Endangered species could be saved - Through the research leading up to human cloning we will perfect the technology to clone animals, . . .
One of the biggest problems with endangered species is a lack of genetic diversity. having a bunch of cloned endangered animals would actually make the problem worse -- not better. Once the funding ran out, you'd have a bunch of (semi) identical twins, (and sick, to boot, given current
problems).
I think that what the article is hinting at is that clones aren't really clones.. They're more like dirty photocopies... Sometimes the result is workable but, more often than not, the result isn't workable.
As to the second half of your comment: If a clone makes it past the embryo stage, it won't necessarily get sick and die -- it might just get sick, and need continuous support after that. This is quite different than the ideal cdlone which would be a near identical copy of you (and supposedly just as healthy, intelligent, etc.).
The answer: they can't do as good a job as government agencies can.
Tracy Lords is famous for doing almost all of her porn work (except for one video) when she was underage. The story goes that her producer got put up on child porn charges and used the defence that she had provided (fake) ID that said she was older.
The government responded that the producer should have looked closer at the ID, should have recognized it as fake, didn't do due dilligence.
The Producer responded by producing a legitimate passport obtained with the false ID. As I understand it, the charges were (mostly) dropped.
--
It just hit me: If "a while ago" is since January 1, 2001, then you actually may have reason to worry. This would depend on where you got the program from, and whether you actually trust the content to be microsoft. In most cases, your program should have some sort of security dialog where you can view details of certificates that you've already encountered. There you should be able to check the details of the cert, and -- if you want -- revoke your trust of it.
If you find that you've accepted one of the bogus certs, then you may, in fact, need to do a clean and install of your system to expunge it. I would, however, strongly suggest that you contact CERT, Microsoft and/or your local/national police force (FBI, etc.) so that they can try and track where you got the cert from and what it's trying to do. --
The 'trust all code from this company' question presumes (somewhat simplisticly) that the program you're running will only ever see one cert from 'This Company'. For the most part, this is accurate.
It's rather like an email certificate. The issuing CA will sign my cert for a specific email address, and then I'll use it to sign dozens/hundreds/thousands of emails.
This doesn't mean, however, that a given company doesn't have multiple signing certificates. Microsoft, for example, probably has a set of certs for their office product macros, and a set for explorer, and a different set for their auto-update feature, etc. (set may be as few as one cert).In each case, the cert for one purpose is unlikely to need to be verified by other programs.
Each cert has different rules for trusting it. Web site certificates are trusted as long as the web site name (and, I think, the IP address) match the information on the cert. Email certificates have automatic trust, as long as the identifying information matches. In these cases, all that the Certificate Authority verifies is that the email/web site is from the person who'se name you see. What you do with the information you recieve is up to you. Whether or not you're going to trust your Credit Card info to Fly by Night Airlines, Inc. -- and for how much -- is your decision.
In the case of a program, however, once you say you trust it, the program does the doing for you. In other words, knowing that your program is from Cult of the Dead Cow, doesn't prevent it from installing Back Orifice. Thus, the normal approach for program signatures is that you say for each cert whether or not you trust it and -- in some cases -- what you trust it to do (i.e. can it read/delete/modify files?). --
Signing websites is not the only use for certs. There are various types of certs used for various types of theings. They can be used for things as specific as signing email, but not encrypting it, or -- in this case -- signifying the source of a piece of software.
The certs in question can't be used to sign a website (although you might see it pop up if a website run by (friends of) the forgers tried to get your browser program to run a program that they wrote, and signed with the purloined certs.
If you want to get an idea as to what sort of uses you can put a cert to, try going to the Thawte site. Register for their free certs (requires identifying info) and see what they offer (and what they want to charge for some of it!) --
The "trust all certs" things asks you if you want to trust alll of the certs that Microsoft has on their list of trusted certs. If that list was generated before the bogus certs were issued, then the bogus certs will (obviously) not be on that list. If the list was (is) generated after Microsoft found out about them, then you can be sure that Microsoft isn't going to be including them.
Tbe biggest security worry would be if the people who got the fake certs also had access to MS's internal net (either compromised MS employees, or a compromised net (again)), and were able to add their fake certs to the lists of trusted certs that MS was sending out with their software.
In other words, an area of high risk would be MS products that were manufactured between the issuance of the fake certs and the discovery of the fraud.
So here's a question (and both answers are frightening): Does Verisign have enough information that they can reconstruct the keys (including the private keys) that were signed by verisign?
If the answer is no, then Microsoft has no way to verify that their software hasn't been trojaned to accept the bad certs. If the answer is Yes, then Verisign has enough informaton to reconstruct anybody's private certs and (possibly) compromise any of our (supposedly) private communications -- should they chose to do so. --
Verisign did not provide a Certificate Distribution Point (CDP) that is supposed to be used to get a CRL for each cert from. i.e. programs wouldn't know where to look for the CRL.
Even if Verisign had provided a CDP, it would appear that Microsoft software doesn't pay much attention to them, anyways.
It would appear that as a result of this, MS is also providing users with the ability to supply personal CRLs. -- Not that I'm paranoid enough to probably ever need to build one, but you never know
Some of you may wonder why we actually need a CDP? Why can't we just always check Verisign's database for revocation lists? The answer is obvious if you look in the security window of your browser. There should be a couple dozen certificate authorities listed there -- and there may be thousands of private certificate sources out there as well (including self-signed certs). It would be horribly expensive to have to search all known CRL databases for every cert you look at.
With a CDP, the Certificate sitner is telling you who they are, and where to find the CRL for that cert. This makes it computationally feasible to check the CRLs for each cert (presuming that you're online!). It would also (presumably) make it possible for a certificate authority to segment their database, and provide different search points for various groupings of certs -- thus minimizing the work needed for any database serving up CRLs.
--
I'm of the belief that when the last religion finally collapses, mankind will "officially" (in my opinion) be out of the dark ages....
Most religions (I think we can except the scientology organization here)
aren't bad. What people do with them is bad.
Christ calls
for peace, toleration and respect of others. Jesus (as a Jew) told the
story of the good Samaritan -- A non- Jew who was a kinder person than
the Jews who passed by the wounded man. He even chides his followers
for defending him with a sword, and heals the ear of the official who
is there to help arrest him.
Compare this to some of the evil that has been
done -- supposedly in the name of Christianity. The KKK
murdered mostly fellow christians. The Nazis invoked the name
of Christ (who lived and died a Jew) in the killing of Jews. How many
wars have been fought in the name of the man who is the source of
the saying "turn the other cheek"?
Islam says that women and children should not be harmed in war, yet
members of 'Islamic Jihad' (holy war) sometimes commit suicide
attacks against shopping malls and school busses. Surprise, surprise
when they get to the pearly gates:
You died killing
who? Straight down, boy. Straight
into stinking hell for you. You shoulda read your holy book before
you went on that mission.
Do not blame religion for the dark. Blame the people of greed who will
corrupt whatever they have to to get the power they crave. Religion
has gone down hill, but now people use money as their excuse. Shell oil became,
effectively, a terrorist organization within Nigeria -- including having a well known, pacifist poet killed "to protect the
interests of their shareholders." Economics has no moral basis.
You don't need religion to commit evil. Quite the contrary: Once
most people really understand their religion, the evil causes for which
religion is being used as an excuse become exposed as just that --
evil causes.
--
What follows can't help me avoid questioning the maturity and judgement of the school administrators and police (Why were the police involved anyway? It's a random quote)
Kid puts up website on personal time & site.
someone from school visits the students' school site (it looks like), and gets the gun quote
administrator panics and calls the police
school starts investigation
the school finds out about the private site
Police start investigation
School doesn't like the perl of fortune.
Police finish investigation
School finally accepts perl of wisdom.
School suspends students for private website.
Personally, I think that the suspension was simply an attempt to save face over the gun quote investigation. I'm betting that the gun quote investigation got too much publicity, and the administration felt they had to do something to make it look like they weren't complete f*ck ups. --
This is the distinction between criminal records and police records. A criminal record gets expunged at 18 (16?). If someone goes to the police for your criminal record at 19, anything you did before as a kid doesn't exist.
A police record (sometimes known as a contact record) is nominally informal. There is absolutely no law that I know of that causes a police record to go away at any time.
There is a certain method to this madness. If you were to comit a crime the day before your birthday, it would be very wierd for the cops to have to forget that they questioned/suspected you only yesterday. A criminal case, on the other hand, has a sense of closure at the end of the sentance. --
If they start to harrass you needlessly over something like that, there are a couple of things you can do. Probably the most benign is to start refusing to do more than the absolute legal minimum (which is pretty close to the Geneva convention "name, rank, Serial number).
You are required, by law, (in Canada, at least) to identify yourself to a police officer. Other than that you have to say nothing. If they insist on talking to you, you can ask if you're under arrest, or being detained. If the answer is 'no', you should be able to walk away.
In Canada, if you are 'detained', you have an immediate right to a lawyer. double-ditto if you're under arrest.
If I'm stopped for questioning, I'm clear that I'm talking to them at my convenience. About the only time I got stopped on the street by the cops, I was waiting for the bus. I talked to the cops until the bus showed up, and waived the bus to stop. I had no quesiton in my mind that if it was a choice between talking to the cops or catching the bus, I was going to get on the bus. The cops got the hint, and wrapped up the interview in about 15 seconds.
I had no problem talking to them, per se, but if they were going to continue the conversation, they would have had to either get on the bus with me, or offer me an immediate ride to the LRT (subway) station. --
Don't just depend on the official lines of communication. Look for friends and relatives who know people who could arrange a personal communication. This is often the best way to get a message powerfully communicated.
Your boss's cousin may be the Senator's wife. I remember when when I finally realized that my classmate was my MP's (Member of Parliament) Daughter. Guess who would be the better person to get a message through: The MP's Secretary -- who's job it is to filter his communication, or his daughter?
Even if you can't get back-door access to your elected official, try and contact them in person...
Call and ask if it would be possible to see him/her.
Drop off your letter in person. Ask if you can see him/her. You may not be able to, but this is a far more impressive action than blasting off an email -- Among other things, they will take it to mean that you have the time to talk to people about things.
This is actually far easier than it sounds... Chances are that their constituency office is in or near a busy location. It's quite possible that you
go by the office on your daily commute. Be aware of where constituency offices are so that you can drop by 'on a whim'.
Although you you may not be able to talk to your elected offical, be prepared for success. Knowing what you would say if you talked to your rep in person will also allow you to explain the same issue to other people around you. --
It would definately result in an upsurge of phonebooth sales -- especially to cellphone manufacturers.
Besides pre-mugging blocking, I'm thinking about the problem of jammer bleed. I can just imagine walking/driving past the plaza 6 theatre while trying to talk a customer through a problem when.....
NT vs SQL 2000 on W2K would have been a fair test.
If that were the case, I would expect that Microsoft would have mentioned it in the week that they took in trying to find a resolution.
In any case, if this is at all indicative of how software fares on W2K when moved from NT4, then they should be printing a warning on their box that NT 4 software could run as slow as half speed on their newfangled OS.
If nothing else, SQL customers who are thinking of movingto W2K would be well off to know these results before they upgrade their OS, rather than after. Otherwise they could be caught with their pants down after an upgrade seems to go cleanly and then bogs down horribly once the queries get back up to production volume. --
How the hell did you ever get the +1 Karma bonus, when you can't fscking figure out that a site called "satirewire" is about humor.
Ah, he did. He can recognize satire, and add to it, so he gets modded up. You don't recognize satire and not only do you end up pisssed off, but you stay moded to zero.
--
Technically, getting a warrent is a more secure method than calling up, saying "Hi, we think you have a hacker on your system. can we peel apart your server?", and hoping that the hacker isn't included in the list of: {Secretary, Everybody the Secretary talks to, Everybody they talk to} while you're out getting the warrent issued, because they wanted one before they'd let you mess with their system (especially if they're guilty).
Even where the ISP is innocent, people sometimes like to have a warrent before they allow gratuitous searches. I have one friend who handled the email at an ISP, and had the RCMP call up and ask for a tap to be put on a customer's email. He went, "sure -- fax me a copy of the warrent, and I'll have it set up shortly". According to him, the officer in question went ballistic at the request for a warrent. Sometimes makes me wonder if the request was legitimate.
In any case, the point is that the warrent may have been perfunctory, or they may have simply not known if the crack sourced from within the company that hosted the break-in connection. Whatever the reason, once they have a warrent, it's technically a raid -- no matter how happy/eager the company is to help the investigation.
The other thing you want to remember is that you don't want to have people doing their own investigation.... If some system admin thinks, "hey, I'll just poke around and see what I can find, then tar off the directory for them so they have a convenient copy -- `tar -cvaf/dev/tape/root/WeOwnU' WHAM -- there go all the Ctimes on the files, and half the Atimes (while you're poking around)! That can really mess up the investigation. --
This is one of those cases where the moderation itself was possibly funnier than the bare post. (of course, if you work for Intel it might not seem quite as funny).
No. The fact that you didn't see it coming doesn't necessarily mean that it's unfair. Those are two separate issures. DirectTV has been waging a running gunbattle with the users of 'unauthorized' cards for a long time. Ther mass card-fry was simply a successful ambush.
As much sympathy as I may have for the people hacking the cards, I have to applaud the mass card burn as a brilliant stroke in an ongoing battle.
I think that I would have (grudgingly) applauded it even if I was one of the people who got burnt by the move. --
Slashdot Mirror
One of the biggest problems with endangered species is a lack of genetic diversity. having a bunch of cloned endangered animals would actually make the problem worse -- not better. Once the funding ran out, you'd have a bunch of (semi) identical twins, (and sick, to boot, given current problems).
AKA. A breeder's nightmare.
--
# make clone
Gene error: Clone dumped
#
--
As to the second half of your comment: If a clone makes it past the embryo stage, it won't necessarily get sick and die -- it might just get sick, and need continuous support after that. This is quite different than the ideal cdlone which would be a near identical copy of you (and supposedly just as healthy, intelligent, etc.).
Hmm... Blue face instead of blue screen..
--
Tracy Lords is famous for doing almost all of her porn work (except for one video) when she was underage. The story goes that her producer got put up on child porn charges and used the defence that she had provided (fake) ID that said she was older.
The government responded that the producer should have looked closer at the ID, should have recognized it as fake, didn't do due dilligence.
The Producer responded by producing a legitimate passport obtained with the false ID. As I understand it, the charges were (mostly) dropped.
--
If you find that you've accepted one of the bogus certs, then you may, in fact, need to do a clean and install of your system to expunge it. I would, however, strongly suggest that you contact CERT, Microsoft and/or your local/national police force (FBI, etc.) so that they can try and track where you got the cert from and what it's trying to do.
--
It's rather like an email certificate. The issuing CA will sign my cert for a specific email address, and then I'll use it to sign dozens/hundreds/thousands of emails.
This doesn't mean, however, that a given company doesn't have multiple signing certificates. Microsoft, for example, probably has a set of certs for their office product macros, and a set for explorer, and a different set for their auto-update feature, etc. (set may be as few as one cert).In each case, the cert for one purpose is unlikely to need to be verified by other programs.
Each cert has different rules for trusting it. Web site certificates are trusted as long as the web site name (and, I think, the IP address) match the information on the cert. Email certificates have automatic trust, as long as the identifying information matches. In these cases, all that the Certificate Authority verifies is that the email/web site is from the person who'se name you see. What you do with the information you recieve is up to you. Whether or not you're going to trust your Credit Card info to Fly by Night Airlines, Inc. -- and for how much -- is your decision.
In the case of a program, however, once you say you trust it, the program does the doing for you. In other words, knowing that your program is from Cult of the Dead Cow, doesn't prevent it from installing Back Orifice. Thus, the normal approach for program signatures is that you say for each cert whether or not you trust it and -- in some cases -- what you trust it to do (i.e. can it read/delete/modify files?).
--
The certs in question can't be used to sign a website (although you might see it pop up if a website run by (friends of) the forgers tried to get your browser program to run a program that they wrote, and signed with the purloined certs.
If you want to get an idea as to what sort of uses you can put a cert to, try going to the Thawte site. Register for their free certs (requires identifying info) and see what they offer (and what they want to charge for some of it!)
--
Tbe biggest security worry would be if the people who got the fake certs also had access to MS's internal net (either compromised MS employees, or a compromised net (again)), and were able to add their fake certs to the lists of trusted certs that MS was sending out with their software.
In other words, an area of high risk would be MS products that were manufactured between the issuance of the fake certs and the discovery of the fraud.
So here's a question (and both answers are frightening): Does Verisign have enough information that they can reconstruct the keys (including the private keys) that were signed by verisign?
If the answer is no, then Microsoft has no way to verify that their software hasn't been trojaned to accept the bad certs. If the answer is Yes, then Verisign has enough informaton to reconstruct anybody's private certs and (possibly) compromise any of our (supposedly) private communications -- should they chose to do so.
--
-
Verisign did not provide a Certificate Distribution Point (CDP) that is supposed to be used to get a CRL for each cert from. i.e. programs wouldn't know where to look for the CRL.
- Even if Verisign had provided a CDP, it would appear that Microsoft software doesn't pay much attention to them, anyways.
Some of you may wonder why we actually need a CDP? Why can't we just always check Verisign's database for revocation lists? The answer is obvious if you look in the security window of your browser. There should be a couple dozen certificate authorities listed there -- and there may be thousands of private certificate sources out there as well (including self-signed certs). It would be horribly expensive to have to search all known CRL databases for every cert you look at.It would appear that as a result of this, MS is also providing users with the ability to supply personal CRLs. -- Not that I'm paranoid enough to probably ever need to build one, but you never know
With a CDP, the Certificate sitner is telling you who they are, and where to find the CRL for that cert. This makes it computationally feasible to check the CRLs for each cert (presuming that you're online!). It would also (presumably) make it possible for a certificate authority to segment their database, and provide different search points for various groupings of certs -- thus minimizing the work needed for any database serving up CRLs.
--
"Microsoft -- a name that you shouldn't trust.".
--
Christ calls for peace, toleration and respect of others. Jesus (as a Jew) told the story of the good Samaritan -- A non- Jew who was a kinder person than the Jews who passed by the wounded man. He even chides his followers for defending him with a sword, and heals the ear of the official who is there to help arrest him.
Compare this to some of the evil that has been done -- supposedly in the name of Christianity. The KKK murdered mostly fellow christians. The Nazis invoked the name of Christ (who lived and died a Jew) in the killing of Jews. How many wars have been fought in the name of the man who is the source of the saying "turn the other cheek"?
Islam says that women and children should not be harmed in war, yet members of 'Islamic Jihad' (holy war) sometimes commit suicide attacks against shopping malls and school busses. Surprise, surprise when they get to the pearly gates:
Do not blame religion for the dark. Blame the people of greed who will corrupt whatever they have to to get the power they crave. Religion has gone down hill, but now people use money as their excuse. Shell oil became, effectively, a terrorist organization within Nigeria -- including having a well known, pacifist poet killed "to protect the interests of their shareholders." Economics has no moral basis.You don't need religion to commit evil. Quite the contrary: Once most people really understand their religion, the evil causes for which religion is being used as an excuse become exposed as just that -- evil causes.
--
- Kid puts up website on personal time & site.
- someone from school visits the students' school site (it looks like), and gets the gun quote
- administrator panics and calls the police
- school starts investigation
- the school finds out about the private site
- Police start investigation
- School doesn't like the perl of fortune.
- Police finish investigation
- School finally accepts perl of wisdom.
- School suspends students for private website.
Personally, I think that the suspension was simply an attempt to save face over the gun quote investigation. I'm betting that the gun quote investigation got too much publicity, and the administration felt they had to do something to make it look like they weren't complete f*ck ups.--
A police record (sometimes known as a contact record) is nominally informal. There is absolutely no law that I know of that causes a police record to go away at any time.
There is a certain method to this madness. If you were to comit a crime the day before your birthday, it would be very wierd for the cops to have to forget that they questioned/suspected you only yesterday. A criminal case, on the other hand, has a sense of closure at the end of the sentance.
--
You are required, by law, (in Canada, at least) to identify yourself to a police officer. Other than that you have to say nothing. If they insist on talking to you, you can ask if you're under arrest, or being detained. If the answer is 'no', you should be able to walk away.
In Canada, if you are 'detained', you have an immediate right to a lawyer. double-ditto if you're under arrest.
If I'm stopped for questioning, I'm clear that I'm talking to them at my convenience. About the only time I got stopped on the street by the cops, I was waiting for the bus. I talked to the cops until the bus showed up, and waived the bus to stop. I had no quesiton in my mind that if it was a choice between talking to the cops or catching the bus, I was going to get on the bus. The cops got the hint, and wrapped up the interview in about 15 seconds.
I had no problem talking to them, per se, but if they were going to continue the conversation, they would have had to either get on the bus with me, or offer me an immediate ride to the LRT (subway) station.
--
Your boss's cousin may be the Senator's wife. I remember when when I finally realized that my classmate was my MP's (Member of Parliament) Daughter. Guess who would be the better person to get a message through: The MP's Secretary -- who's job it is to filter his communication, or his daughter?
Even if you can't get back-door access to your elected official, try and contact them in person...
Call and ask if it would be possible to see him/her.
Drop off your letter in person. Ask if you can see him/her. You may not be able to, but this is a far more impressive action than blasting off an email -- Among other things, they will take it to mean that you have the time to talk to people about things.
This is actually far easier than it sounds... Chances are that their constituency office is in or near a busy location. It's quite possible that you go by the office on your daily commute. Be aware of where constituency offices are so that you can drop by 'on a whim'.
Although you you may not be able to talk to your elected offical, be prepared for success. Knowing what you would say if you talked to your rep in person will also allow you to explain the same issue to other people around you.
--
Besides pre-mugging blocking, I'm thinking about the problem of jammer bleed. I can just imagine walking/driving past the plaza 6 theatre while trying to talk a customer through a problem when .....
BZZZZZT!
Hello? Hello?
HSSSSSSSK
Damn!
--
--
If that were the case, I would expect that Microsoft would have mentioned it in the week that they took in trying to find a resolution.
In any case, if this is at all indicative of how software fares on W2K when moved from NT4, then they should be printing a warning on their box that NT 4 software could run as slow as half speed on their newfangled OS.
If nothing else, SQL customers who are thinking of movingto W2K would be well off to know these results before they upgrade their OS, rather than after. Otherwise they could be caught with their pants down after an upgrade seems to go cleanly and then bogs down horribly once the queries get back up to production volume.
--
I know that the Costa Mesa Hilton (Newport Beach) has ADSL (I was there last month). I presume that other LA area Hiltons have it as well.
--
How the hell did you ever get the +1 Karma bonus, when you can't fscking figure out that a site called "satirewire" is about humor. Ah, he did. He can recognize satire, and add to it, so he gets modded up. You don't recognize satire and not only do you end up pisssed off, but you stay moded to zero.
--
Even where the ISP is innocent, people sometimes like to have a warrent before they allow gratuitous searches. I have one friend who handled the email at an ISP, and had the RCMP call up and ask for a tap to be put on a customer's email. He went, "sure -- fax me a copy of the warrent, and I'll have it set up shortly". According to him, the officer in question went ballistic at the request for a warrent. Sometimes makes me wonder if the request was legitimate.
In any case, the point is that the warrent may have been perfunctory, or they may have simply not known if the crack sourced from within the company that hosted the break-in connection. Whatever the reason, once they have a warrent, it's technically a raid -- no matter how happy/eager the company is to help the investigation.
The other thing you want to remember is that you don't want to have people doing their own investigation.... If some system admin thinks, "hey, I'll just poke around and see what I can find, then tar off the directory for them so they have a convenient copy -- `tar -cvaf /dev/tape /root/WeOwnU' WHAM -- there go all the Ctimes on the files, and half the Atimes (while you're poking around)! That can really mess up the investigation.
--
Intel -- just short of Intelligent.
--
I got the main page (no graphics) just before the page appears to have been deleted. my copy is here. Feel free to make your own mirror.
--
No need to say sorry. Just be glad that they didn't announce their frozen woody on Valentines day.
--
As much sympathy as I may have for the people hacking the cards, I have to applaud the mass card burn as a brilliant stroke in an ongoing battle. I think that I would have (grudgingly) applauded it even if I was one of the people who got burnt by the move.
--