Doesn't sound like anything that a nice iptables rule that checks for their port scanner subnet and responds with a "-J REJECT -reject-with tcp-reset" wouldn't solve!:-)
Oh wow, Comcast finally added something to that page (at the bottom) today...
Why should I stay with Comcast @Home, given the current situation?
Before you decide to make a switch, we ask that you remember that your service has not been interrupted at this time. In addition, switching to another provider such as DSL could leave you with:
Slower speeds
Higher Monthly Fees
Long-Term Contracts
I got news for those fuckers. A 300 baud modem is a faster speed than ZERO....
Not a single mention on the
wu-ftpd.org web site. What about us folks who have this compiled on a real genuine (read: proprietary) UNIX(tm) box and not some Linux distro?
Anyone know where there are source patches or a new source rev of wu-ftpd around?
There has to be a signature one can pick up in the air that indicates this. Like, they drive around a development, listen for 802.11b traffic, then figure out of a transmitter is coming from one house and a receiver in another one that is their customer.
I mean, they can't tell if I run my own drop from t he pole either, without coming around and auditing the drops once in a while and charging people with theft that aren't on their records as a customer.
I'd like to know from whose perspective the "security" part of this SD card is to benefit. I have a feeling it's not for me and my data...
What does it get me that a plain ole CF card would not give me?
Better cookie viewing before accept/refuse
on
Mozilla 0.9.6 Released
·
· Score: 4, Informative
IE 6 now tops Moz in the cookie/privacy area because you can set IE to prompt before each cookie and remember the accept or refuse action for later (as you can with Moz), but it also allows you to see the cookie contents to help you decide what to do with it as well.
Hmm, after re-reading my 8 year old post, I noticed it said I never got dial tone. So maybe the AC's smart-ass comment was correct after all. Maybe it *was* a digital line. In that case, at least it didn't blow my early 90s era powerbook modem out...
Morale of the story, don't fuck around inside a military base. And that was during peace time. I bet if I pulled a stunt like that these days, my ass would have been hauled out of the building and I'd have been sent somewhere...
Good fucking luck getting an analog dialup line in these places.
Eight years ago, I spent a few evenings on an air base outside of Detroit. I was providing medical care to a quadriplegic who had been invited their as a guest. We had a suite of rooms in some sort of officer's military hotel within the base.
There were notices on every phone about how the phones were not secure and to not discuss military operations on them. It also had a notice prohibiting modem calls.
I said to myself "flock() that, I'm a civilian, not my rules" and unplugged the phone on the desk and plugged my laptop in. Less than a minute later, there was a knock on the door.
Point of the story, it was an analog line on one hand, on the other hand, they knew what was connected to their lines somehow.
I wrote of my experiences in the comp.dcom.telecom newsgroup and an archive of the post is still online:
Date: Mon, 28 Jun 1993 07:51:33 -0400
Subject: Telecom Experience at a Military Base
To read it, go to Telecom
Digest Archive and do a page search for the above subject string.
All it takes is one idiot to install PCAnywhere and throw a dialup modem on their office computer so they can work from home. Or someone who dials out to the net from their office computer and runs something like Go to my PC.
Dr. Fun Cartoon that sums it up so well...
on
Do You Remember Bob?
·
· Score: 3, Funny
That I run my vid games into the s-video input of my wintv pvr and set the tv tuner app to tune to the aux input of the device and play my console games through my computer monitor basically...
Sorry, but I still think nothing quite beats the originalRoad Rash on my 3D0. Primitive graphicis by today's standards, but oh my, what great game play and great music to go with it. I tried a later rev of Road Rash on N64 and DAMN it sucked... Better eye candy but it just wasn't right...
We had a load of them. Someone inserted it into a CD drive that just had a slot on the front (A Mac I believe), it got stuck, and she destroyed the drive trying to remove it. Of course, we got blamed for handing out a "defective" product.
Just be aware that if this happens to one of your clients, it won't reflect well on your business, no matter who is at fault.
Now the linuxcare bootable recovery CDs. Now they are cool, and anyone who can install Linux I would hope would understand where they can stick it.
It all depends on your audience. In my opinion, don't be handing them out to the general public.
I'm trying to decide whether or not to convert a production system I manage that has 16,000 user accounts connected to a 1 terabyte EMC SAN. I've done a lot of searches and turned up
some
troubling posts about ext3 when it comes to using it with journaling and quotas turned on.
It's like what's worse, dealing with a fscks that seems to take hours or increasing the risks of more crashes but at least you get back up faster. I can't live without quotas either. Can you imagine a student in a lab with a 10 Mbps connection to the Internet and a few hundred gigabytes of writable space?:)
It's starting to look like I can't have my cake and eat it too.:(
I'm glad Linus is blessing it. Hopefully the issues will be resolved soon. Until then, maybe redhat jumped the gun including it in their distro...
OK, someone was irresponsible by releasing details so soon after notifying Microsoft and they say that is irresponsible.
Maybe so, but what I don't get is this expectation everyone has that these security holes go through the same steps...
Discovery
Notification
Disclosure
Exploits
The real danger is when someday someone will discover one of these huge gapping holes, not tell a soul, and then exploit them for profit, terror, extortion, or simple chaos.
We've been lucky so far. For Microsoft to try to divert the entire blame is what is irresponsible. Remember who created the security hole in the first place....
Have to use a GUI interface to read it or dump it to a text file
OK, yes, there are third-party tools you can purchase extra to provide better functionality or you have to write some vbscript on your own to get the info. My point is, crap like this should be part of the OS. I'd rather have useful tools than a flock()ing media player, web browser, and instant messenger as part of the OS.:(
But to get back to the topic, yeah, having better auditing tools under Linux is needed. Just don't look up to Windows as the way to implement them!:)
Thx for the info. btw, when I said "thin excuse for a mag" I meant the size, not the content!
Does Micrsoft still license DOS?
on
MS DOS: A Eulogy
·
· Score: 5, Interesting
What is on the floppy when I get a BIOS driver update disk from Dell or other manufacturers? Oh, it boots DOS. Golly. Will Microsoft refuse to license bootable DOS floppies now? Are they now free? Do they have an alternative solution that boots some minimal OS to do firmware upgrades or other needed tasks?
Somehow I don't think DOS is as dead as they make it out.
Does Byte still exist as a print mag? I don't remember seeing it in any bookstores recently. Last I remember, it was a pretty thin excuse for a magazine where once it was thick with articles and advertising.:-(
What on earth are you doing letting programs access the Internet willy-nilly? At least use ZoneAlarm or *something* to control who is sending what home.
The code in question sent a URL to the windows shell to launch into a browser, so unless you have zone alarm set to warn you everytime your browser access the internet, it'll do you no good.
Also, when code asks that a URL be opened, if you already have an instance of that browser open, that process just handles it so if you already told Zone Alarm that IE or Mozilla or whatever your default browser you currently have open can access the Internet, you're not going to stop it.
Spyware phoning home via an encoded URL is pretty tough to stop unless you have something between you and the net protecting you and you know what's coming...
I guess you could always disconnect your net connection everytime you run a questionable program like winamp.:(
Yes, I'm being a bit sarcastic. I read the other informative posts that winamp just uses the wmp api to play wma files so the protection is at that level, but then again, soon as this CRM shit is part of the OS proper, every app on the box will be questionable as far as trust goes...
Speaking of "trust", I saw one of those "Secure media cf cards" in a store and it talked about how you should use a PDA that uses "secure" media. I'm guessing the security is to protect "them" against you, not the other way around...:(
Slashdot Mirror
Doesn't sound like anything that a nice iptables rule that checks for their port scanner subnet and responds with a "-J REJECT -reject-with tcp-reset" wouldn't solve! :-)
I got news for those fuckers. A 300 baud modem is a faster speed than ZERO....
And as annoying as Wesley might have been, he's no C3P0....
Not a single mention on the wu-ftpd.org web site. What about us folks who have this compiled on a real genuine (read: proprietary) UNIX(tm) box and not some Linux distro?
Anyone know where there are source patches or a new source rev of wu-ftpd around?
Latest on their ftp server...
-r--r--r-- 1 wuftpd wuftpd 341520 Jul 1 2000 wu-ftpd-2.6.1.tar.gz
I mean, they can't tell if I run my own drop from t he pole either, without coming around and auditing the drops once in a while and charging people with theft that aren't on their records as a customer.
I'm not seeing much of a difference here....
What does it get me that a plain ole CF card would not give me?
Opera and Konq also have this nice feature.
I'm hoping Moz steps up to that plate soon....
Morale of the story, don't fuck around inside a military base. And that was during peace time. I bet if I pulled a stunt like that these days, my ass would have been hauled out of the building and I'd have been sent somewhere...
Eight years ago, I spent a few evenings on an air base outside of Detroit. I was providing medical care to a quadriplegic who had been invited their as a guest. We had a suite of rooms in some sort of officer's military hotel within the base.
There were notices on every phone about how the phones were not secure and to not discuss military operations on them. It also had a notice prohibiting modem calls.
I said to myself "flock() that, I'm a civilian, not my rules" and unplugged the phone on the desk and plugged my laptop in. Less than a minute later, there was a knock on the door.
Point of the story, it was an analog line on one hand, on the other hand, they knew what was connected to their lines somehow.
I wrote of my experiences in the comp.dcom.telecom newsgroup and an archive of the post is still online:
Date: Mon, 28 Jun 1993 07:51:33 -0400
Subject: Telecom Experience at a Military Base
To read it, go to Telecom Digest Archive and do a page search for the above subject string.
All it takes is one idiot to install PCAnywhere and throw a dialup modem on their office computer so they can work from home. Or someone who dials out to the net from their office computer and runs something like Go to my PC.
UNIX Gurus in Hell
That I run my vid games into the s-video input of my wintv pvr and set the tv tuner app to tune to the aux input of the device and play my console games through my computer monitor basically...
Sorry, but I still think nothing quite beats the originalRoad Rash on my 3D0. Primitive graphicis by today's standards, but oh my, what great game play and great music to go with it. I tried a later rev of Road Rash on N64 and DAMN it sucked... Better eye candy but it just wasn't right...
Joy, great timing for Amtrak to get disolved. :-(
(Wishing I could cancel slashdot posts... )
Just be aware that if this happens to one of your clients, it won't reflect well on your business, no matter who is at fault.
Now the linuxcare bootable recovery CDs. Now they are cool, and anyone who can install Linux I would hope would understand where they can stick it.
It all depends on your audience. In my opinion, don't be handing them out to the general public.
It's like what's worse, dealing with a fscks that seems to take hours or increasing the risks of more crashes but at least you get back up faster. I can't live without quotas either. Can you imagine a student in a lab with a 10 Mbps connection to the Internet and a few hundred gigabytes of writable space? :)
It's starting to look like I can't have my cake and eat it too. :(
I'm glad Linus is blessing it. Hopefully the issues will be resolved soon. Until then, maybe redhat jumped the gun including it in their distro...
Maybe so, but what I don't get is this expectation everyone has that these security holes go through the same steps...
The real danger is when someday someone will discover one of these huge gapping holes, not tell a soul, and then exploit them for profit, terror, extortion, or simple chaos.
We've been lucky so far. For Microsoft to try to divert the entire blame is what is irresponsible. Remember who created the security hole in the first place....
OK, yes, there are third-party tools you can purchase extra to provide better functionality or you have to write some vbscript on your own to get the info. My point is, crap like this should be part of the OS. I'd rather have useful tools than a flock()ing media player, web browser, and instant messenger as part of the OS. :(
But to get back to the topic, yeah, having better auditing tools under Linux is needed. Just don't look up to Windows as the way to implement them! :)
Now the current commercial where a room full of mainframes are replaced by a single box running Linux by IBM, now that is good.
Oh you of little humor! :-)
But on that topic, I always wondered how x.com got registered (now owned by paypal, was a paypal competitor in the beginning).
geeks.r.us
babes.r.us
trolls.r.us
lawsuits.r.us
etc...
Thx for the info. btw, when I said "thin excuse for a mag" I meant the size, not the content!
Somehow I don't think DOS is as dead as they make it out.
Does Byte still exist as a print mag? I don't remember seeing it in any bookstores recently. Last I remember, it was a pretty thin excuse for a magazine where once it was thick with articles and advertising. :-(
The code in question sent a URL to the windows shell to launch into a browser, so unless you have zone alarm set to warn you everytime your browser access the internet, it'll do you no good.
Also, when code asks that a URL be opened, if you already have an instance of that browser open, that process just handles it so if you already told Zone Alarm that IE or Mozilla or whatever your default browser you currently have open can access the Internet, you're not going to stop it.
Spyware phoning home via an encoded URL is pretty tough to stop unless you have something between you and the net protecting you and you know what's coming...
I guess you could always disconnect your net connection everytime you run a questionable program like winamp. :(
Yes, I'm being a bit sarcastic. I read the other informative posts that winamp just uses the wmp api to play wma files so the protection is at that level, but then again, soon as this CRM shit is part of the OS proper, every app on the box will be questionable as far as trust goes...
Speaking of "trust", I saw one of those "Secure media cf cards" in a store and it talked about how you should use a PDA that uses "secure" media. I'm guessing the security is to protect "them" against you, not the other way around... :(