Are you talking about dragorn? He hung out in a few channels back on Dal when I was still on there. He's the author/maintainer of kismet, and most definitely knows his shit. I haven't talked to him in quite a while, but last I checked he would stop by #kismet on freenode and hang out.
Granted, there's already lots of schools and whatnot that have access to the source, but if this is for real, then expect all hell to break lose. Should be interesting to see how many vulns get discovered in the first month alone from this. Regardless, whoever leaked the source better hope they're in a far, far away country immune to teams of sharks-dressed-as-US-lawyers.
Because dealing with Dell's offshore support people is a nightmare. I have an Inspiron 8100 and a few months ago the AC adaptor died. Pretty frickin' easy to diagnose IMHO. Unfortunately, Dell didn't think so. I was literally on the phone for 45 minutes talking to a girl who made me jump through EVERY hoop possible. I can understand if it's your grandma calling up and has no idea what the hell's wrong with her computer, but that's not exactly the case with me. Numerous times I told the girl on the phone that "Actually, I do tech support for a Fortune 500 company, and I know what's wrong. I just NEED a new AC ADAPTOR." Apparently she didn't care.
It wasn't until I literally offered to email her manager my resume to prove I knew what the hell I was talking about before they decided I needed a new adaptor. Then it was another 20 minutes for them to try to spell my address.
Heh, great post! I'm a huge fan of beer commercials (I think they're practically the only genre in advertising with consistently funny ads), and I doubt most of the/.'ers will get your post. The only thing that sucks is now I have that "Reeeeeal men of gennnnnniussss!" jingle stuck in my head. Oh well, better than Justin Timberlake I guess.
Just curious, but didn't you just describe Bugtraq? Granted, Securityfocus got bought out by Symantic IIRC, so there's the whole "do we REALLY trust them?" bit, but still...I've always seen Bugtraq as a reasonably-moderated open forum for new bugs, exploits, and discussion.
Although it would be pretty neat to see something hosted offshore from the US with the primary goal being to bring the ruckus via full disclosure. Honestly, I'm surprised nobody has done this yet, with the main banner saying "What The DMCA Doesn't Want You To Know!".
Let's face it guys, this is the kind of corporate attitude everyone should expect from companies like Gamespy. In their mind it's far easier to send a C&D letter, citing the DMCA, to shut up someone who found found gaping holes in their products than it is to sit down and pay coders to actually FIX the problem. Keep in mind, I said "In their mind".
"Good samaritan" acts like this tend not to go over well with companies when their products are on the line. They think we're just a bunch of reckless hackers trying to H4CK TEH PLAN3T! The thing they fail to realize is that by shutting up honest people like this via the DMCA and unleashing lawyers on white hats, then the only people left WILL be the bad guys. And frankly, I'd like to see some black hats get nasty on companies like this. This DMCA bullshit is getting tiring.
If banner ads fail, more and more sites will be forced into a pay model, and the days of the "Free Internet" will be almost over. Do you think banner ads are still an effective way to offset the cost of a website, or has their time passed? If so, what do we replace them with?
I'm sorry, but I've paid for my "free" internet from day one. And each day that passes, I find banners and pop-up ads more and more annoying, intrusive, and frustrating. If not for browsers like Mozilla with pop-up blocking, I'd probably have given up on web browsing by now. Is Norton doing the world a favor? Possibly, although there's the whole "they're controlling what I see" tip that lots of people will pull out of their bag of tricks. Honestly, if I can surf without seeing all that shit, more power to whoever enabled it. As long as I can turn it off if need be, then that's fine.
You shouldn't rely on banners anyway. Pasting banners and pop-ups everywhere on the web isn't going to be an effective way of advertising. I'm sorry, but when I see a banner, even if it's for something that looks "cool", I don't click the motherfucker based on principle.
My point is I'm paying for my bandwidth, and if I'm some chump on dial-up that has to wait for your shitty 250K flash ad to load, then it directly interferes with my browsing and you can ESAD. The internet never was free (you think people pay $45/mo. for cable for nothing? How about Uni's, some of the oldest groups on the net?), it's just that wannabe freeloaders like you don't like the concept of paying for your bandwidth. Period. Oh, and you have that whole "inferrior snakeoil product" thing going for you too. It's people like you that made the web the wasteland it is today. Excuse me if I don't shed a tear when your business folds because Norton blocks your ads. So take your casino gambling ads, your porn, your bonzai buddy trojans, and your weight loss + viagra pill combos and go back to pasting ads on phonepolls and bathroom stalls.
Honestly, I'm 24 and I know in the back of my head that there's an unlikely, but still distant possibility that something like this will wipe out a very large number of humans in my lifetime. That's not what scares me though. What scares me is the fact that when I have kids, it'll probably be way more probable that something like this will wreck havoc and kill numerous people in their lifetime.
I come from a scientific background, and although I realize that sometimes people just want to know if something like this is possible, those same people have to step back and ask themselves what consequence their actions will play. Yeah yeah, I know, "they're just doing legitimate research, it would be some evil $TERRORIST who'd implement the virus" or whatever. Bullshit. There's a difference between seeing what effect genetically-engineered has on people & animals, and attepmting to engineer a strain of something that'd kill 100% of it's test subjects.
There are some scary days ahead of us if governments are openly supporting research like this.
Yeah, he was a full-time temp, although these days we're commonly referred to as "contractors". The company I work for now's entire IT department consists of contractors. For the company, it's the best of both worlds. They get employees who are (relatively) knowledgeable and usually fit in great, but without having to pay for all the things REAL employees get: health insurance, 401K's, dental, bonuses, etc.
It pretty much sucks, really. The company passes the buck on to the temp agency to provide those things, but usually the temp agencies are too cheap to do that. For me personally, for health insurance it'd cost me about $300 a month. That'd be great, except I'm only making $13/hr (even though my temp agency bills at $40/hr).
In today's economy, cutting cost and squeezing the most pennies and productivitiy out of employees takes prescedence over anything so passe like employee/employer relations, company loyality, and benefits. At least in the corporate world. A world, I might add, that I'm ready to get the fuck out of.
Seriously, is anyone else tired of hearing MS trying to pass the buck when it comes to their products? I've just about stopped listening to all of these self-promoting bullshit campaigns. Honestly, is this getting tiring to anyone else?
One of the biggest issues is that rarely do these claims stack up comparable products. I was just reading the claim by Balmer saying Win2K is more secure (i.e., less patches) than RedHat 6.2, IIRC. Compare the kinds of vulnerabilities Balmer was referring to: in MS, there were a ton of holes that were rooted into the OS, making the whole system vulnerable (in general). In RH, many of the patches were for apps and tools that aren't installed automatically. Sure, your SSL-secured dildo-plus-IM app might have a hole in it, but it's probably not installed by default. Compare that to everyone's favorite RPC hole, or IE hole, found in EVERY version of Windows 2000.
Fuck it, not worth my time. I'm not a anti-MS zealot by any means, but it's time to/ignore what some of the annoying corporate PR trolls are screaming. If you want to get my attention, get an independent 3rd party (no, Gartner DOESN'T count) to show me some results and back them up with meaningful data.
In the article posted, the author stated that ALL of the major P2P clients out in the wild are succeptible to one or more of the attacks he listed. He only used Gnutella as an example since apparently the protocol is open, hence easier to sift through the code and provide specific examples of vulnerable code. According to the author though, KaZaa, iMesh, etc. are all open to attacks like these.
I just got done reading the article posted, and it sounds like there are flaws in all of the major P2P clients out there that allow for spoofing, sending fake search results, and so on. The author only used Gnutella for reference since the protocols are apparently open and public, as opposed to FastTrack & co.
But not always the best. I've found that the 'net is a great source for information that you need/want to know right now...things like movie listings, word definitions, biographies, and so on. Basically basic information on relatively easy and common subjects.
When it comes to really in-depth, reliable info though (especially about pretty involved topics...like in college stuff like advanced biological issues), dead-trees were still the route to go. Sometimes it's hard to beat well-know academic journals. Plus with top journals, you're guarenteed to know that the information is *RELIABLE*, which is imperative. Any Joe off the street can throw up a website and make it sound like it's a reliable source of correct information. Many times when reading article on the web, I have to constantly ask myself, "how much credibility does this author have?" Granted, that issue still exists in the dead-tree world, but it's much harder to get nationally published than it is to throw up a Geocities website.
Both the 'net and traditional printer material have their place. It's just knowing when to use the right tool.
America is becoming a very uncomfortable place to live due to stories like this one. Nobody (relatively) is trying to stop it because the general public has no clue that their civil liberties are becoming easier and easier to circumnavigate under guises like the PATRIOT Act. Most people, if quizzed, would hear the word "PATRIOT" and automatically assumed the act related to locking up terrorists and not travelling hobo hackers. And the mass media isn't reporting stories like these because the few media conglamorates out there are in the pockets of the same politicans who made up this retarded law. It's better for them to not rock the boat and report on issues like this if they want $STATE_REP to remember them when it's time to vote on a new media tax or whatever. Bam. There's your answer to all three questions.
The Register has a good article related to this whole mess. Granted it's obviously got a heavy liberal slant, but it raises some interesting points. People have already pseudo-jokingly asked this question, but how IS the weather in Canada? Each day I realize my neighbors up north live in a country that's currently less scary than the great US is.
I'm assuming this is another not-to-CD-spec version of a CD. The fact that when played in a PC, the CD installs software to play the music kind of sucks. I really hope there's some click-through screens instead of the install happening transparently. The last thing any user should do is have software installed without them knowing.
The fact that you can share the tracks with your friends for 10 days is an interesting approach, although who's actually going to use it? It must be easy enough to just rip and encode the actual stream and make your own mp3s than to use shitty crippled WMAs. Here's a question: how will car CD/MP3 players view these discs? If the deck reads the files destined for a PC instead of the ones for personal CD players, will that mean it can't be played in car decks?
Regardless, I personally will never buy any of these crippled CDs. The day my favorite bands turn to this kind of bullshit is the day I stop buying their products. The only postivie thing about the primarily small and indy bands I listen to is that they still care about their fans enough to listen to why fans won't buy thier goods.
Some folks are misreading what's really going on here. Of course it's a 3-day bootcamp to throw $15K worth of high-tech gear at this family. The whole setup is modeled after Queer Eye For A Straight Guy, and as anyone who has watched that show can tell you, it's not about long-term retention with the new goodies that they person at hand received. Hell, it's a GIVEN that this family won't know what the hell to do once they have a power outage and their stereo resets to the default settings. Or when the 4 year-old decided to piss on their WAP. Or when Verizon cuts off their DSL because they're about to get a supoena from the RIAA for sharing all their mp3s stored on their new music server. That's not the point.
The point is that these guys were SUPPOSED to go overboard. Hell, on Queer Eye the only thing really wrong with the guys are that they're messy and slobish. All they really need is a maid to swipe through and vacuum their apartment and do the dishes. Is that where the show stops? Of course not, where's the fun in that? It's more entertaining to see a guy's guy get totally redone by a bunch of flamboyant fashion kings/queens going the whole nine. New pimpish wardrobe, new interior decoration, a preplanned meal that rivals most 5-star restraunts', etc.
Sorry for the rant. It just seems that a lot of people read too deeply into the whole purpose of this "experiment". Have fun, enjoy. Now if you'll excuse me, I'm gonna go find the family's address so I can sniff their wireless traffic and blackmail 'em for that plasma tv.
Comcast is shooting themselves in the foot by cutting off customers for "excessive bandwidth usage", yet never defining in their TOS what exactly constitutes "excessive". By being really ambiguous and saying that excessive is more than average, they give themselves free-reign to cut off users at anytime. However, once customers realize this, you can bet your ass that people will start flocking to their nearest DSL competitor. Currently I have RoadRunner at my house, and the day they start enforcing bandwidth usage is the day I switch to DSL. I realize that bandwidth isn't free, but if something's advertised as "unlimited high-speed internet for $49.50/mo" or whatever, then don't throw a shitfit when someone actually takes you up on it. And yes, I realize that Comcast supposedly took away the unlimited part from their ads like a month ago.
In fact, it sounds like the beginning to a bad episode of a dective show on CourtTV where a bunch of investors get fleeced out of millions of dollars while the suspect is nowhere to be found. Honestly, this guy has a pretty suspect track record. No successful companies to date (all bankrupt, dissolved, etc.) really. The part that I loved was when HardOCP actually sent a photographer to the address listed for Infinium Labs, and it ended up being a fucking PO box at Mail Boxes Etc. Then a few months later the address changes to a ghosted office building where one would suspect Michael Douglass to pop out a la "The Game" or Vid Diesel's boss a la "Boiler Room".
Basically, save your money...you're probably better off investing in SCO than this company.
Something is messed up indeed. After reading the article I was wondering the same thing. Isn't Michael Powell part of this agency?
Regardless, I'm all for diversifying radio and television. Around the Minneapolis area, radio is an absolute joke. Literally ~90% of all radio stations (guesstimate) are owned by Clear Channel, and as a result, we only have one station for each major format in the metro area. Each station is plagued by at least 15 minutes of commercials each hour (more like 20-30 in actuality), and a playlist so limited it'd make your 12 year-old Britney Spears-loving daughter's winamp playlist look diverse. Pretty much we're left with one alternative station that advertises that they're "NOT owned or operated by ClearChannel Communications", and a handful of public access and AM stations.
Of course television is no different, and neither is the printed press. For newspapers we have 2 clones that are carbon copies of whatever is on Fox News or CNN, and the only other option is a few alternative papers aimed towards the hipster grassrootsy types. And as far as tv's concerned, forget it. Time Warner rules supreme for cable in my area, and local stations follow suit with every other conglomerate-owned local station...they report on "issues" that seem more like advertisements for the latest and greatest drug of the week, depending on who their sponser is at the moment.
The internet is my only reliable source for news and entertainment that doesn't leave you feeling like you're brainwashed by Pepsi and pro-nuke-the-brown-people shit that's ubiquitous(sp.) everywhere else. Thank god for sites like the BBC where you can learn what the rest of the world ACTUALLY thinks of the US, as opposed to what some Whitehouse PR skank tells me I should think, and for p2p apps like kazaa that let me dig up episodes of tv shows that aren't deemed "worthy" by Time Warner & Co.
I've posted this link on here before, only because it's so descriptive of how commercial our media is in the US. It's by a guy named
Mark Driver and it's so true it's scary.
Enjoy... (forgive me if the link doesn't work, but the proxy at my work won't let me to the actual site. It's considered "Mature Humor" by my employer)
I totally agree, although p2p as we know it might change somewhat in the near future. The change will be totally dependent on the world's reaction to the RIAA/MPAA/DMCA issues that we're all so fond of. When it comes to legal content, I find technologies like bitTorrent a great way to get distributions, demos, and whatnot...ususally at speeds faster than the company's pipes would be dishing out.
However, when it comes to more questionable material, I see the whole mp3/file movement going back underground (I haven't downloaded an mp3 off kazaa & company in a while...still stick to the tried and true: trustworthy FTP and Hotline servers). One interesting development would be if P2P developers built in the ability in the client to detect where the user was at globally, and to allow or disallow sharing of certain types of files all according to that person's country's laws. So if you wanted that new Atmosphere track, you would be able to download it from a user in the Netherlands but not Wisconsin.
Of course, I seriously doubt that will happen, but it's a possibility. The other possibilities are that people will just bite the bullet until legislation gets passed to tame down the RIAA/MPAA pigs and continue to download, or the general public will abandon the entire concept of P2P due to massive lawsuits being filed internationally.
I totally agree that using a person's SSN as a global identifier is a baaaaaaad thing. Recently when asked for my SSN when signing up for different services and whatnot, I've started asking if I could use something else as an identifier. Literally all someone needs is your name, SSN, and date of birth and they're on their way to buying that bigscreen plasma TV you've had your eye on for two years...except while they watch it, you'll be stuck with the bill.
On par with your workplace, I did a contract gig for a major HMO around Minnesota last year. The amount of information I had at my fingertips was amazing, considering I didn't need ANY of it for my job (Desktop Analyst). A close friend of mine works for the same HMO doing data-entry, and since he's in the billing department, he has free reign to people's entire credit and medical history, along with all the other goodies that any peon could exploit easily. I've asked him before how easy it'd be to print out a file on someone and take over their identity. The answer? "Easier than you'd believe."
Scary shit indeed. One last thing that still boggles my mind is how many times I use my debit card and get the customer copy with my full account number on it. Seriously, it's usually at places where people throw them away right away...gas stations, grocery stores, and restraunts are the big 3 that I've noticed. Make sure to rip those little bastards to shreds once you walk out the door.
Interesting you should say that. The Minnesota Dept. Of Transportation (MnDOT) has links to all of their cameras on the highway over here... For me at least, since I get the pleasure of driving across the metro everyday going to and from work, it can be a godsend. There's a saying around here that's pretty fitting: There's two seasons in MN...winter, and road construction. It's definitely convenient to be able to check from my laptop here at work and see what the roads are like before I head home and fight the other 9 million bad drivers.
Of course it's not foolproof, as they'll always be accidents that aren't on camera. If nothing else though, it makes for fun viewing when you're bored out of your mind on a Friday afternoon.
This interview/article is terrible. A pity actually, because the interviewee is a highly respected immunologist. I took a few high-level immunology courses in undergrad (was a bio/cs double major), and I can tell you first hand: these guys are SMART!!! Many are PhD/MDs who do some pretty groundbreaking stuff in the world of biology and medicine.
Anyway, it seemed like the ZoneH guy was just skimming the surface of the similarities/differences of computer and human viruses, basically just trying to get a professional immunologist to confirm how "cool" and beneficial viruses are. Trolling, if you will.
The old adage "What doesn't kill you will only make you stronger" is applicable towards humans, since our immune system builds a defense by sampling new pathogens and working to defend the body against further attacks from that particular strain of pathogen. Does this really work when applied to computers though? It seems that although there's antivirus apps out there to protect your computer against new attacks, computer viruses are a pretty binary thing: either you're infected (and pretty much fucked most of the time), or you're not. Whereas with humans, it's possible to have a minute amount of a pathogen in your system in order to build a defense against it. One could argue that that's exactly what antivirus apps have in their signature database, although I don't totally buy it. That's more analogous to a mother passing on her immunological "database" to a child at birth through ImG and ImM (IIRC) via the ambilical cord and breast milk (later on, when the child's born). The child is protected, but because of a third party's intervention...much like my laptop using Norton's AV database of known viruses.
For me at least, it would have been interesting to see what this guy thought of polymorphic computer viruses. Pretty fascinating stuff, really...a virus who's characteristics change in order to defend against antivirus detection? Same payload and effect, but different signatures everytime? Why couldn't they have talked more about stuff like this?
My company being one of them. The place I currently work (fuck it, I hate working there anyway...it's 3M, the Scotch Tape(tm) people) is a disaster zone right now. The entire IT staff is contract-only. There is no centralized IT plan for keeping systems up-to-date, beyond updating the software when the PCs come in for repair or an upgrade. That gives some users a 5 year timespan when no service packs are installed.
This week alone our entire department has been thrown around, manually patching EVERY box on the network. That's around 50,000 computers. Today alone I ran across probably 10 Windows NT boxes that were still running THE FIRST SERVICE PACK!
My point is, I do NOT feel sorry in the least when companies like 3M lose millions of dollars because they don't hire a competent IT department. Hell, out of the 20 guys I work with, only myself and two others graduated from a 4 year college. Whatever. For the last four days when full-timers have been bitching at me while I upgrade their PC because their order-tracking software won't work, I just smile and tell them "you get what you pay for. Tell your bosses to hire a competent IT department and you'll never have this problem again." Then I walk away and sigh because I know it'll never happen. Guess paying a contracting firm $40/hr so they can turn around and pay me $13/hr while they get to save themselves from paying benefits is worth the millions of dollars in downtime.
I mean, this sounds extremely lame. Basically file this one under invasion of privacy, right with the rest of the huge gov't databases that are out there.
My question is how do they REALLY expect to track most of these people? A lot of homeless people are renoun for their absolute need to "get away" and to not fit in with society anymore. Good luck getting their SSN when they check into a shelter somewhere in NYC. Sure, there's tons of others who are just down on their luck and will do anything for a warm meal and a place to sleep. But there's still the group of people who are struck by mental illness, and who will NOT buy into this.
Not that I'm speaking from experience or anything. Just coming from some observations I've had.
Slashdot Mirror
Are you talking about dragorn? He hung out in a few channels back on Dal when I was still on there. He's the author/maintainer of kismet, and most definitely knows his shit. I haven't talked to him in quite a while, but last I checked he would stop by #kismet on freenode and hang out.
Granted, there's already lots of schools and whatnot that have access to the source, but if this is for real, then expect all hell to break lose. Should be interesting to see how many vulns get discovered in the first month alone from this. Regardless, whoever leaked the source better hope they're in a far, far away country immune to teams of sharks-dressed-as-US-lawyers.
It wasn't until I literally offered to email her manager my resume to prove I knew what the hell I was talking about before they decided I needed a new adaptor. Then it was another 20 minutes for them to try to spell my address.
Heh, great post! I'm a huge fan of beer commercials (I think they're practically the only genre in advertising with consistently funny ads), and I doubt most of the /.'ers will get your post. The only thing that sucks is now I have that "Reeeeeal men of gennnnnniussss!" jingle stuck in my head. Oh well, better than Justin Timberlake I guess.
Just curious, but didn't you just describe Bugtraq? Granted, Securityfocus got bought out by Symantic IIRC, so there's the whole "do we REALLY trust them?" bit, but still...I've always seen Bugtraq as a reasonably-moderated open forum for new bugs, exploits, and discussion. Although it would be pretty neat to see something hosted offshore from the US with the primary goal being to bring the ruckus via full disclosure. Honestly, I'm surprised nobody has done this yet, with the main banner saying "What The DMCA Doesn't Want You To Know!".
"Good samaritan" acts like this tend not to go over well with companies when their products are on the line. They think we're just a bunch of reckless hackers trying to H4CK TEH PLAN3T! The thing they fail to realize is that by shutting up honest people like this via the DMCA and unleashing lawyers on white hats, then the only people left WILL be the bad guys. And frankly, I'd like to see some black hats get nasty on companies like this. This DMCA bullshit is getting tiring.
I'm sorry, but I've paid for my "free" internet from day one. And each day that passes, I find banners and pop-up ads more and more annoying, intrusive, and frustrating. If not for browsers like Mozilla with pop-up blocking, I'd probably have given up on web browsing by now. Is Norton doing the world a favor? Possibly, although there's the whole "they're controlling what I see" tip that lots of people will pull out of their bag of tricks. Honestly, if I can surf without seeing all that shit, more power to whoever enabled it. As long as I can turn it off if need be, then that's fine.
You shouldn't rely on banners anyway. Pasting banners and pop-ups everywhere on the web isn't going to be an effective way of advertising. I'm sorry, but when I see a banner, even if it's for something that looks "cool", I don't click the motherfucker based on principle.
My point is I'm paying for my bandwidth, and if I'm some chump on dial-up that has to wait for your shitty 250K flash ad to load, then it directly interferes with my browsing and you can ESAD. The internet never was free (you think people pay $45/mo. for cable for nothing? How about Uni's, some of the oldest groups on the net?), it's just that wannabe freeloaders like you don't like the concept of paying for your bandwidth. Period. Oh, and you have that whole "inferrior snakeoil product" thing going for you too. It's people like you that made the web the wasteland it is today. Excuse me if I don't shed a tear when your business folds because Norton blocks your ads. So take your casino gambling ads, your porn, your bonzai buddy trojans, and your weight loss + viagra pill combos and go back to pasting ads on phonepolls and bathroom stalls.
I come from a scientific background, and although I realize that sometimes people just want to know if something like this is possible, those same people have to step back and ask themselves what consequence their actions will play. Yeah yeah, I know, "they're just doing legitimate research, it would be some evil $TERRORIST who'd implement the virus" or whatever. Bullshit. There's a difference between seeing what effect genetically-engineered has on people & animals, and attepmting to engineer a strain of something that'd kill 100% of it's test subjects.
There are some scary days ahead of us if governments are openly supporting research like this.
It pretty much sucks, really. The company passes the buck on to the temp agency to provide those things, but usually the temp agencies are too cheap to do that. For me personally, for health insurance it'd cost me about $300 a month. That'd be great, except I'm only making $13/hr (even though my temp agency bills at $40/hr).
In today's economy, cutting cost and squeezing the most pennies and productivitiy out of employees takes prescedence over anything so passe like employee/employer relations, company loyality, and benefits. At least in the corporate world. A world, I might add, that I'm ready to get the fuck out of.
One of the biggest issues is that rarely do these claims stack up comparable products. I was just reading the claim by Balmer saying Win2K is more secure (i.e., less patches) than RedHat 6.2, IIRC. Compare the kinds of vulnerabilities Balmer was referring to: in MS, there were a ton of holes that were rooted into the OS, making the whole system vulnerable (in general). In RH, many of the patches were for apps and tools that aren't installed automatically. Sure, your SSL-secured dildo-plus-IM app might have a hole in it, but it's probably not installed by default. Compare that to everyone's favorite RPC hole, or IE hole, found in EVERY version of Windows 2000.
Fuck it, not worth my time. I'm not a anti-MS zealot by any means, but it's time to /ignore what some of the annoying corporate PR trolls are screaming. If you want to get my attention, get an independent 3rd party (no, Gartner DOESN'T count) to show me some results and back them up with meaningful data.
In the article posted, the author stated that ALL of the major P2P clients out in the wild are succeptible to one or more of the attacks he listed. He only used Gnutella as an example since apparently the protocol is open, hence easier to sift through the code and provide specific examples of vulnerable code. According to the author though, KaZaa, iMesh, etc. are all open to attacks like these.
A very interesting read actually.
When it comes to really in-depth, reliable info though (especially about pretty involved topics...like in college stuff like advanced biological issues), dead-trees were still the route to go. Sometimes it's hard to beat well-know academic journals. Plus with top journals, you're guarenteed to know that the information is *RELIABLE*, which is imperative. Any Joe off the street can throw up a website and make it sound like it's a reliable source of correct information. Many times when reading article on the web, I have to constantly ask myself, "how much credibility does this author have?" Granted, that issue still exists in the dead-tree world, but it's much harder to get nationally published than it is to throw up a Geocities website.
Both the 'net and traditional printer material have their place. It's just knowing when to use the right tool.
The Register has a good article related to this whole mess. Granted it's obviously got a heavy liberal slant, but it raises some interesting points. People have already pseudo-jokingly asked this question, but how IS the weather in Canada? Each day I realize my neighbors up north live in a country that's currently less scary than the great US is.
The fact that you can share the tracks with your friends for 10 days is an interesting approach, although who's actually going to use it? It must be easy enough to just rip and encode the actual stream and make your own mp3s than to use shitty crippled WMAs. Here's a question: how will car CD/MP3 players view these discs? If the deck reads the files destined for a PC instead of the ones for personal CD players, will that mean it can't be played in car decks?
Regardless, I personally will never buy any of these crippled CDs. The day my favorite bands turn to this kind of bullshit is the day I stop buying their products. The only postivie thing about the primarily small and indy bands I listen to is that they still care about their fans enough to listen to why fans won't buy thier goods.
The point is that these guys were SUPPOSED to go overboard. Hell, on Queer Eye the only thing really wrong with the guys are that they're messy and slobish. All they really need is a maid to swipe through and vacuum their apartment and do the dishes. Is that where the show stops? Of course not, where's the fun in that? It's more entertaining to see a guy's guy get totally redone by a bunch of flamboyant fashion kings/queens going the whole nine. New pimpish wardrobe, new interior decoration, a preplanned meal that rivals most 5-star restraunts', etc.
Sorry for the rant. It just seems that a lot of people read too deeply into the whole purpose of this "experiment". Have fun, enjoy. Now if you'll excuse me, I'm gonna go find the family's address so I can sniff their wireless traffic and blackmail 'em for that plasma tv.
Comcast is shooting themselves in the foot by cutting off customers for "excessive bandwidth usage", yet never defining in their TOS what exactly constitutes "excessive". By being really ambiguous and saying that excessive is more than average, they give themselves free-reign to cut off users at anytime. However, once customers realize this, you can bet your ass that people will start flocking to their nearest DSL competitor. Currently I have RoadRunner at my house, and the day they start enforcing bandwidth usage is the day I switch to DSL. I realize that bandwidth isn't free, but if something's advertised as "unlimited high-speed internet for $49.50/mo" or whatever, then don't throw a shitfit when someone actually takes you up on it. And yes, I realize that Comcast supposedly took away the unlimited part from their ads like a month ago.
Basically, save your money...you're probably better off investing in SCO than this company.
Regardless, I'm all for diversifying radio and television. Around the Minneapolis area, radio is an absolute joke. Literally ~90% of all radio stations (guesstimate) are owned by Clear Channel, and as a result, we only have one station for each major format in the metro area. Each station is plagued by at least 15 minutes of commercials each hour (more like 20-30 in actuality), and a playlist so limited it'd make your 12 year-old Britney Spears-loving daughter's winamp playlist look diverse. Pretty much we're left with one alternative station that advertises that they're "NOT owned or operated by ClearChannel Communications", and a handful of public access and AM stations.
Of course television is no different, and neither is the printed press. For newspapers we have 2 clones that are carbon copies of whatever is on Fox News or CNN, and the only other option is a few alternative papers aimed towards the hipster grassrootsy types. And as far as tv's concerned, forget it. Time Warner rules supreme for cable in my area, and local stations follow suit with every other conglomerate-owned local station...they report on "issues" that seem more like advertisements for the latest and greatest drug of the week, depending on who their sponser is at the moment.
The internet is my only reliable source for news and entertainment that doesn't leave you feeling like you're brainwashed by Pepsi and pro-nuke-the-brown-people shit that's ubiquitous(sp.) everywhere else. Thank god for sites like the BBC where you can learn what the rest of the world ACTUALLY thinks of the US, as opposed to what some Whitehouse PR skank tells me I should think, and for p2p apps like kazaa that let me dig up episodes of tv shows that aren't deemed "worthy" by Time Warner & Co.
I've posted this link on here before, only because it's so descriptive of how commercial our media is in the US. It's by a guy named Mark Driver and it's so true it's scary.
Enjoy... (forgive me if the link doesn't work, but the proxy at my work won't let me to the actual site. It's considered "Mature Humor" by my employer)
However, when it comes to more questionable material, I see the whole mp3/file movement going back underground (I haven't downloaded an mp3 off kazaa & company in a while...still stick to the tried and true: trustworthy FTP and Hotline servers). One interesting development would be if P2P developers built in the ability in the client to detect where the user was at globally, and to allow or disallow sharing of certain types of files all according to that person's country's laws. So if you wanted that new Atmosphere track, you would be able to download it from a user in the Netherlands but not Wisconsin.
Of course, I seriously doubt that will happen, but it's a possibility. The other possibilities are that people will just bite the bullet until legislation gets passed to tame down the RIAA/MPAA pigs and continue to download, or the general public will abandon the entire concept of P2P due to massive lawsuits being filed internationally.
On par with your workplace, I did a contract gig for a major HMO around Minnesota last year. The amount of information I had at my fingertips was amazing, considering I didn't need ANY of it for my job (Desktop Analyst). A close friend of mine works for the same HMO doing data-entry, and since he's in the billing department, he has free reign to people's entire credit and medical history, along with all the other goodies that any peon could exploit easily. I've asked him before how easy it'd be to print out a file on someone and take over their identity. The answer? "Easier than you'd believe."
Scary shit indeed. One last thing that still boggles my mind is how many times I use my debit card and get the customer copy with my full account number on it. Seriously, it's usually at places where people throw them away right away...gas stations, grocery stores, and restraunts are the big 3 that I've noticed. Make sure to rip those little bastards to shreds once you walk out the door.
For me at least, since I get the pleasure of driving across the metro everyday going to and from work, it can be a godsend. There's a saying around here that's pretty fitting: There's two seasons in MN...winter, and road construction. It's definitely convenient to be able to check from my laptop here at work and see what the roads are like before I head home and fight the other 9 million bad drivers.
Of course it's not foolproof, as they'll always be accidents that aren't on camera. If nothing else though, it makes for fun viewing when you're bored out of your mind on a Friday afternoon.
Anyway, it seemed like the ZoneH guy was just skimming the surface of the similarities/differences of computer and human viruses, basically just trying to get a professional immunologist to confirm how "cool" and beneficial viruses are. Trolling, if you will.
The old adage "What doesn't kill you will only make you stronger" is applicable towards humans, since our immune system builds a defense by sampling new pathogens and working to defend the body against further attacks from that particular strain of pathogen. Does this really work when applied to computers though? It seems that although there's antivirus apps out there to protect your computer against new attacks, computer viruses are a pretty binary thing: either you're infected (and pretty much fucked most of the time), or you're not. Whereas with humans, it's possible to have a minute amount of a pathogen in your system in order to build a defense against it. One could argue that that's exactly what antivirus apps have in their signature database, although I don't totally buy it. That's more analogous to a mother passing on her immunological "database" to a child at birth through ImG and ImM (IIRC) via the ambilical cord and breast milk (later on, when the child's born). The child is protected, but because of a third party's intervention...much like my laptop using Norton's AV database of known viruses.
For me at least, it would have been interesting to see what this guy thought of polymorphic computer viruses. Pretty fascinating stuff, really...a virus who's characteristics change in order to defend against antivirus detection? Same payload and effect, but different signatures everytime? Why couldn't they have talked more about stuff like this?
Just my 2 cents.
This week alone our entire department has been thrown around, manually patching EVERY box on the network. That's around 50,000 computers. Today alone I ran across probably 10 Windows NT boxes that were still running THE FIRST SERVICE PACK!
My point is, I do NOT feel sorry in the least when companies like 3M lose millions of dollars because they don't hire a competent IT department. Hell, out of the 20 guys I work with, only myself and two others graduated from a 4 year college. Whatever. For the last four days when full-timers have been bitching at me while I upgrade their PC because their order-tracking software won't work, I just smile and tell them "you get what you pay for. Tell your bosses to hire a competent IT department and you'll never have this problem again." Then I walk away and sigh because I know it'll never happen. Guess paying a contracting firm $40/hr so they can turn around and pay me $13/hr while they get to save themselves from paying benefits is worth the millions of dollars in downtime.
My question is how do they REALLY expect to track most of these people? A lot of homeless people are renoun for their absolute need to "get away" and to not fit in with society anymore. Good luck getting their SSN when they check into a shelter somewhere in NYC. Sure, there's tons of others who are just down on their luck and will do anything for a warm meal and a place to sleep. But there's still the group of people who are struck by mental illness, and who will NOT buy into this.
Not that I'm speaking from experience or anything. Just coming from some observations I've had.