If you look at subroutine checkForOpenProxy in Slashcode, you'll notice that it contains a hand-written port scanner/proxy checker built in Perl. Slashdot uses this to aggressively port scan and service map any IP address that tries to post anonymously, and saves the result in the DB. While this does have the unfortunate side affect of setting off IDS sensors across the globe and disrupting poorly hardened services on ports in Slash's scan list, it has the benefit of keeping us safe from those who would use a proxy to maintain anonymity, such as Chinese dissidents and corporate whisteblowers.
As the author of the journal you're discussing, I feel obligated to reply. That's quite a rebuttal, but you skipped over the question at hand:
Did you hack, or were you involved in breaking into, sdem's box? (y/n) Did you post these comments bragging about it? (y/n) Did you post this web page to your site, insecure.org? (y/n)
You've written a whole lot there, I think what everyone would actually like to see is a simple yes or no answer. I'm sorry if you feel I've slandered you, and I promise if you honestly answer the three questions above, I will retract any allegations that are in error.
This charade has gone on long enough. No one's going into the void to pick up "golf balls" from "the moon", unless of course they're authorized by the government to do so.
It amazes me that so many allegedly "educated" people have fallen so quickly and so hard for a fraudulent fabrication of such laughable proportions. The very idea that a gigantic ball of rock happens to orbit our planet, showing itself in neat, four-week cycles -- with the same side facing us all the time -- is ludicrous. Furthermore, it is an insult to common sense and a damnable affront to intellectual honesty and integrity. That people actually believe it is evidence that the liberals have wrested the last vestiges of control of our public school system from decent, God-fearing Americans (as if any further evidence was needed! Daddy's Roommate? God Almighty!)
Documentaries such as Enemy of the State have accurately portrayed the elaborate, byzantine network of surveillance satellites that the liberals have sent into space to spy on law-abiding Americans. Equipped with technology developed by Handgun Control, Inc., these satellites have the ability to detect firearms from hundreds of kilometers up. That's right, neighbors.. the next time you're out in the backyard exercising your Second Amendment rights, the liberals will see it! These satellites are sensitive enough to tell the difference between a Colt.45 and a.38 Special! And when they detect you with a firearm, their computers cross-reference the address to figure out your name, and then an enormous database housed at Berkeley is updated with information about you.
Of course, this all works fine during the day, but what about at night? Even the liberals can't control the rotation of the Earth to prevent nightfall from setting in (only Joshua was able to ask for that particular favor!) That's where the "moon" comes in. Powered by nuclear reactors, the "moon" is nothing more than an enormous balloon, emitting trillions of candlepower of gun-revealing light. Piloted by key members of the liberal community, the "moon" is strategically moved across the country, pointing out those who dare to make use of their God-given rights at night!
Yes, I know this probably sounds paranoid and preposterous, but consider this. Despite what the revisionist historians tell you, there is no mention of the "moon" anywhere in literature or historical documents -- anywhere -- before 1950. That is when it was initially launched. When President Josef Kennedy, at the State of the Union address, proclaimed "We choose to go to the moon", he may as well have said "We choose to go to the weather balloon." The subsequent faking of a "moon" landing on national TV was the first step in a long history of the erosion of our constitutional rights by leftists in this country. No longer can we hide from our government when the sun goes down.
Having worked in the government, I feel it's necessary to point out that one benefit is that it's almost impossible to change your state. This means it's hard to get ahead, hard to get equipment, hard to get transferred, hard to be promoted, and hard to get fired.
Hang on to that last point. If you're incompetent, and particularly if you're incompetent and a member of a protected group, you can basically appeal any decision made against you till the end of time.
So, if you're looking for job stability like no other, go for a government job. But don't expect hard work and intelligence to advance you as quickly as the private sector would allow... but remember that the converse is true.
Also keep in mind that extended service gets you a pension and the health plans are usually first rate (PPO's).
"If people had understood how patents would be granted when most of today's ideas were invented and had taken out patents, the industry would be at a complete standstill today." -- Bill Gates, Microsoft, 1991
I wish that they'd asked the guy who wrote the movie about fighting evil corporate intrusion countermeasures how he feels about his movie being distributed with evil corporate intrusion countermeasures.
3) The format is free from any patents for reading, writing, or transmitting instances of the format. The format ceases to be open when any of the above patents are granted.
"Bruce Perens disagrees with both sides in this debate. By striking a middle ground between the two, he's come up with a far more elegant solution. Unlike the most radical elements in the open-source movement, Perens maintains that a complete ban on state purchases of proprietary closed-source software isn't necessary."
But Michael Sims of Slashdot disagrees, and actually accuses Tim O'Reilly of being an industry whore for his "middle ground" position:
"O'Reilly seems to be promoting the agenda of Microsoft's Software Choice campaign."
Michael, Bruce, you both read Slashdot and have posting privelges. Here's your SteelCage : have at it. Is Bruce an industry whore or a visionary? Inquiring minds want to know...
Fantastic article, this piece really caught my eye:
In February, Powell, who enjoys a three-to-one majority on the FCC, announced a "proposed rulemaking" on "telephone-based broadband." According to the FCC's decision, telephone-based broadband services are "information services, with a telecommunications component, rather than telecommunications services." The distinction sounds semantic, but it has profound legal implications. According to the Telecommunications Act of 1996, telecommunications services have to grant open access to their facilities, but information services do not. By defining telephone broadband as an information service--a designation originally intended for content providers like LexisNexis--the FCC removed it from regulation, allowing the Baby Bells to ban other ISPs from transmitting over their lines.
What he's saying here is that the FCC can't regulate DSL because DSL is a service which provides content like AOL, MSN, Compuserve, etc. So if you have a DSL line, and you're reading Slashdot, the chairmain of the FCC believes that your DSL provider brought you this story.
Mike Powell is a damned industry whore, and a disgrace to his father.
First they came for the Indians...
on
Shop Till It Drops
·
· Score: 2, Insightful
Removing human interaction is the trend, and it's going to keep happening. Two national chains that I know of off the top of my head : Sheetz & Wawa have both removed human interaction from the ordering process for food - you interact with a touch screen, and the order is printed for the human to process. For now - phase 1 - the human is still visible, and exists. Look at grocery checkout lines - I'm sure you've all seen the image recognition lines that photograph and weigh your items and let you check them out yourselves.
I'm pretty sure we're going to tell our kids about the days you had to talk to people to buy things at the store.
I was in Sheetz once, and a man walked in and tried to order a sandwich. He was pressing buttons for quite some time and growing visibly more distressed, until after a while he looked over the counter and said "Can't I just talk to somebody?". It became apparent to me after some reflection that the gentleman was illiterate.
All I know is, if that thing fails to drop my diapers, tipping it is going to be a bitch.
Ddn't someone try this in Germany or England and discard the idea because all the transmissions could be received with some sort of antenna near the power lines?
Oh, ya, that was the Stazi. Everyone else pretty much decided to use encryption or just get over themselves.
The contractor bringing this to homes in North America is Current Technologies. They have a demo home set up with Pepco and will be doing customer trials this year.
\Theft\, n. [OE. thefte, AS. [thorn]i['e]f[eth]e, [thorn][=y]f[eth]e, [thorn]e['o]f[eth]e. See Thief.] 1. (Law) The act of stealing; specifically, the felonious taking and removing of personal property, with an intent to deprive the rightful owner of the same; larceny.
Note: To constitute theft there must be a taking without the owner's consent, and it must be unlawful or felonious; every part of the property stolen must be removed, however slightly, from its former position ; and it must be, at least momentarily, in the complete possession of the thief. See Larceny, and the Note under Robbery.
Emphasis mine. That should be easy; no file sharing programs remove files from RIAA hard drives. Problem solved!
Ya as I recall it renders renders MSN super duper fast. I thought the browser war wasn't about speed but about using standards churn to lock out anything but the 'A Normal Browser'. Oh well, good for Opera.
If/when this becomes law, will so-called "noise generators" become legal? Overflowing an IDS by generating a bunch of false positives (ala Stick/Snot) is a technique used by folks attacking corporate networks... what happens if I buy cable modem access in the UK and choose to spend my bandwidth sending a continuous stream of garbage packets to random IPs from random IPs? It wouldn't be hard for a single user to consume entire gigabytes of storage per month in such a "traffic retention" system.
Makes you wonder if they'll outlaw generating bogus traffic as a defense mechanism.
and then afterwards attempt to illegally access the network
That statement implies a stateful and intelligent "IDS". I was inquiring as to the nature of the IDS. Perhaps I should have been more specific. I apologize.
How do they intend to identify the specified IP ranges?
What if the RIAA anonymously pays consultants? There are plenty of people out there writing exploits who would love a regular paycheck, especially a fat one.
What if whoever the RIAA hires fakes their source IP?
I predict that this issue is more complicated that simply blocking the RIAA's netblock.
Ok, first of all, if you haven't watched Lawrence Lessig's OSCON speech Free Culture, now is probably a good time.
Having said that, Lawrence mentions a legal battle that took place in England in the 1700's in an attempt to get Shakespeare into the public domain. Originally, English publishers managed to win a court case which said that they owned a perpetual copyright over Shakespeare.
Five years later they lost, and Shakespeare entered the public domain.
Rosen, Valenti et al are students of history. They know that the door swings both ways. I believe their thinking is that they should grab as much land as they are allowed to grab, so that when the door swings back, maybe it will be left leaning a bit to their side.
Personally I hope it swings back and flattens their faces, but we shall see.
Bruce, it certainly wasn't my intention to deceive anyone.
Encrypted filesystem: GPL driver for Linux Honest ignorance; I didn't know this existed. I'd like to make sure it's "on par" with PGP's implementation before considering it a workalike. The most important feature being seamless integration into the Windows O/S and filesystem. If the aforementioned software isn't available for Windows, then it's not a "full replacement". Additionally, PGP offers a choice of conventional encryption algorithms up to some rather large keysizes, and the ability to do useful paranoia-related things like never keep your passphrase in the same part of RAM for more than a few seconds, preventing a powered-down "ghosting" attack. Again, I can't speak to the implementation you speak of, but I'd like a link so I can read over it.
Firewall: Linux Router Project and others. I'm sure there's probably a good Windows implementation of ipchains with a really nice, easy to use GUI like PGP, I just personally haven't found it. I won't contest this one with you.
IDS: Snort and its ilk. Again, no contest of the quality of Snort, and no contest on the Windows implementation. Haven't seen it, but I'm sure it exists.
IPSEC tunneling VPN: I think this is in Free S/WAN. Ok, here I have a bone to pick. Having spent a high quality portion of my irreplaceable youth trying to port this to Windows NT, I must respectfully disagree. PGP provides an IPSec powered LAN (with IKE!) that works under Windows with a GUI configuration tool in no seconds flat. I'm sorry, but you can't call Free S/WAN anything close to a "full replacement".
So again, I respectfully disagree, but wish you luck in fighting the DMCA.
Is there a "unofficial-compatibility-list" somewhere that lists what works in XP and what doesn't? If the IPSec VPN works as well, I might just be in business...
Slashdot Mirror
If you look at subroutine checkForOpenProxy in Slashcode, you'll notice that it contains a hand-written port scanner/proxy checker built in Perl. Slashdot uses this to aggressively port scan and service map any IP address that tries to post anonymously, and saves the result in the DB. While this does have the unfortunate side affect of setting off IDS sensors across the globe and disrupting poorly hardened services on ports in Slash's scan list, it has the benefit of keeping us safe from those who would use a proxy to maintain anonymity, such as Chinese dissidents and corporate whisteblowers.
As the author of the journal you're discussing, I feel obligated to reply. That's quite a rebuttal, but you skipped over the question at hand:
Did you hack, or were you involved in breaking into, sdem's box? (y/n)
Did you post these comments bragging about it? (y/n)
Did you post this web page to your site, insecure.org? (y/n)
You've written a whole lot there, I think what everyone would actually like to see is a simple yes or no answer. I'm sorry if you feel I've slandered you, and I promise if you honestly answer the three questions above, I will retract any allegations that are in error.
This charade has gone on long enough. No one's going into the void to pick up "golf balls" from "the moon", unless of course they're authorized by the government to do so.
.. the next time you're out in the backyard exercising your Second Amendment rights, the liberals will see it! These satellites are sensitive enough to tell the difference between a Colt .45 and a .38 Special! And when they detect you with a firearm, their computers cross-reference the address to figure out your name, and then an enormous database housed at Berkeley is updated with information about you.
It amazes me that so many allegedly "educated" people have fallen so quickly and so hard for a fraudulent fabrication of such laughable proportions. The very idea that a gigantic ball of rock happens to orbit our planet, showing itself in neat, four-week cycles -- with the same side facing us all the time -- is ludicrous. Furthermore, it is an insult to common sense and a damnable affront to intellectual honesty and integrity. That people actually believe it is evidence that the liberals have wrested the last vestiges of control of our public school system from decent, God-fearing Americans (as if any further evidence was needed! Daddy's Roommate? God Almighty!)
Documentaries such as Enemy of the State have accurately portrayed the elaborate, byzantine network of surveillance satellites that the liberals have sent into space to spy on law-abiding Americans. Equipped with technology developed by Handgun Control, Inc., these satellites have the ability to detect firearms from hundreds of kilometers up. That's right, neighbors
Of course, this all works fine during the day, but what about at night? Even the liberals can't control the rotation of the Earth to prevent nightfall from setting in (only Joshua was able to ask for that particular favor!) That's where the "moon" comes in. Powered by nuclear reactors, the "moon" is nothing more than an enormous balloon, emitting trillions of candlepower of gun-revealing light. Piloted by key members of the liberal community, the "moon" is strategically moved across the country, pointing out those who dare to make use of their God-given rights at night!
Yes, I know this probably sounds paranoid and preposterous, but consider this. Despite what the revisionist historians tell you, there is no mention of the "moon" anywhere in literature or historical documents -- anywhere -- before 1950. That is when it was initially launched. When President Josef Kennedy, at the State of the Union address, proclaimed "We choose to go to the moon", he may as well have said "We choose to go to the weather balloon." The subsequent faking of a "moon" landing on national TV was the first step in a long history of the erosion of our constitutional rights by leftists in this country. No longer can we hide from our government when the sun goes down.
Having worked in the government, I feel it's necessary to point out that one benefit is that it's almost impossible to change your state. This means it's hard to get ahead, hard to get equipment, hard to get transferred, hard to be promoted, and hard to get fired.
Hang on to that last point. If you're incompetent, and particularly if you're incompetent and a member of a protected group, you can basically appeal any decision made against you till the end of time.
So, if you're looking for job stability like no other, go for a government job. But don't expect hard work and intelligence to advance you as quickly as the private sector would allow... but remember that the converse is true.
Also keep in mind that extended service gets you a pension and the health plans are usually first rate (PPO's).
KWTCMA
"If people had understood how patents would be granted when most of today's ideas were invented and had taken out patents, the industry would be at a complete standstill today." -- Bill Gates, Microsoft, 1991
KWTCMA
I wish that they'd asked the guy who wrote the movie about fighting evil corporate intrusion countermeasures how he feels about his movie being distributed with evil corporate intrusion countermeasures.
You must be aware that trying to lead this community is like herding cats.
Yes... like herding cats... cats that like HUGE PILES OF CASH MONEY.
KWTCMA
I propose a third criteria:
3) The format is free from any patents for reading, writing, or transmitting instances of the format. The format ceases to be open when any of the above patents are granted.
KWTCMA
Who on earth in their right mind wants to force for example government agancies to use a particular kind of software?
Their CUSTOMERS. i.e. YOU.
"Bruce Perens disagrees with both sides in this debate. By striking a middle ground between the two, he's come up with a far more elegant solution. Unlike the most radical elements in the open-source movement, Perens maintains that a complete ban on state purchases of proprietary closed-source software isn't necessary."
But Michael Sims of Slashdot disagrees, and actually accuses Tim O'Reilly of being an industry whore for his "middle ground" position:
"O'Reilly seems to be promoting the agenda of Microsoft's Software Choice campaign."
Michael, Bruce, you both read Slashdot and have posting privelges. Here's your SteelCage : have at it. Is Bruce an industry whore or a visionary? Inquiring minds want to know...
Fantastic article, this piece really caught my eye:
In February, Powell, who enjoys a three-to-one majority on the FCC, announced a "proposed rulemaking" on "telephone-based broadband." According to the FCC's decision, telephone-based broadband services are "information services, with a telecommunications component, rather than telecommunications services." The distinction sounds semantic, but it has profound legal implications. According to the Telecommunications Act of 1996, telecommunications services have to grant open access to their facilities, but information services do not. By defining telephone broadband as an information service--a designation originally intended for content providers like LexisNexis--the FCC removed it from regulation, allowing the Baby Bells to ban other ISPs from transmitting over their lines.
What he's saying here is that the FCC can't regulate DSL because DSL is a service which provides content like AOL, MSN, Compuserve, etc. So if you have a DSL line, and you're reading Slashdot, the chairmain of the FCC believes that your DSL provider brought you this story.
Mike Powell is a damned industry whore, and a disgrace to his father.
Here's a box running IIS that appears to be having some security issues.
Removing human interaction is the trend, and it's going to keep happening. Two national chains that I know of off the top of my head : Sheetz & Wawa have both removed human interaction from the ordering process for food - you interact with a touch screen, and the order is printed for the human to process. For now - phase 1 - the human is still visible, and exists.
Look at grocery checkout lines - I'm sure you've all seen the image recognition lines that photograph and weigh your items and let you check them out yourselves.
I'm pretty sure we're going to tell our kids about the days you had to talk to people to buy things at the store.
I was in Sheetz once, and a man walked in and tried to order a sandwich. He was pressing buttons for quite some time and growing visibly more distressed, until after a while he looked over the counter and said "Can't I just talk to somebody?".
It became apparent to me after some reflection that the gentleman was illiterate.
All I know is, if that thing fails to drop my diapers, tipping it is going to be a bitch.
Ddn't someone try this in Germany or England and discard the idea because all the transmissions could be received with some sort of antenna near the power lines?
Oh, ya, that was the Stazi. Everyone else pretty much decided to use encryption or just get over themselves.
The contractor bringing this to homes in North America is Current Technologies. They have a demo home set up with Pepco and will be doing customer trials this year.
Competition == Good.
It's not just Id games. Check out The saga of CmdrTaco's quest to play Neverwinter Nights - he built the machine basically as a NWN kiosk, and had a lot of trouble doing it.
May I date your daughter?
Thank you,
-s.
No Electronic Theft Act. Ok.
Here's the definition of theft:
\Theft\, n. [OE. thefte, AS. [thorn]i['e]f[eth]e, [thorn][=y]f[eth]e, [thorn]e['o]f[eth]e. See Thief.] 1. (Law) The act of stealing; specifically, the felonious taking and removing of personal property, with an intent to deprive the rightful owner of the same; larceny.
Note: To constitute theft there must be a taking without the owner's consent, and it must be unlawful or felonious; every part of the property stolen must be removed, however slightly, from its former position ; and it must be, at least momentarily, in the complete possession of the thief. See Larceny, and the Note under Robbery.
Emphasis mine. That should be easy; no file sharing programs remove files from RIAA hard drives. Problem solved!
Ya as I recall it renders renders MSN super duper fast.
I thought the browser war wasn't about speed but about using standards churn to lock out anything but the 'A Normal Browser'. Oh well, good for Opera.
KWTCMA
If/when this becomes law, will so-called "noise generators" become legal? Overflowing an IDS by generating a bunch of false positives (ala Stick/Snot) is a technique used by folks attacking corporate networks... what happens if I buy cable modem access in the UK and choose to spend my bandwidth sending a continuous stream of garbage packets to random IPs from random IPs? It wouldn't be hard for a single user to consume entire gigabytes of storage per month in such a "traffic retention" system.
Makes you wonder if they'll outlaw generating bogus traffic as a defense mechanism.
KWTCMA
and then afterwards attempt to illegally access the network
That statement implies a stateful and intelligent "IDS". I was inquiring as to the nature of the IDS. Perhaps I should have been more specific. I apologize.
KWTCMA
I predict that this issue is more complicated that simply blocking the RIAA's netblock.
KWTCMA
Ok, first of all, if you haven't watched Lawrence Lessig's OSCON speech Free Culture, now is probably a good time.
Having said that, Lawrence mentions a legal battle that took place in England in the 1700's in an attempt to get Shakespeare into the public domain. Originally, English publishers managed to win a court case which said that they owned a perpetual copyright over Shakespeare.
Five years later they lost, and Shakespeare entered the public domain.
Rosen, Valenti et al are students of history. They know that the door swings both ways. I believe their thinking is that they should grab as much land as they are allowed to grab, so that when the door swings back, maybe it will be left leaning a bit to their side.
Personally I hope it swings back and flattens their faces, but we shall see.
KWTCMA
Isn't that a bit deceptive?
Bruce, it certainly wasn't my intention to deceive anyone.
Encrypted filesystem: GPL driver for Linux
Honest ignorance; I didn't know this existed. I'd like to make sure it's "on par" with PGP's implementation before considering it a workalike. The most important feature being seamless integration into the Windows O/S and filesystem. If the aforementioned software isn't available for Windows, then it's not a "full replacement". Additionally, PGP offers a choice of conventional encryption algorithms up to some rather large keysizes, and the ability to do useful paranoia-related things like never keep your passphrase in the same part of RAM for more than a few seconds, preventing a powered-down "ghosting" attack. Again, I can't speak to the implementation you speak of, but I'd like a link so I can read over it.
Firewall: Linux Router Project and others.
I'm sure there's probably a good Windows implementation of ipchains with a really nice, easy to use GUI like PGP, I just personally haven't found it. I won't contest this one with you.
IDS: Snort and its ilk.
Again, no contest of the quality of Snort, and no contest on the Windows implementation. Haven't seen it, but I'm sure it exists.
IPSEC tunneling VPN: I think this is in Free S/WAN.
Ok, here I have a bone to pick. Having spent a high quality portion of my irreplaceable youth trying to port this to Windows NT, I must respectfully disagree. PGP provides an IPSec powered LAN (with IKE!) that works under Windows with a GUI configuration tool in no seconds flat. I'm sorry, but you can't call Free S/WAN anything close to a "full replacement".
So again, I respectfully disagree, but wish you luck in fighting the DMCA.
KWTCMA
I did not know that.
Is there a "unofficial-compatibility-list" somewhere that lists what works in XP and what doesn't? If the IPSec VPN works as well, I might just be in business...
KWTCMA