And don't give me the poor, victimized mothers getting sued either--their IP was logged, get over it.
Right, just like the people that never owned a computer (let alone an Internet connection) and the long deceased people that also got sued... As long as RIAA and their sister organisations worldwide use the ultra-narrow and unverifiable chain of evidence from a 'logged IP' to the name and address on file at the ISP, we're going to see innocent people framed and victimized by these evil organisations.
And yes, I call them evil then they knowingly sue people they have no real evidence against. I mean it's not like they sue thousands each minute... A simple check to see whether the claim is anywhere in the ballpark of reasonable is the least they can do. It should be obvious that an 90-year old granny is most unlikely to download and share gangsta rap, just as the single monther with no computer cannot be sharing anything. And the long deceased... Even more obvious. And yet, they don't even bother to check... They just go ahead and sue. That's plain and simple evil.
Why doesn't people think of vitual security as they do about physical security in life in general?
The approach here is to make it harder than average (but not impossible because that is - well, impossible to achieve) to break in (like the old joke about outrunning the bear). That way the burglar is likely to move on to a less difficult target. This is combined with things like neighbourhood watch (makes getting arrested more likely), alarms and a general moral education that makes burglars less cool. This doesn't eliminate burglaries completely but will reduce the likelyhood significantly.
An important point is that absolute security doesn't exist. Sure, you can remove all access points and even send your house into orbit, but it still doesn't eliminate the risk completely. But you have succeeded in making your house completely useless.
Security at the price of complete uselessness is the most stupid idea ever. Therefore the only really potent point in this article is the one about making things secure by design and structured coding.
Buffer overflows, cross site scripting etc. are the the result of stupid people posing as programmers doing what they do worst. It is so simple to write a little wrapper that checks boundaries before allocating memory or similar, or to strip away everything unexpected in input (especially from command lines or URL queries), and then to call that wrapper everywhere you need such resources. You wouldn't believe how many times I've seen the same piece of code repeated again and again in languages where functions are readily available, and in some places some checks are made while in others it looks like the original prototype code with no checks whatsoever. You end up with huge source files filled with unpredictable code. It's impossible to maintain and basically needs a complete rewrite.
On the other hand, a well-structured program is easily secured because it's basically like a Lego-construct. Check all the building block types and build new simple sub-structures that again are checked on the basic level - and so on. If the blocks are named wisely the main program reads like a macro definition or similar and is easily understood by new maintainers. This method is actually taught in basic computer science at the universities but so very few takes it with them into the private sector. An example of a program written somewhat like that is Bernsteins qmail MTA - it contains hundreds of small functions and each is no more than a few lines long. Also it is broken up into several small modules each with a well-defined security stance and most runs with no special privileges. So far there has been no breaches despite it being almost a decade old. Compare that to good'ol sendmail, a monolithic application with lots of huge constructs hundreds of lines each - very hard to secure.
I think part of the reason ogg is bigger in asia is the iPod. The iPod is much bigger in the USA than asia, and it does not play ogg. Asia has players that can handle ogg, so people go with the superior format.
I'm pretty happy with my iRiver H340 (40 GB) which plays Ogg natively. That was a major part in my decision to go with that particular brand/model. It's been performing flawlessly this past year, has great sound even in the included mini-headphones (but I've replaced mine anyway - prefer bigger headphones) and a long battery life. It's got a built-in FM radio and a very flexible equalizer. It's also black (with red symbols and dark grey markings) and not white...;)
That would be sound advice, were it not for the fact that just about any motherboard you can buy today has 2 or 4 usb connectors soldered onto the back edge of the board...
Mine didn't, but that doesn't really matter. Most onboard connectors are configurable through BIOS and I'd suggest to simply disable them that way.
...any operating system that is USB-compliant is probably vulnerable...
Well, my own box is safe because I never bothered to attach the USB cables to the motherboard (no use for USB on it) so the USB ports are completely dead and thus secure...;)
So if you have no immediate need for USB on your servers just detach the cables from the motherboard and an intruder will need to physically open the case to gain access. Should you at a later date need to use USB, just reattach the one port you need.
An attacker will not know that the ports are dead and will probably waste a lot of time trying them one by one, or give up after the first failure.
The market for vinyl still exists because there are some audiophiles who believe the sound quality of vinyl is superior to that of CDs. No one can reasonably hold the belief that VHS is of higher quality than DVD.
Well, if someone seriously can believe that the limited dynamic, wow & flutter-filled, scratchy wear-ridden sound of vinyl is superior to digital sound, I'm sure there are those who will claim that VHS is superior to DVD... Analogue always has its fans...
Face it, all formats have pros and cons... and they all have their tinfoil-hat clad supporters...;)
Yes! - Block port 25 per default to any destination other than the ISP mailserver(s) and allow for individual unblocking per sane request (i.e. requests from the geek/nerd customers who run their own mailservers or similar).
This will kill off 99% of all mom'n'pop zombies because they already use the ISP mailserver (or some webmail) and have no need to port 25 to the world.
Personally I think it will take off, due to anticipated demand by India and especially China to haul as many passengers as possible with one plane between cities. Airports can host a finite amount of flights only. So the more people you can squeeze into a plane the more you can transport in any given timeframe from one airport to another.
If they are to follow the usual method of stuffing passengers into busses and trains (often 4-5 times the max. capacity), this plane will need to seat 2,000-3,000 people in the Indian cattle-class version... After all, it isn't overly practical to hang on to an airplane on the outside...;)
I think that your criticism would be more appropriate for movies that were edited for television or even worse, for in-flight movies.
Don't get me started on those...;)
They are usually prefaced with a 5-10 second notice screen warning that the content has been altered for television (etc.), but if it was up to me alterations of any kind should be bannned.
I don't think it would make much sense to view the non-violent 5 mins of the 2+ hour movie "Natural Born Killers"... If people object to minors watching the violent parts of a movie I think it would be better not to watch the movie at all, or to watch it with the minor. Editing should never be nessesary.
Am I the only one who has a problem with the idea that altering a movie is breaking the artistic work of the editor and director?
In my opinion - if it should be allowed at all to perform this kind of editing there should a mandatory notification/warning screen each and every time something is skipped. This way nobody grows up without knowing that what they've been watching has been edited (butchered) from the original form, perhaps even inclining people to seek out the full version as adults to experience the real thing.
Exactly. It's the one biggest misconception in the whole piracy issue.
It's true that you can find someone that won't buy a CD because it's available for free on the net, but is not the same as saying this someone for certain would have bought the album as new if the download wasn't available. There's a high probability that this person instead would have bought the CD second-hand thus providing no additional sale for the industry/artist.
It'd ridiculous that nearly every day when I leave my office, 80% or more of the lights in the building are on. When I come back in the morning, those SAME lights are STILL ON. I've tried turning them off, only to find that the cleaning people turn them on and then never turn them off.
Should this be interpreted as a reson to do away with the light switches altogether? - I mean if the lights are on all the time anyway, why waste energy on manufactoring light switches and installing them? - Gotta be some real savings there...;)
Alternatively (and more seriously) replace the regular switches with light- and motion sensitive switches. When there's light outside, they never turn on. When it's dark they turn on if there's motion and stay on for a certain amount of time afterwards. This way there's no light on when it's light or there really isn't anybody in the rooms, thus saving energy, and the light come on and go off automatically, saving bother and effort.
It doesn't put any strain on network admins. I have my own mailserver running on a public IP. When "ron.slashdot@[mydomain].com" got spam, I started using "ron.slashdot2@[mydomain].com" -- and I informed everyone I cared about who had used that address about my "real" address (firstname_lastname@mydomain.com). I have been a heavy email user since the 80s; and have many gigabytes of email archived - but never once had a major problem with emails that I didn't submit to a spammer.
Apart from the facts that many other people have pointed out about heavy loads on ISP mailservers (I happen to run one as well), there's also the issue of addresses that cannot be changed or where a change is pointless.
I'm talking about support mailboxes and the technical addresses used in domain and network registrations (i.e. RIPE, ARIN etc.). They have to be listed (policy) and spammers grab them greedily. They also spam abuse@ and postmaster@ addresses on every domain they can find (which also need to exist and work).
I get upwards of 10-15 spams per domain in the central postmaster mailbox alone! Sure, SpamAssassin kills most of these on sight but still a lot gets through and need to be deleted manually.
This leads me to another question that all postmasters must have asked themselves: Why does spammers almost always use at least one completely bogus address? - Often in connection with a dictionary attack, we see our queue getting filled with undeliverable bounces. I've already killed all doublebounces through the configuration so if only they would use a sender like bitbucket@ or noreply@ on the domain they're attacking (many sysadmins use these as senders for stuff they never want to see bounces from), we wouldn't get our queues filled with blocking bouncing junk that'll only sit there unseen until it expires from the queue. The spammers must realize that blocking a mailsystem isn't in their interest as it'll also block their junk.
Governments everywhere legislate what is and what is not objectionable material.... Your views may differ as to whether it is right to or not, but it is not unreasonable for governments to object to sites showing how to do illegal things.
Correct, but it really doesn't make a difference for those seeking the information. Newsflash! - People made bombs and committed suicide before the advent on the Internet! - Yes, it's true!
Let's face it. The old cyberpunk credo still applies: Information wants to be free. You cannot legislate against common knowledge and no matter how many laws you make there'll still be information on these topics out there. Search engines will find it for you in milliseconds. You cannot put the genie back in the bottle. The information has always been out there, only now also on the Internet.
As always: Fighting symptoms is like pissing yourself to keep warm: Temporary relief at best (and it has side effects). Instead of making stupid, pointless laws that cannot work or have any real effect they should use their efforts to stop people from wanting to kill themselves or make bombs. This is surprisingly easy actually because people don't go from 'normal' to 'suicidal' or 'terrorist' overnight... If the proper authorities just do their job nobody would go looking for these bits of information and thus nobody would bother placing them on the internet in the first place. Supply and Demand, remember?
But fighting symptoms is easy, pointless and a vote-winner so it can keep politicians in office forever. Actually solving problems in much harder and will force them to move on to other issues that may be less obvious and harder to win votes by.
The past decades (especially the Iraq War controversy) shows that the UN needs a serious overhaul in order to actually work and be able to do something about problems, like a country not yielding to resolutions. We have Israel still occupying land and we had Saddam not respecting the ceasefire (ratified into a resolution) from the first Gulf War. In those cases the UN must be able and willing to enforce their stand through the use of sanctions and military means if nessesary.
Without respect the UN will only make things worse.
You have been hearing it from a few for a long time. Now you are hearing from a majority of respectable scientists.
A theory doesn't get to be more correct/accurate just because more and more people are repeating it... And I have a hard time respecting scientists mindlessly repeating this without actually bothering to look at the facts and keep the basic scientific methods in mind.
Now, let's just take a brief look at things...
We know very little about natural climate variations. That they happened is about all we know. Why they happened are the bigger and much more interesting question. But even the climate-changing giant meteor that 'killed the dinosaurs' is subject of much dispute on every level. And for some reason almost all these 'respectable scientists' insist on the energy input from the Sun being irrelevant and without significance... Yet without it the Earth would be a very cold place indeed. So the Sun is a very significant element in our climate and we know very little about the periodic instabilities in the nuclear processes up there, so that's another bit of shaky ground.
We know very little about the complex balances in the atmosphere and we're far from knowing with any certainty that additional CO2 will increase the apparent greenhouse effect. It may even decrease it!
The 'ancient' meteorological data is full of inaccuracies and you cannot 'measure' (calculate) a 0.5 degree change based on data that's only accurate to +/- 2.0 degrees. Yet this is done even by the UN people!
There's no viable alternatives to most of the CO2-producing technologies. Solar and Wind power is useless for anything but a nice supplement to a core technology that sustains business and city consumption without fail. Cars that run on anything but gas are still more or less on the prototype stage, and airplanes are not even on the drawing boards. We simply cannot give up our CO2-producing technologies yet!
Anyway... Make up your own mind.
IMHO: If it was costless to be on the safe side then by all means do that! - But it isn't costless. Quite the opposite. The CO2 reductions could easily cost many times the combined global GNP plus lower the stage of civilization in many places. And all this based on very uncertain theories... I say it's not worth it. Not yet anyway.
We need more absolute evidence that we are affecting the climate before we even should consider doing anything more than thinking about new ways to build the next generation of cars, airplanes, power plants etc.
They've disabled it by default until they come up with a long term solution.
That's actually a bad thing to do. One of the many selling points of the Mozilla browsers are their excellent international support (that MSIE so blatantly lacks) and while they're not removing it it's still pretty stupid to leave it disabled because a newbie won't know to enable it when needed and thus may chose another product 'where it works'.
How hard can it be to simply display the decoded URL in the location bar and thus reveal the phishing? - Must be a minor tweak.
The long term solution is also pretty obvious IMHO: Add a simple warning and/or confirmation dialog whenever IDN links are clicked. Allow this dialog to be turned off right there with a checkbox for each individual domain name. Allow the entire dialog to be turned off in the advanced settings (for the expert that want IDN and no bullshit) and the entire IDN system to the turned off (for the paranoid with two layers of tinfoil hats).
The only real way to combat DDoS through botnets is to go after the owners of the botnets... No, I'm not talking about the hackers that created or controls the botnets; taking one down only opens up a slot for someone else. No, I'm talking about the owners of the PC's that comprise the botnets. Making it a crime to participate in botnets, knowingly or not. Make people TURN OFF their PC's if they're not 200% certain they're patched and firewalled as much as possible, or face billion dollar fines and lengthy prison terms. If this forces the really lame poeple to stay off the net, so much the better.
Complain about Microsoft and others making insecure software as much as you like, but it really comes down to stupid people not living up to their obligations as netizens. I mean, you don't just buy a car and then go driving. You need a license which involves tests, you need to renew your license in time. You need to pay some fees and you need to maintain your car mechanically. And you need to follow the rules of the road or face some form of punishment.
There will never be such a thing as a secure OS, made by Microsoft or others. There will always be the possibility for problems and unless we let the manufacturer remotely go in and patch their machines (yeah, right!), it will have to be the owner that must take care of it.
As simple morals and recommendations clearly doesn't make people do what they're told, we have to to add the 'or else!' clause, in the form of punishments for those slacking off and ignoring the updates.
Unless of course this completely ligitimises copying c.f. Canada. somehow I doubt it though.
It has to. Either you pay for it or not. They can't have it both ways.
Nobody has yet dared using it as a defense though... "But your Honor, when I bought this computer I paid the copyright tax and thus assumed I could use it to freely copy and distribute copyrighted software. If I don't have that right right from that tax, what does the tax then cover? - The copyright infringements I may commit? - But what then happened to the 'innocent until proven guilty' principle? - I strongly resent the implication that I'm a suspected criminal just from buying a computer and I demand restitution, damages and an outright appology, as well as a full aquittal from these charges as I did this in good faith, which is more than I can say for this tax and its intentions and implications."
If I forget my passphrase, no matter how pissed the cops ge, it doesn't really make a difference.
I hope you can still say that when your cellmate starts referring to you as 'Shirley'.
I sincerely hope there's no places in the so-called civilized world where it in punishable by prison sentence to forget a passphrase... And even if it is, it's worth mentioning that they can only ask for passphrases they know to exist, which means that 'hidden containers' stay hidden. Many encryption packages have something like that where it is impossible to prove the existence of a hidden container unless you already happen to know its passphrase and location. And hidden containers can hold additional hidden containers, equally impossible to find.
If Global Warming has only a 10% chance of being true, then the odds are still way too high, because the consequences are catastrophic.
Catastrophic? - How do you (or anyone else) know that?
It is an undiputed fact that the Earths climate has been wildly different at different times through the eras and life always managed to survive.
It is also a fact that man is the most adaptable living creature ever discovered; we've been able to live everywhere on this planets surface, plus in the air, under the water and even in space and on the moon. We as a species will survive any climate change given enough warning to adapt (using technology if nessesary).
Now IMHO instead of blindly trying to return the climate state to the level of 'the good old days' we should rather accept the changes (which still may be natural, and which in any case has happened naturally before and may again) and begin the adaption process. The sooner the better.
Sure, things will be different but it doesn't mean it'll be worse (or catastrophic), and it might even be a change for the better in way we cannot imagine at the moment (due to lack of data).
Lycos would be better off trying to work with other companies to try and somehow blacklist or filter all this garbage traffic...
Blacklisting doesn't work. Never did really. Sure, blacklisting open relays and spam-sending zombies will stop some spam, but we're talking about general blacklistings of ranges used to host spammer's websites here, and that method has been tried by SPEWS who by now have blacklisted about 10% of all IPv4 space, resulting in such massive problems for people that used their blacklist that it was dropped in many places.
The problem with SPEWS was overkill, overkill on such an insane scale that about 99% of the listed IPv4 space is not spam-related at all. It is simply listed in order to blackmail other customers who happen to share allocations with spam-related companies to pressure their ISP to drop the spammers. Unfortunately most of these listings are ancient and nothing happened to the hosting status of the spammers themselves. There's simply too much money to be made from the spammers. SPEWS' method failed. Overkill and terror (hurting innocents) is not the way to go.
This new idea is different. It targets the spammers directly and only them. Sure some core routers also get affected but the real load hits the target webservers and they die way before the core routers even get near overload - unless this ISP hosts many spammers of course. Then they might also get overloaded but then the ISP has only their own greed to thank.
I like this idea. Go for the money. The spammers make money from their websites and pay for the bandwidth. This method hits with a double-whammy: No website access and thus no sales and thus no income, plus a massive additional bandwidth bill... hopefully it will take out the spammers fast, but it will take them out, and in a way where they end up in massive debt and maybe even cost them home and family on their one-way trip to the gutter. And they deserve every bit of pain along the way.
The complaint also alleges that Google Search is providing 'links to password hacking sites that provide ways to gain illegal access to [the complainant's] website.'
It's mind-numbingly easy to catch pirated passwords... All you need is to log the IPs of people logging in. Any password used from more than say 5 completely different IPs (not part of the same subnet) within an hour is pirated. How hard can that be to program?
For one brief instant we all figured winamp was dead. The internet news sites picked it up, people were downloading every version known to man for archive, and we were all focused on winamp once again.
Welcome to the world of the rumor-feeding news cycle.
We have been played.
Actually, if it was a scheme by the WinAmp people to get attention, it backfired on my behalf... I went looking for a replacement and found Quintessential Player. It offers what I need, including Ogg-support and my favorite skin, so I switched and it'll take some serious incentive before I switch back.
Slashdot Mirror
Shouldn't it be fairly simple to uninstall whatever the autorun installs, or to reinstall whatever it overwrites?
Maybe someone here knows more about this issue and what actually is installed?
And don't give me the poor, victimized mothers getting sued either--their IP was logged, get over it.
Right, just like the people that never owned a computer (let alone an Internet connection) and the long deceased people that also got sued... As long as RIAA and their sister organisations worldwide use the ultra-narrow and unverifiable chain of evidence from a 'logged IP' to the name and address on file at the ISP, we're going to see innocent people framed and victimized by these evil organisations.
And yes, I call them evil then they knowingly sue people they have no real evidence against. I mean it's not like they sue thousands each minute... A simple check to see whether the claim is anywhere in the ballpark of reasonable is the least they can do. It should be obvious that an 90-year old granny is most unlikely to download and share gangsta rap, just as the single monther with no computer cannot be sharing anything. And the long deceased... Even more obvious. And yet, they don't even bother to check... They just go ahead and sue. That's plain and simple evil.
Why doesn't people think of vitual security as they do about physical security in life in general?
The approach here is to make it harder than average (but not impossible because that is - well, impossible to achieve) to break in (like the old joke about outrunning the bear). That way the burglar is likely to move on to a less difficult target. This is combined with things like neighbourhood watch (makes getting arrested more likely), alarms and a general moral education that makes burglars less cool. This doesn't eliminate burglaries completely but will reduce the likelyhood significantly.
An important point is that absolute security doesn't exist. Sure, you can remove all access points and even send your house into orbit, but it still doesn't eliminate the risk completely. But you have succeeded in making your house completely useless.
Security at the price of complete uselessness is the most stupid idea ever. Therefore the only really potent point in this article is the one about making things secure by design and structured coding.
Buffer overflows, cross site scripting etc. are the the result of stupid people posing as programmers doing what they do worst. It is so simple to write a little wrapper that checks boundaries before allocating memory or similar, or to strip away everything unexpected in input (especially from command lines or URL queries), and then to call that wrapper everywhere you need such resources. You wouldn't believe how many times I've seen the same piece of code repeated again and again in languages where functions are readily available, and in some places some checks are made while in others it looks like the original prototype code with no checks whatsoever. You end up with huge source files filled with unpredictable code. It's impossible to maintain and basically needs a complete rewrite.
On the other hand, a well-structured program is easily secured because it's basically like a Lego-construct. Check all the building block types and build new simple sub-structures that again are checked on the basic level - and so on. If the blocks are named wisely the main program reads like a macro definition or similar and is easily understood by new maintainers. This method is actually taught in basic computer science at the universities but so very few takes it with them into the private sector. An example of a program written somewhat like that is Bernsteins qmail MTA - it contains hundreds of small functions and each is no more than a few lines long. Also it is broken up into several small modules each with a well-defined security stance and most runs with no special privileges. So far there has been no breaches despite it being almost a decade old. Compare that to good'ol sendmail, a monolithic application with lots of huge constructs hundreds of lines each - very hard to secure.
I think part of the reason ogg is bigger in asia is the iPod. The iPod is much bigger in the USA than asia, and it does not play ogg. Asia has players that can handle ogg, so people go with the superior format.
;)
I'm pretty happy with my iRiver H340 (40 GB) which plays Ogg natively. That was a major part in my decision to go with that particular brand/model. It's been performing flawlessly this past year, has great sound even in the included mini-headphones (but I've replaced mine anyway - prefer bigger headphones) and a long battery life. It's got a built-in FM radio and a very flexible equalizer. It's also black (with red symbols and dark grey markings) and not white...
That would be sound advice, were it not for the fact that just about any motherboard you can buy today has 2 or 4 usb connectors soldered onto the back edge of the board...
Mine didn't, but that doesn't really matter. Most onboard connectors are configurable through BIOS and I'd suggest to simply disable them that way.
...any operating system that is USB-compliant is probably vulnerable...
;)
Well, my own box is safe because I never bothered to attach the USB cables to the motherboard (no use for USB on it) so the USB ports are completely dead and thus secure...
So if you have no immediate need for USB on your servers just detach the cables from the motherboard and an intruder will need to physically open the case to gain access. Should you at a later date need to use USB, just reattach the one port you need.
An attacker will not know that the ports are dead and will probably waste a lot of time trying them one by one, or give up after the first failure.
The market for vinyl still exists because there are some audiophiles who believe the sound quality of vinyl is superior to that of CDs. No one can reasonably hold the belief that VHS is of higher quality than DVD.
;)
Well, if someone seriously can believe that the limited dynamic, wow & flutter-filled, scratchy wear-ridden sound of vinyl is superior to digital sound, I'm sure there are those who will claim that VHS is superior to DVD... Analogue always has its fans...
Face it, all formats have pros and cons... and they all have their tinfoil-hat clad supporters...
Yes! - Block port 25 per default to any destination other than the ISP mailserver(s) and allow for individual unblocking per sane request (i.e. requests from the geek/nerd customers who run their own mailservers or similar).
This will kill off 99% of all mom'n'pop zombies because they already use the ISP mailserver (or some webmail) and have no need to port 25 to the world.
Personally I think it will take off, due to anticipated demand by India and especially China to haul as many passengers as possible with one plane between cities. Airports can host a finite amount of flights only. So the more people you can squeeze into a plane the more you can transport in any given timeframe from one airport to another.
;)
If they are to follow the usual method of stuffing passengers into busses and trains (often 4-5 times the max. capacity), this plane will need to seat 2,000-3,000 people in the Indian cattle-class version... After all, it isn't overly practical to hang on to an airplane on the outside...
I think that your criticism would be more appropriate for movies that were edited for television or even worse, for in-flight movies.
;)
Don't get me started on those...
They are usually prefaced with a 5-10 second notice screen warning that the content has been altered for television (etc.), but if it was up to me alterations of any kind should be bannned.
I don't think it would make much sense to view the non-violent 5 mins of the 2+ hour movie "Natural Born Killers"... If people object to minors watching the violent parts of a movie I think it would be better not to watch the movie at all, or to watch it with the minor. Editing should never be nessesary.
Am I the only one who has a problem with the idea that altering a movie is breaking the artistic work of the editor and director?
In my opinion - if it should be allowed at all to perform this kind of editing there should a mandatory notification/warning screen each and every time something is skipped. This way nobody grows up without knowing that what they've been watching has been edited (butchered) from the original form, perhaps even inclining people to seek out the full version as adults to experience the real thing.
1 "pirate" copy = 1 lost sale? FALSE!
Exactly. It's the one biggest misconception in the whole piracy issue.
It's true that you can find someone that won't buy a CD because it's available for free on the net, but is not the same as saying this someone for certain would have bought the album as new if the download wasn't available. There's a high probability that this person instead would have bought the CD second-hand thus providing no additional sale for the industry/artist.
It'd ridiculous that nearly every day when I leave my office, 80% or more of the lights in the building are on. When I come back in the morning, those SAME lights are STILL ON. I've tried turning them off, only to find that the cleaning people turn them on and then never turn them off.
;)
Should this be interpreted as a reson to do away with the light switches altogether? - I mean if the lights are on all the time anyway, why waste energy on manufactoring light switches and installing them? - Gotta be some real savings there...
Alternatively (and more seriously) replace the regular switches with light- and motion sensitive switches. When there's light outside, they never turn on. When it's dark they turn on if there's motion and stay on for a certain amount of time afterwards. This way there's no light on when it's light or there really isn't anybody in the rooms, thus saving energy, and the light come on and go off automatically, saving bother and effort.
It doesn't put any strain on network admins. I have my own mailserver running on a public IP. When "ron.slashdot@[mydomain].com" got spam, I started using "ron.slashdot2@[mydomain].com" -- and I informed everyone I cared about who had used that address about my "real" address (firstname_lastname@mydomain.com). I have been a heavy email user since the 80s; and have many gigabytes of email archived - but never once had a major problem with emails that I didn't submit to a spammer.
Apart from the facts that many other people have pointed out about heavy loads on ISP mailservers (I happen to run one as well), there's also the issue of addresses that cannot be changed or where a change is pointless.
I'm talking about support mailboxes and the technical addresses used in domain and network registrations (i.e. RIPE, ARIN etc.). They have to be listed (policy) and spammers grab them greedily. They also spam abuse@ and postmaster@ addresses on every domain they can find (which also need to exist and work).
I get upwards of 10-15 spams per domain in the central postmaster mailbox alone! Sure, SpamAssassin kills most of these on sight but still a lot gets through and need to be deleted manually.
This leads me to another question that all postmasters must have asked themselves: Why does spammers almost always use at least one completely bogus address? - Often in connection with a dictionary attack, we see our queue getting filled with undeliverable bounces. I've already killed all doublebounces through the configuration so if only they would use a sender like bitbucket@ or noreply@ on the domain they're attacking (many sysadmins use these as senders for stuff they never want to see bounces from), we wouldn't get our queues filled with blocking bouncing junk that'll only sit there unseen until it expires from the queue. The spammers must realize that blocking a mailsystem isn't in their interest as it'll also block their junk.
Governments everywhere legislate what is and what is not objectionable material. ... Your views may differ as to whether it is right to or not, but it is not unreasonable for governments to object to sites showing how to do illegal things.
Correct, but it really doesn't make a difference for those seeking the information. Newsflash! - People made bombs and committed suicide before the advent on the Internet! - Yes, it's true!
Let's face it. The old cyberpunk credo still applies: Information wants to be free. You cannot legislate against common knowledge and no matter how many laws you make there'll still be information on these topics out there. Search engines will find it for you in milliseconds. You cannot put the genie back in the bottle. The information has always been out there, only now also on the Internet.
As always: Fighting symptoms is like pissing yourself to keep warm: Temporary relief at best (and it has side effects). Instead of making stupid, pointless laws that cannot work or have any real effect they should use their efforts to stop people from wanting to kill themselves or make bombs. This is surprisingly easy actually because people don't go from 'normal' to 'suicidal' or 'terrorist' overnight... If the proper authorities just do their job nobody would go looking for these bits of information and thus nobody would bother placing them on the internet in the first place. Supply and Demand, remember?
But fighting symptoms is easy, pointless and a vote-winner so it can keep politicians in office forever. Actually solving problems in much harder and will force them to move on to other issues that may be less obvious and harder to win votes by.
Oh no, not the UN...
The past decades (especially the Iraq War controversy) shows that the UN needs a serious overhaul in order to actually work and be able to do something about problems, like a country not yielding to resolutions. We have Israel still occupying land and we had Saddam not respecting the ceasefire (ratified into a resolution) from the first Gulf War. In those cases the UN must be able and willing to enforce their stand through the use of sanctions and military means if nessesary.
Without respect the UN will only make things worse.
A theory doesn't get to be more correct/accurate just because more and more people are repeating it... And I have a hard time respecting scientists mindlessly repeating this without actually bothering to look at the facts and keep the basic scientific methods in mind.
Now, let's just take a brief look at things...
Anyway... Make up your own mind.
IMHO: If it was costless to be on the safe side then by all means do that! - But it isn't costless. Quite the opposite. The CO2 reductions could easily cost many times the combined global GNP plus lower the stage of civilization in many places. And all this based on very uncertain theories... I say it's not worth it. Not yet anyway.
We need more absolute evidence that we are affecting the climate before we even should consider doing anything more than thinking about new ways to build the next generation of cars, airplanes, power plants etc.
That's just my opinion. Your milage may vary.
They've disabled it by default until they come up with a long term solution.
That's actually a bad thing to do. One of the many selling points of the Mozilla browsers are their excellent international support (that MSIE so blatantly lacks) and while they're not removing it it's still pretty stupid to leave it disabled because a newbie won't know to enable it when needed and thus may chose another product 'where it works'.
How hard can it be to simply display the decoded URL in the location bar and thus reveal the phishing? - Must be a minor tweak.
The long term solution is also pretty obvious IMHO: Add a simple warning and/or confirmation dialog whenever IDN links are clicked. Allow this dialog to be turned off right there with a checkbox for each individual domain name. Allow the entire dialog to be turned off in the advanced settings (for the expert that want IDN and no bullshit) and the entire IDN system to the turned off (for the paranoid with two layers of tinfoil hats).
The only real way to combat DDoS through botnets is to go after the owners of the botnets... No, I'm not talking about the hackers that created or controls the botnets; taking one down only opens up a slot for someone else. No, I'm talking about the owners of the PC's that comprise the botnets. Making it a crime to participate in botnets, knowingly or not. Make people TURN OFF their PC's if they're not 200% certain they're patched and firewalled as much as possible, or face billion dollar fines and lengthy prison terms. If this forces the really lame poeple to stay off the net, so much the better.
Complain about Microsoft and others making insecure software as much as you like, but it really comes down to stupid people not living up to their obligations as netizens. I mean, you don't just buy a car and then go driving. You need a license which involves tests, you need to renew your license in time. You need to pay some fees and you need to maintain your car mechanically. And you need to follow the rules of the road or face some form of punishment.
There will never be such a thing as a secure OS, made by Microsoft or others. There will always be the possibility for problems and unless we let the manufacturer remotely go in and patch their machines (yeah, right!), it will have to be the owner that must take care of it.
As simple morals and recommendations clearly doesn't make people do what they're told, we have to to add the 'or else!' clause, in the form of punishments for those slacking off and ignoring the updates.
Unless of course this completely ligitimises copying c.f. Canada. somehow I doubt it though.
It has to. Either you pay for it or not. They can't have it both ways.
Nobody has yet dared using it as a defense though... "But your Honor, when I bought this computer I paid the copyright tax and thus assumed I could use it to freely copy and distribute copyrighted software. If I don't have that right right from that tax, what does the tax then cover? - The copyright infringements I may commit? - But what then happened to the 'innocent until proven guilty' principle? - I strongly resent the implication that I'm a suspected criminal just from buying a computer and I demand restitution, damages and an outright appology, as well as a full aquittal from these charges as I did this in good faith, which is more than I can say for this tax and its intentions and implications."
I sincerely hope there's no places in the so-called civilized world where it in punishable by prison sentence to forget a passphrase... And even if it is, it's worth mentioning that they can only ask for passphrases they know to exist, which means that 'hidden containers' stay hidden. Many encryption packages have something like that where it is impossible to prove the existence of a hidden container unless you already happen to know its passphrase and location. And hidden containers can hold additional hidden containers, equally impossible to find.
If Global Warming has only a 10% chance of being true, then the odds are still way too high, because the consequences are catastrophic.
Catastrophic? - How do you (or anyone else) know that?
It is an undiputed fact that the Earths climate has been wildly different at different times through the eras and life always managed to survive.
It is also a fact that man is the most adaptable living creature ever discovered; we've been able to live everywhere on this planets surface, plus in the air, under the water and even in space and on the moon. We as a species will survive any climate change given enough warning to adapt (using technology if nessesary).
Now IMHO instead of blindly trying to return the climate state to the level of 'the good old days' we should rather accept the changes (which still may be natural, and which in any case has happened naturally before and may again) and begin the adaption process. The sooner the better.
Sure, things will be different but it doesn't mean it'll be worse (or catastrophic), and it might even be a change for the better in way we cannot imagine at the moment (due to lack of data).
Lycos would be better off trying to work with other companies to try and somehow blacklist or filter all this garbage traffic...
Blacklisting doesn't work. Never did really. Sure, blacklisting open relays and spam-sending zombies will stop some spam, but we're talking about general blacklistings of ranges used to host spammer's websites here, and that method has been tried by SPEWS who by now have blacklisted about 10% of all IPv4 space, resulting in such massive problems for people that used their blacklist that it was dropped in many places.
The problem with SPEWS was overkill, overkill on such an insane scale that about 99% of the listed IPv4 space is not spam-related at all. It is simply listed in order to blackmail other customers who happen to share allocations with spam-related companies to pressure their ISP to drop the spammers. Unfortunately most of these listings are ancient and nothing happened to the hosting status of the spammers themselves. There's simply too much money to be made from the spammers. SPEWS' method failed. Overkill and terror (hurting innocents) is not the way to go.
This new idea is different. It targets the spammers directly and only them. Sure some core routers also get affected but the real load hits the target webservers and they die way before the core routers even get near overload - unless this ISP hosts many spammers of course. Then they might also get overloaded but then the ISP has only their own greed to thank.
I like this idea. Go for the money. The spammers make money from their websites and pay for the bandwidth. This method hits with a double-whammy: No website access and thus no sales and thus no income, plus a massive additional bandwidth bill... hopefully it will take out the spammers fast, but it will take them out, and in a way where they end up in massive debt and maybe even cost them home and family on their one-way trip to the gutter. And they deserve every bit of pain along the way.
The complaint also alleges that Google Search is providing 'links to password hacking sites that provide ways to gain illegal access to [the complainant's] website.'
;)
It's mind-numbingly easy to catch pirated passwords... All you need is to log the IPs of people logging in. Any password used from more than say 5 completely different IPs (not part of the same subnet) within an hour is pirated. How hard can that be to program?
Too hard I guess...
For one brief instant we all figured winamp was dead. The internet news sites picked it up, people were downloading every version known to man for archive, and we were all focused on winamp once again.
Welcome to the world of the rumor-feeding news cycle.
We have been played.
Actually, if it was a scheme by the WinAmp people to get attention, it backfired on my behalf... I went looking for a replacement and found Quintessential Player. It offers what I need, including Ogg-support and my favorite skin, so I switched and it'll take some serious incentive before I switch back.