Well, in the same way, the laws give the IP owner complete discretion in deciding who can copy/share/modify their code too. Perhaps the USENIX text could have been clearer, but it is right, and it does make its point, IMO.
Well, the part you [SNIP]'ed out did say I'd never killed a user that hadn't broken the AUP (usually they had flooding/cracking/etc tools or eggdrop scripts for doing the same).
>Come on now, this doesn't make sense. Killing the target won't help during the attack >During the attack you: >1. Find the source or sources of the DOS >2. Block/Filter this at your guardian routers >3. Communicate with the source ISPs. >4. Other net admin steps I forgot.
I suppose I should have said a small ISP, but anyway..
It's impossible to find out the true source of the attack is, but filtering it out at the router could help. The problem is when the attack is big enough to kill you at your router -- which is when you bring in the upstream router. But, It can be difficult to get your upstream ISP to filter out all the (many) spoofed addresses before the DoS ends -- and anyway, they'd just move on to another misconfigured broadcast address..
When did I say I'd kill them during the DoS? I'd terminate the account after the DoS stopped, and I could have a look arround to find the actual CAUSE of the DoS -- and proof it was their fault. I might terminate a user if all they did was provoke the attack, but only if they did it repeatedly, and I knew they had actually done something to provoke it. The bottom line is, the user is affecting OTHER paying customers as well, and while I definately treat DoSes on a case-by-case basis, it's hard to do much more than contact the admins of the amplifying network, and ask them to fix it, and see if they have any logs which might help trace the real attacker.
-- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
>I'm not saying the ISP's argument is completely invalid, but which should we prefer? As a consumer, I'd assume you'd prefer the consumers point of view... and as an ISP you'd probably prefer their P.O.V.
>Complete restrictions on companies, or giving them free reign to do anything in the name of profits? It's not actually an easy question to answer. Well, obviously it needs to be somewhere in- between. We need to draw a line somewhere which lets businesses protect themselves, while still giving the consumers rights. The only problem is figuring out just where we draw that line. -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
Hmm, perhaps not "totally innocent", but they aren't the bad guys. Sure, if everyone configured their network correctly, smurfs would be a much smaller/nonexistent problem, but if people would stop trying to DoS everyone, they'd never have been invented in the first place.
Asking them to stop is a great idea.. Until you realise your whole network is being killed by the DoS -- then you just want to kill the attacker, the victim, or anyone nearby. -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
Hmm, that might help, a bit. The problem is, it'd probably be very expensive (CPU time-wise) for the router to update/check/etc, making the routers EVEN MORE expensive ( £/$/etc wise )...
Also, the ISP probably won't be upset by a user being DoSed, unless the bandwidth used by the DoS is affecting the whole ISP.. at that point, the attacker could just move the attack from 1.2.3.4 to 1.2.3.x, and fill the entire subnet's quota, preventing ANY traffic at all reaching the ISP, even if it could *physically* fit on the link, the router would drop it.
OK, so maybe this isn't the magic solution I thought it was when I first read it [unfortunately]:(
-- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
If you survive, it's not much of a Denial of Service.
Maybe you piss off some 14 y/o on a 56k modem, who decides to do something like pingflood you with "ping -f", that won't hurt the ISP, and it'll only hurt you if you use a 14.4 modem (otherwise, it'll act like a big download).
If you *really* annoy some guy who thinks he's a 3l33t h4x0r, then they'll probably smurf you, or your ISP. A big smurf attack can generate a *LOT* of traffic, which can easily bring down a 10mbit pipe, depending on the size of pipe, and the number of computers on the amplifying network.
It's like a pingflood, but from 100 computers at once (or however many pings are returned from the broadcast address of the network), and it can bring down a network easily (it's also the reason for the continuous netsplits on Efnet, and the reason lots of server admins are delinking -- to get the hell away from them). -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
As a co-admin of a shell/webhosting server, I can't see what else they are supposed to do. I have never terminated a users account because they appear to be the victim of a DoS (most shell users who get DoSed do SOMETHING to deserve it, hell, so do most shell users who DONT get DoSed), but I have terminated many accounts which were committing DoS attacks..
I have had an entire networked downed for over 24 hours because of a DoS, which means the victim loses out, everyone else loses out, and we lose lots of money -- especially when a shell user brings down the webhosting side of things.
Anyway, if the user is being continually DoSed, having an account with the ISP won't do them much good, would it?
As for getting the police involved, well, a smurf is virtually untracable, the source addresses points back to the (misconfigured) amplifier network, which is totally innocent, and the packets they receive are forged to come from the victim's computer. It's difficult to filter smurfs without breaking things like ping, and if the ISP is paying per Gb, DoSes can be expensive.
The ISP has to pay for the DoS traffic (which could cost more than the customer is paying), and also might lose other customers/potential customers because of the reduced performance.
The customer loses their account (possibly their money, though if the ISP has no proof the victim did anything, I'd expect them to at least refund the remaining subscription), and maybe their e-mail address.
The ISP's AUP/TOC usually allow them to terminate your account for little, if any, reason, and in this case, they have a pretty good reason.
Free speech is great, but should you be sued just because *you* don't want to risk your livelyhood/life/whatever to protect it?
-- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
Well, the problem with DeCSS is that it was reverse engineered, which is prohibited by the various licenses on everything nowadays. QNX released the source to the crypt, so.. I can't see what they could charge anyone with... -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
And once you bring back your self-destructed disk to the company, what then? They pay you your $3 for being a good, environmentally friendly person, then chuck the disk out due to the fact it is totally useless. Alternatively, it might be possible to have a way of repairing the disk -- but then the pirates simply repair the disk. Or copy the disk before it destroys itself. Or.... The problem is, it doesn't matter if the disk physically drives itself back to the rental shop, unless someone finds a way to allow the disks to be played, without being copied. Which IMNSO is not possible. If there are cheaply available 'rental' DVDs, along with reasonably cheap DVD-RW/DVD-RAM drives and disks, someone *will* be able to intercept the signal going to the TV, and copy it. -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
As Tom stated, he/I understand the reason for not releasing the source to the proxies, which have to attempt to communicate securely, however there must be a large amount of non-communications related code in the keymaster, which *could* be reveiewed by other people, if it were open source.
What reasons are there for not releasing the source to the keymaster? (Excluding proxy communication code) -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
To be fair to everyone, everyone is given credit for the block, if it is a 'virgin' one, or a reissued one (however, not if it is a duplicate block, they are filtered by the keymaster before reaching the stats).
The way the stats server currently counts the percentage complete, is simply counting all the blocks it is told have been completed, and dividing that by the number of blocks in the keyspace.
Because people are being credited individually for duplicate blocks, the total no. of blocks done includes these duplicate blocks.
To fix it, the stats need to know if a block has been reissued, and if so, only give credit to the participant -- but not the whole effort, as doing the same block twice *doesnt* increase our keyrate. -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
There is actually more than one problem with CSC, which is causing it to go over 100%
First: dbaker (Daniel Baker), released an official anno uncement explaining that the same blocks were being issued to multiple clients, to attempt to detect cheaters. Then dbaker released another anno uncement in his.plan, stating that 9-12% of the keyspace was being duplicated.
Second: nugget (David McNett), released an announcement stating that there had been a problem with the keymaster generating invalid blocks, resulting in 25% of the keyspace being duplicated.
So, one remaining question is, are they still sending out ~10% 'verification blocks'? Or have they abandoned that to allow us to complete the project faster?
We have reached 112% due to verification blocks and could reach 140% due to 25% of the keyspace being corrupt. However, if 12% of the 25% new blocks are duplicated, then we could reach about 155%... -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
Quake breaks as open source, because people can change the rules of the game, and cheat.
Windows, well, who cares if people make their own box crackable? changing windows wouldn't make other boxes less secure.
The fact that opening the source exposes current bugs is different, and is *good* -- once the bug is discovered, a fix is usually available instantly (nearly) on bugtraq. -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
We tried to recover some of the team joins performed during the 27-Dec to 29-Dec and it looks like our code accidently unjoined a few people from their teams.
All joins between 27-Dec and 29-Dec were lost, because the stats db was rebuilt. However, when they tried to recover the lost changes they accidentally unjoined other people from their teams.
Still possibly not slashdot worthy in everyones opinion, but it's about time distributed.net got another mention:) -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
There was an article in the local newspaper (really local, it covers maybe 10 sq miles), about a santa being stoned by youths. Eventually they abandoned the 'tour' of the area, and hid in the truck.. IIRC, a couple people were injured in it. -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
Wow. So if appliances are going to be running on Linux, that means I was wrong to think Microsoft were going to start monopolising my kitchen..
Well, I'm just glad to see cheap 0.18micron technology:) -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
Pretty Good Privacy is crap if Privacy is illegal
on
Waiting for the Knock
·
· Score: 1
Well, just as I was begining to feel glad that I live in the UK, and don't have to worry about all those evil ITAR regulations (other than the fact it reduces the amount of secure software I can use)
Then the UK.gov does this.. Great. I actually read about this in PC Plus (UK PC mag) a month or two ago. That was when I downloaded ppdd, encrypted my hard drive, started GPG signing/encrypting email, and started using ssh1 for everything not just randomly when I remembered.
I urge everyone in the UK to write to their MP, newspaper, anyone. This law is evil. Pretty Good Privacy is rather crap if Privacy is illegal -- so fight for your right to silence, privacy, and innocence... -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
I really hate the BBC, I don't want their insane 'BBC Knowledge', 'BBC Choice', 'BBC News24' channels, i dont really care about BBC1 or 2 either, with the possible exception of RedDwarf there is nothing decent on anymore.
I have never understood why the BBC have the right to charge *everyone* who *owns* a TV, money. OK, so they aren't allowed to show adverts, but adverts are useful, you get a break to, e.g. get a drink, go to the toilet, move for the first time in ~50 minutes, or whatever.
The BBC currently own British TV, effectively. The sooner they get forced to fund themselves, the better. -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
Erm. He did -- you didnt. Also, at least he was polite enough not to swear at the previous poster. Yes, it requires either much better algorithms, or possibly quantum computers to crack todays ciphers, but the article had nothing to do with quantium computing -- or breaking ANY form encryption at all. The article is about quantum encryption, which I have to say I find fascinating, even if daunting -- transmitting a single photon across 300km, without altering the polarisation.... wow. -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
Except, to get the virus FROM Finland ONTO geocities, you need to 1) write the virus, then 2) transmit the virus. Thats illegal under the new law. Its not just storing the virus, its writing/spreading/storing the virus which is illegal. To get round this law, you need to fly to the US/UK/Anywhere, write the virus, upload it somewhere, then go back home.
Actually, what happens if someone outside finland stores in on a free homepage service based in finland (are there any? I dont know of any, but I assume there are)?
Are the webspace providers liable? -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
WinLinux is bad for Linux
on
WinLinux 2000
·
· Score: 2
Linux is already being affected by hoards of Windows users deciding, hey, I want to run my own fl00d bots and strike ph34r into everyone on IRC.
The problem is, they install Linux, and discover they can't use it. They may be able to use their wonderful point 'n' click winnuke app to kill anyone else using windows's box instantly, but they dont know how anything actually works on their computer, so they install Linux, and think, hey this sucks, then they find the odd cracking tool, and start running around IRC saying they are a l33t hacker cause they use Linux... All this does is give Linux as bad a name as Windows, regarding the lame users which (both) OSs have (started to, in Linux's case) attract[ed].
I remember when I used Windows9x, and sure, I could do some interesting things on it, but I can remember downloading an eggdrop and asking what are now, to me, embarrasingly lame questions about how I could run an eggdrop 24/7 on a dialup computer (ok, I was an idiot -- im not now, honest) -- at least I knew I needed a shell:)
I at least, downloaded linux (I can still remember the episode of the Outer Limits that i was watching as slackware downloaded, heh), installed it, and even started mucking around with the source of CircleMUD and now know a decent amouns of C (and I'm learning).
Now, however, you can download a distribution of Linux for Windows... Great.. Now you don't need to be competent at computers to use 'Linux' (I almost destroyed the FAT of one of my drives.. bad mkswap), you point, click, and get thrown into Linux, and have the ability to say 'I know nothing more about computers, but hey, I use Linux'.
IMO, it isn't the OS that is cool, its the fact that using Linux means/ment that you at least had a clue about using computers, and you werent some lame idiot trying to crash boxes, and crack into things you knew nothing about.. Or even if you were, installing Linux meant you had a CLUE, which an increasing number of people using Linux nowadays, no longer have.
They install Red Hat, and then the simplest thing to do with Linux goes wrong, they haven't the faintest idea how to fix it in Linux -- and they dont want to learn. They want someone to give them a magic command, so they can keep living in ignorance..
Ok. I'll stop rambling now. -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
You know, the last time I checked, the Queen was still the Queen up here in Scotland, which means she is the Queen of Britain, even though I hate her, I'd prefer it if people stopped treating the UK as England, and ignoring the fact Scotland (and Wales, and Northern Ireland) exist. -- David Taylor davidt-sd@xfiles.nildram.spam.co.uk [To e-mail me: s/\.spam//]
1. Isn't this rather similar to the 'modem tax' hoax that has been going on for the last eternity or so?
2. How exactly do the US plan to tax non-US citizens? Is it just going to be email from a US citizen that will be taxed, but not TO a US citizen, but from a non-US citizen?
Apart from the fact there is *NO* way to tax this, (assuming point 2 above is true, say someone outside the US sets up a free 'yahoo mail' type thing. Everyone uses http to get outside the US, then they only technically start sending e-mail from outside the country. how are they supposed to detect this, never mind attempt to tax it?)
If this law is serious, it is even stupider than the ITAR laws about encryption, and i doubt it could be enforced at all, assuming anyone would be insane enough to pass it.
Slashdot Mirror
Well, in the same way, the laws give the IP owner complete discretion in deciding who can copy/share/modify their code too. Perhaps the USENIX text could have been clearer, but it is right, and it does make its point, IMO.
Well, this is a repost, since my original post 10 minutes ago has apparantly died somewhere in a bitbucket.
See http://www.xfiles.nildram.co.uk/ms/ for a mirror.
Now we just wait for the appeals to begin.. then hopefully, end.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Well, the part you [SNIP]'ed out did say I'd never killed a user that hadn't broken the AUP (usually they had flooding/cracking/etc tools or eggdrop scripts for doing the same).
>Come on now, this doesn't make sense. Killing the target won't help during the attack
>During the attack you:
>1. Find the source or sources of the DOS
>2. Block/Filter this at your guardian routers
>3. Communicate with the source ISPs.
>4. Other net admin steps I forgot.
I suppose I should have said a small ISP, but anyway..
It's impossible to find out the true source of the attack is, but filtering it out at the router could help. The problem is when the attack is big enough to kill you at your router -- which is when you bring in the upstream router. But, It can be difficult to get your upstream ISP to filter out all the (many) spoofed addresses before the DoS ends -- and anyway, they'd just move on to another misconfigured broadcast address..
When did I say I'd kill them during the DoS?
I'd terminate the account after the DoS stopped, and I could have a look arround to find the actual CAUSE of the DoS -- and proof it was their fault. I might terminate a user if all they did was provoke the attack, but only if they did it repeatedly, and I knew they had actually done something to provoke it.
The bottom line is, the user is affecting OTHER paying customers as well, and while I definately treat DoSes on a case-by-case basis, it's hard to do much more than contact the admins of the amplifying network, and ask them to fix it, and see if they have any logs which might help trace the real attacker.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
>I'm not saying the ISP's argument is completely invalid, but which should we prefer?
As a consumer, I'd assume you'd prefer the consumers point of view... and as an ISP you'd probably prefer their P.O.V.
>Complete restrictions on companies, or giving them free reign to do anything in the name of profits? It's not actually an easy question to answer.
Well, obviously it needs to be somewhere in- between. We need to draw a line somewhere which lets businesses protect themselves, while still giving the consumers rights.
The only problem is figuring out just where we draw that line.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Hmm, perhaps not "totally innocent", but they aren't the bad guys. Sure, if everyone configured their network correctly, smurfs would be a much smaller/nonexistent problem, but if people would stop trying to DoS everyone, they'd never have been invented in the first place.
Asking them to stop is a great idea.. Until you realise your whole network is being killed by the DoS -- then you just want to kill the attacker, the victim, or anyone nearby.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Hmm, that might help, a bit. The problem is, it'd probably be very expensive (CPU time-wise) for the router to update/check/etc, making the routers EVEN MORE expensive ( £/$/etc wise )...
:(
Also, the ISP probably won't be upset by a user being DoSed, unless the bandwidth used by the DoS is affecting the whole ISP.. at that point, the attacker could just move the attack from 1.2.3.4 to 1.2.3.x, and fill the entire subnet's quota, preventing ANY traffic at all reaching the ISP, even if it could *physically* fit on the link, the router would drop it.
OK, so maybe this isn't the magic solution I thought it was when I first read it [unfortunately]
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
If you survive, it's not much of a Denial of Service.
Maybe you piss off some 14 y/o on a 56k modem, who decides to do something like pingflood you with "ping -f", that won't hurt the ISP, and it'll only hurt you if you use a 14.4 modem (otherwise, it'll act like a big download).
If you *really* annoy some guy who thinks he's a 3l33t h4x0r, then they'll probably smurf you, or your ISP. A big smurf attack can generate a *LOT* of traffic, which can easily bring down a 10mbit pipe, depending on the size of pipe, and the number of computers on the amplifying network.
It's like a pingflood, but from 100 computers at once (or however many pings are returned from the broadcast address of the network), and it can bring down a network easily (it's also the reason for the continuous netsplits on Efnet, and the reason lots of server admins are delinking -- to get the hell away from them).
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
As a co-admin of a shell/webhosting server, I can't see what else they are supposed to do. I have never terminated a users account because they appear to be the victim of a DoS (most shell users who get DoSed do SOMETHING to deserve it, hell, so do most shell users who DONT get DoSed), but I have terminated many accounts which were committing DoS attacks..
I have had an entire networked downed for over 24 hours because of a DoS, which means the victim loses out, everyone else loses out, and we lose lots of money -- especially when a shell user brings down the webhosting side of things.
Anyway, if the user is being continually DoSed, having an account with the ISP won't do them much good, would it?
As for getting the police involved, well, a smurf is virtually untracable, the source addresses points back to the (misconfigured) amplifier network, which is totally innocent, and the packets they receive are forged to come from the victim's computer. It's difficult to filter smurfs without breaking things like ping, and if the ISP is paying per Gb, DoSes can be expensive.
The ISP has to pay for the DoS traffic (which could cost more than the customer is paying), and also might lose other customers/potential customers because of the reduced performance.
The customer loses their account (possibly their money, though if the ISP has no proof the victim did anything, I'd expect them to at least refund the remaining subscription), and maybe their e-mail address.
The ISP's AUP/TOC usually allow them to
terminate your account for little, if any, reason, and in this case, they have a pretty good reason.
Free speech is great, but should you be sued just because *you* don't want to risk your livelyhood/life/whatever to protect it?
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Well, the problem with DeCSS is that it was reverse engineered, which is prohibited by the various licenses on everything nowadays.
QNX released the source to the crypt, so.. I can't see what they could charge anyone with...
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
And once you bring back your self-destructed disk
to the company, what then? They pay you your $3
for being a good, environmentally friendly person, then
chuck the disk out due to the fact it is totally useless.
Alternatively, it might be possible to have a way of
repairing the disk -- but then the pirates simply
repair the disk. Or copy the disk before it destroys itself.
Or....
The problem is, it doesn't matter if the disk
physically drives itself back to the rental shop,
unless someone finds a way to allow the disks to
be played, without being copied. Which IMNSO is
not possible. If there are cheaply available
'rental' DVDs, along with reasonably cheap DVD-RW/DVD-RAM
drives and disks, someone *will* be able to intercept
the signal going to the TV, and copy it.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
As Tom stated, he/I understand the reason for not
releasing the source to the proxies, which have
to attempt to communicate securely, however there
must be a large amount of non-communications
related code in the keymaster, which *could* be
reveiewed by other people, if it were open source.
What reasons are there for not releasing the source to the
keymaster? (Excluding proxy communication code)
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
It is in effect a stats error. The problem is:
To be fair to everyone, everyone is given credit for the block, if it is a 'virgin' one, or a reissued one (however, not if it is a duplicate block, they are filtered by the keymaster before reaching the stats).
The way the stats server currently counts the percentage complete, is simply counting all the blocks it is told have been completed, and dividing that by the number of blocks in the keyspace.
Because people are being credited individually for duplicate blocks, the total no. of blocks done includes these duplicate blocks.
To fix it, the stats need to know if a block has been reissued, and if so, only give credit to the participant -- but not the whole effort, as doing the same block twice *doesnt* increase our keyrate.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
There is actually more than one problem with CSC, which is causing it to go over 100%
.plan, stating that 9-12% of the keyspace was being duplicated.
First: dbaker (Daniel Baker), released an official anno uncement explaining that the same blocks were being issued to multiple clients, to attempt to detect cheaters.
Then dbaker released another anno uncement in his
Second: nugget (David McNett), released an announcement stating that there had been a problem with the keymaster generating invalid blocks, resulting in 25% of the keyspace being duplicated.
So, one remaining question is, are they still sending out ~10% 'verification blocks'? Or have they abandoned that to allow us to complete the project faster?
We have reached 112% due to verification blocks and could reach 140% due to 25% of the keyspace being corrupt. However, if 12% of the 25% new blocks are duplicated, then we could reach about 155%...
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Wrong: it has nothing to do with Windows.
Quake breaks as open source, because people can change the rules of the game, and cheat.
Windows, well, who cares if people make their own box crackable? changing windows wouldn't make other boxes less secure.
The fact that opening the source exposes current bugs is different, and is *good* -- once the bug is discovered, a fix is usually available instantly (nearly) on bugtraq.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Actually, no:
:)
We tried to recover
some of the team joins performed during the 27-Dec to 29-Dec and it
looks like our code accidently unjoined a few people from their teams.
All joins between 27-Dec and 29-Dec were lost, because the stats db was rebuilt.
However, when they tried to recover the lost changes
they accidentally unjoined other people from their teams.
Still possibly not slashdot worthy in everyones opinion, but it's about time distributed.net got another mention
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
There was an article in the local newspaper
(really local, it covers maybe 10 sq miles), about
a santa being stoned by youths. Eventually they
abandoned the 'tour' of the area, and hid in the
truck.. IIRC, a couple people were injured in it.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Wow. So if appliances are going to be running on Linux,
:)
that means I was wrong to think Microsoft were
going to start monopolising my kitchen..
Well, I'm just glad to see cheap 0.18micron
technology
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Well, just as I was begining to feel glad that I
live in the UK, and don't have to worry about all
those evil ITAR regulations (other than the fact
it reduces the amount of secure software I can use)
Then the UK.gov does this.. Great. I actually
read about this in PC Plus (UK PC mag) a month or
two ago. That was when I downloaded ppdd, encrypted
my hard drive, started GPG signing/encrypting email,
and started using ssh1 for everything not
just randomly when I remembered.
I urge everyone in the UK to write to
their MP, newspaper, anyone. This law is evil.
Pretty Good Privacy is rather crap if Privacy is
illegal -- so fight for your right to silence,
privacy, and innocence...
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
I really hate the BBC, I don't want their insane
'BBC Knowledge', 'BBC Choice', 'BBC News24' channels,
i dont really care about BBC1 or 2 either, with the
possible exception of RedDwarf there is nothing decent on anymore.
I have never understood why the BBC have the right to
charge *everyone* who *owns* a TV, money. OK, so
they aren't allowed to show adverts, but adverts are useful,
you get a break to, e.g. get a drink, go to the toilet,
move for the first time in ~50 minutes, or whatever.
The BBC currently own British TV, effectively. The sooner they get forced to fund themselves, the better.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Erm. He did -- you didnt. Also, at least he was polite enough not to swear at the previous poster.
Yes, it requires either much better algorithms, or possibly quantum computers to crack todays ciphers, but the article had nothing to do with quantium computing -- or breaking ANY form encryption at all.
The article is about quantum encryption, which I have to say I find fascinating, even if daunting -- transmitting a single photon across 300km, without altering the polarisation.... wow.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Except, to get the virus FROM Finland ONTO geocities, you need to 1) write the virus, then 2) transmit the virus.
Thats illegal under the new law. Its not just storing the virus, its writing/spreading/storing the virus which is illegal. To get round this law, you need to fly to the US/UK/Anywhere, write the virus, upload it somewhere, then go back home.
Actually, what happens if someone outside finland stores in on a free homepage service based in finland (are there any? I dont know of any, but I assume there are)?
Are the webspace providers liable?
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
Linux is already being affected by hoards of Windows users deciding, hey, I want to run my own fl00d bots and strike ph34r into everyone on IRC.
:)
The problem is, they install Linux, and discover they can't use it. They may be able to use their wonderful point 'n' click winnuke app to kill anyone else using windows's box instantly, but they dont know how anything actually works on their computer, so they install Linux, and think, hey this sucks, then they find the odd cracking tool, and start running around IRC saying they are a l33t hacker cause they use Linux...
All this does is give Linux as bad a name as Windows, regarding the lame users which (both) OSs have (started to, in Linux's case) attract[ed].
I remember when I used Windows9x, and sure, I could do some interesting things on it, but I can remember downloading an eggdrop and asking what are now, to me, embarrasingly lame questions about how I could run an eggdrop 24/7 on a dialup computer (ok, I was an idiot -- im not now, honest) -- at least I knew I needed a shell
I at least, downloaded linux (I can still remember the episode of the Outer Limits that i was watching as slackware downloaded, heh), installed it, and even started mucking around with the source of CircleMUD and now know a decent amouns of C (and I'm learning).
Now, however, you can download a distribution of Linux for Windows... Great.. Now you don't need to be competent at computers to use 'Linux' (I almost destroyed the FAT of one of my drives.. bad mkswap), you point, click, and get thrown into Linux, and have the ability to say 'I know nothing more about computers, but hey, I use Linux'.
IMO, it isn't the OS that is cool, its the fact that using Linux means/ment that you at least had a clue about using computers, and you werent some lame idiot trying to crash boxes, and crack into things you knew nothing about.. Or even if you were, installing Linux meant you had a CLUE, which an increasing number of people using Linux nowadays, no longer have.
They install Red Hat, and then the simplest thing to do with Linux goes wrong, they haven't the faintest idea how to fix it in Linux -- and they dont want to learn. They want someone to give them a magic command, so they can keep living in ignorance..
Ok. I'll stop rambling now.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
You know, the last time I checked, the Queen
was still the Queen up here in Scotland, which
means she is the Queen of Britain, even though
I hate her, I'd prefer it if people stopped
treating the UK as England, and ignoring the
fact Scotland (and Wales, and Northern Ireland)
exist.
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
1. Isn't this rather similar to the 'modem tax' hoax that has been going on for the last eternity or so?
2. How exactly do the US plan to tax non-US citizens? Is it just going to be email from a US citizen that will be taxed, but not TO a US citizen, but from a non-US citizen?
Apart from the fact there is *NO* way to tax this, (assuming point 2 above is true, say someone outside the US sets up a free 'yahoo mail' type thing. Everyone uses http to get outside the US, then they only technically start sending e-mail from outside the country. how are they supposed to detect this, never mind attempt to tax it?)
If this law is serious, it is even stupider than the ITAR laws about encryption, and i doubt it could be enforced at all, assuming anyone would be insane enough to pass it.
Wow. They haven't disabled ping replies on this
machine, like every other *.microsoft.com site..
I can get to port 80 (only port open according to
nmap, but, it informs me:
Logon failure: user not allowed to log on to this computer.