Most likely the author was using a PC-based software player, so most likely, legitimate end-users just need to download an update to be able to play new movies. (the update would both include new player keys, and an attempted fix for whatever way people are pulling title keys from the software)
I don't really know much about it, but keys included in the package are title keys (eg. download the source code, see Readme.txt and TKDB.cfg, and see the list of keys for specific titles: Full Metal Jacket, Van Helsing, Tomb Raider 1, Apollo 13, The Last Samurai, and The Fugitive). Those keys probably can't be revoked (those specific titles are already mastered and are in release). But do the included keys give the AACS people enough information to identify the specific player that the author is using to extract the title keys from?
As another poster said, the package contains several title keys already extracted via some method. It's not clear how the author extracted the keys, or whether it's possible for the AACS people to revoke a player in order to prevent future keys from being leaked the way they currently are.
It has lots of features (like the 3DO had), but it's a great deal? (if you're in the market for a Blu-ray player...) Although the motion control was tacked on in response to the Wii, and the networking support was a not-spectacular attempt at matching the 360's, a few of the subsystems are thought to be better than its peers?
Duh. It's still useful though, it's like a very flexible USB KVM... eg. you can already switch your USB keyboard around to multiple computers (plus your xbox 360 and PS3, yay). But if you add extra peripherals to the USB KVM, they have to always be connected to whatever the keyboard is connected to. This lets you route your keyboard to your 360 while your webcam can be switched back and forth between your laptop and desktop.
They allegedly watch for robot scraping and will cut off your IP if they detect it... is this not an issue? Or it's not an issue if you keep it to a rate similar to what the SOAP interface allowed?
it would have looked very bad for her, since she was in line for the presidency, if the president and vice-president were convicted
The Speaker has always been in line for the presidency, that's nothing new, and it hasn't stopped the House from supporting impeachment in the past.
What has changed is that the Clinton impeachment is still in many people's memories... Perhaps many people realize that impeachments are good for expressing frustration, but aren't good at furthering any actual or political goals.
Surely it's at least partially useful... Wikipedia mentions that it's enabled by default on OpenBSD, and that there are a number of add-ons available for Linux that lets you enable it there.
This article seems to imply that ASLR (or ALSR or whatever it is) can either be disabled by the user system-wide, or that certain systems won't have the features required to enable ASLR. So it probably won't stop determined users.
That's exactly what it means. There's two sub-types of RPGs... console RPGs (eg. JRPGs) and computer RPGs) (eg. western style). JPRG's are more linear and scripted, don't allow the player as much choice in terms of what character(s) they are, but this allows them to tell strong story as the player progresses. Computer RPG's on the other hand give you a lot of control of what characters to play, where you want to go, but as a result, it's not possible for the game authors to tell a strong story... the world doesn't usually dramatically change throughout the game.
No suicide bomber that I know of has ever targeted a bathroom. If a terrorist is going to go to the risk of carrying out a bomb plot (where just the act of planning/purchasing/collaborating is more than enough to put them in jail), and if they're rational and ascribe at least a little value to their life, they'll try to give themselves the best chance to get the explosives onto a plane, because it will have far more impact in that case.
Really, many liquid explosives are very unstable, and just the act of doing a bag check is enough to set them off.
Absolutely. Hackers like computers that are connected 24/7, because they're useful as a platform for spamming and botnets. Before cable modems and DSL came along, hackers did target unix and linux boxes, but they weren't as successful... botnets and spamming from compromised machines wasn't nearly as frequent back then. Once a bunch of home computers started showing up on cable modems and DSL, then botnets really got going. It's not true at all that Linux wasn't targeted.
Well, they're a market research company, so they're legitimately interested in avoiding self-selection bias. Anyway, opinionsquare.com and permissionresearch.com are two places you can download the software. In this case though, it's clear that self-selection bias isn't the only concern... they almost completely avoid mentioning their connection with comScore (though if you click on the WebTrust / Earnst&Youngthing in the bottom corner, and then click on "Audit Report and Management's Assertions", you can see they're connected).
While ordinarily an HTTPS connection would simply pass through a proxy securely, in this case MarketScore also installs a new root certificate in your browser so that it can decrypt all intercepted SSL connections (a "man-in-the-middle" attack) without triggering a security warning from the browser. In normal operation, browsers would complain if a site certificate doesn't match the domain of the URL, but the new root certificate tells the browser to trust ComScore's site certificate for any URL.
I don't think Ford, Microsoft, etc. would do business with them if what they did was really obviously illegal. Also, if taken to court or whatnot, they'd probably say that most users agreed to their EULA, which says things like:
Once you install our application, it monitors all of the Internet behavior that occurs on the computer on which you install the application, including both your normal web browsing and the activity that you undertake during secure sessions, such as filling a shopping basket, completing an application form or checking your online accounts, which may include personal financial or health information. We may use the information that we monitor, such as name and address, for the purpose of better understanding your household demographics.
They pretty much explicitly say that they track user's online financial transactions. Obviously, end users don't usually read EULA's. IMHO, it's journalist's job to point out really egregious EULAs like this, and hold the company's feet to the fire. In this case though, unfortunately their EULAs haven't gotten much press coverage. And the company's entire business is based around this information collection, so it's not like a small amount of press would be enough to remove a small clause that lawyers added in as an afterthought.
It's sort of like credit check, I suppose, but they can (and based on the "buying power" reports they generate, I believe there's a good chance they do) track purchases made, and may track bank balances (I'm not sure how easy this is to do, but it's possible they do this for the X largest ecommerce sites and the X largest banking sites).
Yes, people routinely agree to credit checks, but usually there's a direct financial benefit... eg. getting a loan or something like that. comScore rarely pays its participants anything (they do run sweepstakes, but with ~2 million participants, there's very little chance you'll get compensated for giving away your private information).
The installed software re-routes all of your internet traffic through comScore's proxy servers. In most cases, they're probably just monitoring the URL's you visit, but they also check check more specific information in some cases... they say they verify the user's demographics (name, address, it sounds like purchases are tracked as well), and depending on what they're doing research on at the time, they sometimes track P2P activity, audio streaming activity, instant messaging statistics, etc.
This lists some of the IP addresses that Texas Tech University has internally blocked. The most important thing to block is their proxy servers, since that's the bit that actually does the monitoring, and because the end-user software is distributed via a number of different sites and organizations.
The thing that really gets me is that their monitoring software installs a root certificate in the user's browser so that they can do a "man in the middle" attack to https:/// connections at their proxy servers. In many cases, comScore gets permission from end users to do this, but I don't think many users really realize how much information they're exposing by doing this. Most obvious is bank passwords, etc, but comScore says they don't monitor those. comScore DOES however say that they verify their user's name, address, income, etc., which I'd imagine most users wouldn't actually agree to if they were fully informed.
The redesign of tv.yahoo.com is terrible. I've never seen a website go from near the head of the pack to last place so quickly. One wonders why they failed to get any sort of feedback from end users before rolling out the change.
No, the old system didn't wear out, but current hardware did far surpass it. If you apply "churn" to consoles, then the term applies to practically the entire technology sector. "Churn" implies that companies are either unable or have no need to release products with substantive improvements, so instead they release products with cosmetic improvements to trick customers into upgrading.
Maybe it comes down to an argument of whether games that have improved graphics really are better. There's certainly legitimate discussion about that, though the top-selling games for a given console are invariably its best-looking, and games that have worse graphics than their peers usually end up among the worst-selling for a given console, so I think it's a little dubious to say that the market thinks that improved graphics hardware is merely a cosmetic change.
Console generations aren't just churn, not at all. How often have you heard that the next generation's graphics are just as good as the previous one? (except for Wii) Or that peripheral things like networking support, controllers, or game ROM size haven't improved? (except for the PS3 controller) A three-year-old computer is obsolete as a gaming machine in terms of CPU and graphics power... consoles are the same way.
Slashdot Mirror
Most likely the author was using a PC-based software player, so most likely, legitimate end-users just need to download an update to be able to play new movies. (the update would both include new player keys, and an attempted fix for whatever way people are pulling title keys from the software)
I don't really know much about it, but keys included in the package are title keys (eg. download the source code, see Readme.txt and TKDB.cfg, and see the list of keys for specific titles: Full Metal Jacket, Van Helsing, Tomb Raider 1, Apollo 13, The Last Samurai, and The Fugitive). Those keys probably can't be revoked (those specific titles are already mastered and are in release). But do the included keys give the AACS people enough information to identify the specific player that the author is using to extract the title keys from?
Duggmirror has a copy of the doom9 thread, as well as a link to the source code.
As another poster said, the package contains several title keys already extracted via some method. It's not clear how the author extracted the keys, or whether it's possible for the AACS people to revoke a player in order to prevent future keys from being leaked the way they currently are.
It has lots of features (like the 3DO had), but it's a great deal? (if you're in the market for a Blu-ray player...) Although the motion control was tacked on in response to the Wii, and the networking support was a not-spectacular attempt at matching the 360's, a few of the subsystems are thought to be better than its peers?
Duh. It's still useful though, it's like a very flexible USB KVM... eg. you can already switch your USB keyboard around to multiple computers (plus your xbox 360 and PS3, yay). But if you add extra peripherals to the USB KVM, they have to always be connected to whatever the keyboard is connected to. This lets you route your keyboard to your 360 while your webcam can be switched back and forth between your laptop and desktop.
They allegedly watch for robot scraping and will cut off your IP if they detect it... is this not an issue? Or it's not an issue if you keep it to a rate similar to what the SOAP interface allowed?
Nitpick: The VP is elected, not nominated.
The Speaker has always been in line for the presidency, that's nothing new, and it hasn't stopped the House from supporting impeachment in the past.
What has changed is that the Clinton impeachment is still in many people's memories... Perhaps many people realize that impeachments are good for expressing frustration, but aren't good at furthering any actual or political goals.
Surely it's at least partially useful... Wikipedia mentions that it's enabled by default on OpenBSD, and that there are a number of add-ons available for Linux that lets you enable it there.
This article seems to imply that ASLR (or ALSR or whatever it is) can either be disabled by the user system-wide, or that certain systems won't have the features required to enable ASLR. So it probably won't stop determined users.
That's exactly what it means. There's two sub-types of RPGs... console RPGs (eg. JRPGs) and computer RPGs) (eg. western style). JPRG's are more linear and scripted, don't allow the player as much choice in terms of what character(s) they are, but this allows them to tell strong story as the player progresses. Computer RPG's on the other hand give you a lot of control of what characters to play, where you want to go, but as a result, it's not possible for the game authors to tell a strong story... the world doesn't usually dramatically change throughout the game.
It was 1982.
No suicide bomber that I know of has ever targeted a bathroom. If a terrorist is going to go to the risk of carrying out a bomb plot (where just the act of planning/purchasing/collaborating is more than enough to put them in jail), and if they're rational and ascribe at least a little value to their life, they'll try to give themselves the best chance to get the explosives onto a plane, because it will have far more impact in that case.
Really, many liquid explosives are very unstable, and just the act of doing a bag check is enough to set them off.
Absolutely. Hackers like computers that are connected 24/7, because they're useful as a platform for spamming and botnets. Before cable modems and DSL came along, hackers did target unix and linux boxes, but they weren't as successful... botnets and spamming from compromised machines wasn't nearly as frequent back then. Once a bunch of home computers started showing up on cable modems and DSL, then botnets really got going. It's not true at all that Linux wasn't targeted.
Well, they're a market research company, so they're legitimately interested in avoiding self-selection bias. Anyway, opinionsquare.com and permissionresearch.com are two places you can download the software. In this case though, it's clear that self-selection bias isn't the only concern... they almost completely avoid mentioning their connection with comScore (though if you click on the WebTrust / Earnst&Youngthing in the bottom corner, and then click on "Audit Report and Management's Assertions", you can see they're connected).
From TFA:
I don't think Ford, Microsoft, etc. would do business with them if what they did was really obviously illegal. Also, if taken to court or whatnot, they'd probably say that most users agreed to their EULA, which says things like:
They pretty much explicitly say that they track user's online financial transactions. Obviously, end users don't usually read EULA's. IMHO, it's journalist's job to point out really egregious EULAs like this, and hold the company's feet to the fire. In this case though, unfortunately their EULAs haven't gotten much press coverage. And the company's entire business is based around this information collection, so it's not like a small amount of press would be enough to remove a small clause that lawyers added in as an afterthought.
It's sort of like credit check, I suppose, but they can (and based on the "buying power" reports they generate, I believe there's a good chance they do) track purchases made, and may track bank balances (I'm not sure how easy this is to do, but it's possible they do this for the X largest ecommerce sites and the X largest banking sites).
Yes, people routinely agree to credit checks, but usually there's a direct financial benefit... eg. getting a loan or something like that. comScore rarely pays its participants anything (they do run sweepstakes, but with ~2 million participants, there's very little chance you'll get compensated for giving away your private information).
The installed software re-routes all of your internet traffic through comScore's proxy servers. In most cases, they're probably just monitoring the URL's you visit, but they also check check more specific information in some cases... they say they verify the user's demographics (name, address, it sounds like purchases are tracked as well), and depending on what they're doing research on at the time, they sometimes track P2P activity, audio streaming activity, instant messaging statistics, etc.
Oops, I forgot to include the Texas Tech link with the IP addresses.
This lists some of the IP addresses that Texas Tech University has internally blocked. The most important thing to block is their proxy servers, since that's the bit that actually does the monitoring, and because the end-user software is distributed via a number of different sites and organizations.
The thing that really gets me is that their monitoring software installs a root certificate in the user's browser so that they can do a "man in the middle" attack to https:/// connections at their proxy servers. In many cases, comScore gets permission from end users to do this, but I don't think many users really realize how much information they're exposing by doing this. Most obvious is bank passwords, etc, but comScore says they don't monitor those. comScore DOES however say that they verify their user's name, address, income, etc., which I'd imagine most users wouldn't actually agree to if they were fully informed.
The redesign of tv.yahoo.com is terrible. I've never seen a website go from near the head of the pack to last place so quickly. One wonders why they failed to get any sort of feedback from end users before rolling out the change.
No, the old system didn't wear out, but current hardware did far surpass it. If you apply "churn" to consoles, then the term applies to practically the entire technology sector. "Churn" implies that companies are either unable or have no need to release products with substantive improvements, so instead they release products with cosmetic improvements to trick customers into upgrading.
Maybe it comes down to an argument of whether games that have improved graphics really are better. There's certainly legitimate discussion about that, though the top-selling games for a given console are invariably its best-looking, and games that have worse graphics than their peers usually end up among the worst-selling for a given console, so I think it's a little dubious to say that the market thinks that improved graphics hardware is merely a cosmetic change.
Console generations aren't just churn, not at all. How often have you heard that the next generation's graphics are just as good as the previous one? (except for Wii) Or that peripheral things like networking support, controllers, or game ROM size haven't improved? (except for the PS3 controller) A three-year-old computer is obsolete as a gaming machine in terms of CPU and graphics power... consoles are the same way.