Yes. and obviously we can trust a site called trollaxor to give us the truth.
Trolls have zero credibility with me (their own fault. the whole crying wolf idea).
What's next? A neat story about how George Bush is taking nude ballet class? with links to trollaxor showing how the story made it to cnn.com and everything before "they" suppressed it?
A thief would be the ideal reviewer of how easy a car is to steal. If they wanted to publish an article on how secure your car is then a talented thief would make a good consultant.
I wouldn't want the thief checking my own car's security though. I don't trust him.
(OK I'm actually making this all up but it could happen)
SCO Code Review Report Apparently our programming staff have been consistently borrowing GPL code for SCO proprietary projects. According to the GPL we will be forced to make all of our products GPL.
SCO Spinmeister Report Since no one actually ever gets to see our closed source why don't we claim we wrote it first and it was copied into the GPL projects? Then we can sue and make lots of money.
All you need to do is put up a firewall to block all traffic from the machine to the internet and then monitor where the machine tries to connect to. It has to use either DNS or an IP address to make the connection. If it uses DNS then you can either add a host file entry or block an entire domain by putting that domain into your own DNS server. If it uses an IP address (unlikely) then you can probably just block connections to those IPs with your personal firewall software.
This is a horrible, bad idea and even if it were not Phoenix is not the one to trust with this sort of thing. The last time they did this (not exactly the same thing but still with the BIOS contacting the internet) they screwed everyone by discontinuing the program and letting the domain go to spammers.
It is just lovely having my sister call me up to tell me her home page has been changed to a porn page and then discovering that that was a BIOS function.
If they haven't updated their techniques since the PhoenixNet crap then this is also easily avoided by installing Linux or FreeBSD or any other non-windows OS. In the PhoenixNet case the BIOS runs its stupid little program only in a Windows environment.
You, a programmer, create some wonderful technology using lots and lots of existing technology in an obvious "here is the next logical step" sort of way. There is very little total originality in programming.
We take existing technology and make it work in a way that satisfies the needs of ourselves and our clients. We should get paid for this but we should not get paid for everyone that uses an idea that we had "first".
Do you find it unfair that a ditch digger doesn't get residual income every time there is a big rainstorm?
I don't have any problem saying, honestly, that I don't desire control over every program and/or technology I come up with. I expect to be paid for my time and effort and recognized for my achievements but I certainly don't want a team of attorneys harassing people for their own implementations of an obvious idea I might have had once.
Thanks for the cynical input. Some of us think that running Linux on game consoles could result in a nice cheap computer that plays the cool games without having to spend $1500 to $3000 on hardware and would still let us type up a paper or send e-mail.
99.999999% ? That means one post out of 100,000,000 is about legitimate Linux use. I don't think there have been that many total posts in all the forums put together.
I don't think one-off exploits are fitting scenarios here.
Yelling fire in a crowded non-burning theater is unprotected speech when it is a lie and you are directly inciting the ensuing violence.
A couple of scenarios: some creep with legitimate access plants a bomb in the freshman women's dorm and you don't have enought time to find someone with legitimate access so you use this exploit to break in and defuse the bomb. Or you are the only one aware of a terrorist plot and are about to be killed but you use this exploit to gain access to the radio transmitter tower and expose the plot saving thousands of lives.
Or how about this? Suppose the sleazy rapists figures out this exploit on his own or from someone that never bothered to warn the parents and students and he gets in and rapes whoever he feels like and places the blame on some innocent.
Taking away a freedom because it might be used to do bad things is not the right way to go about it. Yelling fire in a crowded theater that isn't burning is directly a wrong act. Sharing true information concerning the security of that system is neutral, the action taken from that information is what may be good or bad.
Actually I'd like to look into this. It might be possible to create a WinCE for Linux. As I read the article it looks like I, if I created it, would have to charge for the product and pay royalties back to Microsoft. Still might be cool though.
ArsDigita never made "Open"ACS. ArsDigita created ACS as an open source toolkit supporting the Oracle database. The OpenACS project came about when ArsDigita decided to make their Java project which is what has become Redhat CCM.
Red Hat purchased all of ArsDigita's assets and this project belongs entirely to them now.
OpenACS currently is a TCL/AOLServer based project that supports Oracle and PostgreSQL.
RedHat has made what looks like an effort to reduce confusion by renaming the "Red Hat Database" project as "PostgreSQL - Red Hat Edition" http://sources.redhat.com/rhdb/
Michael Moore is interesting and thought provoking but his work is definitely more one-sided and manipulative than the general media. (either that or he just isn't as good at being manipulative)
1. I need to see more evidence before I'm convinced the weirdness goes beyond simple incompetence. 2. It isn't in effect until ratified by congress and Clinton never got that done so I don't see why George can't give up on getting it ratified if he wants. 5. Yes. I have no question nuclear weapons are considered mass destruction.
1. George Bush did not commit ballot fraud in Florida. There was some ballot confusion that resulted in making the close count controversial. The only action I consider unjust was the US Supreme Court's meddling. In election law cases the state's Supreme Court should be the ultimate authority.
2. The Kyoto agreement was never ratified by the United States. Can't break a treaty that was never made.
5. I am not aware of a United States chemical or biological weapons program. Perhaps you could post more information.
The damn thing about it is that it is illegal based on the fifth amendment. Unfortunately there are some judges out there incapable of comprehending plain english. "No person shall... be deprived of life, liberty, or property, without due process of law"
I haven't had the time or excuse to investigate how judges became confused on this issue but the material witness statute plainly and obviously violates the fifth amendment and must be overturned.
Judges also seem to be blind when it comes to the "property" clause above as they allow property to be seized (by the DEA, IRS, etc) without due process and the owner must sue to have any hope of getting their property back.
Of course the lawmakers are also to blame. They did swear to protect and uphold the constitution, yet they insist on trying to break it whenever they don't find it convenient.
Re:different reason [humor]
on
BSA IDC FUD
·
· Score: 3, Insightful
Maybe "the countries that have the poorest record of IP rights" are the ones that can't afford to pay for the software and if they were stricter they would have no technology at all.
I believe in a money based incentive program. Employees need to know that their work is appreciated and if they work extra hard or extra smart (or both) they will be rewarded for it. The ideal employee feels like they own the company or at least their part of it, and they are there to make sure it succeeds.
I want my employees dreaming up new ways to make me money. I believe the best way to do that is to see to it that they will make money. If an employee makes me so much money that he starts pulling in ridiculously large paychecks then good for him, I want more of him because each time I pay him a ridiculous amount I get a much larger ridiculous amount.
My business is still young and some people have told me that certain people lose motivation when they're making too much money. I will believe it when I see it but I hope I can prove them wrong.
Sure these are valid points. Feeling smug will get you nowhere.
But the IIS 5.0 hole falls squarely into the realm of "we could have lessened the impact of this bug had we not made the default options that insecure"
Why isn't URLScan installed by default? Why is WebDAV enabled by default?
Slashdot Mirror
ah. so you'd think it humorous if you didn't make the decision to not think it humorous. you sure are going to a lot of trouble to be unimpressed.
Yes. and obviously we can trust a site called trollaxor to give us the truth.
Trolls have zero credibility with me (their own fault. the whole crying wolf idea).
What's next? A neat story about how George Bush is taking nude ballet class? with links to trollaxor showing how the story made it to cnn.com and everything before "they" suppressed it?
Someone modded up a message that links to a site called trollaxor.com? Come on! Squash the trolls. Mod them down.
A thief would be the ideal reviewer of how easy a car is to steal. If they wanted to publish an article on how secure your car is then a talented thief would make a good consultant.
I wouldn't want the thief checking my own car's security though. I don't trust him.
(OK I'm actually making this all up but it could happen)
SCO Code Review Report
Apparently our programming staff have been consistently borrowing GPL code for SCO proprietary projects. According to the GPL we will be forced to make all of our products GPL.
SCO Spinmeister Report
Since no one actually ever gets to see our closed source why don't we claim we wrote it first and it was copied into the GPL projects? Then we can sue and make lots of money.
All you need to do is put up a firewall to block all traffic from the machine to the internet and then monitor where the machine tries to connect to. It has to use either DNS or an IP address to make the connection. If it uses DNS then you can either add a host file entry or block an entire domain by putting that domain into your own DNS server.
If it uses an IP address (unlikely) then you can probably just block connections to those IPs with your personal firewall software.
This is a horrible, bad idea and even if it were not Phoenix is not the one to trust with this sort of thing.
The last time they did this (not exactly the same thing but still with the BIOS contacting the internet) they screwed everyone by discontinuing the program and letting the domain go to spammers.
It is just lovely having my sister call me up to tell me her home page has been changed to a porn page and then discovering that that was a BIOS function.
If they haven't updated their techniques since the PhoenixNet crap then this is also easily avoided by installing Linux or FreeBSD or any other non-windows OS. In the PhoenixNet case the BIOS runs its stupid little program only in a Windows environment.
My browser isn't in violation (I have popups disabled) but many are. We need to remove his patented "technology" from those browsers quick.
I'd be curious to see RIAA's reaction if the students made a profit. I'd be happy to donate a bit.
If the cameras need maintenance the only logical time to perform that maintenance is when they are not needed, like during a May Day or something.
You don't want to turn them off when they are doing their normal monitoring, you might miss something.
I think you could sue them if they made a tag. They do make and tags.
You, a programmer, create some wonderful technology using lots and lots of existing technology in an obvious "here is the next logical step" sort of way. There is very little total originality in programming.
We take existing technology and make it work in a way that satisfies the needs of ourselves and our clients. We should get paid for this but we should not get paid for everyone that uses an idea that we had "first".
Do you find it unfair that a ditch digger doesn't get residual income every time there is a big rainstorm?
I don't have any problem saying, honestly, that I don't desire control over every program and/or technology I come up with. I expect to be paid for my time and effort and recognized for my achievements but I certainly don't want a team of attorneys harassing people for their own implementations of an obvious idea I might have had once.
Thanks for the cynical input. Some of us think that running Linux on game consoles could result in a nice cheap computer that plays the cool games without having to spend $1500 to $3000 on hardware and would still let us type up a paper or send e-mail.
99.999999% ? That means one post out of 100,000,000 is about legitimate Linux use. I don't think there have been that many total posts in all the forums put together.
I don't think one-off exploits are fitting scenarios here.
Yelling fire in a crowded non-burning theater is unprotected speech when it is a lie and you are directly inciting the ensuing violence.
A couple of scenarios: some creep with legitimate access plants a bomb in the freshman women's dorm and you don't have enought time to find someone with legitimate access so you use this exploit to break in and defuse the bomb. Or you are the only one aware of a terrorist plot and are about to be killed but you use this exploit to gain access to the radio transmitter tower and expose the plot saving thousands of lives.
Or how about this? Suppose the sleazy rapists figures out this exploit on his own or from someone that never bothered to warn the parents and students and he gets in and rapes whoever he feels like and places the blame on some innocent.
Taking away a freedom because it might be used to do bad things is not the right way to go about it. Yelling fire in a crowded theater that isn't burning is directly a wrong act. Sharing true information concerning the security of that system is neutral, the action taken from that information is what may be good or bad.
Actually you are allowed to yell "fire!" in a crowded theater, provided there really is a fire.
So yelling "that card system is insecure" might be considered bad were it not actually true.
And you are allowed to threaten people. Lawyers threaten people all the time using cease and desist letters.
Actually I'd like to look into this. It might be possible to create a WinCE for Linux. As I read the article it looks like I, if I created it, would have to charge for the product and pay royalties back to Microsoft. Still might be cool though.
ArsDigita never made "Open"ACS. ArsDigita created ACS as an open source toolkit supporting the Oracle database. The OpenACS project came about when ArsDigita decided to make their Java project which is what has become Redhat CCM.
Red Hat purchased all of ArsDigita's assets and this project belongs entirely to them now.
OpenACS currently is a TCL/AOLServer based project that supports Oracle and PostgreSQL.
RedHat has made what looks like an effort to reduce confusion by renaming the "Red Hat Database" project as "PostgreSQL - Red Hat Edition" http://sources.redhat.com/rhdb/
You mean the guy who thinks there was a conspiracy at the Oscar's to make boos against him louder?
h tml
g ename=thestar/Layout/Article_Type1&c=Article&cid=1 035780073241&call_pageid=968867495754&col=96948319 1630
http://www.wcfcourier.com/lifestyles/030331moore.
or the one who makes a manipulative piece of film and calls it a documentary?
http://www.thestar.com/NASApp/cs/ContentServer?pa
Michael Moore is interesting and thought provoking but his work is definitely more one-sided and manipulative than the general media. (either that or he just isn't as good at being manipulative)
1. I need to see more evidence before I'm convinced the weirdness goes beyond simple incompetence.
2. It isn't in effect until ratified by congress and Clinton never got that done so I don't see why George can't give up on getting it ratified if he wants.
5. Yes. I have no question nuclear weapons are considered mass destruction.
1. How come only one reporter came across this evidence? (Greg Palast's story is the only one I could find)
2. If it is not in effect then it cannot be broken. Clinton had 3 years to get it ratified and he did not.
1. George Bush did not commit ballot fraud in Florida. There was some ballot confusion that resulted in making the close count controversial. The only action I consider unjust was the US Supreme Court's meddling. In election law cases the state's Supreme Court should be the ultimate authority.
2. The Kyoto agreement was never ratified by the United States. Can't break a treaty that was never made.
5. I am not aware of a United States chemical or biological weapons program. Perhaps you could post more information.
The damn thing about it is that it is illegal based on the fifth amendment. Unfortunately there are some judges out there incapable of comprehending plain english. "No person shall... be deprived of life, liberty, or property, without due process of law"
I haven't had the time or excuse to investigate how judges became confused on this issue but the material witness statute plainly and obviously violates the fifth amendment and must be overturned.
Judges also seem to be blind when it comes to the "property" clause above as they allow property to be seized (by the DEA, IRS, etc) without due process and the owner must sue to have any hope of getting their property back.
Of course the lawmakers are also to blame. They did swear to protect and uphold the constitution, yet they insist on trying to break it whenever they don't find it convenient.
Maybe "the countries that have the poorest record of IP rights" are the ones that can't afford to pay for the software and if they were stricter they would have no technology at all.
I believe in a money based incentive program. Employees need to know that their work is appreciated and if they work extra hard or extra smart (or both) they will be rewarded for it.
The ideal employee feels like they own the company or at least their part of it, and they are there to make sure it succeeds.
I want my employees dreaming up new ways to make me money. I believe the best way to do that is to see to it that they will make money. If an employee makes me so much money that he starts pulling in ridiculously large paychecks then good for him, I want more of him because each time I pay him a ridiculous amount I get a much larger ridiculous amount.
My business is still young and some people have told me that certain people lose motivation when they're making too much money. I will believe it when I see it but I hope I can prove them wrong.
Sure these are valid points. Feeling smug will get you nowhere.
But the IIS 5.0 hole falls squarely into the realm of "we could have lessened the impact of this bug had we not made the default options that insecure"
Why isn't URLScan installed by default? Why is WebDAV enabled by default?
Why in the world is URLScan not installed by default?
Why in the world is WebDAV installed by default?