When the player is exploited, a few things happen. First, all p2p-serving software on the machine is infected, which will allow it to infect other hosts on the p2p network. Next, all media on the machine is cataloged, and the full list is sent back to the RIAA headquarters (through specially crafted requests over the p2p networks), where it is added to their records and stored until a later time, when it can be used as evidence in criminal proceedings against those criminals who think it's OK to break the law.
all p2p-serving software on the machine is infected,
Well it should be easy enough to to figure out what they are doing if you can manage to get your machine infected. It still needs to communicate and communication requires packets, packets can be sniffed I don't care how they are specially crafted. Also it would be rather simple to 'catch' the infection by using something like Tripwire (or just a simple MD5 fingerprint of your original executable)
Step 1) get an MD5 fingerprint of a nice fresh copy of mpg123 as well as all your media
Step 2) Do lots of p2p filesharing.
Step 3) Try really really hard to get infected.
Step 4) Compare orignal MD5 fingerprint with current.
Step 5) When you see your file has changed...diff it with the original...binary...reverse engineered...whatever.
Step 6) Let us know EXACTLY what you did when your mpg123 player got infected so we can all do it too.
Step 7) dag..i just remembered. When I am logged into my box for day to day activites I use an account that does not have root privileges....so..the exploit might infect a running copy of mpg123 but the original will be safe and sound.
Oh...and if somebody actually takes the time to do that and succeeds...I will write a snort rule that catches the thing as well...but...it doesn't exist so I am not going to waste my time.
Then I will write a nice little utilitity to DDOS the servers collecting all the information. We will just all run it all the time and send it a constant stream of bogus information.
I can't imagine American audiences sitting through a five hour version just to see scenes such as those involving Tom Bombadil and the Barrow Wights...
Not this American. I thought the hobbits incounter with the Barrow-wights a far more important scene to have in there than the completely changed incounter with Farmer Maggot (they should have just left it out), or showing the ring being cut off of Saurons hand 3 times(once was enough, though that whole first scene of the ring being cut from his hand was amazing), or the kiss scene with Aragorn and Arwen (what a waste of screen time).
I couldn't wait to see what they did with Tom Bombadil...was I surprised...but I can live with the fact they left it out.
I could easily have sat through another hour or two. Even with the 12:01am show time;-)
How can I use Linux when the core libraries don't seem to be forwards or backwards compatible across different distributions?
All this philosphical debate is nice but could someone answer the question that was asked?
I believe they want to know how to install multiple glibc libraries and get them all to operate with whatever software needs them. In Redhat and Slackware I know there are packages(rpm and tar.gz) for each of the libraries so I assume that should be easy enough, just grab the package for the glibc version and install. But what about other distributions, and how about some detail? I'd be interested to know myself.
And how the heck are these comments getting scored as Insightful and Informative when they don't answer the question or even try!
Actually I believe those are the rules that allow you to work for a company under a 1099. However you could be W2'd through a contracting agency and working on site at another company.
Let's hope they this competition is over before Cybercrime Treaty goes into affect. Otherwise the winner may not only get $250 (barely enough to cover bail) they will also go to prison!
It has been my opinion for a long time that database driven dynamic web pages are entirely overused. If more people used things like Website Meta Language to preprocess their web site and make them "dynamically generated but statically served" that would take us a long way toward being able to index content.
There is a tradeoff. All of your content is then not only in a database it is also in the web pages. But in my experience most sites who are dynamically generating their content via PHP, ASP, perl, mod_perl, whatever, don't really have enough content to worry about it.
Maybe some combination of an elliptical trainer inside a large ball.
If you've ever seen an eliptical trainter at a gym it lets you walk/run in a more(or less) natural motion.
Maybe inside a ball when the user tries to move their feet left or right the base that the feet are attached to could transfer the info to the ball to rotate the ball in such a way it gives the user the sensation of actually moving.
I am sure the engineering would be crazy. But hey I'm just an "idea man".
Downhill and uphill walking effort could be simulated by the adding friction to the walking motion and tilting the ball up or down.
One thing I would suggest is to never give them your salary expectations. That gives them a leg up on the negotiations. Let them offer you what they think your are worth after interviewing you.
Personally I don't apply for jobs that say things like "Salary history required to apply". They can take a hike. And if they want to know what I expect I say that salary is negotiable (which ougt to go w/o saying but it is a nice way to put it).
I have a PB 486sx 20MHZ with 8MB ram and a 350MB hard drive running Linux as my Firewall/NAT/Masq box. It's been doing this job faithfully now for over a year. It was running Linux for about 2 years prior to that as well.
It is my dhcp server, caching only dns server and apache proxy server(filtering for the kids) as well.
Although when I purchased it new the motherboard died in the first two months and it took them 4 weeks to get out and fix it. But that was in 1992 or 1993.
The really amazing thing is the fear our founding fathers(USA) had of government. They understood very well how easily a government can get out of control and created a Constitution that at the time was ingenious.
Quotes below from Investors Business Daily Editorial on July 6 1999
James Madison warned: "All men in power ought to be distrusted."
Jefferson: "History has informed us that bodies of men are susceptible to the spirit of tyranny,"
George Washington:"Government is not reason, it is not eloquence; it is force. Like fire it is a dangerous servant and a fearsome master."
I've got a portable bike tool called the Cool Tool that looks a lot like this but without the knife blade. That thing has saved my butt more times than I can count.
I am going to stick with my leatherman though. I've grown very found of it.
"...the jocks get away with doing worse.". Wow. I think you are over generalizing here a bit.
I too was a geek in High School. I too got beat up, made fun of, etc. But I don't recall that it was just jocks, and certainly not all jocks, to the contrary. In fact I don't recall any jocks being involved.
The solution?
Well, sounds rather coy but...it starts with you and me. First I have to let go, forgive, what others did to me in my past. Throw it all into the "sea of forgetfullness". Second I have to learn to put others before myself. I have to hold the rights of others above my own. I have to care for others more than for myself.
Now I have to teach that to my children and their children. I have to live it out before them EVERY SINGLE day. I have to walk the walk, not just talk the talk.
Is that going to solve the worlds problems? No. But it will help those around me. And in the process make me a better person, even though the goal is to make others better persons.
So we can continue to argue who is at fault. We can continue to lobby for gun laws, shut down the internet. But until we love or fellow person and respect their rights more than our own it will be a fruitless struggle against an evil we continue to be entagled in ourselves.
A child is walking along the beach at low tide. The beach is covered with thousands of star fish stuck up on the sand as the tide moved out. The child walks along, picking up one star fish at a time and tossing it out into the ocean. An old man comes along and says. "What are you doing, you can't possibly save them all. You are wasting your time. What you are doing doesn't matter". The child with joy in his face picks up another star fish, throws it into the ocean and says, "It matters to that one." Don't know where that parable comes from. But it seems to fit...somehow.
I can think of two reasons why. One is resources, mainley $$.
The next is the fact that the most important testing for slashdot is load testing. And a test server just won't get the load the main server will. FWIW
Slashdot Mirror
www.happypenguin.org (member happypuppy.com??)
When the player is exploited, a few things happen. First, all p2p-serving
software on the machine is infected, which will allow it to infect other
hosts on the p2p network. Next, all media on the machine is cataloged, and
the full list is sent back to the RIAA headquarters (through specially
crafted requests over the p2p networks), where it is added to their records
and stored until a later time, when it can be used as evidence in criminal
proceedings against those criminals who think it's OK to break the law.
all p2p-serving software on the machine is infected,
Well it should be easy enough to to figure out what they are doing if you can manage to get your machine infected. It still needs to communicate and communication requires packets, packets can be sniffed I don't care how they are specially crafted. Also it would be rather simple to 'catch' the infection by using something like Tripwire (or just a simple MD5 fingerprint of your original executable)
Step 1) get an MD5 fingerprint of a nice fresh copy of mpg123 as well as all your media
Step 2) Do lots of p2p filesharing.
Step 3) Try really really hard to get infected.
Step 4) Compare orignal MD5 fingerprint with current.
Step 5) When you see your file has changed...diff it with the original...binary...reverse engineered...whatever.
Step 6) Let us know EXACTLY what you did when your mpg123 player got infected so we can all do it too.
Step 7) dag..i just remembered. When I am logged into my box for day to day activites I use an account that does not have root privileges....so..the exploit might infect a running copy of mpg123 but the original will be safe and sound.
Oh...and if somebody actually takes the time to do that and succeeds...I will write a snort rule that catches the thing as well...but...it doesn't exist so I am not going to waste my time.
Then I will write a nice little utilitity to DDOS the servers collecting all the information. We will just all run it all the time and send it a constant stream of bogus information.
I can't imagine American audiences sitting through a five hour version just to see scenes such as those involving Tom Bombadil and the Barrow Wights...
;-)
Not this American. I thought the hobbits incounter with the Barrow-wights a far more important scene to have in there than the completely changed incounter with Farmer Maggot (they should have just left it out), or showing the ring being cut off of Saurons hand 3 times(once was enough, though that whole first scene of the ring being cut from his hand was amazing), or the kiss scene with Aragorn and Arwen (what a waste of screen time).
I couldn't wait to see what they did with Tom Bombadil...was I surprised...but I can live with the fact they left it out.
I could easily have sat through another hour or two. Even with the 12:01am show time
Genzyme has been doing this for awhile for knee cartiladge using the patients own cartilage.
= 1&olevel=3&opage=47
http://www.thirteen.org/innovation/show2/html/3sb- carti.html
http://www.outsidemag.com/magazine/1297/9712bodykn ee.html
http://www.genzymebiosurgery.com/opage.asp?ogroup
FWIW
How can I use Linux when the core libraries don't seem to be forwards or backwards compatible across different distributions?
All this philosphical debate is nice but could someone answer the question that was asked?
I believe they want to know how to install multiple glibc libraries and get them all to operate with whatever software needs them. In Redhat and Slackware I know there are packages(rpm and tar.gz) for each of the libraries so I assume that should be easy enough, just grab the package for the glibc version and install. But what about other distributions, and how about some detail? I'd be interested to know myself.
And how the heck are these comments getting scored as Insightful and Informative when they don't answer the question or even try!
Actually I believe those are the rules that allow you to work for a company under a 1099. However you could be W2'd through a contracting agency and working on site at another company.
Let's hope they this competition is over before Cybercrime Treaty goes into affect. Otherwise the winner may not only get $250 (barely enough to cover bail) they will also go to prison!
I noticed that up on the Linux Expo Web site yesterday. I figured it was old news.
It has been my opinion for a long time that database driven dynamic web pages are entirely overused. If more people used things like Website Meta Language to preprocess their web site and make them "dynamically generated but statically served" that would take us a long way toward being able to index content.
There is a tradeoff. All of your content is then not only in a database it is also in the web pages. But in my experience most sites who are dynamically generating their content via PHP, ASP, perl, mod_perl, whatever, don't really have enough content to worry about it.
Maybe some combination of an elliptical trainer inside a large ball.
If you've ever seen an eliptical trainter at a gym it lets you walk/run in a more(or less) natural motion.
Maybe inside a ball when the user tries to move their feet left or right the base that the feet are attached to could transfer the info to the ball to rotate the ball in such a way it gives the user the sensation of actually moving.
I am sure the engineering would be crazy. But hey I'm just an "idea man".
Downhill and uphill walking effort could be simulated by the adding friction to the walking motion and tilting the ball up or down.
"Please submit salary expectations"
One thing I would suggest is to never give them your salary expectations. That gives them a leg up on the negotiations. Let them offer you what they think your are worth after interviewing you.
Personally I don't apply for jobs that say things like "Salary history required to apply". They can take a hike. And if they want to know what I expect I say that salary is negotiable (which ougt to go w/o saying but it is a nice way to put it).
ah...
bye bye PB. He he...sorry to waste space.
I have a PB 486sx 20MHZ with 8MB ram and a 350MB hard drive running Linux as my Firewall/NAT/Masq box. It's been doing this job faithfully now for over a year. It was running Linux for about 2 years prior to that as well.
It is my dhcp server, caching only dns server and apache proxy server(filtering for the kids) as well.
Although when I purchased it new the motherboard died in the first two months and it took them 4 weeks to get out and fix it. But that was in 1992 or 1993.
by by PB.
How about a Jam Double Click day?
Stupid idea?
Opps...didn't pay close enough attention to the file name. Although I had never found the linux server before.
The Web Page may not have been updated but the linux UT Demo Server is on the warzone ftp server. I am downloading it as we speek.
a r.gz
ftp://ftp.warz one.com/pub/ut/demo/UTDemo-338-Linux-x86-Server.t
All they need to do now is add "You are here."
The really amazing thing is the fear our founding fathers(USA) had of government. They understood very well how easily a government can get out of control and created a Constitution that at the time was ingenious.
Quotes below from Investors Business Daily Editorial on July 6 1999
James Madison warned: "All men in power ought to be distrusted."
Jefferson: "History has informed us that bodies of men are susceptible to the spirit of tyranny,"
George Washington:"Government is not reason, it is not eloquence; it is force. Like fire it is a dangerous servant and a fearsome master."
FWIW
Listen. What these kids did was wrong. It was mass murder period the end.
I've got a portable bike tool called the Cool Tool that looks a lot like this but without the knife blade. That thing has saved my butt more times than I can count.
I am going to stick with my leatherman though. I've grown very found of it.
"...the jocks get away with doing worse.". Wow. I think you are over generalizing here a bit.
I too was a geek in High School. I too got beat up, made fun of, etc. But I don't recall that it was just jocks, and certainly not all jocks, to the contrary. In fact I don't recall any jocks being involved.
The solution?
Well, sounds rather coy but...it starts with you and me. First I have to let go, forgive, what others did to me in my past. Throw it all into the "sea of forgetfullness". Second I have to learn to put others before myself. I have to hold the rights of others above my own. I have to care for others more than for myself.
Now I have to teach that to my children and their children. I have to live it out before them EVERY SINGLE day. I have to walk the walk, not just talk the talk.
Is that going to solve the worlds problems? No. But it will help those around me. And in the process make me a better person, even though the goal is to make others better persons.
So we can continue to argue who is at fault. We can continue to lobby for gun laws, shut down the internet. But until we love or fellow person and respect their rights more than our own it will be a fruitless struggle against an evil we continue to be entagled in ourselves.
A child is walking along the beach at low tide. The beach is covered with thousands of star fish stuck up on the sand as the tide moved out. The child walks along, picking up one star fish at a time and tossing it out into the ocean. An old man comes along and says. "What are you doing, you can't possibly save them all. You are wasting your time. What you are doing doesn't matter". The child with joy in his face picks up another star fish, throws it into the ocean and says, "It matters to that one."
Don't know where that parable comes from. But it seems to fit...somehow.
I can think of two reasons why. One is resources, mainley $$.
The next is the fact that the most important testing for slashdot is load testing. And a test server just won't get the load the main server will.
FWIW