Reverse engineering the protocol certainly isn't impossible, and whether anyone is going to attempt it is hard to predict. You only have to capture the imagination of one cracker for them to have a go. So, clearly, you should NEVER assume that, "Well, no-one will care... it's only a satellite".
And, let's face it, this is the sort of thing that some geeks would consider the ultimate war-drive.;-)
However, opening up the source completely here could be problematic in one way: You may not get a second chance. Someone may find a major flaw, exploit it, and... ooops - your satellite has landed in the North Atlantic. It's a bit late to fix it though!
This is one reason why you don't let hackers work on air-traffic control systems.;-) (troll)
Well, Slashdot's editorial control has only (in my view) been declining recently. (in terms of most posted stories being seen elsewhere some time before).
So, to be honest, it's probably only a matter of time....
Plus they used the infinitely more amusing and subtle headline, sex.com changes hands on a previous occasion:-)
Of course, the money-related story is reported here.
There seems to be a definite trend now where The Register gets all the cool stories waaaay before Slashdot, and writes them far more amusingly and insightfully than the editors here.
Fair enough, claim that only "idiots" run unknown software on their box, and that because you are so 133t, you compile all software you use.
Which proves what? That you've compiled some software, and *then* run it.
Did you study the source code at length? Check it personally that it didn't have any back doors whatsoever? Hmmmm? Sure it wasn't a trojaned source you downloaded (The server could have been hacked right?)
Just because you compiled from source, doesn't mean your newly-created binaries are therefore perfect and couldn't *possibly* contain a trojan of some sort.
Whilst I understand that the box getting cracked wouldn't effect *you* too much (due to the protection of your firewall), this is *exactly* the sort of attitude that allows these huge DoS attacks (a la Undernet) to happen!
Cracker gets in, installs script kiddie flood
software of their choice, and then finds another poorly secured box that nobody cares about.....
So, the latest "web site calendar" story was deemed to not be news any more.
You then moan that a similar story had been published before.
Yes. In July. LAST YEAR.
A year ago, such things may have been news. They certainly aren't now.
If the "rival" story had been published in the same month, in replacement to yours, then you'd have a point. You don't have one *at all* in this situation.
*Please* don't try and claim that Linux can do "everything that W2K can do and better".
Because it can't.
Linux has its many strengths, but so does Windows 2000. Please come to terms with this fact.
For example, Windows 2000's security model is *far* more advanced than the one employed within Linux (and the other Unices).
Of course, Linux has its many advantages too, but to advocate Linux as being better in every way is just *stupid*. It will fail at the first hurdle.... "So where's the GUI for me to automate the RAID partioning on my server?".
If so, I'll switch. I wish the coders would concentrate on the speed/stability issues before adding eye candy such as switchable skins.
And people accuse Microsoft products of being bloatware....
Hands up who actually inspects it all
on
Mattel Spyware
·
· Score: 2
I use quite a few Open Source products. Linux is the obvious one.
However, to trust these just because they are Open Source is stupid. I'm not about to *personally* inspect all of the code.... does anyone *seriously* read every line of the Linux kernel to make sure it isn't doing something evil? Well, sure, Alan Cox probably does, but hey.
So it all boils down to trust in the end. Do you trust whoever it is that says Linux is secure?
Be it a large corporation, or lots of kernel hackers... you have to try *somebody*. Either that, or spend more time inspecting code than actually using it.
You seem surprised that ISPs provide you with a better service if you pay more money. This has always been the case.
Typically, it's the "Pay more for more bandwidth" scenario, which will make your site appear "faster" to the end users. Try and go over your allocation, and you get throttled. Nice.
It was only a matter of time before this was extended to routing.
One of the great things we love about the internet is that it is unmoderated. Unpatrolled. Unenforced.
As a consequence, you should **EXPECT** companies like this to spring up, in order to track people down. I mean, come on, there are various "people finders" on the Internet already, and I don't see people complaining about those. This new software just speeds up the process.
The fact is, it is still easy to be anonymous on the internet and avoid this software (as it doesn't appear to do any IP tracking as such, just look for usernames). Just don't have a web page. Leave no distinguishing marks. Leave your personality at home.:-)
Also, please don't lose sight of the morals behind this. Metallica's music is copyrighted, and the only licensed way you can get it is to buy the CDs or whatever. You can debate about whether all music should be free as much as you like, but RESPECT THEIR DECISION.
I mean, you lot come down like a ton of bricks the millisecond that a company *DARES* to violate the GPL. As has been shown recently, the companies quickly fix their mistake, normally not realising they had done anything wrong.
So, don't go crying about Metallica wanting to protect *their* licensing, when the Open Source crowd get just as uptight about theirs.
Open Source or not, I fail to see why Microsoft won't at least make the entire source code freely distributable now. For research purposes only, if you will (In fact, they do this already for selected people in selected universities).
Microsoft technology is powering about 99% of the world's PCs. They have the public in their grasp. They have enough legal muscle to stop a third party from writing a Windows lookalike and trying to rip them off.
So I'm not quite sure what they would *lose* by a source code release. In terms of public affairs, they would suddenly become this benefactor "doing things no company has done before" (you know what PR spin is like).
The only thing that would worry me would be the security aspect. Security experts would track down those bugs very quickly... nothing wrong with that, as demonstrated with technologies like Linux. The problem being that Microsoft can be a little slow at time at releasing advisories/patches when notified of things like this...
Appreciate that Midway are still out to make money, no matter how old these games are! Not to mention that some of them are absolute classics.:)
So I suspect some sort of financial deal has gone on between shockwave.com and Midway.
As for why Midway don't just release the ROMs for MAME officially.... do you seriously think they want the average user to know about MAME?
I can just see it... In big writing on midway.com: "Download our games, and play them using MAME on your own PC! Oh, and you can get loads of other games illegally off the internet as well! Make us bankrupt please!"
I have had experience of attempting to get Open Source "infiltrated" into large IT solution companies.
My immediate manager was, thankfully, a techie at heart (A manager who actually *understands* what his underlings are doing is a rare find!).
Of course, I still had to *prove* to him that this Linux thing was reliable and was worth investigating. This was quite simple to do: I salvaged an old 486 from the stores (After all, what use does a 486 have?), installed the latest version of Redhat I had, and started developing on it.
As time went by, I ported various scripts and systems from a big, ugly DRS/6000 box which sat in the basement.
Eventually, the lil' ol' 486 was doing loads. My manager agreed, and we got a sexy Pentium-class server to host everything. We never looked back.
Unfortunately, getting it in the company *as a hole* is a lot more difficult. You have to counter all the usual arguments:
"It's free, so it can't be any good". "Where's the support?" "How can we sell it to customers without support? Who can we refer them to?"
The support argument is pretty fair. Most IT solution companies don't *want* to have to support a system once they have sold it. For example, if you sell a Solaris/Sun SPARC solution, the customer can simply call Sun direct when the machine breaks down. Easy.
We never did manage to convince the marketing people about the virtues of Open Source. Too stuck in their ways, afraid of change.... but that's the very nature of large IT companies.
The Windows/MediaPlayer set-up will probably account for about 99% of people interested in downloading the movie.
And this is before the fact that you have to *PAY* for it. How will the Open Source advocates cope with that? Oh well, I'm sure it will get stuck on Gnutella and pirated about, and then everyone will flame Monty Python when they have the sheer *audacity* to complain in any way.
I like a GUI on a server sometimes. Especially when configuring loads of SQL Server stuff. Sure, I could do that via a command-line SQL interface, but *why* ? I don't want the hassle, thanks.
And besides, memory is *cheap*. So what if Linux can boot in less memory? My Commodore 64 could boot with even less, big deal.
I'm surprised that there has been any form of uproar about this so-called "censorship".
The fact is, the university networks are provided as part of the academic support for your studying. The key point is that the network is for academic use only, typically.
Taking advantage of the "free" network to download many megabytes worth of MP3s is simply taking the p*ss. I severely doubt that there is any "academic use" involved in 99.9% of cases.
As such, universities stopping this from happening are doing the Right Thing [TM]. It's not censorship, it's a case of freeing up the bandwidth for legitimate uses.
I for one don't want to suffer when working on my project due to someone sitting next to me downloading the latest Madonna album.
I heard an interesting story whilst in my previous job.
Basically, my company was doing a project based in Russia, but the export restrictions meant the hardware couldn't be shipped at that time. However, it was known that in x years (or whatever), that the level of h/w would be allowed.
In preparation, the manuals and similar material were sent over to the Russians for their analysis.
By the time the hardware was allowed, they were pretty much all experts... powering on the computers, and immediately writing software on them. They had studied the literature thoroughly, even performing simulations with pen and paper.
Well, my guess is that everyone in the Linux kernel CREDITS list got hit for a start. That's pretty much the only place where I can be found on the Open Source scene. Who knows?:)
Slashdot Mirror
Please don't rip off my work uncredited.
I wrote that little passage and it was originally published on segfault.org a couple of years back.
My journalism page which shows this
Shame segfault.org doesn't seem around at the moment.
Reverse engineering the protocol certainly isn't impossible, and whether anyone is going to attempt it is hard to predict. You only have to capture the imagination of one cracker for them to have a go. So, clearly, you should NEVER assume that, "Well, no-one will care... it's only a satellite".
;-)
... ooops - your satellite has landed in the North Atlantic. It's a bit late to fix it though!
;-) (troll)
And, let's face it, this is the sort of thing that some geeks would consider the ultimate war-drive.
However, opening up the source completely here could be problematic in one way: You may not get a second chance. Someone may find a major flaw, exploit it, and
This is one reason why you don't let hackers work on air-traffic control systems.
It doesn't seem to execute under Windows 2000. When the payload attempted to run, it failed and a Dr. Watson error occurred.
_Very_ nasty, until IE 5 is patched!
(Insert obligatory "The Register" had this story ages ago).
But, more interestingly was the picture they received, previous to this event, of a laptop aboard the station going a little, umm, strange:
Here it is
Well, Slashdot's editorial control has only (in my view) been declining recently. (in terms of most posted stories being seen elsewhere some time before).
So, to be honest, it's probably only a matter of time....
The Register had this story yesterday...
:-)
Plus they used the infinitely more amusing and subtle headline, sex.com changes hands on a previous occasion
Of course, the money-related story is reported here.
There seems to be a definite trend now where The Register gets all the cool stories waaaay before Slashdot, and writes them far more amusingly and insightfully than the editors here.
Fair enough, claim that only "idiots" run unknown software on their box, and that because you are so 133t, you compile all software you use.
Which proves what? That you've compiled some software, and *then* run it.
Did you study the source code at length? Check it personally that it didn't have any back doors whatsoever? Hmmmm? Sure it wasn't a trojaned source you downloaded (The server could have been hacked right?)
Just because you compiled from source, doesn't mean your newly-created binaries are therefore perfect and couldn't *possibly* contain a trojan of some sort.
Whilst I understand that the box getting cracked wouldn't effect *you* too much (due to the protection of your firewall), this is *exactly* the sort of attitude that allows these huge DoS attacks (a la Undernet) to happen! Cracker gets in, installs script kiddie flood software of their choice, and then finds another poorly secured box that nobody cares about.....
So, the latest "web site calendar" story was deemed to not be news any more.
You then moan that a similar story had been published before.
Yes. In July. LAST YEAR.
A year ago, such things may have been news. They certainly aren't now.
If the "rival" story had been published in the same month, in replacement to yours, then you'd have a point. You don't have one *at all* in this situation.
*Please* don't try and claim that Linux can do "everything that W2K can do and better".
Because it can't.
Linux has its many strengths, but so does Windows 2000. Please come to terms with this fact.
For example, Windows 2000's security model is *far* more advanced than the one employed within Linux (and the other Unices).
Of course, Linux has its many advantages too, but to advocate Linux as being better in every way is just *stupid*. It will fail at the first hurdle.... "So where's the GUI for me to automate the RAID partioning on my server?".
*Intelligent* advocates are needed.
Under Windows, is Mozilla:
* Faster
* More stable
... than IE 5 ?
If so, I'll switch. I wish the coders would concentrate on the speed/stability issues before adding eye candy such as switchable skins.
And people accuse Microsoft products of being bloatware....
I use quite a few Open Source products. Linux is the obvious one.
However, to trust these just because they are Open Source is stupid. I'm not about to *personally* inspect all of the code.... does anyone *seriously* read every line of the Linux kernel to make sure it isn't doing something evil? Well, sure, Alan Cox probably does, but hey.
So it all boils down to trust in the end. Do you trust whoever it is that says Linux is secure?
Be it a large corporation, or lots of kernel hackers... you have to try *somebody*. Either that, or spend more time inspecting code than actually using it.
This isn't new at all.
You seem surprised that ISPs provide you with a better service if you pay more money. This has always been the case.
Typically, it's the "Pay more for more bandwidth" scenario, which will make your site appear "faster" to the end users. Try and go over your allocation, and you get throttled. Nice.
It was only a matter of time before this was extended to routing.
Internet hosting is a business. Deal with it.
One of the great things we love about the internet is that it is unmoderated. Unpatrolled. Unenforced.
:-)
As a consequence, you should **EXPECT** companies like this to spring up, in order to track people down. I mean, come on, there are various "people finders" on the Internet already, and I don't see people complaining about those. This new software just speeds up the process.
The fact is, it is still easy to be anonymous on the internet and avoid this software (as it doesn't appear to do any IP tracking as such, just look for usernames). Just don't have a web page. Leave no distinguishing marks. Leave your personality at home.
Also, please don't lose sight of the morals behind this. Metallica's music is copyrighted, and the only licensed way you can get it is to buy the CDs or whatever. You can debate about whether all music should be free as much as you like, but RESPECT THEIR DECISION.
I mean, you lot come down like a ton of bricks the millisecond that a company *DARES* to violate the GPL. As has been shown recently, the companies quickly fix their mistake, normally not realising they had done anything wrong.
So, don't go crying about Metallica wanting to protect *their* licensing, when the Open Source crowd get just as uptight about theirs.
Open Source or not, I fail to see why Microsoft won't at least make the entire source code freely distributable now. For research purposes only, if you will (In fact, they do this already for selected people in selected universities).
... nothing wrong with that, as demonstrated with technologies like Linux. The problem being that Microsoft can be a little slow at time at releasing advisories/patches when notified of things like this...
Microsoft technology is powering about 99% of the world's PCs. They have the public in their grasp. They have enough legal muscle to stop a third party from writing a Windows lookalike and trying to rip them off.
So I'm not quite sure what they would *lose* by a source code release. In terms of public affairs, they would suddenly become this benefactor "doing things no company has done before" (you know what PR spin is like).
The only thing that would worry me would be the security aspect. Security experts would track down those bugs very quickly
Appreciate that Midway are still out to make money, no matter how old these games are! Not to mention that some of them are absolute classics. :)
So I suspect some sort of financial deal has gone on between shockwave.com and Midway.
As for why Midway don't just release the ROMs for MAME officially.... do you seriously think they want the average user to know about MAME?
I can just see it... In big writing on midway.com: "Download our games, and play them using MAME on your own PC! Oh, and you can get loads of other games illegally off the internet as well! Make us bankrupt please!"
I have had experience of attempting to get Open Source "infiltrated" into large IT solution companies.
My immediate manager was, thankfully, a techie at heart (A manager who actually *understands* what his underlings are doing is a rare find!).
Of course, I still had to *prove* to him that this Linux thing was reliable and was worth investigating. This was quite simple to do: I salvaged an old 486 from the stores (After all, what use does a 486 have?), installed the latest version of Redhat I had, and started developing on it.
As time went by, I ported various scripts and systems from a big, ugly DRS/6000 box which sat in the basement.
Eventually, the lil' ol' 486 was doing loads. My manager agreed, and we got a sexy Pentium-class server to host everything. We never looked back.
Unfortunately, getting it in the company *as a hole* is a lot more difficult. You have to counter all the usual arguments:
"It's free, so it can't be any good".
"Where's the support?"
"How can we sell it to customers without support? Who can we refer them to?"
The support argument is pretty fair. Most IT solution companies don't *want* to have to support a system once they have sold it. For example, if you sell a Solaris/Sun SPARC solution, the customer can simply call Sun direct when the machine breaks down. Easy.
We never did manage to convince the marketing people about the virtues of Open Source. Too stuck in their ways, afraid of change.... but that's the very nature of large IT companies.
A lot more of a viewing audience?
I don't think so.
The Windows/MediaPlayer set-up will probably account for about 99% of people interested in downloading the movie.
And this is before the fact that you have to *PAY* for it. How will the Open Source advocates cope with that? Oh well, I'm sure it will get stuck on Gnutella and pirated about, and then everyone will flame Monty Python when they have the sheer *audacity* to complain in any way.
No, some people really *ARE* that stupid. That's why they do it.
;-)
You think it makes the life of your typical cashier and account *EASIER* having pricing like that?
I like a GUI on a server sometimes. Especially when configuring loads of SQL Server stuff. Sure, I could do that via a command-line SQL interface, but *why* ? I don't want the hassle, thanks.
And besides, memory is *cheap*. So what if Linux can boot in less memory? My Commodore 64 could boot with even less, big deal.
I'm surprised that there has been any form of uproar about this so-called "censorship".
The fact is, the university networks are provided as part of the academic support for your studying. The key point is that the network is for academic use only, typically.
Taking advantage of the "free" network to download many megabytes worth of MP3s is simply taking the p*ss. I severely doubt that there is any "academic use" involved in 99.9% of cases.
As such, universities stopping this from happening are doing the Right Thing [TM]. It's not censorship, it's a case of freeing up the bandwidth for legitimate uses.
I for one don't want to suffer when working on my project due to someone sitting next to me downloading the latest Madonna album.
I heard an interesting story whilst in my previous job.
;-)
Basically, my company was doing a project based in Russia, but the export restrictions meant the hardware couldn't be shipped at that time. However, it was known that in x years (or whatever), that the level of h/w would be allowed.
In preparation, the manuals and similar material were sent over to the Russians for their analysis.
By the time the hardware was allowed, they were pretty much all experts... powering on the computers, and immediately writing software on them. They had studied the literature thoroughly, even performing simulations with pen and paper.
Nifty.
In the UK, I think the nearest equivalent would be our infamous Eddie "The Eagle" Edwards.
;-)
He was a ski-jumper. Albeit a very bad one, who had a habit of coming last in anything he performed in.
Hence he had the "famous but in a derisory way" jokes made towards him.
Click here. :-)
Well, my guess is that everyone in the Linux kernel CREDITS list got hit for a start. That's pretty much the only place where I can be found on the Open Source scene. Who knows? :)
Unfortunately, I'm based in England. Waaah.