Actually, it/would/ play without the rootkit software installed, which is why it had to be installed silently, before you could attempt to play it without the kit.
The only purpose of the 'player' is to decode the audio data that was being mangled by the rootkit, or to bypass the rootkit altogether. (Not sure which.)
> Isn't NY one of those states that pay more in to the federal government in federal income > taxes and other stuff than they get back from the federal government in all the different > forms of federal funding?
Well, the federal government imposes a substantial overhead, so that imbalance, on average, will be true for ALL states. Sort of a fiscal Second Law of Thermodynamics.
It's amazing how people will spew this crap without the understanding of arithmetic my 9 yr old kid has. Well, like Orwell said, ignorance is strength.
I suppose the exception is Iraq. I'm pretty sure they're getting a lot more federal money than they're paying in. Oh wait sorry-- Iraq isn't a US state. Well, I suppose if Iraq hadn't glared sternly in our direction we wouldn't be in this mess. (That's the newest revision for 'why we fight', right?)
It's going to phenominally expensive for ISPs unless they just block it for everyone.
1. Create a new DNS server alongside the existing one. Doesn't need to be on a different machine, just on a different IP address. [A network interface can have many IP addresses assigned to it; another physical box is unnecessary.]
2. Create DNS entries for that server from the blacklist that point to 127.0.0.2. A short perl script should do the trick here. For extra credit, use a real IP (instead of 127.0.0.2) of a virtual Web server that puts up a "CONTENT BLOCKED per [law citation here]" for all page requests.
3. Customers that want to opt into the blacklist dial a different access number that's configured to give the end user the blacklist DNS resolver entry.
4. Filter those customers from accessing TCP/UDP port 53 from any other server.
If the list contains IP addresses instead of domain names, then use an access-list to prevent the "wholesome" side of the network from accessing those IPs.
Total cost: much closer to "insignificant" than 'phenominal'[sic]. For a service someone has to/ask/ for. The law is a little silly, but not ridiculous. And a lot better than nothing for a non-computer-savvy parent.
The only wierd part to me is the state's Attorney General creating and maintaining the list..... but someone would have to maintain such a list. Getting the world's pornographers to voluntarily and completely blacklist themselves [eg, via content ratings] is not something that's going to happen this month.
As someone else pointed out, an imperfect solution is better than no solution. If it were mandated that everyone must use the blacklist, that'd be a different matter entirely.
Actually, Yahoo Maps seems to be very good about flagging sponsored links, when looking for "nearby ____". I travel a lot, and use this feature to find hotels, restaurants, etc. at my destinations.
The Public Utilities Commission. Every state has one; they regulate (you guessed it!) the public utilities for their state. Complaints to the PUC generate a mound of unpleasant paperwork; patterns of complaints tend to be dealt with by the levy of large, unpleasant fines. PUCs move slowly, but their wrath is formidible when extracted.
Most utilities do whatever they can to keep those complaints to a minimum.
The year I used Napster (while was in actual operation), I bought more new CD's than in the several years prior to that year, combined. Or the years since! (Though HBO's Reverb has helped me find a couple of new artists. But local radio is hopeless!)
Either someone is inclined to pay for the stuff of value that they obtain (by whatever means), or they're not. Legislation will not eliminate leeches.
The RIAA should concentrate on getting as much new content as possible in front of the non-leeches. Perhaps they don't see that--or perhaps I'm missing some part of the equation.
I still have a good job, even after a disconcerting number of layoffs in my old department (which no longer exists), and a couple of rounds in my new department. Then it occurred to me-- what the hell am I doing reading Slashdot, when I'm supposed to be working on the new release? If you still have a job (and you're currently "on the clock")-- get to it!
The "package and redistribute" version of SQL Server, MSDE, is particularly vulnerable to this problem. --In part, because it doesn't ship with the tools needed TO BE ABLE TO CHANGE THE SA PASSWORD.
Sadly, the installation program for SQL Server does not require you to set an SA password. After that, it just gets overlooked.
Sheesh... SQL Server should not be allowed to start without an SA password; MS should ship a special utility to set the password in that case, but it should never be allowed to start without an SA password.
If someone needs access without a password, then use the guest account for that, and ensure that guest has as little access as possible to satisfy the need. Most of the worst exploits (e.g., xp_cmdshell) require administrative access.
It'd be interesting to see how many Oracle installations leave "system/manager" in place. I'm guessing far fewer-- in general, if you're an incompetent Oracle DBA, nothing gets done. Incompetent SQL Server DBAs can be surprisingly productive. (I've actually had to explain to SQL Server DBAs what an "index" does.)
Actually, they were concerned about the nitrogen in the atmosphere IGNITING when they tested the first thermonuclear bombs. (Most of the atmosphere happens to be nitrogen, btw.) But they ran the numbers a few times, and concluded that it was "very unlikely", and proceeded with the test. If they had been wrong-- remember, the second test "accidently" yielded 15 megatons instead of the predicted 5, and irradiated a bunch of Japanese fishermen-- we would have blinked out of existence in the 50's.
I second that. After helping hundreds of thousands of people understand TCP/IP (at Daryl's TCP/IP Primer), I decided to add the ability to "tip the author" via PayPal or Amazon. So far, after having the "tip jar" up for about 4 months, people have sent less than $100. Which pays for less than an hour of my time at my standard billing rate, and doesn't begin to cover hosting.
Frankly, I wish I had never added those links. I was more than happy to provide the information pro bono, but since so many people wrote to tell me how the site was more useful than their stack of $30 books, I figured, "why not?" The effect has been:
1. I now feel like I'm wasting my time maintaining the site, as if casting pearls before swine;
2. Now, people rarely even send thank-you emails anymore. (Which are free, except you'd have to take 10 whole seconds out of your life to do so, after having spent a few hours reading the information I've put together over the last 8 years or so.)
My advice to anyone else considering implementing this: don't! You'll just find out everything you didn't want to know about human nature. (Or, if you're a pessimist, your suspicions will be confirmed. The nice thing about being a pessimist is that pessimists are never disappointed.) Either way, you'll just wind up bitter.
Disney got the concept of code representing the expression of the coder way back in 1982 in the movie Tron. In the movie, programs (literally) looked like the coder that had created them.
Anyone who has worked in a development shop for any period of time can recognize the coder responsible for a snippet by the style-- the personality-- the coder has infused into the code. "Oh, that looks like something John did."
Not to stretch too far, but this is the same way you'd identify an unknown painting as "probably" being a Picasso-- based on the style of expression. Where you have something created by a human that expresses that human's style and personality, is that not art? Sure, it's functional. A bridge is very useful, but many are also very beautiful. A freeway overpass is pretty mundane-- but that's the bridge designer's equivalent of "Hello, world!".
...but [Sony is] well aware that they can make tons of money from MP3's - that's why they're making MP3 players.
Perhaps Sony intends to sue MP3.com into bankruptcy, so that they can seize MP3.com's primary asset: the domain name. Suddenly, when Joe Consumer types in MP3.com, they get an ad for a Sony player along with a SPA-like warning about "creating unauthorized MP3s" to scare people away from using their fair-use rights to their music.
Or perhaps I should change my handle to "Paranoid Philosopher":-)
Can't you tunnel your VPN traffic over ssh or something? Tell ssh to forward port 50 on the local machine to port 50 on some remote machine, and the remote machine then continues the VPNing.
No, you're confusing port 50 with protocol number 50. IPSec is another IP protocol, peer to TCP (protocol #6) and UDP (protocol #17)(both TCP and UDP use "ports" which is essentially a process identifier for packets) and ICMP (protocol #1, which is another IP protocol that doesn't use ports.) There is a whole list of IP protocols available at
http://www.isi.edu/in-notes/iana/assignments/proto col-numbers
Yeah: the protest vote actually got Jesse Ventura elected as the governor of Minnesota. As one of those protest voters, I think many [of us!] were shocked to learn about our success. One columnist compared it to taking a stranger home on a whim, and being unsure what to do in the morning:-)
In any case, MN has had worse governors... depending on who you ask;-) But, as a friend's mother pointed out, anyone that actually gets her son to go out and vote after all these years of "abstainence" can't be all bad.
Not voting is not a "statement." It's an abdication of your responsiblity as a citizen of this constitutional republic. (Yeah, I know. If you're not from the US just ignore this paragraph.) For those that think we live in a democracy-- which congressional bills have you directly voted on lately?
AFAIK the net has millions if not a billion sites...
Y'know, 76.459 percent of all statistics are made up on the spot. [E-mail me directly for my source for that statistic. Get it?] A billion sites would be one for every six humans on the planet. Think about that for a second. Then ponder how outrageously lucky and fortunate you are that all the right accidents of fate fell in your favor-- so that you can post wildly overblown guesses as to the ubiquity of Internet across the human race.
As a species, we have a long way to go. The first step on that journey is the acknowledgement that many of us that read this are *incredibly blessed* [or lucky, or whatever floats your theist or atheiest boat] and that we have an obligation to help those who aren't as fortunate.
But I troll^h^h^h^h^h digress.... (Can't SlashDot allow <strikeout>?)
(Old joke: what's the difference between a novice geek and a real geek? A novice geek think's there's 1000 bytes in a kilobyte, while a real geek think's theres 1024 meters in a kilometer. Haha, LAUGH god damnit)
LOL!!!
You mean there's only 1,000m? I already know I'm gonna use this one a lot.
Slashdot Mirror
Actually, it /would/ play without the rootkit software installed, which is why it had to be installed silently, before you could attempt to play it without the kit.
The only purpose of the 'player' is to decode the audio data that was being mangled by the rootkit, or to bypass the rootkit altogether. (Not sure which.)
What would I do with 10000 fingers?
> Isn't NY one of those states that pay more in to the federal government in federal income
> taxes and other stuff than they get back from the federal government in all the different
> forms of federal funding?
Well, the federal government imposes a substantial overhead, so that imbalance, on average, will be true for ALL states. Sort of a fiscal Second Law of Thermodynamics.
It's amazing how people will spew this crap without the understanding of arithmetic my 9 yr old kid has. Well, like Orwell said, ignorance is strength.
I suppose the exception is Iraq. I'm pretty sure they're getting a lot more federal money than they're paying in. Oh wait sorry-- Iraq isn't a US state. Well, I suppose if Iraq hadn't glared sternly in our direction we wouldn't be in this mess. (That's the newest revision for 'why we fight', right?)
It's going to phenominally expensive for ISPs unless they just block it for everyone.
/ask/ for. The law is a little silly, but not ridiculous. And a lot better than nothing for a non-computer-savvy parent.
1. Create a new DNS server alongside the existing one. Doesn't need to be on a different machine, just on a different IP address. [A network interface can have many IP addresses assigned to it; another physical box is unnecessary.]
2. Create DNS entries for that server from the blacklist that point to 127.0.0.2. A short perl script should do the trick here. For extra credit, use a real IP (instead of 127.0.0.2) of a virtual Web server that puts up a "CONTENT BLOCKED per [law citation here]" for all page requests.
3. Customers that want to opt into the blacklist dial a different access number that's configured to give the end user the blacklist DNS resolver entry.
4. Filter those customers from accessing TCP/UDP port 53 from any other server.
If the list contains IP addresses instead of domain names, then use an access-list to prevent the "wholesome" side of the network from accessing those IPs.
Total cost: much closer to "insignificant" than 'phenominal'[sic]. For a service someone has to
The only wierd part to me is the state's Attorney General creating and maintaining the list..... but someone would have to maintain such a list. Getting the world's pornographers to voluntarily and completely blacklist themselves [eg, via content ratings] is not something that's going to happen this month.
As someone else pointed out, an imperfect solution is better than no solution. If it were mandated that everyone must use the blacklist, that'd be a different matter entirely.
Actually, that's Computer Associates, "The Place where Software Goes to Die."
All three of them need to be dressed up in frilly lingerie and dropped into Bubba's cell along with a bucket of chilled champagne.
...and a case of Viagra.
Actually, Yahoo Maps seems to be very good about flagging sponsored links, when looking for "nearby ____". I travel a lot, and use this feature to find hotels, restaurants, etc. at my destinations.
The Public Utilities Commission. Every state has one; they regulate (you guessed it!) the public utilities for their state. Complaints to the PUC generate a mound of unpleasant paperwork; patterns of complaints tend to be dealt with by the levy of large, unpleasant fines. PUCs move slowly, but their wrath is formidible when extracted.
Most utilities do whatever they can to keep those complaints to a minimum.
Call me strange--
The year I used Napster (while was in actual operation), I bought more new CD's than in the several years prior to that year, combined. Or the years since! (Though HBO's Reverb has helped me find a couple of new artists. But local radio is hopeless!)
Either someone is inclined to pay for the stuff of value that they obtain (by whatever means), or they're not. Legislation will not eliminate leeches.
The RIAA should concentrate on getting as much new content as possible in front of the non-leeches. Perhaps they don't see that--or perhaps I'm missing some part of the equation.
I still have a good job, even after a disconcerting number of layoffs in my old department (which no longer exists), and a couple of rounds in my new department. Then it occurred to me-- what the hell am I doing reading Slashdot, when I'm supposed to be working on the new release? If you still have a job (and you're currently "on the clock")-- get to it!
The "package and redistribute" version of SQL Server, MSDE, is particularly vulnerable to this problem. --In part, because it doesn't ship with the tools needed TO BE ABLE TO CHANGE THE SA PASSWORD.
Sadly, the installation program for SQL Server does not require you to set an SA password. After that, it just gets overlooked.
Sheesh... SQL Server should not be allowed to start without an SA password; MS should ship a special utility to set the password in that case, but it should never be allowed to start without an SA password.
If someone needs access without a password, then use the guest account for that, and ensure that guest has as little access as possible to satisfy the need. Most of the worst exploits (e.g., xp_cmdshell) require administrative access.
It'd be interesting to see how many Oracle installations leave "system/manager" in place. I'm guessing far fewer-- in general, if you're an incompetent Oracle DBA, nothing gets done. Incompetent SQL Server DBAs can be surprisingly productive. (I've actually had to explain to SQL Server DBAs what an "index" does.)
Actually, they were concerned about the nitrogen in the atmosphere IGNITING when they tested the first thermonuclear bombs. (Most of the atmosphere happens to be nitrogen, btw.) But they ran the numbers a few times, and concluded that it was "very unlikely", and proceeded with the test. If they had been wrong-- remember, the second test "accidently" yielded 15 megatons instead of the predicted 5, and irradiated a bunch of Japanese fishermen-- we would have blinked out of existence in the 50's.
"Oops"
Yeah, and 640k? Who the hell is gonna use more than 128k, or maybe 256k in ten years? Heh...
All I needed to know about sex I learned from Leisure Suit Larry. Who says games aren't educational?
That's right, always use a condom. =)
I second that. After helping hundreds of thousands of people understand TCP/IP (at Daryl's TCP/IP Primer), I decided to add the ability to "tip the author" via PayPal or Amazon. So far, after having the "tip jar" up for about 4 months, people have sent less than $100. Which pays for less than an hour of my time at my standard billing rate, and doesn't begin to cover hosting.
Frankly, I wish I had never added those links. I was more than happy to provide the information pro bono, but since so many people wrote to tell me how the site was more useful than their stack of $30 books, I figured, "why not?" The effect has been:
1. I now feel like I'm wasting my time maintaining the site, as if casting pearls before swine;
2. Now, people rarely even send thank-you emails anymore. (Which are free, except you'd have to take 10 whole seconds out of your life to do so, after having spent a few hours reading the information I've put together over the last 8 years or so.)
My advice to anyone else considering implementing this: don't! You'll just find out everything you didn't want to know about human nature. (Or, if you're a pessimist, your suspicions will be confirmed. The nice thing about being a pessimist is that pessimists are never disappointed.) Either way, you'll just wind up bitter.
Wouldn't it be interesting if Microsoft changed their license to disallow the use of GPL code on their OS? Enforcability issues aside.
Disney got the concept of code representing the expression of the coder way back in 1982 in the movie Tron. In the movie, programs (literally) looked like the coder that had created them. Anyone who has worked in a development shop for any period of time can recognize the coder responsible for a snippet by the style-- the personality-- the coder has infused into the code. "Oh, that looks like something John did." Not to stretch too far, but this is the same way you'd identify an unknown painting as "probably" being a Picasso-- based on the style of expression. Where you have something created by a human that expresses that human's style and personality, is that not art? Sure, it's functional. A bridge is very useful, but many are also very beautiful. A freeway overpass is pretty mundane-- but that's the bridge designer's equivalent of "Hello, world!".
Someone should point out to Allchin that he's free to sell GNU/Linux at whatever price he wants...
Or perhaps I should change my handle to "Paranoid Philosopher"
For a list of assigned TCP and UDP ports, look at http://www.isi.edu/in-notes/iana/assignments/port
A protest vote is still a vote...
:-)
;-) But, as a friend's mother pointed out, anyone that actually gets her son to go out and vote after all these years of "abstainence" can't be all bad.
Yeah: the protest vote actually got Jesse Ventura elected as the governor of Minnesota. As one of those protest voters, I think many [of us!] were shocked to learn about our success. One columnist compared it to taking a stranger home on a whim, and being unsure what to do in the morning
In any case, MN has had worse governors... depending on who you ask
Not voting is not a "statement." It's an abdication of your responsiblity as a citizen of this constitutional republic. (Yeah, I know. If you're not from the US just ignore this paragraph.) For those that think we live in a democracy-- which congressional bills have you directly voted on lately?
*applause*
Interesting, sort of a reverse digital signature...
As a species, we have a long way to go. The first step on that journey is the acknowledgement that many of us that read this are *incredibly blessed* [or lucky, or whatever floats your theist or atheiest boat] and that we have an obligation to help those who aren't as fortunate.
But I troll^h^h^h^h^h digress.... (Can't SlashDot allow <strikeout>?)
You mean there's only 1,000m? I already know I'm gonna use this one a lot.