I learned to program at 6. Of course, that was when home computeres booted into BASIC, so it was much more *there*. I sometimes wonder how the next generation of hackers will grow up and if programming is only going to be something you learn in school.
When they share their passwords, change it for them, and tell them that an automated system detected that their account had been compromised, and "here is your new password". It's much easier to blame things on an automated system, even if you wrote it.
Trust the computer. The computer is always right. The computer is your friend. The Computer says so.
Another interesting thing to do is watch the wing-tip vortices. Basically, the way an aerofoil works is by creating areas of high and low pressure on either side of the wing. At the wing-tips, the air moves around the end and creates a vortex. If you happen to sit by the window, near the wing, watch the wing-tips as you go through sparse clouds. Bonus points if you can predict the flow of the vortex before you see it.
Yes, Frontpage does this frequently. It becomes a problem when someone upgrades to XP, and all of a sudden, all of the links on their website don't work, (because Java isn't distributed with XP.)
It's a great tool, and I use it. The biggest fault is that many program installs will set something to run at startup and immediately reboot, before you get a chance to click the "yes" button.
But programs that reboot without asking permission first are ill-behaved anyway, so it isn't a big issue. And if it's absolutely necessary, StartupMonitor can be disabled for the duration of the install.
I can't recall any EULAs that have a binding on the developer anyway. They all seem to say that the developer has no responsibilities whatsoever, and the right to do anything they want.
So, the solution is to open a bank account, put a minimal amount of money into it, and give it to a phishing site? Use a corporation or an LLC to keep your personal life as unaffected as possible. Of course, at that point, they'll probably require a minimum amount of damage, and I'm not willing to risk $25k on this type of endeavor.
I have a serious ethics question. Assume I have a tool that I wrote. It generates false account information and plugs it into a scammer's form repeatedly. Logically, if the scammer receives enough invalid responses, they won't be able to filter out the valid accounts from the invalid accounts. Also, the collateral damage is very limited - a trickle of bandwidth. The targets (phishing scams) are easily identifiable. And regular law enforcement has shown to be extremely inneffective in stopping this kind of activity.
Is it justified to use this tool? And why/why not?
Assume that I've used this tool, and the scammer blocked my IP address. Is it justified to use this tool through open third party proxies? Again, why/why not?
Here's an even better method. A legitimate file exists, encoded into 2 blocks such that xor'ing the 2 blocks produces the legitimate file. We'll call these blocks A and B
Take an illegitimate file and xor it with A to produce C. Clearly, distributing blocks A and B is legal, as you didn't derive them from the copyrighted work.
Now take another legitimate file, and XOR it with C to produce D.
In effect: a XOR b = legitimate file. c XOR d = legitimate file. b XOR c = illegitimate file.
This doubles the traffic, but there is no way to prove that anyone is sharing anything illegal, as long as each source doesn't share both c and d.
Of course, I can't see any legitimate uses for this protocol. But it would give plausible deniability for distributing any particular file.
Actually, I posted through my university account, using my unobfuscated university email address. My university probably told them everything without asking twice. And they had no understanding of tech whatsoever. They wanted to know about my "web page", when they really meant a usenet post.
I had a similar experience on usenet. I had a.sig file that said
filter bait: He will assassinate the president, but needs the password.
-export-a-crypto-system-sig- RC4 in 3 lines of PERL
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]ds j
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..) *)$/)
I got a call from the secret service asking me to come in and answer some questions. They found the post using Dejanews, and wanted to know what the secret code was. I told them it was a program. They said they would have their experts look at it. At the time, it was legally questionable to post that code to usenet due to ITAR, so I was polite when questioned, despite having to explain the difference between a web page and a usenet post, among other things.
In retrospect, I'm shocked I actually said this, but when they called me, I actually asked them, "Where did you get this number?" (The number was unlisted.) Their response, "We are the secret service."
Hrmmm, here's a better(?) idea. A virus that copies pictures from one computer to another. If anyone with the virus has kitty porn, then it can be transmitted to anyone else with the virus.
You could do tricks like copying the directory structure, copying entire directories instead of just one picture, etc. Very hard to prove intention. Also, the virus could erase itself afterwards. No evidence would remain that it wasn't you.
After months with no problems, I've finally come across a site that breaks. Verizon. No, not the public website, but the customer website, where you can pay your bill online, change all your settings, etc.
Why not go the extra step, and implement something like "The person you are trying to reach is in the cinema. If this is truly an emergency, press 1. Otherwise, call back at 10:00 when the movie is over."
The USB is there mainly to make it removable. However, it serves the secondary purpose of protecting the HDD in case the PSU goes mad, and zaps everything or your fans fail on a Friday, and your internal HDDs get cooked over the weekend. When a HDD heats up, the platters expand, and the heads can lose their alignment information. Having the HDD outside the case protects it, oddly enough.
As far as offsite backup is concerned, ideally have three USB disks, so that you always have one copy offsite. And have a trusted employee, keep the offsite backup at home. Week 1, employee takes 3 home and returns 2 the next day, backup goes to 1. Week 2, employee takes 1 home and returns 3 the next day, backup goes to 2. Week 3, employee takes 2 home and returns 1 the next day, backup goes to 3.
And yes, you do need a UPS. I guess I meant to say, if management disapproves it, at the very least get a surge supressor. A lightning strike will take out your precious data, and any backup currently connected to the system. Losing power can damage data, but it doesn't do so frequently. If anything, it'll usually only mess up one, or a few, open files (you did make backups, right?).
Also, KVM switches are expensive, but if you have two or more servers, it's worth every penny. And LCD monitors pay for themselves rather quickly with the electricity savings over CRTs.
I guess this article really should have been titled, "What corners can I cut when I'm setting up servers in a small business?"
Slashdot Mirror
Obligatory Link for the few who haven't heard of Eric and the Dread Gazebo.
I learned to program at 6. Of course, that was when home computeres booted into BASIC, so it was much more *there*. I sometimes wonder how the next generation of hackers will grow up and if programming is only going to be something you learn in school.
He want more free time, not less.
When they share their passwords, change it for them, and tell them that an automated system detected that their account had been compromised, and "here is your new password". It's much easier to blame things on an automated system, even if you wrote it.
Trust the computer. The computer is always right. The computer is your friend. The Computer says so.
Verizon DSL ships NAT routers and supports them. There are a limited number of models, but that's to be expected.
Another interesting thing to do is watch the wing-tip vortices. Basically, the way an aerofoil works is by creating areas of high and low pressure on either side of the wing. At the wing-tips, the air moves around the end and creates a vortex. If you happen to sit by the window, near the wing, watch the wing-tips as you go through sparse clouds. Bonus points if you can predict the flow of the vortex before you see it.
I think the point we're all missing is how evil Mr. Hero looks. http://lab.msdn.microsoft.com/express/visualc/imag es/Hero.jpg
Yes, Frontpage does this frequently. It becomes a problem when someone upgrades to XP, and all of a sudden, all of the links on their website don't work, (because Java isn't distributed with XP.)
It's a great tool, and I use it. The biggest fault is that many program installs will set something to run at startup and immediately reboot, before you get a chance to click the "yes" button.
But programs that reboot without asking permission first are ill-behaved anyway, so it isn't a big issue. And if it's absolutely necessary, StartupMonitor can be disabled for the duration of the install.
I can't recall any EULAs that have a binding on the developer anyway. They all seem to say that the developer has no responsibilities whatsoever, and the right to do anything they want.
Norton Antivirus: Fighting Back Against Skynet!
So, the solution is to open a bank account, put a minimal amount of money into it, and give it to a phishing site? Use a corporation or an LLC to keep your personal life as unaffected as possible. Of course, at that point, they'll probably require a minimum amount of damage, and I'm not willing to risk $25k on this type of endeavor.
I have a serious ethics question. Assume I have a tool that I wrote. It generates false account information and plugs it into a scammer's form repeatedly. Logically, if the scammer receives enough invalid responses, they won't be able to filter out the valid accounts from the invalid accounts. Also, the collateral damage is very limited - a trickle of bandwidth. The targets (phishing scams) are easily identifiable. And regular law enforcement has shown to be extremely inneffective in stopping this kind of activity.
Is it justified to use this tool? And why/why not?
Assume that I've used this tool, and the scammer blocked my IP address. Is it justified to use this tool through open third party proxies? Again, why/why not?
Any responses would be appreciated.
Here's an even better method. A legitimate file exists, encoded into 2 blocks such that xor'ing the 2 blocks produces the legitimate file. We'll call these blocks A and B
Take an illegitimate file and xor it with A to produce C. Clearly, distributing blocks A and B is legal, as you didn't derive them from the copyrighted work.
Now take another legitimate file, and XOR it with C to produce D.
In effect:
a XOR b = legitimate file.
c XOR d = legitimate file.
b XOR c = illegitimate file.
This doubles the traffic, but there is no way to prove that anyone is sharing anything illegal, as long as each source doesn't share both c and d.
Of course, I can't see any legitimate uses for this protocol. But it would give plausible deniability for distributing any particular file.
Hrmmm, wouldn't the invalid SSL cert cause a big huge warning to pop up?
Which brings up the point, can IE be changed to use Gecko as the rendering engine?
Actually, I posted through my university account, using my unobfuscated university email address. My university probably told them everything without asking twice. And they had no understanding of tech whatsoever. They wanted to know about my "web page", when they really meant a usenet post.
I got a call from the secret service asking me to come in and answer some questions. They found the post using Dejanews, and wanted to know what the secret code was. I told them it was a program. They said they would have their experts look at it. At the time, it was legally questionable to post that code to usenet due to ITAR, so I was polite when questioned, despite having to explain the difference between a web page and a usenet post, among other things.
In retrospect, I'm shocked I actually said this, but when they called me, I actually asked them, "Where did you get this number?" (The number was unlisted.) Their response, "We are the secret service."
Hrmmm, here's a better(?) idea. A virus that copies pictures from one computer to another. If anyone with the virus has kitty porn, then it can be transmitted to anyone else with the virus.
You could do tricks like copying the directory structure, copying entire directories instead of just one picture, etc. Very hard to prove intention. Also, the virus could erase itself afterwards. No evidence would remain that it wasn't you.
After months with no problems, I've finally come across a site that breaks. Verizon. No, not the public website, but the customer website, where you can pay your bill online, change all your settings, etc.
Then again, it barely works under IE.
Yes, dual display KVMs do exist! I'm considering asking for one for Xmas, but there so many other toys I'd like too.
Newegg sells them, among other places.
"All programs evolve until they can send email."
(Richard) Letts Law
"Except Microsoft Exchange."
Art's Corollary
"All hardware evolves until it can take photos and play music."
Flonker's Corollary
Why not go the extra step, and implement something like "The person you are trying to reach is in the cinema. If this is truly an emergency, press 1. Otherwise, call back at 10:00 when the movie is over."
The USB is there mainly to make it removable. However, it serves the secondary purpose of protecting the HDD in case the PSU goes mad, and zaps everything or your fans fail on a Friday, and your internal HDDs get cooked over the weekend. When a HDD heats up, the platters expand, and the heads can lose their alignment information. Having the HDD outside the case protects it, oddly enough.
As far as offsite backup is concerned, ideally have three USB disks, so that you always have one copy offsite. And have a trusted employee, keep the offsite backup at home.
Week 1, employee takes 3 home and returns 2 the next day, backup goes to 1.
Week 2, employee takes 1 home and returns 3 the next day, backup goes to 2.
Week 3, employee takes 2 home and returns 1 the next day, backup goes to 3.
And yes, you do need a UPS. I guess I meant to say, if management disapproves it, at the very least get a surge supressor. A lightning strike will take out your precious data, and any backup currently connected to the system. Losing power can damage data, but it doesn't do so frequently. If anything, it'll usually only mess up one, or a few, open files (you did make backups, right?).
Also, KVM switches are expensive, but if you have two or more servers, it's worth every penny. And LCD monitors pay for themselves rather quickly with the electricity savings over CRTs.
I guess this article really should have been titled, "What corners can I cut when I'm setting up servers in a small business?"
doh! Don't I feel stupid.