb receptionist who wants bonzi buddy on her laptop. If someone distributes a DDOS zombie client in a popular free download (like the next AIM or something), some poor dude who runs a blog on his bedroom DSL who has never even HEARD of these insecured networks is going to be on the receiving end of it.
And don't get me started on how easy it is to reset the local admin password on a locked down company laptop to give bonzi buddy admin rights.
Xarph's first law of root paranoia: There are more idiots with root in the world than there are locked-down users.
Xarph's second law of root paranoia: Everyone has console access to the dumb terminal they're sitting at.
-Lx?
yet people still continue to bash.
There's still plenty to bash.
1) I'm sorry but NO process should give me access denied when I try to end it as root.
2) Licensing.
-Lx?
-Lx?
Amen. There was NO REASON to dismantle .us - the last bastion of The Good Old Internet Community and make it into another corporate annex. It's like demolishing the old vacant lot that was at the 280/101 interchange in San Francisco to put up a mall. There is no reason to have a mall - it's the same shit in that mall that's in every other mall. At the vacant lot there were swap meets every week where hundreds of one of a kind items traded hands.
To HELL with verisign, neustar, and most egregious, ICANN.
-Lx?
You don't code much Java, do you?
-Lx?
Dontcha love how Apple just trickles this stuff out but when you put it all together, it's just unbelievable?
THIS is what the mac platform is all about. "Apple makes the whole widget," indeed. What Apple has done with Mac OS X and its other apps is build a software environment that is streamlined and effective because it is running on a guaranteed hardware configuration that is known to the developers. It's almost like coding for an appliance... you KNOW exactly what hardware this system will run on, you KNOW what that hardware is capable of, and you know exactly how to interface to it for maximum potential. This leads to a system that's reliable and almost immune to hardware problems or wildly divergent performance.
Apple does not need to maintain different kernels because some motherboards run interrupts in different ways. Apple does not need to have nearly 20 years of backwards hardware compatibility. Apple does not need to stake their reputation on bargain basement Taiwanese programmers writing drivers for the hardware their code will run on. Most importantly, Apple does not need to build an illegal monopoly to build an computing environment that works.
Try being productive under Windows running in Safe Mode. Now try using Mac OS with extensions disabled. Tell me Windows, at its bare core, is better than Mac OS. I dare you.
-Lx?
UPDATE: This seems to be a concerted effort to remove xenu.net from ALL search engines. The site is no longer in the Yahoo! Directory or archive.org. "Per request of the site owner" my ass.
-Lx?
does "company time" include paid sick and vacation days?
if I wake up with an illness that requires medication that prevents me from going to work (i.e. "do not drive" or "may cause you to spend 8/9 hours on the toilet"), can projects of my own that I work on while I am indisposed in a professional capacity be claimed?
-Lx?
Short answer: Nintendo fears american warez kiddies.
Long answer: Most of the copy protection surrounding the Gamecube revolves around its 3 inch DVDs. The reason Nintendo picked an odd (but still standard) is the complete lack of blanks at that size. This will, for a little while at least, keep the Gamecube from having games copied, as DVD-R blanks won't fit in the machine.
Now we have the Q, which is a Gamecube modified to play DVD movies. DVD movies come on 5 inch discs. There are blank DVDs that are 5 inches. What will inevitably happen if the Q is released here is that warez kiddies will copy 3 inch Gamecube discs onto 5 inch DVD blanks, and run them on a modchipped Q. The whole bet Nintendo is hedging is that 3 inch blank DVDs will not be available for a while, and when they are, they will be prohibitively expensive to keep piracy at a minimum for a few more years, which is the expected lifespan of the GC.
-Lx?
Have the goverment set up standards and rateing for security in software (IE what DOD has done.)
Decent suggestion.
Require ALL O/S's, EMail, Firewall, and etc. Meet or exceed the rateing and put on their software package what Security rateing does the software have.
BAD. Bad, bad, bad, bad, BAD. This is what the proposed SSSCA was supposed to do - regulate software design. Regulating software design is a TERRIBLE idea, as it leads to the issues we are just now starting to see - software that's legal in one country is illegal in another. Another issue is the very idea of a logo/rating program - it would favor the commercial sector to an unhealthy degree. With the fact that all OSS has release schedules of NIGHTLY, keeping the software in check with the legislation would be nigh impossible and significantly impinge the ability of open developers to work on a project if they need government approval to release a new stepgap build.
Read. My. ASCII. NO. SOFTWARE. REGULATION.
-Lx?
Specifically, if you could ask Congress for help in the area of network and information security, what would you ask for?
BAN MICROSOFT.
-Lx?
This is how Telocity (now DirectTV DSL) worked. You got 1 IP for the price of service, then you can pay $X (forgot how much) to turn on the NAT feature in the proprietary modem they sent out. The NAT sucked too, if I recall.
-Lx?
This is great news. On friday, we can expect a drop in VBS worms, spam, and IIS attacks. Hooray!
-Lx?
If they expect users to actually use this thing, then they have two choices:
1) make it mandatory
force all users to upgrade to a CAT modem, advertising "use more than one computer at a time!" If this happens, it better be a protocol that contains blacklists and spyware to keep NAT off ALL the machines behind it. I forsee Hell freezing over before a protocol gains acceptance that can detect one daemon running on a completely separate network segment over a possibly heterogeneous LAN, especially if that daemon is running on a completely foreign operating system. And I'll be damned if someone doesn't make an invisible hardware device that does NAT -> CAT.
2) make it more appealing
make the protocol a mini IPv6. Build some sort of proprietary addon to IPv4 into the protocol that allows a socket to directly address a machine on a translated subnet. This would break IPv4, so it probably won't happen. But then again, this is an industry that probably wouldn't care less about breaking IPv4 if it makes money.
-Lx?
The shows have devices ranging from the functional but pathetic (Bowser's rugby ball crossbow...
My uncle and I theorize that Bowser is a plant. He's been on the show and lost both times, the second time in an incredibly embarrassing manner (rugby launcher). I suspect the producers seeded him in the competition so there can always be someone losing horribly.
-Lx?
if you found out that Jeopardy were rigged, what would you think?
Go watch 'quiz show' with ralph feinnes for the answer to this.
-Lx?
The contract/TOS/AUP is contained in the modem ROM and is shown before any account setup can commence. The modem physically does not allow any traffic until that TOS is agreed to and the setup procedure begins.
-Lx?
Telocity's TOS that is burned into the modem and must be read to activate IP service:
That's because the circumstances of the law defend the company. Ever hear of an AUP or TOS? Neither is my cable box, but the company that is renting it to me says it is. They are the only ones who matter. 14. Equipment. Telocity will provide you a "gateway" or certain hardware and software that will allow you to access the Service and any additional services that you may order in the future (all equipment provided by Telocity will be referred to as the "Equipment"). You agree that this does not give you any ownership interest in or title to the Equipment or its accompanying software. You also agree that Telocity may upgrade the equipment and/or software from time to time by providing the upgrade to you. In that event, Telocity will provide you a means of returning the replaced Equipment. You agree to facilitate the upgrades and return the equipment. At the end of the term of your Service, you agree to return the Equipment in the manner described by Telocity. In either case, if you fail to return the Equipment to Telocity as instructed, within thirty (30) days, then a $499 "Equipment Fee" will apply and will be charged to you in the manner described in Section 3. You agree to return the modem the instant the termination takes effect. There is no time limit. I'm surprised they don't turn things over to a collections agency after 1 month.. This will result in Hughes Electronics' lawyers laughing at you and either turning you over to a collections agency or drag you into court or arbitration. -Lx?I never SIGNED a contract (has anyone ever had to sign a DSL contract?) And what obligation do I have to a company that I had a year contract with which they in turn canceled. If I had ever seen a contract perhaps I would read it and see what it said about their ability to cancel service at will. I am not terribly inclined to adhere to a contract that was canceled.
When the service was installed, it would not function until the telocity box they sent you phoned home. The box would not do so until you had seen and acknowledged this, which contains all the AUP and termination fees and shit.
-Lx?