I, for one (and mostly all), cannot wait for NASA's next space telescope, the Next Generation Space Telescope (NGST), to take flight. This telescope will answer many questions we currently have. Unfortunately, this will not take place until 2009, but it's still nice to think about:)
The October 2001 issue of IEEE Computer has some articles on security, and the first article in the issue is titled "Search Engines as Security Threat" by Hernandez, Sierra, Ribagorda, Ramos.
Another interesting aspect of this law is the potential for social engineering attacks. Imagine somebody posing as a government official telling somebody or some company to disclose their passwords or encryption keys?
In the USA, it's a felony to pretend to be a government official. Hopefully EU nations have thought of this scenario when drafting this treaty.
It takes X amount of years to integrate a system into your infrastructure. It also takes X amount of years to remove a system from your infrastructure.
Say a company has spent 5 years integrating NT systems into their department. That usually means it will take another 5 years to get rid of it.
Linux will not be an overnight success...it will take time to supplant Microsoft.
Datacenter servers are not the only ones: Many e-banking applications (see s1.com, for example) are rolled by vendors, and upgrades do not come out as fast as vanilla IIS upgrades because of this.
I don't know of one bank that uses a non-IIS platform. Kind of scary.
This centralized service for reporting will lead to some falsified logs being submitted to get somebody in trouble. I hope people use this service, but I also hope they take it with a grain of salt.
I agree it will not happen, but let me expand on why it won't.
I'm a resident of Grand Rapids, MI; and until recently, I worked for companies in this area (I know work as a mobile employee for a nationwide company). The reason why this won't work (at least in the next couple of years) is that Michigan (and more precisely, West Michigan's Grand Rapids and Kalamazoo) is about 2-3 years behind on technology.
Companies in Michigan are only beginning to see the value of an e-business strategy, and those that have websites rarely have anything except "here's our address, here's our phone number" information on their webpages.
It's much more attractive for businesses to look at Chicago as a Great Lakes region alternative. Bigger market, more technology, and a stronger foothold in most marketplaces.
The other 2% were saved because either 1) they were a backup; or 2) the "hacker" used an emulator, where he would hook up a computer (running special code from a DOS boot disk) to his receiver and H-card, so the computer would, in essence, take the hit instead of the H-card.
I doubt meetings will be held in Grand Rapids, considering GR is about 30 miles away from CmdrTaco in Holland, MI...but what the hell? I know lots of students in the area who are slashdot followers.
The real media links are for their 16-minute venture. However, has anybody been able to download the zip of the original demo? It redirects me to fileplanet.com, but nothing shows up or downloads. Does anybody have a mirror?
I should have expanded on my initial post further (I just got excited that it would be in the first 10 posts:-)
My solution was meant for students who were affected by, say, blocking all port 21 and 23 access. If students wished to continue to use telnet and FTP, they could merely switch the port.
This is not a security approach universities should take.
It makes cheating a lot more difficult, but cheating in Quake I didn't (and doesn't) require changing the actual executable or engine: Having it open-sourced or closed-source makes no difference to most cheaters.
Back a couple of years ago, when Quake I was in its hay-day, there were tons of model and map hacks. I even designed some of these myself. Of course, these only worked in NetQuake because of the pak-file checking in QuakeWorld.
For player models, all one had to do was load whatever MDL file they wanted to alter into a 3D rendering program. The cheat that got the most press on IRC was the infamous "pak2" cheat (named so because Quake I only came with a pak0.pak and a pak1.pak, so this cheat was commonly put in a pak2.pak). This cheat had a modified player.mdl model in which bars would stick out of players in the x-, y-, and z-axis and colored by the player's pants (the color of pants used to determine the team). These bars would stick out approximately 4 times the height of the model, and these bars went through walls, floors, and ceilings. Anybody with half a brain and the reflexes of my dog could now keep up with players from Unforgiven or Clan Kapitol. Other "pak2" cheats came along, also: Modified Quad and Pent models making it easier to determine if they had spawned, player models that did not have the "bars" when they were standing still (to get around the screen-shot approach of checking to see if you had the original pak2 cheat).
Another aspect of cheating without changing the code of the engine/executable would be to change the maps. Quake I has a nice feature of being able to "vis" water...to be able to see through it. Load up DM3: If you can't see the lightning gun at the bottom of the water, you don't have the water vis'd. The trick is to change the walls and floors to water, then vis them. "waterhack.exe" (I forget the actual name, it's been awhile:) under DOS would vis all entities of a map designated to be water. Now you can see through anything. With my modified DM3, I could see the red armor from quad and I could see the Pent from yellow armor (that's quite a distance and through many walls).
There are still a few clans that play Quake I. Check the enterthegame IRC network (ky.enterthegame.com, ny.enterthegame.com) in #ck . A lot of people hang out there, and I'm sure a few still play or they can direct you to a clan that plays.
Slashdot Mirror
I, for one (and mostly all), cannot wait for NASA's next space telescope, the Next Generation Space Telescope (NGST), to take flight. This telescope will answer many questions we currently have. Unfortunately, this will not take place until 2009, but it's still nice to think about :)
Also "Brave New World," at least to a certain extent.
Something I forgot to mention in my other post:
The October 2001 issue of IEEE Computer has some articles on security, and the first article in the issue is titled "Search Engines as Security Threat" by Hernandez, Sierra, Ribagorda, Ramos.
Here's a link to it.
Try the following searches on google (include the quotes) and you'll be amazed at what's out there:
/admin"
/password"
/mail"
/" +passwd
/" password.txt
"Index of
"Index of
"Index of
"Index of
"Index of
Additional articles discussing this are at cnn and at reuters.
If video games are art, can we label John Romero as a "starving artist"?
Consume less heat? I believe they mean dissipate less heat.
Another interesting aspect of this law is the potential for social engineering attacks. Imagine somebody posing as a government official telling somebody or some company to disclose their passwords or encryption keys?
In the USA, it's a felony to pretend to be a government official. Hopefully EU nations have thought of this scenario when drafting this treaty.
It takes X amount of years to integrate a system into your infrastructure. It also takes X amount of years to remove a system from your infrastructure.
Say a company has spent 5 years integrating NT systems into their department. That usually means it will take another 5 years to get rid of it.
Linux will not be an overnight success...it will take time to supplant Microsoft.
Anybody remember Dr. Sbaitso? This program was great for being written way back when (1994?).
I believe Radiohead used it as the voice for their track "Fitter Happier" on OK Computer.
Or just use wget or curl :)
Datacenter servers are not the only ones: Many e-banking applications (see s1.com, for example) are rolled by vendors, and upgrades do not come out as fast as vanilla IIS upgrades because of this.
I don't know of one bank that uses a non-IIS platform. Kind of scary.
Apparently older versions of eggdrop bots (an IRC bot) have had date problems.
This story is actually quite old, as I submitted this nearly a year ago:
4 5&mode=nested
http://slashdot.org/article.pl?sid=00/09/21/21262
CNN's original story
I have the same problem with my IBM Thinkpad T20, 2.2.19, and the Crystal Audio chipset. 50% of the time it finds it on boot.
This centralized service for reporting will lead to some falsified logs being submitted to get somebody in trouble. I hope people use this service, but I also hope they take it with a grain of salt.
I agree it will not happen, but let me expand on why it won't.
I'm a resident of Grand Rapids, MI; and until recently, I worked for companies in this area (I know work as a mobile employee for a nationwide company). The reason why this won't work (at least in the next couple of years) is that Michigan (and more precisely, West Michigan's Grand Rapids and Kalamazoo) is about 2-3 years behind on technology.
Companies in Michigan are only beginning to see the value of an e-business strategy, and those that have websites rarely have anything except "here's our address, here's our phone number" information on their webpages.
It's much more attractive for businesses to look at Chicago as a Great Lakes region alternative. Bigger market, more technology, and a stronger foothold in most marketplaces.
The other 2% were saved because either 1) they were a backup; or 2) the "hacker" used an emulator, where he would hook up a computer (running special code from a DOS boot disk) to his receiver and H-card, so the computer would, in essence, take the hit instead of the H-card.
How will they know the source of the mail? They'll only have the zip code, and that will only narrow it down to a few thousand people.
From their website:
http://lambda.3ivx.com/stuff/3ivx.mov
I doubt meetings will be held in Grand Rapids, considering GR is about 30 miles away from CmdrTaco in Holland, MI...but what the hell? I know lots of students in the area who are slashdot followers.
The real media links are for their 16-minute venture. However, has anybody been able to download the zip of the original demo? It redirects me to fileplanet.com, but nothing shows up or downloads. Does anybody have a mirror?
I should have expanded on my initial post further (I just got excited that it would be in the first 10 posts :-)
My solution was meant for students who were affected by, say, blocking all port 21 and 23 access. If students wished to continue to use telnet and FTP, they could merely switch the port.
This is not a security approach universities should take.
I bet Romero now wishes Killcreek's breast implants were refundable.
It makes cheating a lot more difficult, but cheating in Quake I didn't (and doesn't) require changing the actual executable or engine: Having it open-sourced or closed-source makes no difference to most cheaters.
:) under DOS would vis all entities of a map designated to be water. Now you can see through anything. With my modified DM3, I could see the red armor from quad and I could see the Pent from yellow armor (that's quite a distance and through many walls).
Back a couple of years ago, when Quake I was in its hay-day, there were tons of model and map hacks. I even designed some of these myself. Of course, these only worked in NetQuake because of the pak-file checking in QuakeWorld.
For player models, all one had to do was load whatever MDL file they wanted to alter into a 3D rendering program. The cheat that got the most press on IRC was the infamous "pak2" cheat (named so because Quake I only came with a pak0.pak and a pak1.pak, so this cheat was commonly put in a pak2.pak). This cheat had a modified player.mdl model in which bars would stick out of players in the x-, y-, and z-axis and colored by the player's pants (the color of pants used to determine the team). These bars would stick out approximately 4 times the height of the model, and these bars went through walls, floors, and ceilings. Anybody with half a brain and the reflexes of my dog could now keep up with players from Unforgiven or Clan Kapitol. Other "pak2" cheats came along, also: Modified Quad and Pent models making it easier to determine if they had spawned, player models that did not have the "bars" when they were standing still (to get around the screen-shot approach of checking to see if you had the original pak2 cheat).
Another aspect of cheating without changing the code of the engine/executable would be to change the maps. Quake I has a nice feature of being able to "vis" water...to be able to see through it. Load up DM3: If you can't see the lightning gun at the bottom of the water, you don't have the water vis'd. The trick is to change the walls and floors to water, then vis them. "waterhack.exe" (I forget the actual name, it's been awhile
There are still a few clans that play Quake I. Check the enterthegame IRC network (ky.enterthegame.com, ny.enterthegame.com) in #ck . A lot of people hang out there, and I'm sure a few still play or they can direct you to a clan that plays.
- k3nny, Clan Kapitol