These tags don't modify the web page, they are additions to what the browser presents to the user. What the columnist was pointing out was how micr~1.oft added links throughout every article he viewed on his paper's website, that weren't orignally placed there by the site editors. Most of the links were non-functional, but one took him to a lame micr~.oft site. Only M$ will have control over where these links lead, and will sell that link-space to others.
My favorite line in the article
ONE MICROSOFT OFFICIAL says the feature will spare users from "under-linked" sites.
And as Walter Mossberg points out, that changes the editorial content so carefully designed by the website's owners. It gives M$ the power to add or alter any link it feels like, and the end users may never know they are being re-directed to M$ approved content.
But M$ never sells a product. They only license them.
There was heavy hints at an XP product meeting recently that M$ would start to revoke the licenses of companies who fail to upgrade to XP within a reasonable amount of time, somewhere around 2 to 3 years. That send waves of terror and elation through the audience, a mix of large corporate buyers and M$ channel. The channel will get the same cut as before, but M$ expects to more than double its revenue stream with the introduction of XP. No longer will M$ allow end users to have 4 year or longer upgrade cycles, 3 years will be the maximum.
M$ also announced a new certification program for auditing companies, the ones who go onsite and bugger up your computers for a week, and produce a software licensing bill for every seat you can't produce a physical license for. This new certificate will be used by the BSA to ensure "fair" audits, and a number of the large audit firms (KPMG, PWC, E&Y, D&T) already have pre-certified teams ready to go to work all over Europe. Corporations wishing to avoid legal harassment can hire these teams to make regular audits, and produce a certificate of compliance, and a copy is sent to the the BSA and the main software companies.
If you are a large enough corporate target, expect M$ to put pressure on your IT and legal departments during the next year. Fail to upgrade soon, and they will revoke your licenses for win95 and anything non-XP. Tell them to bugger off, and expect an audit at the end of a gun (the company next door was audited last year after telling the BSA to fuck off, with a dozen uniformed police assisting the raid at 7 AM).
There is also a big financial incentive program. Buy XP before august of this year (yes, we all know it won't be out before next year), and only see your per seat license fee increase by 70% to 90%. Between September and February, the increase is 100% to 130%. Wait until after XP comes out, and the fee increases 170% to 210%. The figure you lock in now will determine your increases over the next 5 to 7 years. So early adopters of a 100% licensing of XP (whether they use it or not) can expect lower licensing fee increases when they are forced to upgrade every 2 or 3 years. Figures taken from all over TheReg, too many to cite here.
There will be no win95 aftermarket support industry in 2 to 3 years. Probably not even for NT. M$ has guaranteed to the distribution channel here in Europe that it will use "judicial means" to eliminate the support headache currently born by the channel. While you might still keep and use your PII/win95 machine, you will still have to buy a perpetually upgrading XP license whether you use it or not.
This is what is freaking out JKatz, even if he hasn't been paying attention to the details. Some of us do, even if it feels like wallowing in horseshit. M$ is growing so bold, we will soon look back on 2000 as the good old days when M$ put on a pious act for the US and Euro governments and allowed the last gasp of true competition in the IT/networking/telecoms worlds.
You are using the 1960's technology space shuttle as the basis for all the stress astronauts encounter during launch.
There are at least a dozen programs under way to create a low-cost civilian earth-to-LEO launch system. Either launch simple rockets or planes from baloon platforms at 100,000 feet, or use a cargo plane to get to 50,000+ feet and drop from the wing, or SSTO, and the list goes on. The one most likely to be successful will allow just about anyone in reasonable physical shape to get to orbit without violent stresses.
But you are right on the rich part, but you would be surprised how many rich, adventurous people are out there. And don't forget corporations, especially entertainment companies, who could afford to send 3 couples, a cameraman and producer up for a reality based show. Brings whole new meaning to voting someone off the station:-)
Its not good to reply to bait, but I'll do it anyways.
Getting to orbit is one problem, what to do once you are there is another. Bigelow is the first to announce a solid plan for a civilian space station which can be used for tourists and cheaper scientific studies.
Tito is untrained as an astronaut
Tito paid for his training, and spent 9 months of his life working at the cosmodrome to become a fully fledged cosmonaut.
There are other *naut training programs on this planet besides NASA. The russians have one, the European Space Agency has one. The Japanese are creating one, and China has claimed to have one. One of those would love to earn the money from setting up a "civilian" school to train hotel station crew. I know of several commercial airline pilots who would love to spend a couple years of their life as space hotel crew.
Imagine putting on your CV that you worked in a space station, and have logged 17 million flight miles. Earthside jobs might be kind of boring after that.:-)
no space oriented engineers working on it
Why couldn't they get space oriented engineers working on it? There certainly are enough with experience who would jump at the chance to leave NASA's stifling bureaucracy and work in the private sector. There are probably thousands who have already made the jump, and the Russian program would also be a good recruiting ground.
he could cause the death of hundreds of people
At most, with 3 habitation modules, the space hotel could only support 12 or so people. A captain, 3 crew, 2 scientists, and 6 guests. With hundreds of people ready to put up a million US dollars for a short stay in orbit, the hotel could pay for itself with an active 10 year life span. There would also be a steady revenue from scientific companies who can't afford NASAs outrageous payload requirements. TV reality shows already have huge budgets, and someone would love to pay-per-view the first sex in space.
If Bigelow can sustain the capital flow to get regulatory approval, certainly there are launch sites that can put up his modules. They can be launched from Khazakstan or Sea Launch, and avoid most of the NASA/FAA BS.
Tito was the first leak in the dike NASA has imposed, and I'd expect the dam to start to leak more and more soon. There are at least a dozen viable commercial re-usable LEO launcher programs under development. Tito showed all of us dreamers that space can be had by merely throwing money around. Bigelow obviously saw the same thing, and has the capital to act on this Next Big Thing.
... and start saying "What Microsoft is trying to do is cool, but what we can do is *better*."
You are missing the point. micro~1.oft has realised they can't compete with OSS on a technical playing field, because the OSS community will eventually win. So M$ is changing the playing field while they still have a monopoly.
The new playing field is using the law (copyrights and patents) to give them exclusive control over who gets to play with their authentication schema. The open source community can come up with a working alternative, but in doing so will become a criminal group, breaking copyright laws and violating patents. M$, and many of the leading IT/computer/software/networking/services companies have realised that playing in a free and open commodity market spreads the profits too thin. So there has been a major push for the last 5-8 years to craft laws to support the new playing field, where free and open competitors are outlawed.
You've no doubt heard of the american UCITA laws, passed in some states, proposed in all the rest. There are initiatives here in Europe to provide the same protections to large companies, but the progress is slower due to socialist leaning countries. Years ago companies who saw the service model and copyright as a potential new area to limit free and open competition created the WIPO, and neatly folded it under the protection of the UN./. readers regularly complain about these restrictive laws, but are mostly powerless to do anything about them. Money buys votes, so most western democracies are for sale, which is why large crowds protest in Davos and Seattle and any place else. The protests are getting so costly, the world banque is meeting in cyberspace to avoid physical risks.
a protocol (http) which was just plain better... the OSS community was already there.
For the next 5 to 10 years, M$ and a handful of other companies are going to completely dominate all the greatness the OSS community created. The GPL isn't going to stop them, free and open isn't going to stop them either. Many smart people getting paid large salaries have looked at many ways to continue to earn money when there is a free product running your industry. They know, now, how to defeat the advantages of OSS and free and open. That is what the article is about. The best hope for the Next Great Thing lies where it has always lain, in academia and government assisted research. That is why M$ bought MIT and dozens of other universities in the US and Europe, and why they just bought the UK government.
The OSS community creates free software. I agree with RMS, software should be free. But the big and steady money is in services, always has been, always will be(until the trek universe occurs) There are no free alternatives to services. Maybe there should be an Open Services Alliance:-) I'd love to get 24/7/365 support services for free, but then I'd be out of a job.:-(
At least two trips. Count the first two as expensive vacations, where you are sightseeing the inside of HR offices, studying the local language, looking for a cheap apartment, meeting other ex-pats, and just getting ready for work. Don't bother waiting for some company to hire you just to pay your re-location expenses, they probably already have dozens of qualified people with years of experience who would love a perk transfer like that. Get yourself to where you want to be, and then start looking for work.
There are a ton of IT jobs here in Europe, sign up with jobserve email and filter on your favorite keywords. Contact a few of the agencies, and find out which ones will help you arrange a work permit if you were already living near the work site.
Come on over and pretend you are on vacation for a few months, its absolutely critical you tell imigration you are just here for vacation otherwise you may find yourself banned from the country for quite a while. *cough*Britian*cough* is one of the worst for tossing anyone who might try to find a precious job. Make sure you have savings to fall back on during this time. You'll have to chose a city, then find yourself a small cheap apartment to make a base out of. That can be difficult in some countries with heavy bureaucracies, but there's always a landlord who will take cash. Then take some language courses, if necessary, and get out and learn the local culture. Find the bars where ex-pats drink, make friends, and ask how they made themselves legal. Yes, going to bars is a form of job huntings, at least here it is:-)
Once you seem settled, start contacting companies about IT work. Explain how you will be returning from the US soon, and you will need to be sponsored. Just by being physically present shows you have already made a big committment to making a career over here. If you have experience in the US, that used to be a big plus, but since the bubble burst, it slightly less so. Play it up, its something few locals can brag about.
Once you have a job lined up, return to the US and apply for whatever visas are needed, and get the paperwork over there. It will make your life much easier. When you have the papers, buy another round trip ticket and come over and start working.
After you have worked for a few months, you can then head home one last time to bring back all the things you are missing, like CD collections, copies of important papers, etc. I've found that almost every ex-pat here has to go home 1-2 times per year for dealing with bills, taxes, weddings, loans, Christmas. So just start budgeting for occasional trips back and forth. Remember, over here, we all have great benefits, like 5-7 weeks of vacation per year, use them up.
First thing to my mind was someone has re-discovered "!seineew era sreenigne epacsteN" all over again. The lack of a date stamp leads me to believe someone has hoaxed the slashdot submission queue (again). There is also something fishy about that http://smallbusiness.yahoo.com/entrepreneur.html URL, there's nothing under that tree except the standard banner/skyscraper ads.
The only other reasonable assumption is that M$ has finally admitted, 13 months after the shitstorm, that they did indeed have an exploitable backdoor in IIS. The last statements I heard, during the shitstorm of april 2000, was that the string existed but couldn't lead to any compromise. Perhaps M$ has now tortured a confession out of the engineers and realised there is a backdoor. But the mention of dvwssr.dll ties this into last years fiasco.
Most likely is that this is a glitch story accidentally reposted by a yahoo editor. Only time, and maybe a slashback, will tell.
This linksys/net2phone SIP-in-a-box product was just announced yesterday. What great timing to get it published on/.:-) They haven't even updated their websites yet.
A slightly different version of this service was discussed recently on/.
We've been playing around with a SIP gateway server and a VoIP phone on our DSL connection here in Europe. It works, but phone quality to the US sucks at best. The problem is QoS. Without spending US$10,000++ per month on a dedicated IP pipe from Europe to the US with a guaranteed QoS end-to-end, VoIP just doesn't replace regular phone service. But for IP connections within Europe, we get reasonable quality. Now, if only there were more than 3 people who could call us (and two of those are inside cisco TAC who only call to test their SIP setups)
This linksys/net2phone service requires you to pay them a subscription to use their SIP gateway, and the units probably are not configurable to use alternate SIP services. So if your account expires, your box becomes an expensive blinking light source.
It should work in Europe, I doubt they care which IP block you are coming from. But all the sessions will pass to north america for processing on their VoIP network. If you do buy one of these boxes, drop me a note. I'd love to see what kind of "virtual phone number" they assign you.
Made the rounds a decade ago, from a radio 4 interview honoring 40 years since the battle of britian. Many modified versions of this story have circled the internet in humour files and joke lists.
I've heard the original audio on a BBC request show. Quite hilarious when you hear the whole thing. This is the closest I've found in a web search to what I remember the interview was like.
BBC INTERVIEWS AN RAF PILOT... Gerry Wills, the famous BBC commentator, was interviewing Gerherd "Zibby" Zebdrehah the equally famous Polish WWI fighter ace who flew for the British. The interview went like this...
BBC: So please tell us Captain Zebdrehah about your most intimidating foe from those years.
Zebdrehah: I remember being jumped by 4 or 5 Fokkers. My God, the sky was thick with those Fokkers and every where I turned they were on me instantly...
BBC: I should just inform the radio audience that Captain Zebrehah is talking about the aircraft his opponent usually flew, the "Fokker" fighter plane.
Zebdrehah: Ya, maybe usually but these Fokkers were all flying Messerschmits!
Why is Kurt (I assume he is the guilty party in the photos) scrubbing out Tux? Why not try to erase the CND symbol or heart, and leave Tux?
Or have we (the non-specific WE) raised Tux to the level of a minor god, where graven images must be erased before some massholes press their dirty shoe soles into Tux's face?
Sprinkle:-) liberally through this post
the AC
Anti-karma whoring. Karma is still over 250 and hasn't been dropping fast enough
So now anyone who wants to buy a bunch of hardware to put free software on needs to include a countering phrase in the RFQ.
Put a statement into every RFQ (most places already have a boilerplate of necessary statements) that warns the channel that any participation with the M$ grasser (snitch) policy is a binding agreement to pay any and all costs associated with any resulting audit, regardless of whether the bid was placed with the channel or not. That should make the channel think twice about losing customers in return for a cheap watch and a few lousy games (which they probably already have pirated). Any channel not wanting to alienate potential customers will quickly establish a policy to never contact M$.
Assuming M$ doesn't continue to use its monopoly position to force channel partners to participate, market forces will eventually punish enough snitches. Customers who are legitimately buying kit for non-M$ purposes will not want to pay 2x-3x the price for an audit, and will quickly learn not to deal with bad suppliers.
All user connection logs for 216.213.32.98 for the time period beginning April 20, 2001, to the date of this Order for any connections to or from that IP address.
User connection logs should contain the following:
1. Connection time and date;
2. Disconnect time and date;
3. Method of connection to system (e.g., SLIP, PPP, Shell);
4. Data transfer volume (e.g., bytes);
5. Connection information for other systems to which user connected via , including:
a. Connection destination;
b. Connection time and date;
c. Disconnect time and date;
d. Method of connection to/from system (e.g., telnet, ftp, http);
e. Data transfer volume (e.g., bytes);
If you are running a site with controversial material, the logs will always be of interest by people who wish to do evil. Whether crackers or rogue FBI agents, your logs will always be a weapon in the wrong hands. Because of this fact, any controversial site should have a clearly stated policy of destroying logs on a regular basis. By stating this policy in advance and clearly posting it, it leaves little room for a legal charge of destroying evidence if and when the law shows up. What happens to IndyMedia when they hand over the logs the FBI discover most of that information is not logged? Will they face additional criminal charges, even if apache just doesn't log things like connection method?
On the down side, by regularly destroying logs, or never logging sensitive info to begin with, it makes it difficult to counter cracking/defacement/troll attempts, but that might be the price a controversial site like IndyMedia has to pay to protect the value of free speech.
Slashdot and other legitimate news sites will always hand over logs whenever the slightest demand is made. But if slashdot truely wanted to protect its posters, it would destroy the connection information on a regular basis, to thwart law enforcement or civil persecution. But since the acquisition by bendover,/. is just another commercially run site, and Rob and company no longer care about anything other than page impressions and banner revenues. Implementing policies to protect slashdot posters was possible when the site was Taco's and Hemos' pet, but now its just another business.
There's *nothing* in the CNN article... implying that Windows is the reason for the server crash
Micro~1.oft spent a lot of time, energy and money to ensure that their OSes were dominant on the ISS. They have spent millions of $$$ just to place a few hundred copies on the ISS, in the space flight centre, and in the russian control centres. The reason for this massive cost was to use the ISS as a giant marketing tool, and they even created a whole marketing campaign around it.
Windoze is not the only OS on the ISS, but it is dominant. There are some *nixes running critical communication processes, such as the main link from the station to ground points, and these have not had many problems at all.
When the M$ servers started crashing, the whole micr~1.oft in space campaign was put on hold. If you read the logs created by the station crew, they are pretty upset having to spend entire days trying to fix micr~1.oft problems. NASA has a direct line into the best and brightest engineers at M$, but even they are clueless as to why certain processes hang, why backups fail to happen, why entire directories are blown away with no trace, or why new patches cause driver conflicts.
Since the Register article highlighting the ISS problems in the logs, micr~1.oft has been putting pressure on NASA to redact all mention of micr~1.oft. Certainly someone has been archiving copies of the logs since they appeared, so they can diff them later and see when NASA bows to micr~1.oft pressure.
As you noticed, none of the mainstream reporting now mentions micr~1.oft by name, that is due to a pressure campaign by one of the largest advertising bugdets in the US. But when the logs are posted for these events, you will notice a great many references to the machines running micr~1.oft, even if the name of OS is redacted out. If you do a little research, you will see these machines are running either DoS or windoze.
I discovered that over 70% of my email is junk (compared to 25% after all my filters were in place). Filtering my mail is the only thing that makes reading my email possible. Well, that and ignoring any message complaining about Karma
Oh! I figured the best way to get CT's attention was to put a catchy subject line, MAKE MONEY FAST or even INSTANT SLASHDOT KARMA. And now I find the reason not one of my submissions has ever made it is because he filters out such great subject lines. Its good to know that he gets 30% legitimate emails, that tops me.
Its doubtful the NSA needed to ship all traffic to the US. They certainly have unfettered access inside telephone company switching points in every NATO country, and many other US-allied countries. When you work in those buildings, there are always some bits of unidentified kit doing something "important", the bosses let you know not to touch them or else your career will be very short.
crooked politicians
In the commission, that's redundant. Political lobbying by entrenched businesses is becoming positively American in depth and scope.
In Europe, never chalk up to conspiracy that which can best be explained by misguided nationalism and greed.
In the U.S., the only problems are of money and a few anti-trust regulations. Interconnects can usually happen wherever someone wants to lay down some cable or fibre, and going from one state to another is no problem. Any start-up with ambition can buy an old telco building and create a NAP, and the customers tend to roll in and don't care about competitors also using the bandwidth.
But in the rest of the world, there quite often are regulations preventing a company from just running a fibre from one place to another. It is starting to improve, but for the longest time, almost 99% of all intra-european traffic passed through the US. Traceroutes from one ISP to another in the same country often went via the US.
This meant that everyone was relying on a few trans-atlantic carriers, and the reliability was pathetic. To get from here in Belgium, all communications to neighboring countries passed by the US. the people in charge of the routers, at the bean-counter, lawyer, politician level, would forbid the engineers to create inter-country routes, in case there was a law somewhere being broken. It doubled the traffic on the trans-atlantic lines, and engineers couldn't do much about it.
Recently a number of peering points and interconnects have sprouted up all over Europe. Economics eventually overrules short-sighted politicians. It feels so good, as an engineer, to be able to route traffic as directly as possible. But there are still problems with NAPs run by telcos, as they have learned two decades of dirty tricks by US telcos, and they have polished up those tricks to hurt competitors. Shit happens.
The greed factor has also raised its head, as some of the more criminally backed peering points *cough*telehouse*cough* have tried to purchase European wide laws giving them 100% of the market. The argument is that all the incumbent telcos all are too greedy and incompetent and biased to run peering points, and all the peering points should be run by a single, greedy, politically aligned non-incumbent non-telco operator. Whoops, maybethose last points were raised by all the other NAP operators.
I feel the internet is coming to the breaking point, where its being pushed to do what it was never originally designed to do. The original design was for reliable communication, not censorship, business operations, or avoiding national laws. The telephone companies of the world worked out many of these issues in back rooms, with no real public insight into the down side to each policy. The result was a communication system which never worked very efficiently, and cost a huge amount more than it should have. Those costs and inefficiencies slowed the growth of telecoms the world over, until the US justice department broke up ma bell, and, unforseen to them, sparked a revolution for cheap telecoms which is now churning around the world. I remember when a short overseas call cost one weeks wages, now I don't even think about chatting for an hour to the US.
The internet has started to make people aware that unlimited communication has its downsides as well, since not all humans are perfect, good creatures. Because of this realisation, we are seeing a large backlash from the unwired masses who never had a need to communicate, and want others to stop communicating freely. The internet was designed to communicate, and there are no easy (or even complicated) engineering fixes to social problems placing limits on communication.
Those are cool photos. Better than the few on CNN and other news sites. These photos show the scale of this model, which is really tiny.
I can understand why they aren't salvaging these 3 craft, they are nothing more than large model airplanes. If they can get some good telemetry data from them, it will keep the scientists and aerospace engineers happy for years.
I'd like one in my bathroom =) Which, a photo or one of these scale planes? It looks like one plane would fit in my bathroom, and would certainly make for interesting conversations:-)
Does anyone else have any good hindsight on how techies can / should approach their tax forms?
I've tried a number of approaches.
Blunt instruments, sharp instruments, shredders with safety cover removed. But the most satisfying approach to american tax forms is the good old fashioned flame thrower. Watching it burn can make you feel as if you have some control in the face of the behemoth.
Note, this year I had to file tax returns in five different countries. I'd prefer your cash to your pity at this point. (do I need smileys in this post?:-)
I just used up all my moderator points, or I'd up this comment.
Renaud Deraison is known in french security circles for his nessus scanner, a program similar to nmap. He published his findings at the end of last year, but it wasn't widely trumpeted at the time. Shimomura is a publicity whore who copied Deraison's comments (probably used the fish, the grammar follows the same butchering) and claimed the discovery as his own. A few days ago, there was a press release going around touting Shimomura's discovery, not a CERT advisory, just a press release from the San Diego Super Computer Research Center.
The french paper Le Liberation ran a story filled with horror but little detail. Some of the claims are ridiculous, such as how someone who cracks the modem has unlimited access to every file on all the computers behind it, and how any machine on the internet can access the modems which sit on unaddressable IP addresses (the 10.x.x.x private IPs from RFC 1918)
Today Le Libe is running a follow up story where Alcatel denies the backdoors were placed intentionally, and claims there is a security program installed on the modems to prevent cracking by unauthorised persons.
I have a Speed Touch Home modem, and I've played with these backdoors. In/. speak, they are a number of IP services, the "simple" services (echo, chargen, etc), an HTTP server, an FTP server, a telnet server, and a TFTP server. The modem has a simple internal file system, and if you know the names of the files, you can copy them or overwrite them with TFTP. If you connect with telnet (or FTP), it presents you with the MAC address of the modem, and asks for a password, which is a simple hash of the MAC address. Deraison either intercepted his provider connecting and reverse engineered the hash, or he had access to some engineering docs at an ISP, or played around and figured it out. Either way, an impressive hack, in the good sense of the word.
Since the modem uses "private" IP addresses, and access is limited to the local LAN or from the DSLAM, he didn't consider this to be a big problem. The modems typically sit on the DSLAMs private address range, and only connect the users computer to the BAS using PPoE or PPPoA, and can't really generate traffic to the internet. To gain access to the modems, you would either have to crack the DSLAM, crack the users computer, be on the same DSLAM (and thus same subnet) as the target, or intercept the copper wires and play DSLAM. Of these scenari, only cracking a computer on the LAN behind the modem would be possible from the internet at large, and if you can do that, why bother with a stupid little DSL modem?
I agree with Betcour (and a large crowd on fr.comp.securite) on this, Shimomura is tooting his own horn because his bank account is empty after Cybertraque flopped at the cinema. Did Takedown ever open in the U.S.? If it didn't, count your blessings, it was bad, not Ed Wood bad, just unredeemably bad.
Every window from New Jersey to Nevada was broken today, which officials are at a loss to explain. It appears to have been a sharp earthquake which rattled houses and businesses across the country. Seismologists have reported that every one of their seismographs recorded a large spike, possibly a new type of fault slippage previously unknown.
Officials at UnitedSpace were unavailable for comment.
Various older IP stacks choke on an all zero subnets like 10.0.0.x/24, or even 192.168.0.x/24.
Mostly those IP stacks went away in the early 90's, but NT 3 was broken, and the mantra of subnet zero lingers on with MCSEs, who may find themselves still working on 3.51 systems. Old SunOS IP stacks, fixed in 1988, didn't like subnet zero as well. And I've seen other broken implementations from time to time, but not on PC/workstation equipment. Even the BSD stack choked, in my distant memory, but was fixed aeons ago.
Cisco used to have "no ip subnet-zero" by default, until 12.0 changed it, meant more as a warning to the network admin to take care about broken stacks. ip subnet-zero and its evil twin, ip classless are two of the most common commands any CCIE enters into a new config. Now in 12.0, cisco believes that there are now few enough NT 3 machines in existence to change the defaults to something reasonable.
I tend to use 10.1.1.0/24 for most of my small networks, its easy to type, easy to remember, and isn't going to break any kit.
[ObOnTopicSection]
ISPs regularly use the RFC1918 addresses internally to keep costs down. Many interfaces internal to an ISP never need to be addressed individually from or to the internet. Management ports, internal point-to-point links, loopback addresses for routing purposes, DSLAMs and DSL routers, and cable modems can all be safely hidden. The traffic to these devices is for internal routing, and is easily non-routed at the limits of the ISPs traffic. Most every ISP I've looked at uses private addresses internally, it saves money and limits skiddies from gaining access too easily to certain things.
An ISP should never present a "private" IP address to a client, it would tend to break things, as Brad found out. This shows the ISP is either clueless, or has run out of money to rent blocks of publically addressable IP addresses. Possibly a combination of both. It could also be that their upstream providers can't deal with any more split, non-agregable ranges of addresses, and they are stuck until they can migrate to a single larger chunk of space. Go read NANOG for various horror stories.
...CCTV cameras in Glasgow city centre did not appear to have a major impact on crime... and...there was no evidence to suggest that the cameras had reduced crime overall in the city centre. (These were taken out of context, go read the report yourself to see a slightly wider context)
Glasgow has been one of the best cities in Britain for combatting its street crime, with more police on the streets, rewards programs, a big push against hard drugs, and more money to aid prosecutions. Glasgow's crime levels have bucked the major trend in the UK for low level street crime, not due to cameras, but because the city council wanted to clean up the image of the city.
camera operators usually focus on minorities or young people in "hostile" outfits
My biggest concerns of camera surveillance are along the lines of operators trained by a mostly white police force saying "Look, he's wearing a Man-U stripe, damn baby rapist, lets track his every move", as well as "track only blacks and asians, because they are the most likely to commit crimes". Since I work in security, I do notice the cameras, and I do have opportunities to observe the operators being biased. It is quite disturbing to watch cameras track you every where you go when you clearly aren't breaking any laws.
the slow slide in Great Britain when the public became convinced that surveillance would prevent crimes...
Recently the levels of violent crime in the streets of Britain have acheived record levels. The criminals don't care if there is surveillance video of their actions, successful prosecution requires more than just a grainy video.
Surveillance just allows greater control of the population at large, and will enable even more nefarious actions by various groups (both government and private) at a later date. The/. community is well aware of the dangers of the misuse of technology, but the average public only cares about the perception of security.
In addition to Java and kerberos, there are many other examples of extend and extinguish. The one I am most familiar with is the PPP authentication protocol MS-CHAP.
PPP defined a open ended number of authentication protocols, PAP and CHAP being the first two implemented. PAP and CHAP are both freely available, and CHAP was designed to respond to security shortcomings in PAP. The spec allows for future authentication protocols to be developed.
MS-CHAP is a one of those future protocols, but there was a twist. MS-CHAP was introduced into windoze NT3 RAS dial in server, and later as the only authentication protocol in windoze 95. That meant that any user with windoze 95 could only use the dial-up software with an ISP running a copy of NT behind each modem.
Modem server makers such as Ascend, 3Com and Cisco all quickly reverse engineered the protocol, but M$ had patented the algorithm and the protocol. Since M$ was at the height of its monopolistic bully attitude, and the comm server makers were all relatively small, none dared a court battle over a patented algorithm. Cisco approached M$ to put regular CHAP into win95, but M$ refused.
Then M$ approached all the modem server manufacturers with a deal, they would license their own code for MS-CHAP for about US1.20 per modem, and existing servers could be upgraded for about US$1.50 per modem. So all the ISPs who wanted to play in the win95 dial-up market had to upgrade all their modem servers at a fairly hefty cost, with all that money going to M$.
As a side note, M$'s implementation of MS-CHAP has some serious security problems, a google search can turn them up. The security holes are pretty difficult to exploit, but allow for session hijacking and man-in-the-middle attacks.
Slashdot Mirror
Do you work for M$?
You need to read the article.
These tags don't modify the web page, they are additions to what the browser presents to the user. What the columnist was pointing out was how micr~1.oft added links throughout every article he viewed on his paper's website, that weren't orignally placed there by the site editors. Most of the links were non-functional, but one took him to a lame micr~.oft site. Only M$ will have control over where these links lead, and will sell that link-space to others.
My favorite line in the article
ONE MICROSOFT OFFICIAL says the feature will spare users from "under-linked" sites.
And as Walter Mossberg points out, that changes the editorial content so carefully designed by the website's owners. It gives M$ the power to add or alter any link it feels like, and the end users may never know they are being re-directed to M$ approved content.
the AC
But M$ never sells a product. They only license them.
There was heavy hints at an XP product meeting recently that M$ would start to revoke the licenses of companies who fail to upgrade to XP within a reasonable amount of time, somewhere around 2 to 3 years. That send waves of terror and elation through the audience, a mix of large corporate buyers and M$ channel. The channel will get the same cut as before, but M$ expects to more than double its revenue stream with the introduction of XP. No longer will M$ allow end users to have 4 year or longer upgrade cycles, 3 years will be the maximum.
M$ also announced a new certification program for auditing companies, the ones who go onsite and bugger up your computers for a week, and produce a software licensing bill for every seat you can't produce a physical license for. This new certificate will be used by the BSA to ensure "fair" audits, and a number of the large audit firms (KPMG, PWC, E&Y, D&T) already have pre-certified teams ready to go to work all over Europe. Corporations wishing to avoid legal harassment can hire these teams to make regular audits, and produce a certificate of compliance, and a copy is sent to the the BSA and the main software companies.
If you are a large enough corporate target, expect M$ to put pressure on your IT and legal departments during the next year. Fail to upgrade soon, and they will revoke your licenses for win95 and anything non-XP. Tell them to bugger off, and expect an audit at the end of a gun (the company next door was audited last year after telling the BSA to fuck off, with a dozen uniformed police assisting the raid at 7 AM).
There is also a big financial incentive program. Buy XP before august of this year (yes, we all know it won't be out before next year), and only see your per seat license fee increase by 70% to 90%. Between September and February, the increase is 100% to 130%. Wait until after XP comes out, and the fee increases 170% to 210%. The figure you lock in now will determine your increases over the next 5 to 7 years. So early adopters of a 100% licensing of XP (whether they use it or not) can expect lower licensing fee increases when they are forced to upgrade every 2 or 3 years. Figures taken from all over TheReg, too many to cite here.
There will be no win95 aftermarket support industry in 2 to 3 years. Probably not even for NT. M$ has guaranteed to the distribution channel here in Europe that it will use "judicial means" to eliminate the support headache currently born by the channel. While you might still keep and use your PII/win95 machine, you will still have to buy a perpetually upgrading XP license whether you use it or not.
This is what is freaking out JKatz, even if he hasn't been paying attention to the details. Some of us do, even if it feels like wallowing in horseshit. M$ is growing so bold, we will soon look back on 2000 as the good old days when M$ put on a pious act for the US and Euro governments and allowed the last gasp of true competition in the IT/networking/telecoms worlds.
the AC
Listen to this show, and hear how to pronounce Linux, by the man himself :-)
the AC
You are using the 1960's technology space shuttle as the basis for all the stress astronauts encounter during launch.
:-)
There are at least a dozen programs under way to create a low-cost civilian earth-to-LEO launch system. Either launch simple rockets or planes from baloon platforms at 100,000 feet, or use a cargo plane to get to 50,000+ feet and drop from the wing, or SSTO, and the list goes on. The one most likely to be successful will allow just about anyone in reasonable physical shape to get to orbit without violent stresses.
But you are right on the rich part, but you would be surprised how many rich, adventurous people are out there. And don't forget corporations, especially entertainment companies, who could afford to send 3 couples, a cameraman and producer up for a reality based show. Brings whole new meaning to voting someone off the station
the AC
Its not good to reply to bait, but I'll do it anyways.
:-)
Getting to orbit is one problem, what to do once you are there is another. Bigelow is the first to announce a solid plan for a civilian space station which can be used for tourists and cheaper scientific studies.
Tito is untrained as an astronaut
Tito paid for his training, and spent 9 months of his life working at the cosmodrome to become a fully fledged cosmonaut.
There are other *naut training programs on this planet besides NASA. The russians have one, the European Space Agency has one. The Japanese are creating one, and China has claimed to have one. One of those would love to earn the money from setting up a "civilian" school to train hotel station crew. I know of several commercial airline pilots who would love to spend a couple years of their life as space hotel crew.
Imagine putting on your CV that you worked in a space station, and have logged 17 million flight miles. Earthside jobs might be kind of boring after that.
no space oriented engineers working on it
Why couldn't they get space oriented engineers working on it? There certainly are enough with experience who would jump at the chance to leave NASA's stifling bureaucracy and work in the private sector. There are probably thousands who have already made the jump, and the Russian program would also be a good recruiting ground.
he could cause the death of hundreds of people
At most, with 3 habitation modules, the space hotel could only support 12 or so people. A captain, 3 crew, 2 scientists, and 6 guests. With hundreds of people ready to put up a million US dollars for a short stay in orbit, the hotel could pay for itself with an active 10 year life span. There would also be a steady revenue from scientific companies who can't afford NASAs outrageous payload requirements. TV reality shows already have huge budgets, and someone would love to pay-per-view the first sex in space.
If Bigelow can sustain the capital flow to get regulatory approval, certainly there are launch sites that can put up his modules. They can be launched from Khazakstan or Sea Launch, and avoid most of the NASA/FAA BS.
Tito was the first leak in the dike NASA has imposed, and I'd expect the dam to start to leak more and more soon. There are at least a dozen viable commercial re-usable LEO launcher programs under development. Tito showed all of us dreamers that space can be had by merely throwing money around. Bigelow obviously saw the same thing, and has the capital to act on this Next Big Thing.
the AC
... and start saying "What Microsoft is trying to do is cool, but what we can do is *better*."
/. readers regularly complain about these restrictive laws, but are mostly powerless to do anything about them. Money buys votes, so most western democracies are for sale, which is why large crowds protest in Davos and Seattle and any place else. The protests are getting so costly, the world banque is meeting in cyberspace to avoid physical risks.
... the OSS community was already there.
:-) I'd love to get 24/7/365 support services for free, but then I'd be out of a job. :-(
You are missing the point. micro~1.oft has realised they can't compete with OSS on a technical playing field, because the OSS community will eventually win. So M$ is changing the playing field while they still have a monopoly.
The new playing field is using the law (copyrights and patents) to give them exclusive control over who gets to play with their authentication schema. The open source community can come up with a working alternative, but in doing so will become a criminal group, breaking copyright laws and violating patents. M$, and many of the leading IT/computer/software/networking/services companies have realised that playing in a free and open commodity market spreads the profits too thin. So there has been a major push for the last 5-8 years to craft laws to support the new playing field, where free and open competitors are outlawed.
You've no doubt heard of the american UCITA laws, passed in some states, proposed in all the rest. There are initiatives here in Europe to provide the same protections to large companies, but the progress is slower due to socialist leaning countries. Years ago companies who saw the service model and copyright as a potential new area to limit free and open competition created the WIPO, and neatly folded it under the protection of the UN.
a protocol (http) which was just plain better
For the next 5 to 10 years, M$ and a handful of other companies are going to completely dominate all the greatness the OSS community created. The GPL isn't going to stop them, free and open isn't going to stop them either. Many smart people getting paid large salaries have looked at many ways to continue to earn money when there is a free product running your industry. They know, now, how to defeat the advantages of OSS and free and open. That is what the article is about. The best hope for the Next Great Thing lies where it has always lain, in academia and government assisted research. That is why M$ bought MIT and dozens of other universities in the US and Europe, and why they just bought the UK government.
The OSS community creates free software. I agree with RMS, software should be free. But the big and steady money is in services, always has been, always will be(until the trek universe occurs) There are no free alternatives to services. Maybe there should be an Open Services Alliance
the AC
At least two trips. Count the first two as expensive vacations, where you are sightseeing the inside of HR offices, studying the local language, looking for a cheap apartment, meeting other ex-pats, and just getting ready for work. Don't bother waiting for some company to hire you just to pay your re-location expenses, they probably already have dozens of qualified people with years of experience who would love a perk transfer like that. Get yourself to where you want to be, and then start looking for work.
:-)
There are a ton of IT jobs here in Europe, sign up with jobserve email and filter on your favorite keywords. Contact a few of the agencies, and find out which ones will help you arrange a work permit if you were already living near the work site.
Come on over and pretend you are on vacation for a few months, its absolutely critical you tell imigration you are just here for vacation otherwise you may find yourself banned from the country for quite a while. *cough*Britian*cough* is one of the worst for tossing anyone who might try to find a precious job. Make sure you have savings to fall back on during this time. You'll have to chose a city, then find yourself a small cheap apartment to make a base out of. That can be difficult in some countries with heavy bureaucracies, but there's always a landlord who will take cash. Then take some language courses, if necessary, and get out and learn the local culture. Find the bars where ex-pats drink, make friends, and ask how they made themselves legal. Yes, going to bars is a form of job huntings, at least here it is
Once you seem settled, start contacting companies about IT work. Explain how you will be returning from the US soon, and you will need to be sponsored. Just by being physically present shows you have already made a big committment to making a career over here. If you have experience in the US, that used to be a big plus, but since the bubble burst, it slightly less so. Play it up, its something few locals can brag about.
Once you have a job lined up, return to the US and apply for whatever visas are needed, and get the paperwork over there. It will make your life much easier. When you have the papers, buy another round trip ticket and come over and start working.
After you have worked for a few months, you can then head home one last time to bring back all the things you are missing, like CD collections, copies of important papers, etc. I've found that almost every ex-pat here has to go home 1-2 times per year for dealing with bills, taxes, weddings, loans, Christmas. So just start budgeting for occasional trips back and forth. Remember, over here, we all have great benefits, like 5-7 weeks of vacation per year, use them up.
the AC
First thing to my mind was someone has re-discovered "!seineew era sreenigne epacsteN" all over again. The lack of a date stamp leads me to believe someone has hoaxed the slashdot submission queue (again). There is also something fishy about that http://smallbusiness.yahoo.com/entrepreneur.html URL, there's nothing under that tree except the standard banner/skyscraper ads.
The only other reasonable assumption is that M$ has finally admitted, 13 months after the shitstorm, that they did indeed have an exploitable backdoor in IIS. The last statements I heard, during the shitstorm of april 2000, was that the string existed but couldn't lead to any compromise. Perhaps M$ has now tortured a confession out of the engineers and realised there is a backdoor. But the mention of dvwssr.dll ties this into last years fiasco.
Most likely is that this is a glitch story accidentally reposted by a yahoo editor. Only time, and maybe a slashback, will tell.
the AC
This linksys/net2phone SIP-in-a-box product was just announced yesterday. What great timing to get it published on /. :-) They haven't even updated their websites yet.
/.
A slightly different version of this service was discussed recently on
We've been playing around with a SIP gateway server and a VoIP phone on our DSL connection here in Europe. It works, but phone quality to the US sucks at best. The problem is QoS. Without spending US$10,000++ per month on a dedicated IP pipe from Europe to the US with a guaranteed QoS end-to-end, VoIP just doesn't replace regular phone service. But for IP connections within Europe, we get reasonable quality. Now, if only there were more than 3 people who could call us (and two of those are inside cisco TAC who only call to test their SIP setups)
This linksys/net2phone service requires you to pay them a subscription to use their SIP gateway, and the units probably are not configurable to use alternate SIP services. So if your account expires, your box becomes an expensive blinking light source.
It should work in Europe, I doubt they care which IP block you are coming from. But all the sessions will pass to north america for processing on their VoIP network. If you do buy one of these boxes, drop me a note. I'd love to see what kind of "virtual phone number" they assign you.
the AC
Made the rounds a decade ago, from a radio 4 interview honoring 40 years since the battle of britian. Many modified versions of this story have circled the internet in humour files and joke lists.
I've heard the original audio on a BBC request show. Quite hilarious when you hear the whole thing. This is the closest I've found in a web search to what I remember the interview was like.
BBC INTERVIEWS AN RAF PILOT...
Gerry Wills, the famous BBC commentator, was interviewing Gerherd "Zibby" Zebdrehah the equally famous Polish WWI fighter ace who flew for the British. The interview went like this...
BBC: So please tell us Captain Zebdrehah about your most intimidating foe from those years.
Zebdrehah: I remember being jumped by 4 or 5 Fokkers. My God, the sky was thick with those Fokkers and every where I turned they were on me instantly...
BBC: I should just inform the radio audience that Captain Zebrehah is talking about the aircraft his opponent usually flew, the "Fokker" fighter plane.
Zebdrehah: Ya, maybe usually but these Fokkers were all flying Messerschmits!
the AC
Why is Kurt (I assume he is the guilty party in the photos) scrubbing out Tux? Why not try to erase the CND symbol or heart, and leave Tux?
:-) liberally through this post
Or have we (the non-specific WE) raised Tux to the level of a minor god, where graven images must be erased before some massholes press their dirty shoe soles into Tux's face?
Sprinkle
the AC
Anti-karma whoring. Karma is still over 250 and hasn't been dropping fast enough
So now anyone who wants to buy a bunch of hardware to put free software on needs to include a countering phrase in the RFQ.
Put a statement into every RFQ (most places already have a boilerplate of necessary statements) that warns the channel that any participation with the M$ grasser (snitch) policy is a binding agreement to pay any and all costs associated with any resulting audit, regardless of whether the bid was placed with the channel or not. That should make the channel think twice about losing customers in return for a cheap watch and a few lousy games (which they probably already have pirated). Any channel not wanting to alienate potential customers will quickly establish a policy to never contact M$.
Assuming M$ doesn't continue to use its monopoly position to force channel partners to participate, market forces will eventually punish enough snitches. Customers who are legitimately buying kit for non-M$ purposes will not want to pay 2x-3x the price for an audit, and will quickly learn not to deal with bad suppliers.
the AC
From the court order:
/. is just another commercially run site, and Rob and company no longer care about anything other than page impressions and banner revenues. Implementing policies to protect slashdot posters was possible when the site was Taco's and Hemos' pet, but now its just another business.
All user connection logs for 216.213.32.98 for the time period beginning April 20, 2001, to the date of this Order for any connections to or from that IP address.
User connection logs should contain the following:
1. Connection time and date;
2. Disconnect time and date;
3. Method of connection to system (e.g., SLIP, PPP, Shell);
4. Data transfer volume (e.g., bytes);
5. Connection information for other systems to which user connected via , including:
a. Connection destination;
b. Connection time and date;
c. Disconnect time and date;
d. Method of connection to/from system (e.g., telnet, ftp, http);
e. Data transfer volume (e.g., bytes);
If you are running a site with controversial material, the logs will always be of interest by people who wish to do evil. Whether crackers or rogue FBI agents, your logs will always be a weapon in the wrong hands. Because of this fact, any controversial site should have a clearly stated policy of destroying logs on a regular basis. By stating this policy in advance and clearly posting it, it leaves little room for a legal charge of destroying evidence if and when the law shows up. What happens to IndyMedia when they hand over the logs the FBI discover most of that information is not logged? Will they face additional criminal charges, even if apache just doesn't log things like connection method?
On the down side, by regularly destroying logs, or never logging sensitive info to begin with, it makes it difficult to counter cracking/defacement/troll attempts, but that might be the price a controversial site like IndyMedia has to pay to protect the value of free speech.
Slashdot and other legitimate news sites will always hand over logs whenever the slightest demand is made. But if slashdot truely wanted to protect its posters, it would destroy the connection information on a regular basis, to thwart law enforcement or civil persecution. But since the acquisition by bendover,
the AC
There's *nothing* in the CNN article ... implying that Windows is the reason for the server crash
Micro~1.oft spent a lot of time, energy and money to ensure that their OSes were dominant on the ISS. They have spent millions of $$$ just to place a few hundred copies on the ISS, in the space flight centre, and in the russian control centres. The reason for this massive cost was to use the ISS as a giant marketing tool, and they even created a whole marketing campaign around it.
Windoze is not the only OS on the ISS, but it is dominant. There are some *nixes running critical communication processes, such as the main link from the station to ground points, and these have not had many problems at all.
When the M$ servers started crashing, the whole micr~1.oft in space campaign was put on hold. If you read the logs created by the station crew, they are pretty upset having to spend entire days trying to fix micr~1.oft problems. NASA has a direct line into the best and brightest engineers at M$, but even they are clueless as to why certain processes hang, why backups fail to happen, why entire directories are blown away with no trace, or why new patches cause driver conflicts.
Since the Register article highlighting the ISS problems in the logs, micr~1.oft has been putting pressure on NASA to redact all mention of micr~1.oft. Certainly someone has been archiving copies of the logs since they appeared, so they can diff them later and see when NASA bows to micr~1.oft pressure.
As you noticed, none of the mainstream reporting now mentions micr~1.oft by name, that is due to a pressure campaign by one of the largest advertising bugdets in the US. But when the logs are posted for these events, you will notice a great many references to the machines running micr~1.oft, even if the name of OS is redacted out. If you do a little research, you will see these machines are running either DoS or windoze.
the AC
I discovered that over 70% of my email is junk (compared to 25% after all my filters were in place). Filtering my mail is the only thing that makes reading my email possible. Well, that and ignoring any message complaining about Karma
Oh! I figured the best way to get CT's attention was to put a catchy subject line, MAKE MONEY FAST or even INSTANT SLASHDOT KARMA. And now I find the reason not one of my submissions has ever made it is because he filters out such great subject lines. Its good to know that he gets 30% legitimate emails, that tops me.
the AC
Can you say NSA?
:-)
Not without spraying my monitor
Its doubtful the NSA needed to ship all traffic to the US. They certainly have unfettered access inside telephone company switching points in every NATO country, and many other US-allied countries. When you work in those buildings, there are always some bits of unidentified kit doing something "important", the bosses let you know not to touch them or else your career will be very short.
crooked politicians
In the commission, that's redundant. Political lobbying by entrenched businesses is becoming positively American in depth and scope.
In Europe, never chalk up to conspiracy that which can best be explained by misguided nationalism and greed.
the AC
In the U.S., the only problems are of money and a few anti-trust regulations. Interconnects can usually happen wherever someone wants to lay down some cable or fibre, and going from one state to another is no problem. Any start-up with ambition can buy an old telco building and create a NAP, and the customers tend to roll in and don't care about competitors also using the bandwidth.
But in the rest of the world, there quite often are regulations preventing a company from just running a fibre from one place to another. It is starting to improve, but for the longest time, almost 99% of all intra-european traffic passed through the US. Traceroutes from one ISP to another in the same country often went via the US.
This meant that everyone was relying on a few trans-atlantic carriers, and the reliability was pathetic. To get from here in Belgium, all communications to neighboring countries passed by the US. the people in charge of the routers, at the bean-counter, lawyer, politician level, would forbid the engineers to create inter-country routes, in case there was a law somewhere being broken. It doubled the traffic on the trans-atlantic lines, and engineers couldn't do much about it.
Recently a number of peering points and interconnects have sprouted up all over Europe. Economics eventually overrules short-sighted politicians. It feels so good, as an engineer, to be able to route traffic as directly as possible. But there are still problems with NAPs run by telcos, as they have learned two decades of dirty tricks by US telcos, and they have polished up those tricks to hurt competitors. Shit happens.
The greed factor has also raised its head, as some of the more criminally backed peering points *cough*telehouse*cough* have tried to purchase European wide laws giving them 100% of the market. The argument is that all the incumbent telcos all are too greedy and incompetent and biased to run peering points, and all the peering points should be run by a single, greedy, politically aligned non-incumbent non-telco operator. Whoops, maybethose last points were raised by all the other NAP operators.
I feel the internet is coming to the breaking point, where its being pushed to do what it was never originally designed to do. The original design was for reliable communication, not censorship, business operations, or avoiding national laws. The telephone companies of the world worked out many of these issues in back rooms, with no real public insight into the down side to each policy. The result was a communication system which never worked very efficiently, and cost a huge amount more than it should have. Those costs and inefficiencies slowed the growth of telecoms the world over, until the US justice department broke up ma bell, and, unforseen to them, sparked a revolution for cheap telecoms which is now churning around the world. I remember when a short overseas call cost one weeks wages, now I don't even think about chatting for an hour to the US.
The internet has started to make people aware that unlimited communication has its downsides as well, since not all humans are perfect, good creatures. Because of this realisation, we are seeing a large backlash from the unwired masses who never had a need to communicate, and want others to stop communicating freely. The internet was designed to communicate, and there are no easy (or even complicated) engineering fixes to social problems placing limits on communication.
the AC
Moderators!!! up! Up! UP!
:-)
Those are cool photos. Better than the few on CNN and other news sites. These photos show the scale of this model, which is really tiny.
I can understand why they aren't salvaging these 3 craft, they are nothing more than large model airplanes. If they can get some good telemetry data from them, it will keep the scientists and aerospace engineers happy for years.
I'd like one in my bathroom =)
Which, a photo or one of these scale planes? It looks like one plane would fit in my bathroom, and would certainly make for interesting conversations
the AC
IANALNAA, Neither Lawyer Nor An Accountant
:-)
Does anyone else have any good hindsight on how techies can / should approach their tax forms?
I've tried a number of approaches.
Blunt instruments, sharp instruments, shredders with safety cover removed. But the most satisfying approach to american tax forms is the good old fashioned flame thrower. Watching it burn can make you feel as if you have some control in the face of the behemoth.
Note, this year I had to file tax returns in five different countries. I'd prefer your cash to your pity at this point. (do I need smileys in this post?
the AC
I just used up all my moderator points, or I'd up this comment.
/. speak, they are a number of IP services, the "simple" services (echo, chargen, etc), an HTTP server, an FTP server, a telnet server, and a TFTP server. The modem has a simple internal file system, and if you know the names of the files, you can copy them or overwrite them with TFTP. If you connect with telnet (or FTP), it presents you with the MAC address of the modem, and asks for a password, which is a simple hash of the MAC address. Deraison either intercepted his provider connecting and reverse engineered the hash, or he had access to some engineering docs at an ISP, or played around and figured it out. Either way, an impressive hack, in the good sense of the word.
Renaud Deraison is known in french security circles for his nessus scanner, a program similar to nmap. He published his findings at the end of last year, but it wasn't widely trumpeted at the time. Shimomura is a publicity whore who copied Deraison's comments (probably used the fish, the grammar follows the same butchering) and claimed the discovery as his own. A few days ago, there was a press release going around touting Shimomura's discovery, not a CERT advisory, just a press release from the San Diego Super Computer Research Center.
The french paper Le Liberation ran a story filled with horror but little detail. Some of the claims are ridiculous, such as how someone who cracks the modem has unlimited access to every file on all the computers behind it, and how any machine on the internet can access the modems which sit on unaddressable IP addresses (the 10.x.x.x private IPs from RFC 1918)
Today Le Libe is running a follow up story where Alcatel denies the backdoors were placed intentionally, and claims there is a security program installed on the modems to prevent cracking by unauthorised persons.
I have a Speed Touch Home modem, and I've played with these backdoors. In
Since the modem uses "private" IP addresses, and access is limited to the local LAN or from the DSLAM, he didn't consider this to be a big problem. The modems typically sit on the DSLAMs private address range, and only connect the users computer to the BAS using PPoE or PPPoA, and can't really generate traffic to the internet. To gain access to the modems, you would either have to crack the DSLAM, crack the users computer, be on the same DSLAM (and thus same subnet) as the target, or intercept the copper wires and play DSLAM. Of these scenari, only cracking a computer on the LAN behind the modem would be possible from the internet at large, and if you can do that, why bother with a stupid little DSL modem?
I agree with Betcour (and a large crowd on fr.comp.securite) on this, Shimomura is tooting his own horn because his bank account is empty after Cybertraque flopped at the cinema. Did Takedown ever open in the U.S.? If it didn't, count your blessings, it was bad, not Ed Wood bad, just unredeemably bad.
the AC
New York to Los Angeles in a half hour. Wow.
In completely unrelated news:
Every window from New Jersey to Nevada was broken today, which officials are at a loss to explain. It appears to have been a sharp earthquake which rattled houses and businesses across the country. Seismologists have reported that every one of their seismographs recorded a large spike, possibly a new type of fault slippage previously unknown.
Officials at UnitedSpace were unavailable for comment.
the AC
Various older IP stacks choke on an all zero subnets like 10.0.0.x/24, or even 192.168.0.x/24.
Mostly those IP stacks went away in the early 90's, but NT 3 was broken, and the mantra of subnet zero lingers on with MCSEs, who may find themselves still working on 3.51 systems. Old SunOS IP stacks, fixed in 1988, didn't like subnet zero as well. And I've seen other broken implementations from time to time, but not on PC/workstation equipment. Even the BSD stack choked, in my distant memory, but was fixed aeons ago.
Cisco used to have "no ip subnet-zero" by default, until 12.0 changed it, meant more as a warning to the network admin to take care about broken stacks. ip subnet-zero and its evil twin, ip classless are two of the most common commands any CCIE enters into a new config. Now in 12.0, cisco believes that there are now few enough NT 3 machines in existence to change the defaults to something reasonable.
I tend to use 10.1.1.0/24 for most of my small networks, its easy to type, easy to remember, and isn't going to break any kit.
[ObOnTopicSection]
ISPs regularly use the RFC1918 addresses internally to keep costs down. Many interfaces internal to an ISP never need to be addressed individually from or to the internet. Management ports, internal point-to-point links, loopback addresses for routing purposes, DSLAMs and DSL routers, and cable modems can all be safely hidden. The traffic to these devices is for internal routing, and is easily non-routed at the limits of the ISPs traffic. Most every ISP I've looked at uses private addresses internally, it saves money and limits skiddies from gaining access too easily to certain things.
An ISP should never present a "private" IP address to a client, it would tend to break things, as Brad found out. This shows the ISP is either clueless, or has run out of money to rent blocks of publically addressable IP addresses. Possibly a combination of both. It could also be that their upstream providers can't deal with any more split, non-agregable ranges of addresses, and they are stuck until they can migrate to a single larger chunk of space. Go read NANOG for various horror stories.
the AC
From the conclusion of the same report:
...CCTV cameras in Glasgow city centre did not appear to have a major impact on crime... and ...there was no evidence to suggest that the cameras had reduced crime overall in the city centre. (These were taken out of context, go read the report yourself to see a slightly wider context)
Glasgow has been one of the best cities in Britain for combatting its street crime, with more police on the streets, rewards programs, a big push against hard drugs, and more money to aid prosecutions. Glasgow's crime levels have bucked the major trend in the UK for low level street crime, not due to cameras, but because the city council wanted to clean up the image of the city.
camera operators usually focus on minorities or young people in "hostile" outfits
My biggest concerns of camera surveillance are along the lines of operators trained by a mostly white police force saying "Look, he's wearing a Man-U stripe, damn baby rapist, lets track his every move", as well as "track only blacks and asians, because they are the most likely to commit crimes". Since I work in security, I do notice the cameras, and I do have opportunities to observe the operators being biased. It is quite disturbing to watch cameras track you every where you go when you clearly aren't breaking any laws.
the AC
the slow slide in Great Britain when the public became convinced that surveillance would prevent crimes...
/. community is well aware of the dangers of the misuse of technology, but the average public only cares about the perception of security.
Recently the levels of violent crime in the streets of Britain have acheived record levels. The criminals don't care if there is surveillance video of their actions, successful prosecution requires more than just a grainy video.
Surveillance just allows greater control of the population at large, and will enable even more nefarious actions by various groups (both government and private) at a later date. The
the AC
In addition to Java and kerberos, there are many other examples of extend and extinguish. The one I am most familiar with is the PPP authentication protocol MS-CHAP.
PPP defined a open ended number of authentication protocols, PAP and CHAP being the first two implemented. PAP and CHAP are both freely available, and CHAP was designed to respond to security shortcomings in PAP. The spec allows for future authentication protocols to be developed.
MS-CHAP is a one of those future protocols, but there was a twist. MS-CHAP was introduced into windoze NT3 RAS dial in server, and later as the only authentication protocol in windoze 95. That meant that any user with windoze 95 could only use the dial-up software with an ISP running a copy of NT behind each modem.
Modem server makers such as Ascend, 3Com and Cisco all quickly reverse engineered the protocol, but M$ had patented the algorithm and the protocol. Since M$ was at the height of its monopolistic bully attitude, and the comm server makers were all relatively small, none dared a court battle over a patented algorithm. Cisco approached M$ to put regular CHAP into win95, but M$ refused.
Then M$ approached all the modem server manufacturers with a deal, they would license their own code for MS-CHAP for about US1.20 per modem, and existing servers could be upgraded for about US$1.50 per modem. So all the ISPs who wanted to play in the win95 dial-up market had to upgrade all their modem servers at a fairly hefty cost, with all that money going to M$.
As a side note, M$'s implementation of MS-CHAP has some serious security problems, a google search can turn them up. The security holes are pretty difficult to exploit, but allow for session hijacking and man-in-the-middle attacks.
the AC