The article does not really say anything new. Of course phishing scams are on the rise: When they succeed, they succeed very well. It's just like spam that sells Body Part Enlargement Pills. Only a few victims need to fall for it befor the perps fall in love with the whole idea.
But off-topic, did anyone else notice the "Further Reading" section below the article?
The Elements of Style, Fourth Edition by Roger Angell
The Art of Innovation : Lessons in Creativity from IDEO, America's Leading Design Firm by by Tom Peters
Reporting Technical Information by Thomas E. Pearsall
Optical Illusions : Lucent and the Crash of Telecom by Lisa Endlich
National Electrical Code 2002 Handbook
The dead tree compilation of HOWTO: PHISH (except for maybe the last one). Ha!
"We hold that the do-not-call registry is a valid commercial speech regulation because it directly advances the government's important interests in safeguarding personal privacy and reducing the danger of telemarketing abuse without burdening an excessive amount of speech," the [Denver-based] appeals court said.
Emphasis mine.
Is this the same government that instituted the Patriot Act? (I know, some of it was recently declared unconstitutional, but the Act was put in place first.)
It's very nice that privacy is becoming a little more important these days, at least with the state governments, but please don't try to rewrite history.
That said, I'm very happy the do-not-call list will remain. It's cut down my dinner interruptions to almost zero.
Previously, we could only say something like, "Someone may tap into your communication channel" to steal credit card information, listen to your VoIP, etc.. Better start using encryption! Lots of people ignore vague warnings like that. This would give us an actual "enemy of privacy" to point at.
[David Jefferson, a computer scientist at Lawrence Livermore National Laboratory said] that he doesn't believe that the vulnerabilities show deliberate malice on Diebold's part to aid fraud, as [voting activist Bev Harris] has sometimes contended in public statements. But the vulnerabilities do show incompetence and indicate that Diebold programmers simply don't know how to design a secure system.
Emphasis mine.
Another excellent example of why electronic voting software should be open source. Having many programmers looking over code doesn't automatically increase security, but it certainly increases the probability of finding and correcting asinine problems like the one discussed in the article.
We all know this. Now to convince the U.S. state governments, or the Feds (who should probably fund and sign off on it). Any representatives reading this?
It looks like what I knew -- or thought I knew -- about space elevators is a bit dated. Which amounts to "wildly inaccurate" now. For those of you who might want to see some direct comparisons between the current technology and what was believed a few years ago, see LiftPort's Frequent Misconceptions page. It was enlightening, at least to me.
Whether the funding for a space elevator comes from the private or public sector, governments from all around the world will surely be involved. Why? Because the damn thing is so tall. One reference I picked off the 'net says it would extend 62,000 miles.
That's a little over twice around the planet, people. Anyone who considers disaster scenarios should think about that. If something goes wrong, there's a possibility that the elevator cable would wrap itself around Earth, hard. Countries under the cable's path probably wouldn't like that. Their governments would make a great deal of noise, just considering the possibility.
Given that the governments are involved to that extent anyway, it's natural to assume that they will also want to oversee construction and whatnot, just to make sure Things Are Done Right. Now, do you want a government with no stake in the elevator watchdogging the process, or one that does have a serious financial stake?
The company that designed the scroll wheel is Synaptics. They have another product called the Fingerprint TouchPad that is basically a tiny fingerprint scanner/authentication device. I've always thought that this kind of device would be great if it was integrated into something I have hold to use, such as my cell phone or mouse. Biometric security isn't absolute security, but it can be one level of security that is nearly invisible if implemented correctly. Neat stuff.
Privately funded in 1993, now with customers in 40 countries* and over $67 million** in cash reserves, the company experienced a phenomenal growth and continues to aggressively pursue new frontiers in order to meet or exceed the needs of most demanding customers by providing a scalable, seamless, comprehensive offering.
Leveraging our paradigm-shifting product line with state of the art technology developed by a dedicated team of professionals, we offer a significant competitive advantage on the diversified but fragmented market of best of breed anti-spam solutions.
These people score a 9.8 out of 10 in the Buzzword Bingo game. That second paragraph, in particular, would keep me as far away from them as possible.
Here is propagation information on the worm WORM_SDBOT.UH from Trend Micro (link pulled from the article):
Network Propagation and Exploits
This worm takes advantage of the Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability present on Windows XP systems, which allows an attacker to gain full access and execute any code on a target machine, leaving it compromised. Read more on this vulnerability from the following link:
This worm also exploits the IIS5/WEBDAV buffer overrun vulnerability affecting Windows NT platforms, which enables arbitrary codes to execute on the server. The following link offers more information from Microsoft about this vulnerability:
It also exploits the Windows LSASS vulnerability. This is a buffer overrun vulnerability that allows remote code execution. Once successfully exploited, a remote attacker is able to gain full control of the affected system. For more information about this vulnerability, refer to the following Microsoft Web site:
This worm spreads via network shares, using NetBEUI functions to get available lists of user names and passwords. It then searches for and lists down the following shared folders, where it drops a copy of itself using the gathered information:
Admin$\system32
C$\windows\system32
C$\winnt\system32
Ipc$
Trend Micro reports that the worm runs on Windows 95, 98, ME, NT, 2000, and XP. But notice that they report that the worm as not in the wild. So... where is it? Did they get a prerelease?
"The big business goal here is Microsoft wants to promote the Windows format to sell more PCs and to get people to upgrade," Directions of Microsoft analyst Matt Rosoff said.
Director: Cut. OK, that's a wrap.
Rosoff: Wasn't I supposed to say this bit about how we allow customers to burn downloaded playlists ten times?
Director: Oops. Sorry. I forgot to blank that out.
Rosoff: And what's this Apple logo doing over here?
Director: Like I said, I forgot to blank some things out. We're done. Thanks. Go home.
The.com bubble bursts, causing employees working for firms whose primary business is selling IT products to lose their jobs.
Bigger IT companies that didn't actually fold outsource some work to reduce expenses.
Due to public demand and reduced expenses, non-IT companies buy more computer crap.
Non-IT companies have to hire the old IT employees to run the new computers.
Net result: Those employees eventually have jobs in computers, just not with computer companies.
This actually makes sense, and I've seen it here locally. A lot of people I know who were laid off from startups are now working for their old customers. The problem is, this trend can take years. The number of businesses that totally went under put a ton of IT talent out of work. Compensating for that will take some time. That's not good news for the employees who haven't landed a job yet.
The title of the article is "Top Reasons Why People Think Java Un-Cool - Debunked" (emphasis mine). I did RTFA, and I saw no debunking. Just a list of reasons why people might not like Java.
Clad in orange pants and a pink tunic, Snehalatha [a college student] signs up for Yahoo mail, as an impatient queue lengthens behind her.
The article fails to mention how many of rickshaws the government has deployed. There probably aren't that many of them, and they are hauled from village to village within India's wireless zone. So, from the perspective of a villager, a single computer that isn't even there most of the time has to be shared by everyone.
Probably every single one of you reading this post has spent more time in front of your computer today than these people will, at a rickshaw, in a month. And the Indian government wants to "... use technology to improve education, health care and access to agricultural information in India's villages..."? If they were serious about that they'd create a tiny computer center in each village and instead of sending rickshaws around, send teachers instead.
..this isn't a lack of sensitivity on Microsoft's part. It's a lack of toleration on the part of other cultures. Knowing full-well that this software was written by programmers of another culture, there should be a degree of toleration and patience that goes along with the process.
I wholeheartedly agree with this statement. Not only programmers, but people in general need to understand that others will never know as much about your culture as you do. In this case, "culture" refers to something as tiny as your neighborhood.
Americans may be stuck up, take a WHOLE lot of freedoms for granted, have lots of money, and think too highly of themselves at times to bother learning about other cultures, but I'll give you one thing:
Even some of the most annoying pricks I know seem to be more tolerant than some other cultures are to the average Joe. How pathetic is that?
Perhaps "some of the most annoying pricks" show more tolerance, but it seems more like the majority show about the same level of tolerance. People naturally believe that things near and dear to them are more important than everything else. If someone else comes along and denigrates the Near And Dear Object/Ideal/Delusion, words (at least) fly. That's true for a large part of Earth's populace, I think.
[IntelliTxt by Vibrant Media] works by underlining certain words in an article so that when a reader runs his cursor over one of them, an ad springs up. For example, in a story on antivirus software, words like "virus," "security" and "worms" might be highlighted. Then readers, if they so choose, could mouse over one or all of them, click on a "sponsored link" and go straight to the advertiser's website.
Unless I missed something, neither the article nor the summary provides a link to the product. Here is what I found: Web Caller-ID. That link contains this paragraph:
Web Caller-ID's detection engine includes hundreds of routines that examine the elements of a web site, ranging from the site's content and links to its page history, and then determine if they are indicative of a spoof. For example, the URL of a particular site might be analyzed for phishing characteristics, such as the inclusion of an IP address at the beginning of the URL, or the source code might be analyzed for calls to a different web site. In production environments, Web Caller-ID consistently detects more than 98% of previously unknown spoof sites using behavioral technology.
This product sounds interesting at first blush, but don't most phishing scams begin with an email? Web sites that support phishing aren't going to have as many of these charactistics as the email that lured the victims there to begin with. I have to wonder just how well this really works, despite the, "consistently detects more than 98% of previously unknown spoof sites" quote.
... regions near AM radio-broadcasting towers had 70 percent more leukemia deaths than those without.
...
... also found that cancer deaths were 29 percent higher near such transmitters.
...
... California's Department of Health Services reviewed all the current studies of EMF risks from power lines, wiring and appliances in 2002. It found no conclusive evidence of harm. However, links to childhood leukemia, adult brain cancer and Lou Gehrig's disease could not be ruled out.
Yes, but did they test for lethal amounts of dihydrogen monoxide? It would be irresponsible to not test for everything possible! Alarmists, take heed! Flee to the hills! Watch out for magnetism! Gravity is also especially harmful!
From the detailed description portion of the patent:
[0090] In some cases, the light system 14 is arranged to cooperate with the electrical components 18. For example, events associated with the electrical components 14 may be monitored, and the light system 14 may be controlled based on the monitored events. As such, an illumination effect corresponding to a specific event may be produced. For example, the housing 12 may be configured to exude a blinking red coloration when an event has been implemented.
It looks like Apple is extending the "illuminated case" theme by making it more interactive. The patent is purposely vague about what the illumination is, taking (what seems to be) pains to avoid calling the illumination static. I think they're looking at displaying color bars, logos, icons, etc. on the case from the inside. It would be cool to see an entire case shaded (for example) from blue to red to indicate processor activity. Imagine a rack full of server systems with that capability, in a dark server room....
Now, I'm not sure how a so-called "interactive illumination" is much different than LEDs you see on the mondo-cool multiprocessor boxes, but the patent does describe something a bit different than the run-of-the-mill case mod.
Blame the bleak tech job market. In the past, a computer degree meant "instant riches, or at least a well-paying, secure job," says San Jose computer science chair David Hayes. "Now, the perception is jobs are going overseas, and people are being laid off."
Students are always attracted to job segments where either of two things are reported:
The press reports explosive growth in an industry
The press reports that there are not enough workers in a particular industry
Both of those items imply a higher salary. This is not new. Students who don't have a true interest in something before they get to college will nearly always opt to go where the money is. When the expected salary dries up, they look elsewhere. It's happened over and over in the past and, I expect, will continue.
That's not necessarily a bad thing, says Peter Lee, an associate dean at Carnegie Mellon.... [The fewer new] students are often of higher quality, motivated more by love of technology than dreams of stock options, he says.
Those are the students who do have a true interest in the computer field before they get to college. Again, this is not new, and virtually every job segment has people like this.
Speaking as an employer, I'm very happy with this trend. The quality of graduates with programming degrees has been absolutely terrible for years now.
Slashdot Mirror
It's from Lucifer's Hammer by Larry Niven and Jerry Pournelle. Great book.
But off-topic, did anyone else notice the "Further Reading" section below the article?
- The Elements of Style, Fourth Edition by Roger Angell
- The Art of Innovation : Lessons in Creativity from IDEO, America's Leading Design Firm by by Tom Peters
- Reporting Technical Information by Thomas E. Pearsall
- Optical Illusions : Lucent and the Crash of Telecom by Lisa Endlich
- National Electrical Code 2002 Handbook
The dead tree compilation of HOWTO: PHISH (except for maybe the last one). Ha!Is this the same government that instituted the Patriot Act? (I know, some of it was recently declared unconstitutional, but the Act was put in place first.)
It's very nice that privacy is becoming a little more important these days, at least with the state governments, but please don't try to rewrite history.
That said, I'm very happy the do-not-call list will remain. It's cut down my dinner interruptions to almost zero.
Previously, we could only say something like, "Someone may tap into your communication channel" to steal credit card information, listen to your VoIP, etc.. Better start using encryption! Lots of people ignore vague warnings like that. This would give us an actual "enemy of privacy" to point at.
Another excellent example of why electronic voting software should be open source. Having many programmers looking over code doesn't automatically increase security, but it certainly increases the probability of finding and correcting asinine problems like the one discussed in the article.
We all know this. Now to convince the U.S. state governments, or the Feds (who should probably fund and sign off on it). Any representatives reading this?
It looks like what I knew -- or thought I knew -- about space elevators is a bit dated. Which amounts to "wildly inaccurate" now. For those of you who might want to see some direct comparisons between the current technology and what was believed a few years ago, see LiftPort's Frequent Misconceptions page. It was enlightening, at least to me.
That's a little over twice around the planet, people. Anyone who considers disaster scenarios should think about that. If something goes wrong, there's a possibility that the elevator cable would wrap itself around Earth, hard. Countries under the cable's path probably wouldn't like that. Their governments would make a great deal of noise, just considering the possibility.
Given that the governments are involved to that extent anyway, it's natural to assume that they will also want to oversee construction and whatnot, just to make sure Things Are Done Right. Now, do you want a government with no stake in the elevator watchdogging the process, or one that does have a serious financial stake?
The company that designed the scroll wheel is Synaptics. They have another product called the Fingerprint TouchPad that is basically a tiny fingerprint scanner/authentication device. I've always thought that this kind of device would be great if it was integrated into something I have hold to use, such as my cell phone or mouse. Biometric security isn't absolute security, but it can be one level of security that is nearly invisible if implemented correctly. Neat stuff.
Network Propagation and Exploits
This worm takes advantage of the Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability present on Windows XP systems, which allows an attacker to gain full access and execute any code on a target machine, leaving it compromised. Read more on this vulnerability from the following link:
It also takes advantage of the Buffer Overflow in SQL Server 2000 vulnerability. Read more on this vulnerability from the following link:
This worm also exploits the IIS5/WEBDAV buffer overrun vulnerability affecting Windows NT platforms, which enables arbitrary codes to execute on the server. The following link offers more information from Microsoft about this vulnerability:
It also exploits the Windows LSASS vulnerability. This is a buffer overrun vulnerability that allows remote code execution. Once successfully exploited, a remote attacker is able to gain full control of the affected system. For more information about this vulnerability, refer to the following Microsoft Web site:
This worm spreads via network shares, using NetBEUI functions to get available lists of user names and passwords. It then searches for and lists down the following shared folders, where it drops a copy of itself using the gathered information:- Admin$\system32
- C$\windows\system32
- C$\winnt\system32
- Ipc$
Trend Micro reports that the worm runs on Windows 95, 98, ME, NT, 2000, and XP. But notice that they report that the worm as not in the wild. So... where is it? Did they get a prerelease?Rosoff: Wasn't I supposed to say this bit about how we allow customers to burn downloaded playlists ten times?
Director: Oops. Sorry. I forgot to blank that out.
Rosoff: And what's this Apple logo doing over here?
Director: Like I said, I forgot to blank some things out. We're done. Thanks. Go home.
- The
.com bubble bursts, causing employees working for firms whose primary business is selling IT products to lose their jobs.
- Bigger IT companies that didn't actually fold outsource some work to reduce expenses.
- Due to public demand and reduced expenses, non-IT companies buy more computer crap.
- Non-IT companies have to hire the old IT employees to run the new computers.
Net result: Those employees eventually have jobs in computers, just not with computer companies.This actually makes sense, and I've seen it here locally. A lot of people I know who were laid off from startups are now working for their old customers. The problem is, this trend can take years. The number of businesses that totally went under put a ton of IT talent out of work. Compensating for that will take some time. That's not good news for the employees who haven't landed a job yet.
This is news?
Probably every single one of you reading this post has spent more time in front of your computer today than these people will, at a rickshaw, in a month. And the Indian government wants to "... use technology to improve education, health care and access to agricultural information in India's villages ..."? If they were serious about that they'd create a tiny computer center in each village and instead of sending rickshaws around, send teachers instead.
Now, I'm not sure how a so-called "interactive illumination" is much different than LEDs you see on the mondo-cool multiprocessor boxes, but the patent does describe something a bit different than the run-of-the-mill case mod.
Stay the f**k out of my life.
- The press reports explosive growth in an industry
- The press reports that there are not enough workers in a particular industry
Both of those items imply a higher salary. This is not new. Students who don't have a true interest in something before they get to college will nearly always opt to go where the money is. When the expected salary dries up, they look elsewhere. It's happened over and over in the past and, I expect, will continue. Those are the students who do have a true interest in the computer field before they get to college. Again, this is not new, and virtually every job segment has people like this.Speaking as an employer, I'm very happy with this trend. The quality of graduates with programming degrees has been absolutely terrible for years now.