Sorry, my hacking skills are rather lame, and all I have it this lousy whois listing, which clearly shows this is hosted by a company on American soil. Given the current outrage, I think a single e-mail or fax from a concerned citizen to the hosting company should suffice to shut azzam down asap.
> telnet www.azzam.com 25
Trying 64.33.12.151...
Connected to www.azzam.com.
Escape character is '^]'.
220 amor.host4u.net ESMTP Sendmail 8.8.5/8.8.5; Sat, 15 Sep 2001 xx:xx:xx -0500
quit
> whois host4u.net
Registrant:
Host For You (HOST4U-DOM)
4 Trefoil Drive
Trumbull, CT 06611
US
Tell him about the insurance premiums he'll save on you since you won't be sitting in a 110 story terrorist target.
I've heard that if this is classified as an Act of War rather than an Act of Terror, insurance won't cover it anyways. Insurance covers damage due to terrorism, but usually not war damage. But maybe Bush's words were only rhetorical, and don't have any legal value (as far as insurance is concerned)? Is there an insurance lawyer in the audience, who could fill in the details?
That Slashdot once again survived an unintentional DDos attack in a time of crisis, that the major news sites could not, is worthwhile information.
Well, "survived", kinda. Yes, the main page could be read, but no comments, no old articles, no nothing. Whatever link you clicked on, you get sent back to the main page.
There are many effective uses of popups. One common example is popup help messages that don't force the user to navigate away from the page they were using. (I hate it when I've spent five minutes filling out a form, click on a "help" link, and have all of that information lost.)
What's wrong with <a href="help.html" target="newframe"> ? As you see, having linked pages appear in a new window is perfectly doable in plain HTML. And if you really want to be fancy, just put the damn javascript link into a document.write clause, and a plain HTML link between <NOSCRIPT> tags. Javascript's language designers have supplied great backwards compatibility tools, but unfortunately nowadays the <NOSCRIPT> tags are hardly ever used for that puropose. Instead boorish web designers use them for such intelligent messages as "You're a moron for not using javascript, and a cheap bastard for having a screen with a resolution below 1600x1200"...
have you actually used the web lately? Your ideas are great in theory, but in practice they take you back about 6 years. E-commerce goes out the window w/out cookies. Many sites become unusable w/out javascript (Not just sites that do "onclick=location.href",...
Actually, I usually surf with javascript turned off, and the sites where this causes problems can be counted on the fingers of one hand. And for those rare sites I have the choice of
not there going again
just allowing those sites in my konqueror browser's javascript ACL.
Of course, if you're in the habit of surfing to porn sites, you might be somewhat more dependant on javascript...
...but there are many sites that actually use javascript *well*).
Actually, using javascript well should mean to not make an obligation out of it, but to use it solely to provide additional and optional functionality. The site should still stay useable even if the user doesn't want or isn't able to use javascript. You know, blind people who are bound to surf using lynx (because their braille lines, or text-to-speech engines only support text browsers) cannot just turn on javascript, even if they wanted!
Just pointing out the obvious for those of you who might have been fooled by the summary's language:
Contrarily to what the summary hints at through the mention of Code Red, and Apache, this is not an Apache worm. It's a trojan that you actually have to execute yourself in order to be infected. Thus, if you don't blindly execute e-mail attachments, and download programs from untrusted sources, you should be safe. Moreover, the trojan is rather primitive and doesn't try to manipulate the file modification dates to hide its presence. Thus a simple ls -ltrc/bin and ls -ltr/bin should reveal its presence.
If this software is so good at finding "hot" (i.e. incriminating or embarassing) documents, how long before the virus writers will "discover" the same techniques. Rather than just SIRCAM'ing out a random file out of the My Documents folder, spider the whole hard disk, and all reacheable network drives, and selectively mail out those items that score high on a "hotness" scale. This would make opening those SIRCAM attachments (using a Linux office suite, for safety...) much more rewarding...
> The DMCA does not have force of law where they are, and the ISP personnel will be glad to tell them to shove up their lawyer's letter.
Huh? Paetec (the ISP) is located in NY, which is in the US. DMCA is federal law, thus it certainly applies.
> whois paetec.net
Domain Name: PAETEC.NET
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: NS1.PAETEC.NET
Name Server: NS2.PAETEC.NET
Updated Date: 02-jan-2001
Registrant:
Paetec Communications (PAETEC-DOM)
290 Woodcliff Drive
Fairport, NY 14450
US
Domain Name: PAETEC.NET
Administrative Contact, Billing Contact:
Noren, Bill (NB519-ORG) dnsadmin@PAETEC.COM
PaeTec Communications
290 Woodcliff Drive
Fairport, NY 14450
US
(716) 340-2737
Fax- - (716) 340-2509
Technical Contact:
Paetec Hostmaster (PH2710-ORG) dns@PAETEC.NET
Paetec Communications
One PaeTec Plaza
600 Willowbrook Office Park
Fairport, NY, US 14450
US
1-877-472-3832
Fax- 1-716-340-2786
Record last updated on 02-Jan-2001.
Record expires on 04-Jun-2002.
Record created on 04-Jun-1998.
Database last updated on 31-Aug-2001 00:08:00 EDT.
Re:I don't know why you guys hate "spam" so much
on
Spammers Stoop To New Low
·
· Score: 3, Informative
> I don't get it.. what's so difficult in deleting a few messages that you might not want to read ?
The operative word is precedent. If we let Monster off the hook, other spammers will take notice, and very soon it will no longer be just a "few" messages, but thousands of them. How would you feel if you had to pass an hour each morning sifting through your spam, fearing that you might miss an important message from your friends or coworkers? Today spam is not that bad, but if we don't react now, it may be that bad five years from now.
Send an authentic looking "lawyer's letter" claiming that on Sunday August 12th, you found pirate movies on their site only to find them gone on Monday 13th, but back next Saturday and gone again on Monday.
The ISP personnel will have to come in working during a weekend to check on the claims, and, fearing DMCA litigation, they'll prefer to cut off Monster waiting for a sworn affidavit from them that they have no pirated movies on their site.
> Uhm, sign up for a Club Card using fake information.
Or, more easily: don't use the club card for these types of purchases.
If you sign up for a Club Card using fake information, be aware that many stores send out "newsletters" to club members. And they might notice if these bounce...
> Do you really think that everyone 'wants' to be involved in your religion? Do you feel that your religion is so special that others must be subjected to it and pay for it? I am sorry, but that is just on fair.
The same thing could be said about just any (school sponsored) club. Do you really think that everyone enjoys playing chess? Using linux? Playing football? But we wouldn't use that fact for banning chess clubs, linux clubs or football clubs. Why should religion be considered any different?
> The fact is that there are many different religions and, in fact, some of us are pretty a-religious, non-religious, or even anti-religious.
Hey, many geeks are anti-jock, but most high-schools still have sports club. And on top of that, there is a significant peer pressure to join one of the sports clubs. If you apply your reasoning equally to all clubs, sports clubs would have to go before any religious clubs!
> Thus putting one ahead of the others is discrimination and favoritism.
No, it is not. Geeks may not be interested by sports clubs, but they have their chess or computer clubs. Non-discrimation does not mean that no special-interest groups should exist, it only means that each reasonably common interest should have the right to form a club. Forbidding only religious clubs, while allowing clubs for all other kinds of concerns would be anti-religious discrimation. And banning all clubs would be plain stoopid: why not put the classrooms to good use after school hours?
>> Bug counts have never been an accurate measure of the quality of the product.
> Only an open source programmer would have the nerve to say this.
No, some commercial outfits say similar things. For instance Andersen Consulting, sorry, Accenture has this bizarre mentality of artificially inflating number of bugs in their pre-shipping bug tracking db, because the quality of their product will be judged by the ratio(bugs_found_after_release / bugs_found_and_fixed_before_release). The intended way of keeping this small is to make a quality product with almost no bugs left after release. However, another way of keeping this ratio low is by inflating the denominator, i.e. making sure many bugs are logged before release. Every trivial item will be logged, and preferably multiple times (for instance rather than saying "error messages have many spelling errors", each individual typo will be logged as a separate bug...). So, not all commercial entities consider a huge number of bugs to be a bad thing; in some circumstances it's actually quite the contrary!
Now, back to the issue at hand: in this particular case (Mozilla), you have to consider the difference between bugs and reported bugs. If a product is so buggy that nobody uses it, obviously no bugs will be reported. Mozilla is now entering a phase where many more people start to actually use it, and to use it more thoroughly, so surely, more bugs will be found and reported.
Re:"Native" Americans: An absurd liberal myth:
on
Budget Satellite
·
· Score: 2, Offtopic
> You do realize your ip address is linked to this post, right? So even if you hide behind the "Anonymous Coward", people can still track you down and slice your scalp off.
Yes, but, unless you are Slashdot personnel, or unless you post from the same IP and happen to have mod-points, there is no way you can read that stored IP address.
Slashdot personnel won't reveal or abuse the IP address, at least not for a troll as lame as this one. Heck, they didn't do it during the Anne Tomlinson fiasko, where they would have had much stronger motives...
So, that leaves possibility 2 (Same IP & mod points). However, this one is extremely unlikely, unless the troller is a colleague of yours, working behind the same NAT or proxy, or a user of the same ISP, and you got allocated his IP.
Oh, I forgot a third possibility: you yourself may be the troll, making it trivial for you to find out the IP address...
> Use Konqueror from kde2.2, you can disable javascript pop-ups (or a dialog asking for confirmation first, though I wish it would remember my prefs, like it does with cookies).
...and you can enable/disable javascript on a site-by-site basis. That way you can
enable it on those strange sites that insist on putting their entire page into one gigantic document.write() or who insist on using empty hyperlinks with onClick methods,
but disable it on those sites that do popups/popunders, or that simply have javascripts with syntax errors.
The only thing that's missing is an (optional) automatic dialog that prompts you whether you want javascript or not for each newly visited site, like it is done with cookies.
> But there are worst cases, the directory of phone of Rio de Janeiro disclosures not only the address but also the map on how to get there.:-)
Yeah, but I suppose you can get an unlisted number.
Luxembourgish P&T (national telephone operator, who is now also an ISP) is far worse: even if you had an unlisted number, people could still can find you address on P&T's website! You could opt out of that one too, but you had to know about this page. Moreover, those who opted out would get no personal web hosting space.
> How did you come to be in the posession of such a list of MPAA IP's? That would have come in handy to me a few months ago when I got my 'letter'...
Easy. Whenever somebody posted a "letter" to Slashdot, I looked up the IP address of the shark that send it (many times, a website URL, or an e-mail address of sender was helpfully included), and added the relevant IP's to the list. Same thing with the "obvious" domainnames such as mpaa.org, etc. Then I verified in the website log whether I already had a visit from the address. And indeed, more often than not, I had. Most activity came from Weil, Gotshal & Manges.
In addition to this, I found somewhere a rather exhaustive listing of whois records, and grepped that one for obvious keywords such as "law", "avocat", "kanzlei", "advocatie", etc. I had even a regexp to match companies with 4 partners and more in their name (most of those are sharktanks...). Yes, there was some collateral damage (stuff with deLAWare in its name, engineering cabinets (which often also have lots of partners too), or sharks unrelated to MPAA... etc.), but these false positives were pretty much negligible (less than 0.5%).
> Still, it points out HOW MUCH FREAKIN POWER these copyright agencies have. All the ISP's are so afraid of going to court that they give in every time! Yay freedom!
This problem can be easily tackled: a letter writing campaign! No, not to your senator, but to ISPs. Just make it look like a lawyer's letter claiming that such and such user infringed on this or that copyright. If enough people participate, this will create enough of a disruption that ISPs will become warier and warier of DMCA type letters.
And don't worry about impersonating a lawyer: unlike their electronic counterparts, paper letters are almost untraceable. Just be sure to chose random targets; don't make the mistake of chosing personal enemies.
> While this certainly sounds like a devious, underhanded and nasty thing to, is astroturfing in this manner a crime?
> Asuming the answer is "no it's not a crime" the next questions I wonder are - can it be (given the First Amendment), and should it be (seeing that it's essentially political fraud)?
They are essentially misrepresenting the opinions of existing (or recently deceased) citizens. As such, it should be a crime. Or how would you like if some random organization sent around letters in your (or your late grand-father's) name?
If they used made up name, it's a little less serious, but still iffy.
First Amendment only applies to stating your opinion in your own name (or stating it in an obviously anonymous way), it does not give you the right to misrepresent your neighbours opinion.
> I'm a condescending broadband cable internet user. For transfers of even 100 megabytes can take hours on a modem. My dialup backup auto-kicks me after six hours of usage.
Use ftp's reget command then. Http 1.1 also has a way of resuming downloads.
Slashdot Mirror
The link leads to an empty page... Could anybody post a mirror?
> telnet www.azzam.com 25
Trying 64.33.12.151...
Connected to www.azzam.com.
Escape character is '^]'.
220 amor.host4u.net ESMTP Sendmail 8.8.5/8.8.5; Sat, 15 Sep 2001 xx:xx:xx -0500
quit
> whois host4u.net
Registrant:
Host For You (HOST4U-DOM)
4 Trefoil Drive
Trumbull, CT 06611
US
Domain Name: HOST4U.NET
Administrative Contact, Technical Contact:
Networks, FastDns (GD184) reg@FASTDNS.NET
FastDns
3080 Ogden Ave
Lisle, IL 60532
(FAX) 630-357-8545
Billing Contact:
Billing Department (BD4586-ORG) billing@AXXS.NET
FastDNS
4 Trefoil Drive
Trumbull , CT 06611
US
999-999-9999
Fax- 999-999-9999
Record last updated on 29-Mar-2001.
Record expires on 31-Mar-2003.
Record created on 30-Mar-1997.
Database last updated on 15-Sep-2001 06:56:00 EDT.
Domain servers in listed order:
NS.HOST4U.NET 209.150.128.30
NS2.HOST4U.NET 209.150.129.3
I've heard that if this is classified as an Act of War rather than an Act of Terror, insurance won't cover it anyways. Insurance covers damage due to terrorism, but usually not war damage. But maybe Bush's words were only rhetorical, and don't have any legal value (as far as insurance is concerned)? Is there an insurance lawyer in the audience, who could fill in the details?
Well, "survived", kinda. Yes, the main page could be read, but no comments, no old articles, no nothing. Whatever link you clicked on, you get sent back to the main page.
Well, the Defense Minister does it too, so where's the problem?
What's wrong with <a href="help.html" target="newframe"> ? As you see, having linked pages appear in a new window is perfectly doable in plain HTML. And if you really want to be fancy, just put the damn javascript link into a document.write clause, and a plain HTML link between <NOSCRIPT> tags. Javascript's language designers have supplied great backwards compatibility tools, but unfortunately nowadays the <NOSCRIPT> tags are hardly ever used for that puropose. Instead boorish web designers use them for such intelligent messages as "You're a moron for not using javascript, and a cheap bastard for having a screen with a resolution below 1600x1200"...
Actually, I usually surf with javascript turned off, and the sites where this causes problems can be counted on the fingers of one hand. And for those rare sites I have the choice of
- not there going again
- just allowing those sites in my konqueror browser's javascript ACL.
Of course, if you're in the habit of surfing to porn sites, you might be somewhat more dependant on javascript...Actually, using javascript well should mean to not make an obligation out of it, but to use it solely to provide additional and optional functionality. The site should still stay useable even if the user doesn't want or isn't able to use javascript. You know, blind people who are bound to surf using lynx (because their braille lines, or text-to-speech engines only support text browsers) cannot just turn on javascript, even if they wanted!
Just pointing out the obvious for those of you who might have been fooled by the summary's language: /bin and ls -ltr /bin should reveal its presence.
Contrarily to what the summary hints at through the mention of Code Red, and Apache, this is not an Apache worm. It's a trojan that you actually have to execute yourself in order to be infected. Thus, if you don't blindly execute e-mail attachments, and download programs from untrusted sources, you should be safe. Moreover, the trojan is rather primitive and doesn't try to manipulate the file modification dates to hide its presence. Thus a simple ls -ltrc
http://images.google.com
If this software is so good at finding "hot" (i.e. incriminating or embarassing) documents, how long before the virus writers will "discover" the same techniques. Rather than just SIRCAM'ing out a random file out of the My Documents folder, spider the whole hard disk, and all reacheable network drives, and selectively mail out those items that score high on a "hotness" scale. This would make opening those SIRCAM attachments (using a Linux office suite, for safety...) much more rewarding...
Huh? Paetec (the ISP) is located in NY, which is in the US. DMCA is federal law, thus it certainly applies. > whois paetec.net
Domain Name: PAETEC.NET
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: NS1.PAETEC.NET
Name Server: NS2.PAETEC.NET
Updated Date: 02-jan-2001
Registrant:
Paetec Communications (PAETEC-DOM)
290 Woodcliff Drive
Fairport, NY 14450
US
Domain Name: PAETEC.NET
Administrative Contact, Billing Contact:
Noren, Bill (NB519-ORG)
dnsadmin@PAETEC.COM
PaeTec Communications
290 Woodcliff Drive
Fairport, NY 14450
US
(716) 340-2737
Fax- - (716) 340-2509
Technical Contact:
Paetec Hostmaster (PH2710-ORG)
dns@PAETEC.NET
Paetec Communications
One PaeTec Plaza
600 Willowbrook Office Park
Fairport, NY, US 14450
US
1-877-472-3832
Fax- 1-716-340-2786
Record last updated on 02-Jan-2001.
Record expires on 04-Jun-2002.
Record created on 04-Jun-1998.
Database last updated on 31-Aug-2001 00:08:00 EDT.
Domain servers in listed order:
NS1.PAETEC.NET 64.80.255.250
NS2.PAETEC.NET 64.80.255.251
The operative word is precedent. If we let Monster off the hook, other spammers will take notice, and very soon it will no longer be just a "few" messages, but thousands of them. How would you feel if you had to pass an hour each morning sifting through your spam, fearing that you might miss an important message from your friends or coworkers? Today spam is not that bad, but if we don't react now, it may be that bad five years from now.
The ISP personnel will have to come in working during a weekend to check on the claims, and, fearing DMCA litigation, they'll prefer to cut off Monster waiting for a sworn affidavit from them that they have no pirated movies on their site.
Or, more easily: don't use the club card for these types of purchases.
If you sign up for a Club Card using fake information, be aware that many stores send out "newsletters" to club members. And they might notice if these bounce...
Unfortunately, the RIAA would probably object to such a blatant act of thievery!
The same thing could be said about just any (school sponsored) club. Do you really think that everyone enjoys playing chess? Using linux? Playing football? But we wouldn't use that fact for banning chess clubs, linux clubs or football clubs. Why should religion be considered any different?
> The fact is that there are many different religions and, in fact, some of us are pretty a-religious, non-religious, or even anti-religious.
Hey, many geeks are anti-jock, but most high-schools still have sports club. And on top of that, there is a significant peer pressure to join one of the sports clubs. If you apply your reasoning equally to all clubs, sports clubs would have to go before any religious clubs!
> Thus putting one ahead of the others is discrimination and favoritism.
No, it is not. Geeks may not be interested by sports clubs, but they have their chess or computer clubs. Non-discrimation does not mean that no special-interest groups should exist, it only means that each reasonably common interest should have the right to form a club. Forbidding only religious clubs, while allowing clubs for all other kinds of concerns would be anti-religious discrimation. And banning all clubs would be plain stoopid: why not put the classrooms to good use after school hours?
> Only an open source programmer would have the nerve to say this.
No, some commercial outfits say similar things. For instance Andersen Consulting, sorry, Accenture has this bizarre mentality of artificially inflating number of bugs in their pre-shipping bug tracking db, because the quality of their product will be judged by the ratio(bugs_found_after_release / bugs_found_and_fixed_before_release). The intended way of keeping this small is to make a quality product with almost no bugs left after release. However, another way of keeping this ratio low is by inflating the denominator, i.e. making sure many bugs are logged before release. Every trivial item will be logged, and preferably multiple times (for instance rather than saying "error messages have many spelling errors", each individual typo will be logged as a separate bug...). So, not all commercial entities consider a huge number of bugs to be a bad thing; in some circumstances it's actually quite the contrary!
Now, back to the issue at hand: in this particular case (Mozilla), you have to consider the difference between bugs and reported bugs. If a product is so buggy that nobody uses it, obviously no bugs will be reported. Mozilla is now entering a phase where many more people start to actually use it, and to use it more thoroughly, so surely, more bugs will be found and reported.
Yes, but, unless you are Slashdot personnel, or unless you post from the same IP and happen to have mod-points, there is no way you can read that stored IP address.
- enable it on those strange sites that insist on putting their entire page into one gigantic document.write() or who insist on using empty hyperlinks with onClick methods,
- but disable it on those sites that do popups/popunders, or that simply have javascripts with syntax errors.
The only thing that's missing is an (optional) automatic dialog that prompts you whether you want javascript or not for each newly visited site, like it is done with cookies.Yeah, but I suppose you can get an unlisted number.
Luxembourgish P&T (national telephone operator, who is now also an ISP) is far worse: even if you had an unlisted number, people could still can find you address on P&T's website! You could opt out of that one too, but you had to know about this page. Moreover, those who opted out would get no personal web hosting space.
Easy. Whenever somebody posted a "letter" to Slashdot, I looked up the IP address of the shark that send it (many times, a website URL, or an e-mail address of sender was helpfully included), and added the relevant IP's to the list. Same thing with the "obvious" domainnames such as mpaa.org, etc. Then I verified in the website log whether I already had a visit from the address. And indeed, more often than not, I had. Most activity came from Weil, Gotshal & Manges.
In addition to this, I found somewhere a rather exhaustive listing of whois records, and grepped that one for obvious keywords such as "law", "avocat", "kanzlei", "advocatie", etc. I had even a regexp to match companies with 4 partners and more in their name (most of those are sharktanks...). Yes, there was some collateral damage (stuff with deLAWare in its name, engineering cabinets (which often also have lots of partners too), or sharks unrelated to MPAA... etc.), but these false positives were pretty much negligible (less than 0.5%).
This problem can be easily tackled: a letter writing campaign! No, not to your senator, but to ISPs. Just make it look like a lawyer's letter claiming that such and such user infringed on this or that copyright. If enough people participate, this will create enough of a disruption that ISPs will become warier and warier of DMCA type letters.
And don't worry about impersonating a lawyer: unlike their electronic counterparts, paper letters are almost untraceable. Just be sure to chose random targets; don't make the mistake of chosing personal enemies.
No, it's not Astrosurfing, but rather Astroturfing, as in "fake grassroots movement". (Astroturf is fake lawn).
> Asuming the answer is "no it's not a crime" the next questions I wonder are - can it be (given the First Amendment), and should it be (seeing that it's essentially political fraud)?
They are essentially misrepresenting the opinions of existing (or recently deceased) citizens. As such, it should be a crime. Or how would you like if some random organization sent around letters in your (or your late grand-father's) name?
If they used made up name, it's a little less serious, but still iffy.
First Amendment only applies to stating your opinion in your own name (or stating it in an obviously anonymous way), it does not give you the right to misrepresent your neighbours opinion.
Use ftp's reget command then. Http 1.1 also has a way of resuming downloads.