1) MS Licensing mails a check to a vendor in Malaysia for work they've done for MS. This was a few weeks ago.
2) Said mail is received at Reno in original envelope marked "Return to Sender." The person receiving it notices the envelope has been opened and resealed. This was a few days ago.
3) Upon opening it, he/she finds original check sent a few weeks ago and the letter that accompanied it. Also finds pornographic magazine clippings with a "powdery substance" on one of those pictures.
4) First two tests the past two days come up with mixed results (one positive, one negative). Better tests on the substance come up positive. This last set of tests was today (Saturday)
My guess is an insider with the mail system between Reno and Malaysia did this (or at least had a hand in it). I dont think the Malaysian vendor would turn away money from Microsoft (especially since it's money they earned from them). Of course, there could always be an insider at the vendor who contributed.
yeah, DoS is a bad approach. It may actually knock the machine offline as opposed to gaining root access.
But that's what the prof said happened (btw- he's not a very good teacher, he somehow made tenure something like 15-20 years ago, if he werent tenure he'd be gone, or so i've been told), but you are correct, something else was probably happening while the student was trying to DoS the box.
i think the major difference is a UNIX command line can be reached from Interix, but that's just a guess on my part. I've never used either Cygwin or Interix, so I cant really make judgement on either product.
More guesses...
Interix is native Windows code, meaning it's not emulated, so it will probably run faster than Cygwin, which is an emulator.
a big plus for Cygwin is it runs on Win95, while Interix only runs on NT3.5, NT4, and 2K
during his OS course, if you were to root his box (it ran OpenBSD), report the contents of a certain file and how you broke in, you get an A and have your name listed as an OpenBSD contributer.
Ok, so someone used the CS Dept's main Sun server to launch a DoS attack against his machine. His box held up just fine (he says he was using it during the attack and didnt notice anything unusual happening). But the dept server, OTOH, sustained major damage. It needed rebooting, and it crashed during reboot.
The dept head was not happy. The guy had to cancel that challenge because it apparently violated university policy.
i dont know how it compares to Cygwin. I've never used either product. I just know about Interix cuz i've heard discussions about using it at work, where it wont matter for me as i dont use windows there.
Sadly, even Microsoft has a solution to your problem:
They have a product called Interix (it isn't their's, they bought it from a startup). It runs under Win2k or NT4 and basically provides a *NIX environment for an NT system. All the GNU stuff is there (shells, gcc, make, etc etc) and the source to them. (source CD is sold separately for $20, or download from their ftp site). Should be noted that the only code there is the code to GNU products, not the actual Interix code.
it isnt free. It does cost something on the order of hundreds per copy.
[disclaimer]This post is not an endorsement of Microsoft or their products.[/disclaimer]
while not an open source solution, you might be able to get everyone on Exchange w/o losing *NIX
If someday they (management) want the developers to switch to Windows so that you too can use Outlook/Exchange, first explain why you have to keep *NIX (in terms they'll understand, of course). If they insist, try one of those Windows emulators or Windows Terminal Server products so that you can retain your *NIX goodness while you can use the emulator or WTS to handle your Exchange needs. I think there are some very good emulators available out there cheap (or even free), but WTS may cost more than what it's worth for just using exchange.
I wonder... if someone were to write an OSS product using one of these more obfuscated languages, I think we should ban from bearing the title OSS. People wouldnt be able to understand the code at all for their own uses or improvements. Hence it'll be Open source, but instead only the original developer would know anything about how it works, make changes, etc.
Unless of course someone is REALLY skilled at hacking these languages:)
I'd like to see how Intercal is actually used for anything or if it keeps up with other emerging languages. When new (and useful) languages hit the scene, it probably has to drop some features because they're used in that language. I guess maybe it's the first language with the ability to shrink from it's original set of features, unlike other languages out there today (like Java or even Perl)
Of course, it appears very inefficint - A search for prime numbers less than 65535 took 17 hours while C can handle that in a about half a second.
i failed to mention one major thing -- im at work (military) behind firewalls blocking certain international domains. the.jp was a red flag to the firewall to deny me access:(
I agree. the reason it passed is because the general public wants to see some action taken by lawmakers, even though in reality pieces of the bill dont work in real life. Most of the passed legislation is simply "let's pass this so that the people can feel good about us."
Personally, I think the guy who voted against is gonna keep trying to argue his point and attempt to get his amendments made. He got shot down for "procedural concerns" instead of "the argument itself." Meaning senators didnt vote on the amendment to the bill, they voted on whether they will hear arguments for/against the proposal.
(And yes, I've tried submitting the passage story too, denied.)
try rewording your submission. my most recent re-word is still pending. I submitted it at 10:05am, it's now about 11 (eastern daylight time)
I once saw/. use the line "from the boring-news-thats-submitted-a-billion-times dept" (IMO, if it's submitted a lot, it must be "Stuff that matters")
i've been trying to submit the cnn version of that to/. for the past hour. 2 attemptes have gotten rejected. Im trying a third, this time pointing out that the person who voted against (he appears to support ACLU concerns) also attempted to alter some portions, but was shot down for a very controvertial reason: process/procedure instead of merit of argument.
Try submitting your yahoo link, see if it goes anywhere
lol... similar situation for me at a liquor store in MD. I was out-of-town on an internship near Wasshington back when I first turned 21. I had to settle for a non-photo for awhile because I wasnt able to get to jersey during the week.
Even though I had my previous (although expired) license that could verify my photo (by matching the DL# with the current) AND my school ID, one day they decided not to take the license despite having gone there about once every 3 weeks until that point.
No problem though, just went to another liquor store:)
it might simply be one of those laws they actively enforce. It's sorta one of those pointless laws on the books that can be useful in rare circumstances. Chances are pretty good the 10 people you speak of have never been in a situation where they've had to show ID to a police officer or something, so they're able to slide by without having an ID.
an example where it would be enforced is if someone were to be arrested and not own an ID, that's when they would enforce a requirement like that. By the person not having ID, it unnecessarily causes the police extra work, and they can recoup some of that with a fine or something, using this law as grounds for it.
Keep in mind I'm not sure of the law (if it even is one) or penalties. I simply made the post to indicate that NJ residents who dont drive are able to go to a DMV to obtain some identification card that's consistent with normal state drivers licenses.
NJ has no DB (at least of DL photos). The photo on your driver's license is a mini-polaroid print. If you lose your license, you have to go to a DMV and get a new picture taken.
In PA, OTOH, they store your pic in a DB. If you lose your license there, they can send you a new one that reuses the photo off the original.
i dont know if it's a LAW per se, it might just be something they prefer you do. IOW, you could probably get by w/o having one of these.
Back in high school I worked at a retail store that wanted your DL# for checks. I saw a few of the "ID ONLY" cards because of that. The cards are intended for people who don't drive, but need an identification card anyhow (i think i misworded that part in my original post).
The card has a DL formatted number (first letter of last name followed by 14 digits). If the person where to go and take the tests and get a full license, that number would simply transfer over. (Drivers permits work the same way)
The card overall looks like any other photo DL, except in the spot where it normally says "Class D Auto Operator License" it says "**Identification Purposes Only**" (w/ the asteriks)
in NJ (and most, if not all, other states) if you are 18 or older, you're required to obtain an ID card from the Dept Motor Vehicles regardless of if you drive or not. The card says across the top "Identification Purposes Only." Oddly, there's still a DL# that's used for writing checks and such.
Re:why piggybacking wont work
on
GOVNET In the Works
·
· Score: 3, Insightful
you're absolutely correct. Military networks are meant to be used for military purposes, not random people from congress snooping on activities so that they can tell the press stuff. In my example, I used security clearances to illustrate my point using simplified terms outsiders (non-military/govt people) would understand more easily.
Some of what I said is proably a tad innacurate, but I think the point of having multiple separated networks is made.
I should probably say something about Bush's irateness over press leaks. I'm a former DoD contractor with a clearance. (Contract ended Sept 20, thank god!) We got an email the day after the attacks saying that if the media approaches you, direct them to the Office of Public & Media Affairs and answer all questions 'no comment'. People in Congress proabably also got similar emails/memos.
I should note that the 'anonymous sources' the media uses are commiting espionage. Yes, espionage. IANAL, but my interpretation of espinage laws indicate that any disclosure of classified info, regardless of who the info is being disclosed. (that's also the drift I got during my exit briefing form the DoD)
'piggy backing' (as michael put it) wont work for many reasons. I'll explain one major reason:
A person's security clearance. There are multiple levels: Secret and Top Secret are the two most common for military and intelligence uses (there are other levels of classification, but I'm singling out these two for simplicity's sake). Hence, the mil and IC share TWO separated networks, a Secret and a Top Secret (both separate from each other and separate from teh Internet). People with a S clearance cannot access the TS network. But people who are TS cleared can access the S network if their job deems it necessary.
Now for to the rest of the government. Many agencies dont require a security clearance at all (ok, they do require criminal bkgd checks, but that's about it). Question to ask is do you really want uncleared people accessing a network made for classified data?
What I think is being proposed here is a third network that's an Unclassified standalone network (standalone meaning separated from the Internet). This will allow agencies like USDA or Agriculture and state/local gov'ts to be separate from the Internet so that they become more immune to attacks and viruses.
The only issue here is when these people need to access the internet for real. Currently in the military, that means a few internet workstations shared by 30-50 people and each person having a classified box at their cube. If the job deems it necessary, people can have both at their desk. The problem here is an increasing number of computers.
IIRC, DARPA (or one of their contracts) is developing something that can allow a machine access to multiple networks simultaneously, yet keep everything separate. Whenever that gets done, that'll save money on buying physical workstations.
(Note: S and TS are shorthand for Secret and Top Secret)
Slashdot Mirror
actually, the story goes something like this:
1) MS Licensing mails a check to a vendor in Malaysia for work they've done for MS. This was a few weeks ago.
2) Said mail is received at Reno in original envelope marked "Return to Sender." The person receiving it notices the envelope has been opened and resealed. This was a few days ago.
3) Upon opening it, he/she finds original check sent a few weeks ago and the letter that accompanied it. Also finds pornographic magazine clippings with a "powdery substance" on one of those pictures.
4) First two tests the past two days come up with mixed results (one positive, one negative). Better tests on the substance come up positive. This last set of tests was today (Saturday)
My guess is an insider with the mail system between Reno and Malaysia did this (or at least had a hand in it). I dont think the Malaysian vendor would turn away money from Microsoft (especially since it's money they earned from them). Of course, there could always be an insider at the vendor who contributed.
yeah, DoS is a bad approach. It may actually knock the machine offline as opposed to gaining root access.
But that's what the prof said happened (btw- he's not a very good teacher, he somehow made tenure something like 15-20 years ago, if he werent tenure he'd be gone, or so i've been told), but you are correct, something else was probably happening while the student was trying to DoS the box.
i think the major difference is a UNIX command line can be reached from Interix, but that's just a guess on my part. I've never used either Cygwin or Interix, so I cant really make judgement on either product.
More guesses...
Interix is native Windows code, meaning it's not emulated, so it will probably run faster than Cygwin, which is an emulator.
a big plus for Cygwin is it runs on Win95, while Interix only runs on NT3.5, NT4, and 2K
... of one of my old OS prof's in college
during his OS course, if you were to root his box (it ran OpenBSD), report the contents of a certain file and how you broke in, you get an A and have your name listed as an OpenBSD contributer.
Ok, so someone used the CS Dept's main Sun server to launch a DoS attack against his machine. His box held up just fine (he says he was using it during the attack and didnt notice anything unusual happening). But the dept server, OTOH, sustained major damage. It needed rebooting, and it crashed during reboot.
The dept head was not happy. The guy had to cancel that challenge because it apparently violated university policy.
i dont know how it compares to Cygwin. I've never used either product. I just know about Interix cuz i've heard discussions about using it at work, where it wont matter for me as i dont use windows there.
Sadly, even Microsoft has a solution to your problem:
They have a product called Interix (it isn't their's, they bought it from a startup). It runs under Win2k or NT4 and basically provides a *NIX environment for an NT system. All the GNU stuff is there (shells, gcc, make, etc etc) and the source to them. (source CD is sold separately for $20, or download from their ftp site). Should be noted that the only code there is the code to GNU products, not the actual Interix code.
it isnt free. It does cost something on the order of hundreds per copy.
[disclaimer]This post is not an endorsement of Microsoft or their products.[/disclaimer]
while not an open source solution, you might be able to get everyone on Exchange w/o losing *NIX
If someday they (management) want the developers to switch to Windows so that you too can use Outlook/Exchange, first explain why you have to keep *NIX (in terms they'll understand, of course). If they insist, try one of those Windows emulators or Windows Terminal Server products so that you can retain your *NIX goodness while you can use the emulator or WTS to handle your Exchange needs. I think there are some very good emulators available out there cheap (or even free), but WTS may cost more than what it's worth for just using exchange.
I wonder... if someone were to write an OSS product using one of these more obfuscated languages, I think we should ban from bearing the title OSS. People wouldnt be able to understand the code at all for their own uses or improvements. Hence it'll be Open source, but instead only the original developer would know anything about how it works, make changes, etc.
:)
Unless of course someone is REALLY skilled at hacking these languages
what did you invent that language or just a really good code hacker?
I'd like to see how Intercal is actually used for anything or if it keeps up with other emerging languages. When new (and useful) languages hit the scene, it probably has to drop some features because they're used in that language. I guess maybe it's the first language with the ability to shrink from it's original set of features, unlike other languages out there today (like Java or even Perl)
Of course, it appears very inefficint - A search for prime numbers less than 65535 took 17 hours while C can handle that in a about half a second.
The story was posted at about 6pm (or 1800) GMT.
I only started submitting various versions of this story around 1pm (or 1300)...
2001-10-12 13:10:06 Senate Passes Anti-Terror Bill (articles,usa) (rejected)
2001-10-12 13:29:08 Senate Passes Anti-Terrorism Legislation (yro,privacy) (rejected)
2001-10-12 14:05:15 Senate passes Anti-Terror Legislation (yro,news) (rejected)
2001-10-12 17:27:54 ATA Passes in the Senate, revisions shot down (yro,privacy) (rejected)
AFAIK: .ca is for all of Canada.
1)
2) Quebec is included in all of Canada.
3) Quebec is still a province of Canada.
they block every international site that's not english speaking. For example, .au .ca and .uk are permitted, but anything else - nope.
it is the military afterall, keep in mind not everything makes sense.
someone (an ac) posted the google cache link, so at least i'll be able to use that if int'l sites crop up.
i failed to mention one major thing -- im at work (military) behind firewalls blocking certain international domains. the .jp was a red flag to the firewall to deny me access :(
so yes, i am sorta embarrased.
Who is Ken Sakamura?? I probably know who he is, just never put a name with his actions. Did he come up with some major advancement in open-source?
Guess who's not getting my vote at the next election?
even if you vote for the other guy, he might be just as bad about answering communications as the current one is
I agree. the reason it passed is because the general public wants to see some action taken by lawmakers, even though in reality pieces of the bill dont work in real life. Most of the passed legislation is simply "let's pass this so that the people can feel good about us."
/. use the line "from the boring-news-thats-submitted-a-billion-times dept" (IMO, if it's submitted a lot, it must be "Stuff that matters")
Personally, I think the guy who voted against is gonna keep trying to argue his point and attempt to get his amendments made. He got shot down for "procedural concerns" instead of "the argument itself." Meaning senators didnt vote on the amendment to the bill, they voted on whether they will hear arguments for/against the proposal.
(And yes, I've tried submitting the passage story too, denied.)
try rewording your submission. my most recent re-word is still pending. I submitted it at 10:05am, it's now about 11 (eastern daylight time)
I once saw
i've been trying to submit the cnn version of that to /. for the past hour. 2 attemptes have gotten rejected. Im trying a third, this time pointing out that the person who voted against (he appears to support ACLU concerns) also attempted to alter some portions, but was shot down for a very controvertial reason: process/procedure instead of merit of argument.
Try submitting your yahoo link, see if it goes anywhere
lol... similar situation for me at a liquor store in MD. I was out-of-town on an internship near Wasshington back when I first turned 21. I had to settle for a non-photo for awhile because I wasnt able to get to jersey during the week.
:)
Even though I had my previous (although expired) license that could verify my photo (by matching the DL# with the current) AND my school ID, one day they decided not to take the license despite having gone there about once every 3 weeks until that point.
No problem though, just went to another liquor store
it might simply be one of those laws they actively enforce. It's sorta one of those pointless laws on the books that can be useful in rare circumstances. Chances are pretty good the 10 people you speak of have never been in a situation where they've had to show ID to a police officer or something, so they're able to slide by without having an ID.
an example where it would be enforced is if someone were to be arrested and not own an ID, that's when they would enforce a requirement like that. By the person not having ID, it unnecessarily causes the police extra work, and they can recoup some of that with a fine or something, using this law as grounds for it.
Keep in mind I'm not sure of the law (if it even is one) or penalties. I simply made the post to indicate that NJ residents who dont drive are able to go to a DMV to obtain some identification card that's consistent with normal state drivers licenses.
NJ has no DB (at least of DL photos). The photo on your driver's license is a mini-polaroid print. If you lose your license, you have to go to a DMV and get a new picture taken.
In PA, OTOH, they store your pic in a DB. If you lose your license there, they can send you a new one that reuses the photo off the original.
i dont know if it's a LAW per se, it might just be something they prefer you do. IOW, you could probably get by w/o having one of these.
Back in high school I worked at a retail store that wanted your DL# for checks. I saw a few of the "ID ONLY" cards because of that. The cards are intended for people who don't drive, but need an identification card anyhow (i think i misworded that part in my original post).
The card has a DL formatted number (first letter of last name followed by 14 digits). If the person where to go and take the tests and get a full license, that number would simply transfer over. (Drivers permits work the same way)
The card overall looks like any other photo DL, except in the spot where it normally says "Class D Auto Operator License" it says "**Identification Purposes Only**" (w/ the asteriks)
in NJ (and most, if not all, other states) if you are 18 or older, you're required to obtain an ID card from the Dept Motor Vehicles regardless of if you drive or not. The card says across the top "Identification Purposes Only." Oddly, there's still a DL# that's used for writing checks and such.
you're absolutely correct. Military networks are meant to be used for military purposes, not random people from congress snooping on activities so that they can tell the press stuff. In my example, I used security clearances to illustrate my point using simplified terms outsiders (non-military/govt people) would understand more easily.
Some of what I said is proably a tad innacurate, but I think the point of having multiple separated networks is made.
I should probably say something about Bush's irateness over press leaks. I'm a former DoD contractor with a clearance. (Contract ended Sept 20, thank god!) We got an email the day after the attacks saying that if the media approaches you, direct them to the Office of Public & Media Affairs and answer all questions 'no comment'. People in Congress proabably also got similar emails/memos.
I should note that the 'anonymous sources' the media uses are commiting espionage. Yes, espionage. IANAL, but my interpretation of espinage laws indicate that any disclosure of classified info, regardless of who the info is being disclosed. (that's also the drift I got during my exit briefing form the DoD)
'piggy backing' (as michael put it) wont work for many reasons. I'll explain one major reason:
A person's security clearance. There are multiple levels: Secret and Top Secret are the two most common for military and intelligence uses (there are other levels of classification, but I'm singling out these two for simplicity's sake). Hence, the mil and IC share TWO separated networks, a Secret and a Top Secret (both separate from each other and separate from teh Internet). People with a S clearance cannot access the TS network. But people who are TS cleared can access the S network if their job deems it necessary.
Now for to the rest of the government. Many agencies dont require a security clearance at all (ok, they do require criminal bkgd checks, but that's about it). Question to ask is do you really want uncleared people accessing a network made for classified data?
What I think is being proposed here is a third network that's an Unclassified standalone network (standalone meaning separated from the Internet). This will allow agencies like USDA or Agriculture and state/local gov'ts to be separate from the Internet so that they become more immune to attacks and viruses.
The only issue here is when these people need to access the internet for real. Currently in the military, that means a few internet workstations shared by 30-50 people and each person having a classified box at their cube. If the job deems it necessary, people can have both at their desk. The problem here is an increasing number of computers.
IIRC, DARPA (or one of their contracts) is developing something that can allow a machine access to multiple networks simultaneously, yet keep everything separate. Whenever that gets done, that'll save money on buying physical workstations.
(Note: S and TS are shorthand for Secret and Top Secret)