Thats what I did. I have been with my company for about a year and a half when I thought that blue hair would be fun. I asked some of my co-workers what they thought, and other people had done it in the past. I got kidded about it for a few days, but I never had any major issues.
Ok, I've got to step in here... If you listen to Viacom, it was 6 cents, If you listen to Echostar, it is way more than that. It was orginally going to be a 7 percent raise per year for 5 years. The current contract was for something like 200 million dollars. You do the math. Also, all of the channels do not cost the same. MTV and MTV2 are basiclly free b/c the videos are provided to Viacom for free, while Nick and CBS cost a great deal more to run, thus those costs are higher.
I remember those cases from back in the day. Acer had those. They had this wierd handle on the front that flipped down to open the case. Wow, those things were a bitch to take off!
I worked for Best Buy for 5 and a half years. I have never heard of anything like this before. Best Buy should just suck it up and honor the price. It is their mistake. I have seen several customers arrested before, but not for asking for what is reightfully thiers!
To correct serious security flaws, Microsoft on Friday disabled the virtual wallet function of its Passport service and has begun notifying partners about the vulnerabilities, the company has confirmed.
The bugs in Passport, a sign-on service used by more than 165 million people, were discovered this week by Marc Slemko, a software developer who lives near Microsoft's Redmond, Washington, headquarters. Slemko is a founding member of the Apache Software Foundation.
By cobbling together a handful of browser-based bugs with flaws in Passport's authentication system, Slemko developed a technique to steal a person's Microsoft Passport, credit card numbers -- and all, simply by getting the victim to open a Hotmail message.
The attack raises new questions about the inherent security of Passport, which is being positioned by Microsoft as the lynch pin of its.NET e-commerce service initiative.
In a demonstration of the exploit earlier this week, Slemko sent Wired News a specially crafted but innocent-looking e-mail. Moments after the e-mail was viewed using Microsoft's Hotmail Web-based e-mail service, Slemko rattled off, over the phone, the credit card number and contact information from the user's Passport wallet.
According to a notice at the service's site, the Passport wallet enables users to store credit card and address information "in a secure, online location. Only you have access to the information in your.NET Passport wallet."
Introduced in 1999, Passport is what Microsoft calls a "platform service" and is being pitched to merchants and other partners as a convenient and secure means of determining whether site users are who they claim to be.
Besides enabling Web surfers to access Hotmail and several other secure sites with a single log-in, Passport includes a wallet system that speeds shoppers' checkout at dozens of sites that deploy the Passport Express Purchase technology.
In an e-mail today to Slemko, Passport's lead program manager for security and authentication, Chris Peterson, said the wallet service will remain offline until the company can add additional security features "to ensure that similar exploits cannot be used to compromise our user's credit card information."
Microsoft's Hotmail is the largest service currently utilizing the Passport authentication system, but the technology has also been deployed by eBay to allow users of the online auction service to sign into their accounts.
In addition, Microsoft's MoneyCentral personal finance site relies on Passport's sign-on technology.
Prior to being fixed by Microsoft, the authentication flaws discovered by Slemko could enabled an attacker "to do anything as if they were the Passport holder," including editing the user's portfolio at MoneyCentral, or changing user's auctions at eBay, he said.
More than 70 sites are in the process of deploying Passport's authentication technology, according to Microsoft. Among them is Prudential Banking's Egg.com online bank, which is switching to Passport from an authentication system developed by Entrust Inc., according to published reports.
Besides posting it at his site, Slemko intends to release the technical details on several security mailing lists Friday "so that, if they choose, users and partners can choose to reduce the impact on themselves," he said. Because of the severity of the flaws, Slemko withheld publication until Microsoft had an opportunity to correct it.
According to Microsoft, the company has patched two bugs utilized by Slemko's exploit: an HTML filtering issue in Hotmail as well as a cross-site scripting flaw in its Passport server configurations. In addition, the company has modified a software timer so that Passport users must re-enter their password anytime they attempt to access the wallet service.
While Slemko's exploit, which relied on stealing browser cookies used by Passport, has been rendered inoperable by Microsoft's fixes, the programmer said "deeper issues" remain with the service.
"Passport's greatest marketing strength -- the single sign-on -- is also its chief technical weakness. It will be fairly trivial for attackers to dream up new ways of exploiting this," he said.
Slemko is not the first to reach this conclusion. Last year, researchers at AT&T published a paper that observed that Microsoft's single sign-on service "carries significant risks to users" and warned that "Passport must be viewed with suspicion."
Microsoft subsequently fixed the bugs identified in the AT&T report and issued a response, down-playing the researchers' conclusion that Passport is inherently flawed and promising new security features in the future.
One fruit of that promise is in Microsoft's recently released Windows XP operating system, which attempts to improve the security of Passport's sign-on system by moving the authentication out of the browser and embedding it into the operating system.
Microsoft has also adopted what it calls a "federation" model for Passport that will allow other authentication vendors to create systems that interoperate with Microsoft's platform.
But critics still contend that granting Microsoft control over a massive set of personal data creates intolerable security risks.
"If history has shown us anything, it's that the best protection lies in decentralizing power and promoting competition. We need to take the same approach to our digital identities and make sure that who and what we are is not held captive by a single entity," wrote Whitfield Diffie, one of the inventors of public-key cryptography, and Susan Landau, a senior staff engineer at Sun Microsystems, in an editorial published last week.
According to Slemko, the fact that he needed just half an hour to cook up a way to exploit Passport's security flaws indicates that Microsoft is not fit to run a service with Passport's ambitions.
"It is very clear that either Microsoft does not have sufficient resources in place to properly review the security of their services and software, or that they are aware of the shortcomings but decided that attempting to gain market share was more important than their user's security," he said.
I went down to my local town hall and attempted to vote. "i'm sorry", said the old man. "You are not registered to vote." I had mailed in my registration form several months ago, and was disappointed to learn that it was never processed. I guess i will have to try again next time. I was really looking forward to vote in my first Pres election (Vote Nader!!).
I have wondered for years why someone hasn't just put a decoder chip inside a cd player and let people burn cd's with mp3's on them, or the recording industry selling mp3 discs? Oh wait, they would never do this, what am i thinking. Maybe someone could modify existing cd players to play mp3's?
Could one run duel processors with this new chip? It might make up for it's lack of power by having 2, plus since cost is a factor, it would be even better.
one of the best MP3 search engines is starting thier own "napster" like project. goto http://www.audiogalaxy.com/betatest/ it is a simpler client, and linux client is coming out soon
Slashdot Mirror
Thats what I did. I have been with my company for about a year and a half when I thought that blue hair would be fun. I asked some of my co-workers what they thought, and other people had done it in the past. I got kidded about it for a few days, but I never had any major issues.
Get the firefox slashfix plugin here: http://www.hardgrok.org/blog/item/slashfix-firefox -extension.html
Wrong! Nov 10th, 2004
Link to EchoStar's response: http://www.dishnetwork.com/content/programming/upd ates/index.shtml
Ok, I've got to step in here... If you listen to Viacom, it was 6 cents, If you listen to Echostar, it is way more than that. It was orginally going to be a 7 percent raise per year for 5 years. The current contract was for something like 200 million dollars. You do the math. Also, all of the channels do not cost the same. MTV and MTV2 are basiclly free b/c the videos are provided to Viacom for free, while Nick and CBS cost a great deal more to run, thus those costs are higher.
I have seen them when they were at their height. Over 3 million lights: www.jenningsosbornefamily.com
torrent files are located here: f.scarywater.net/
so, exactly how did they acquire the movie screen shots (legally)?
I remember those cases from back in the day. Acer had those. They had this wierd handle on the front that flipped down to open the case. Wow, those things were a bitch to take off!
I worked for Best Buy for 5 and a half years. I have never heard of anything like this before. Best Buy should just suck it up and honor the price. It is their mistake. I have seen several customers arrested before, but not for asking for what is reightfully thiers!
Fox News just reported it as being a American Airlines' Airbus Leaving JFK to the Dominican Republic.
To correct serious security flaws, Microsoft on Friday disabled the virtual wallet function of its Passport service and has begun notifying partners about the vulnerabilities, the company has confirmed.
.NET e-commerce service initiative.
.NET Passport wallet."
The bugs in Passport, a sign-on service used by more than 165 million people, were discovered this week by Marc Slemko, a software developer who lives near Microsoft's Redmond, Washington, headquarters. Slemko is a founding member of the Apache Software Foundation.
By cobbling together a handful of browser-based bugs with flaws in Passport's authentication system, Slemko developed a technique to steal a person's Microsoft Passport, credit card numbers -- and all, simply by getting the victim to open a Hotmail message.
The attack raises new questions about the inherent security of Passport, which is being positioned by Microsoft as the lynch pin of its
In a demonstration of the exploit earlier this week, Slemko sent Wired News a specially crafted but innocent-looking e-mail. Moments after the e-mail was viewed using Microsoft's Hotmail Web-based e-mail service, Slemko rattled off, over the phone, the credit card number and contact information from the user's Passport wallet.
According to a notice at the service's site, the Passport wallet enables users to store credit card and address information "in a secure, online location. Only you have access to the information in your
Introduced in 1999, Passport is what Microsoft calls a "platform service" and is being pitched to merchants and other partners as a convenient and secure means of determining whether site users are who they claim to be.
Besides enabling Web surfers to access Hotmail and several other secure sites with a single log-in, Passport includes a wallet system that speeds shoppers' checkout at dozens of sites that deploy the Passport Express Purchase technology.
In an e-mail today to Slemko, Passport's lead program manager for security and authentication, Chris Peterson, said the wallet service will remain offline until the company can add additional security features "to ensure that similar exploits cannot be used to compromise our user's credit card information."
Microsoft's Hotmail is the largest service currently utilizing the Passport authentication system, but the technology has also been deployed by eBay to allow users of the online auction service to sign into their accounts.
In addition, Microsoft's MoneyCentral personal finance site relies on Passport's sign-on technology.
Prior to being fixed by Microsoft, the authentication flaws discovered by Slemko could enabled an attacker "to do anything as if they were the Passport holder," including editing the user's portfolio at MoneyCentral, or changing user's auctions at eBay, he said.
More than 70 sites are in the process of deploying Passport's authentication technology, according to Microsoft. Among them is Prudential Banking's Egg.com online bank, which is switching to Passport from an authentication system developed by Entrust Inc., according to published reports.
Besides posting it at his site, Slemko intends to release the technical details on several security mailing lists Friday "so that, if they choose, users and partners can choose to reduce the impact on themselves," he said. Because of the severity of the flaws, Slemko withheld publication until Microsoft had an opportunity to correct it.
According to Microsoft, the company has patched two bugs utilized by Slemko's exploit: an HTML filtering issue in Hotmail as well as a cross-site scripting flaw in its Passport server configurations. In addition, the company has modified a software timer so that Passport users must re-enter their password anytime they attempt to access the wallet service.
While Slemko's exploit, which relied on stealing browser cookies used by Passport, has been rendered inoperable by Microsoft's fixes, the programmer said "deeper issues" remain with the service.
"Passport's greatest marketing strength -- the single sign-on -- is also its chief technical weakness. It will be fairly trivial for attackers to dream up new ways of exploiting this," he said.
Slemko is not the first to reach this conclusion. Last year, researchers at AT&T published a paper that observed that Microsoft's single sign-on service "carries significant risks to users" and warned that "Passport must be viewed with suspicion."
Microsoft subsequently fixed the bugs identified in the AT&T report and issued a response, down-playing the researchers' conclusion that Passport is inherently flawed and promising new security features in the future.
One fruit of that promise is in Microsoft's recently released Windows XP operating system, which attempts to improve the security of Passport's sign-on system by moving the authentication out of the browser and embedding it into the operating system.
Microsoft has also adopted what it calls a "federation" model for Passport that will allow other authentication vendors to create systems that interoperate with Microsoft's platform.
But critics still contend that granting Microsoft control over a massive set of personal data creates intolerable security risks.
"If history has shown us anything, it's that the best protection lies in decentralizing power and promoting competition. We need to take the same approach to our digital identities and make sure that who and what we are is not held captive by a single entity," wrote Whitfield Diffie, one of the inventors of public-key cryptography, and Susan Landau, a senior staff engineer at Sun Microsystems, in an editorial published last week.
According to Slemko, the fact that he needed just half an hour to cook up a way to exploit Passport's security flaws indicates that Microsoft is not fit to run a service with Passport's ambitions.
"It is very clear that either Microsoft does not have sufficient resources in place to properly review the security of their services and software, or that they are aware of the shortcomings but decided that attempting to gain market share was more important than their user's security," he said.
ftp://ftp.apple.com/Apple_Support_Area/Apple_Softw are_Updates/US/Macintosh/System/Older_System/Syste m_7.5_Version_7.5.3
I went down to my local town hall and attempted to vote. "i'm sorry", said the old man. "You are not registered to vote." I had mailed in my registration form several months ago, and was disappointed to learn that it was never processed. I guess i will have to try again next time. I was really looking forward to vote in my first Pres election (Vote Nader!!).
I have wondered for years why someone hasn't just put a decoder chip inside a cd player and let people burn cd's with mp3's on them, or the recording industry selling mp3 discs? Oh wait, they would never do this, what am i thinking. Maybe someone could modify existing cd players to play mp3's?
Could one run duel processors with this new chip? It might make up for it's lack of power by having 2, plus since cost is a factor, it would be even better.
Yes, more clients to try and crack codes!
one of the best MP3 search engines is starting thier own "napster" like project. goto http://www.audiogalaxy.com/betatest/
it is a simpler client, and linux client is coming out soon