Wireless Broadband Providers: You have your spectrum play-pen, now do yourselves a favor, and get the hell off the ISM bands with your 802.11x crap for your commercial endeavors. Thank you.
EA Pacific have created a brand new storyline, [..] that have all been inspired by the technologies and ideologies of today's tumultuous world.
A few headlines about the US government accusing the chinese government of planning to use hackers for cyberwarfare is hardly inspiration for a story depicting "real world" events. The people who designed the plot behind C&C Generals did nothing but regurgitate US news headlines to make the plot of this game. C&C Generals' China forces makes money by hackers who sit on mobile laptops by breaking into financial institutions. It's about as assinine if the game designers decided to make an Iraqi force instead, who has "weapons of mass destruction". I can understand why China is pissed.
In addition, when clicking on some of the US units that you wish to command in the game, they say phrases like "Preserving Freedom" and "Doing the right thing". Through the press, the US government has made what is truly a religious war, a war about fighting for freedom. Bush has said time and time again about how these terrorists "hate freedom" and "what america stands for."
I, for one, was quite offended by those aspects of the game. Especially being that the target audience is young people who probably don't follow the real-world events in-depth, the story is really a work of pure fiction, coated to be based on "real world events". Whether or not the game has had any effect on shaping the opinions on world "events", of its young players, the messages "doing the right thing" being played over and over again has to make you wonder.
What will sell me on the PSP is how developers will harness the capabilities of it. Supposedly, there have been prototypes for a GPS, and a DVD player as well. Being able to dock my PSP in my car and use it for in-car navigation (hey Delorme - hint hint), or some other useful utilization of its capabilities besides games will sell me. I was disappointed at the lack of innovative uses for the Playstation 2's USB (and on earlier models, IEEE1394). Thankfully, Sony released Linux for it, which have allowed me to use it for watching movies, a file server, etc.. I certainly hope Sony will do it again with the PSP (can you imagine wardriving with a PSP?)
And thats one of the things that pissed me off so much about Windows - software that fucks with the system libraries and messes everything up. You keep your system up to date, only to install some software that overwrites a dll with a version from the dark ages, and breaks everything else.
Exactly. Not only that, but uninstallers that leave behind tons of crap in the registry/filesystem that should have been removed. When I want something gone, I want
everything
gone. Eventually, over time, having a bloated registry causes Windows to behave poorly.
Just because you aren't broadcasting your SSID doesn't make you less vulnerable by any means, at least to the windows newbie who relies on netstumbler.
I'll try to explain this in non-technical terms. Netstumbler simply tells your wireless card to send out broadcast SSID's, basically saying to everyone, "hello? if anybody can hear me - i'm looking for access points to talk to". If you have SSID broadcasting enabled on your access point, it will respond and say, "hello, i'm an access point with the SSID of linksys". If you have SSID broadcasting disabled, the access point will ignore the request.
There is a diagnostic mode that is part of the 802.11 specification that allows your wireless card to virtually become a scanner (like a police scanner). Thanks to proprietary drivers, you won't be able to get this to work on Windows, (although there is some pretty cool commercial software that includes drivers that will do this, but you will pay alot for it). However, under Linux, there's a vast number of cards supported that allow you to put your wireless card into monitor mode.
OK, so what can you do with monitor mode? If you aren't broadcasting your SSID, this means that in order for a wireless client to connect, they have to know your SSID.
In this scenario, your wireless card will say "hey, cloaked access point linksys, if you're there, i want to talk to you". Then, your SSID-cloaked access point will respond and setup a connection.
If you are running in monitor mode on your wireless card, you can observe this conversation between the wireless client and access point taking place, thus exposing the cloaked SSID. Once you know the SSID, you can connect. Keep in mind that wireless connections can and will drop, and it can take as little as a few seconds of observation to decloak the SSID.
Kismet is excellent software that takes advantage of this (on operating systems such as Linux that have drivers that can tell the wireless card to go into monitor mode). This is one of the many things that makes Kismet far superior over Netstumbler. Also, monitor mode is also how WEP is possible to crack, by observing the physical layer traffic flowing over the network.
Guess what -- your friendly university network admin probably will use kismet or a similar tool in monitor mode to survey wireless networks.
People shouldn't be too quick to hack up their own solutions to something that is still in BETA. There probably is very good reasons for them blocking it. I have no doubts they will eventually have a developer API written for Gmail, like they do for other things on their site. There's also damn good reasons to word verification filters -- brute force attacks.
Here's a picture I took of one of the access points a few months ago. They are in NEMA weatherproof enclosures, with a support bar attached to an omnidirectional whip antenna (quite ugly - unfortunately I couldn't fit it all in the same picture). In addition, there's a flat directional antenna that obviously connects to another access point. I have also discovered the majority of the access points since they started to appear last fall, and have posted them to WiGLE .
One thing I have always seen as a potential problem is a store's competitors using RFID scanners to take inventory and/or monitor what their competitor's customers are walking out of the store with. Any data you can get on your competitors is certainly better than none at all.
One thing I see missing is a good network / host discovery tools with a rich feature set. Like being able to automagically map out a TCP/IP network via SNMP querying "seed" routers, and/or by passively observing network traffic, then being able to collect further information on each host through port scanning or SNMP walking. The biggest problem I see is there's alot of great tools out there, just none of them that does everything without having to jump between multiple programs. And of course, it would be with a curses based gui:)
Solarwinds has a tool called Sonar which does the "seed" router snmp-based discovery. They have some other nice tools too, but it still takes alot of tedious switching between applications to get all the information i'm looking for.
If there's one program that I have used continuiously over the years to diagnose hard drive problems is Spinrite. I was especially pleased with Steve Gibson's commitment to keeping the program DOS-based. There were alot of diagnostic utilities that ran off DOS that I wish were still updated to support modern hardware. Hopefully others will follow Gibson's lead:)
What I don't seem to get is why this is happening. I mean.. I know that some of it is not meant for kids, but PARENTS need to learn to turn those programs off in front of their kids. No one is forcing you, or your kids, to watch it.
Or for parents who are too busy with themselves, get a set with the v-chip. What gets me is, IIRC, the cable channels aren't under the same FCC guidelines, which is why HBO can run movies uncensored, and why Comedy Central got away with the infamous "shit" episode, in which the writers manage to work the uncensored word "shit" into the episode 162 times (with a counter and all). For the most part, the cable networks are censoring their content voluntarially. I, for one, would hope that the viewer populace/ad revenues definitely would make it worth their time.
If 80% of all spam is coming from HACKED PC's, there clearly is criminal hacking charges on a federal and/or international level that could be brought against these guys, at some degree, conspiracy to say the least. I'm pessimistic of the DOJ's "promise" to bring the "top 50" spammers to justice this year. Why isn't that alone fueling the relentless takedowns of these guys while they pursue 15 year old virus writers that don't do much beyond pranks? Just because these zombied pc's are probably 99% home computers and not business computers where dollar amounts of damages can be easily calculated. It seems that's always the playing factor in how much the FBI "cares" about computer crimes.
I definitely second this recommendation. IMO, one of the best scanners ever made. I have a newer usb HP scanner that doesn't even come close to the speed of this thing. They just don't make bulky, well built quality scanners like the 4C anymore.
And for the record, you aren't limited to only 4 software applications for scanning (at least in Windows, any application will work if it uses TWAIN). Perhaps you were referring to the document feeder having limited software compatibility?
(Off topic, but amusing nonetheless if you didn't know, there's an easter egg that's quite humorous..)
Personally, I think it'd be cool just to have a cell phone that could use my own WiFi at home and be cellular when I'm out in the rest of the world
Actually, I think this concept has more potential use and adoption than using public hotspots. This would definitely give people who don't want to pay for an expensive POTS (and have cable internet or be lucky enough to have a local telco that doesn't require a POTS line with DSL service). I know alot of people who only have a cellular phone and complain about not being able to have good reception in all areas of their residence. Motorola's implementation doesn't make much sense, IMO.
Firstly, all ISPs (and corperations, schools, unis and so on) should block port 25 by default. Those that want to run a mailserver for legitimate reasons can do so but anyone who hasnt speicificly said "I want to run a SMTP server on my connection" will be prevented from doing so (this would cut out 99% of the spam comming from spam zombie boxes)
Thereby blocking anyone who wishes to use a third-party, legitimate SMTP host?
If the zombie machines can't connect directly to other domain SMTP servers, like AOL for example, who blocks direct SMTP connections from consumer broadband netblocks, the spammers will simply use the SMTP server for whatever ISP the zombie system resides on. I did my own SMTP on my NAT box for quite a few years up until recently, when I noticed any e-mails sent to aol.com, etc. were being rejected.
The ultimate solution to this problem is to eventually get rid of the SMTP protocol alltogether. Implement a new secure protocol for sending/receiving e-mail amongst the major ISP's, and have them run it parallel with SMTP (for compatability). A deadline should be set for the transition, until it has been thoroughly tested and implemented in e-mail clients, etc.
I think that if the major ISP's get their heads together, they can have a very powerful influence over getting a new standard implemented. Eventually, If small ma and pa ISP's customers start to complain that their e-mail messages aren't getting through to AOL, Comcast, MSN, Charter, etc.. other ISP's will have no choice but to follow suit and adopt.
I am running Debian stable, and let me tell ya, its been nothing but trouble trying to upgrade the kernel.
IMO, installing a bunch of backported applications and then wanting kernel 2.6 really defeats the purpose of running the stable branch.
If you want 2.6, upgrade to testing or unstable. It will save you alot of trouble. Debian's stable branch is for those who want absolute rock-solid stability, and those patient enough to wait for the next big stable release.
Slashdot Mirror
Wireless Broadband Providers: You have your spectrum play-pen, now do yourselves a favor, and get the hell off the ISM bands with your 802.11x crap for your commercial endeavors. Thank you.
OK, so if it would have happened, wouldn't have technically been on Dec. 27 1994 (assuming that was the date it would have hit us?)
Disclaimer: IANAAP (I am not a astro-physicist)
EA Pacific have created a brand new storyline, [..] that have all been inspired by the technologies and ideologies of today's tumultuous world.
A few headlines about the US government accusing the chinese government of planning to use hackers for cyberwarfare is hardly inspiration for a story depicting "real world" events. The people who designed the plot behind C&C Generals did nothing but regurgitate US news headlines to make the plot of this game. C&C Generals' China forces makes money by hackers who sit on mobile laptops by breaking into financial institutions. It's about as assinine if the game designers decided to make an Iraqi force instead, who has "weapons of mass destruction". I can understand why China is pissed.
In addition, when clicking on some of the US units that you wish to command in the game, they say phrases like "Preserving Freedom" and "Doing the right thing". Through the press, the US government has made what is truly a religious war, a war about fighting for freedom. Bush has said time and time again about how these terrorists "hate freedom" and "what america stands for."
I, for one, was quite offended by those aspects of the game.
Especially being that the target audience is young people who probably don't follow the real-world events in-depth, the story is really a work of pure fiction, coated to be based on "real world events". Whether or not the game has had any effect on shaping the opinions on world "events", of its young players, the messages "doing the right thing" being played over and over again has to make you wonder.
Using "" on my AP seems to leave kismet users frustrated as to why they can't sniff out any broadcast association requests :)
My very first act of impulsiveness on slashdot at a rare attempt to be funny.
I'm ashamed and I know better than that.
*markers "RTFA (score -2)" on forehead*
I'm almost tempted to create an ebay alias like "the_antichrist" and outbid everyone else.
Just think of all the bible thumpers who will flip when this guy walks down the street with 666 tattooed on his forehead!
Hopefully they'll outsource some jobs to America.
What will sell me on the PSP is how developers will harness the capabilities of it. Supposedly, there have been prototypes for a GPS, and a DVD player as well. Being able to dock my PSP in my car and use it for in-car navigation (hey Delorme - hint hint), or some other useful utilization of its capabilities besides games will sell me.
I was disappointed at the lack of innovative uses for the Playstation 2's USB (and on earlier models, IEEE1394). Thankfully, Sony released Linux for it, which have allowed me to use it for watching movies, a file server, etc.. I certainly hope Sony will do it again with the PSP (can you imagine wardriving with a PSP?)
Would encryption be of any use? I'm not familar with the "Tempest project" thing mentioned above.
More information on TEMPEST than you'd probably want to know.
Exactly. Not only that, but uninstallers that leave behind tons of crap in the registry/filesystem that should have been removed.
When I want something gone, I want
- everything
gone. Eventually, over time, having a bloated registry causes Windows to behave poorly.OK. Time for Wireless security 101.
Just because you aren't broadcasting your SSID doesn't make you less vulnerable by any means, at least to the windows newbie who relies on netstumbler.
I'll try to explain this in non-technical terms. Netstumbler simply tells your wireless card to send out broadcast SSID's, basically saying to everyone, "hello? if anybody can hear me - i'm looking for access points to talk to". If you have SSID broadcasting enabled on your access point, it will respond and say, "hello, i'm an access point with the SSID of linksys". If you have SSID broadcasting disabled, the access point will ignore the request.
There is a diagnostic mode that is part of the 802.11 specification that allows your wireless card to virtually become a scanner (like a police scanner). Thanks to proprietary drivers, you won't be able to get this to work on Windows, (although there is some pretty cool commercial software that includes drivers that will do this, but you will pay alot for it).
However, under Linux, there's a vast number of cards supported that allow you to put your wireless card into monitor mode.
OK, so what can you do with monitor mode?
If you aren't broadcasting your SSID, this means that in order for a wireless client to connect, they have to know your SSID.
In this scenario, your wireless card will say "hey, cloaked access point linksys, if you're there, i want to talk to you". Then, your SSID-cloaked access point will respond and setup a
connection.
If you are running in monitor mode on your wireless card, you can observe this conversation between the wireless client and access point taking place, thus exposing the cloaked SSID. Once you know the SSID, you can connect. Keep in mind that wireless connections can and will drop, and it can take as little as a few seconds of observation to decloak the SSID.
Kismet is excellent software that takes advantage of this (on operating systems such as Linux that have drivers that can tell the wireless card to go into monitor mode). This is one of the many things that makes Kismet far superior over Netstumbler. Also, monitor mode is also how WEP is possible to crack, by observing the physical layer traffic flowing over the network.
Guess what -- your friendly university network admin probably will use kismet or a similar tool in monitor mode to survey wireless networks.
People shouldn't be too quick to hack up their own solutions to something that is still in BETA.
There probably is very good reasons for them blocking it.
I have no doubts they will eventually have a developer API written for Gmail, like they do for other things on their site.
There's also damn good reasons to word verification filters -- brute force attacks.
Here's a picture I took of one of the access points a few months ago. They are in NEMA weatherproof enclosures, with a support bar attached to an omnidirectional whip antenna (quite ugly - unfortunately I couldn't fit it all in the same picture). In addition, there's a flat directional antenna that obviously connects to another access point. I have also discovered the majority of the access points since they started to appear last fall, and have posted them to WiGLE .
One thing I have always seen as a potential problem is a store's competitors using RFID scanners to take inventory and/or monitor what their competitor's customers are walking out of the store with.
Any data you can get on your competitors is certainly better than none at all.
A similar project was done by Yoshi on TechTV a few years back.. He combined a PC, X-Box, Game Cube, PS2, Atari 2600 and 8-Bit Nintendo all into one.
One thing I see missing is a good network / host discovery tools with a rich feature set. Like being able to automagically map out a TCP/IP network via SNMP querying "seed" routers, and/or by passively observing network traffic, then being able to collect further information on each host through port scanning or SNMP walking. The biggest problem I see is there's alot of great tools out there, just none of them that does everything without having to jump between multiple programs. And of course, it would be with a curses based gui :)
Solarwinds has a tool called Sonar which does the "seed" router snmp-based discovery. They have some other nice tools too, but it still takes alot of tedious switching between applications to get all the information i'm looking for.
If there's one program that I have used continuiously over the years to diagnose hard drive problems is Spinrite. I was especially pleased with Steve Gibson's commitment to keeping the program DOS-based. There were alot of diagnostic utilities that ran off DOS that I wish were still updated to support modern hardware. Hopefully others will follow Gibson's lead :)
What I don't seem to get is why this is happening. I mean.. I know that some of it is not meant for kids, but PARENTS need to learn to turn those programs off in front of their kids. No one is forcing you, or your kids, to watch it.
Or for parents who are too busy with themselves, get a set with the v-chip. What gets me is, IIRC, the cable channels aren't under the same FCC guidelines, which is why HBO can run movies uncensored, and why Comedy Central got away with the infamous "shit" episode, in which the writers manage to work the uncensored word "shit" into the episode 162 times (with a counter and all). For the most part, the cable networks are censoring their content voluntarially. I, for one, would hope that the viewer populace/ad revenues definitely would make it worth their time.
If 80% of all spam is coming from HACKED PC's, there clearly is criminal hacking charges on a federal and/or international level that could be brought against these guys, at some degree, conspiracy to say the least. I'm pessimistic of the DOJ's "promise" to bring the "top 50" spammers to justice this year. Why isn't that alone fueling the relentless takedowns of these guys while they pursue 15 year old virus writers that don't do much beyond pranks? Just because these zombied pc's are probably 99% home computers and not business computers where dollar amounts of damages can be easily calculated. It seems that's always the playing factor in how much the FBI "cares" about computer crimes.
I definitely second this recommendation. IMO, one of the best scanners ever made. I have a newer usb HP scanner that doesn't even come close to the speed of this thing. They just don't make bulky, well built quality scanners like the 4C anymore.
And for the record, you aren't limited to only 4 software applications for scanning (at least in Windows, any application will work if it uses TWAIN). Perhaps you were referring to the document feeder having limited software compatibility?
(Off topic, but amusing nonetheless if you didn't know, there's an easter egg that's quite humorous..)
Personally, I think it'd be cool just to have a cell phone that could use my own WiFi at home and be cellular when I'm out in the rest of the world
Actually, I think this concept has more potential use and adoption than using public hotspots. This would definitely give people who don't want to pay for an expensive POTS (and have cable internet or be lucky enough to have a local telco that doesn't require a POTS line with DSL service). I know alot of people who only have a cellular phone and complain about not being able to have good reception in all areas of their residence. Motorola's implementation doesn't make much sense, IMO.
While still a basement hacker project, it's alot more practical now with the price drop, being you can now get an Xbox with a modchip for about $179 ;)
Firstly, all ISPs (and corperations, schools, unis and so on) should block port 25 by default.
Those that want to run a mailserver for legitimate reasons can do so but anyone who hasnt speicificly said "I want to run a SMTP server on my connection" will be prevented from doing so (this would cut out 99% of the spam comming from spam zombie boxes)
Thereby blocking anyone who wishes to use a third-party, legitimate SMTP host?
If the zombie machines can't connect directly to other domain SMTP servers, like AOL for example, who blocks direct SMTP connections from consumer broadband netblocks, the spammers will simply use the SMTP server for whatever ISP the zombie system resides on. I did my own SMTP on my NAT box for quite a few years up until recently, when I noticed any e-mails sent to aol.com, etc. were being rejected.
The ultimate solution to this problem is to eventually get rid of the SMTP protocol alltogether. Implement a new secure protocol for sending/receiving e-mail amongst the major ISP's, and have them run it parallel with SMTP (for compatability). A deadline should be set for the transition, until it has been thoroughly tested and implemented in e-mail clients, etc.
I think that if the major ISP's get their heads together, they can have a very powerful influence over getting a new standard implemented. Eventually, If small ma and pa ISP's customers start to complain that their e-mail messages aren't getting through to AOL, Comcast, MSN, Charter, etc.. other ISP's will have no choice but to follow suit and adopt.
I am running Debian stable, and let me tell ya, its been nothing but trouble trying to upgrade the kernel.
IMO, installing a bunch of backported applications and then wanting kernel 2.6 really defeats the purpose of running the stable branch.
If you want 2.6, upgrade to testing or unstable. It will save you alot of trouble. Debian's stable branch is for those who want absolute rock-solid stability, and those patient enough to wait for the next big stable release.
I run debian stable, and have onl