These individuals were trespassing and had shackled themselves together. The officers gave them ample opportunities to leave the premises on their own, and even showed them the OC spray in the cup and gave them a final chance, but the suspects refused to budge. They were bound and determined to become martyrs for the cause.
If you were an officer in this situation, what would you do?
(Keep in mind that you have been dispatched to remove these individuals, and if they are still there when you leave the scene, you will be written up for insubordination.)
Fyodor is more of a "cracker", to use the proper term. A few years ago, Fyodor got caught breaking into a Windows PC owned by somebody who had humiliated him online.
Just desserts? Maybe. Ethical? Not a chance. Somebody with that level of skill should be using his abilities for good, not evil.
As a long time Python developer I would like to take this opportunity to
shed some light into one of the most overlooked design flaws in the
language: memory leakage.
Despite all of Guido Van Sustren's claims to the contrary, Python's garbage
collector just
doesn't work correctly, allowing the programmer to create a circular
reference which never gets resolved. This is a critical impediment to
writing mission
critical applications in Python, as they will eventually run out of
memory and fail.
Python is an excellent beginner's language, well-suited to replace Visual
Basic or possibly even Perl for many tasks.
But testing about unit testing before we address a fundamental design flaw
such as memory leakage is tantamount to putting the cart before the horse. Python's memory issues need to be fixed before the language can break out of its niche.
Although physical stress can be annoying, software by far has the greatest impact on your work environment as a high tech worker. As a system administrator I have cringed as my bosses through the years have forced me to lock down developers' desktop machines, forbid software installation, and even keep them from upgrading to the latest version of Perl to keep their development scripts working.
I too have been subjected to unreasonable rules and regulations: I have worked in jobs where we did not have internet access (making researching simple problems difficult at best), were not allowed to use the phone or email for personal conversations, and were forced to run Windows on the desktop, complete with spyware that loaded from a login script each time we logged on to the domain.
What is sad about these jobs is that bad software environments are a form of psychological torture. Originally intended to make workers productive, they often have the opposite effect, forcing workers to get approval and jump through hoops to perform simple coding tasks that their competitors can do within seconds because their machines were not locked down. This is one of the main reasons that American companies are losing ground to outsourced workers in India: our managers feel that they need to control and micromanage the workforce as much as possible, whereas the foreign workers are so plentiful, expendible, and primitive that they can just be replaced if their productivity is below par. American companies would benefit immensely from adopting this simpler model and giving us tech workers the freedom we deserve in the workplace.
The big difference is a DUMB ISO programmer (where the data lines are controlled by the PC) and a smart programmer where they have protocols embedded in the hardware ISO programmer to conform to ISO protocol standards. That's a different case all together...
Not necessarily, but it is true in this case. The "smart" programmers favored by DSS thieves have extra logic that glitches the card's supply voltage and clock line to circumvent the card's security. That is the major (legal) distinction.
One of my neighbors used to brag all the time about having this sort of setup, but he was none too happy when the sheriff's department nailed him for selling hacked cards and then turned over his customer list to DTV for lawsuit purposes. I guess there is justice in this world.
As prosecuting attorneys, you have the ability (and burden) of choosing which offenders out of thousands of suspects should be pursued by the Federal government.
In some cases this decision is clear cut: the largest and costliest criminals should be dealt with first. But in a lot of cases on your Cybercrime page (notably, some of the targets in Operation Decrypt) you chose to prosecute a few of the "small fry." The same dragnet that netted convictions for a $14 million offender also snared a few guys who only caused losses of $7000. Interestingly, among the latter persons were some of the most skilled embedded security experts alive today.
So, how often do you target offenders based on pressure from the crime victim, high visibility, high (criminal) intelligence, or other factors not directly related to the crime? And who, besides the prosecutor's office, weighs in (indirectly or directly) on these decisions?
Although the concept of a decision matrix is a good one, these authors chose instead to squander their opportunity to present both sides of the case by presenting a one-sided, dubious view that may or may not have anything in common with the court's ultimate interpretation.
For instance:
"SCO have yet to reveal any conclusive evidence that they can show there is code that they have developed, which is now in Linux illegally." Although I also doubt that SCO has any conclusive evidence, as a former paralegal I can assure you that there are many good reasons why they would be harmed by showing their cards right now.
"SCO released any infringing code: Proven." This is decidedly false, as this has not been proven in a court of law. Codes of procedure, rules of evidence, and whether or not the judge got laid last night all have significant bearing on whether or not the court will have enough evidence to deem this point "proven."
"Final Outcome: Linux is Unaffected." This is completely false. Linux has already been affected by companies who have shown increased sales since beginning to spew FUD about "stolen IP" in Linux. I have several friends at various Linux vendors who claim that sales are down and that customers have mentioned the suit very often as a reason to hold off on adoption of open source software. The BSA is lobbying foreign governments to avoid open source because of this case, even as we speak. We may be able to fix a few lines of snarfed code in 15 minutes and end the whole ordeal, but Linux may never get its credibility back if contributors can be shown to have caused the problem. Never forget that it takes a long time to build trust but trust can be lost in a matter of seconds. And articles like this that spread pro-Linux FUD are just as detestable as the garbage spewed from Redmond.
...is to hire a good lawyer. Hint: a lawyer who advises you to settle when you have done nothing wrong is not a good lawyer. Most lawyers are too lazy to take cases that they do not understand, which explains why so many tech-related cases wind up costing the protagonist money. This is even worse in the criminal law arena, because these lazy attorneys can cost an innocent man his freedom. IMHO there is no excuse for this, but it happens every day.
Case in point: my roommate was sued by a major staffing company because of "alleged" violations of his noncompete agreement. He talked to literally dozens of attorneys before he found one who was willing to take the case. On the first court date the attorney he hired filed a motion to dismiss and won.
It can be difficult to fight "the man" but patience and determinism will pay off in the long run.
Let's stick to the facts here and contrast two statements made by Mr. Fyodor (one posted to his domain, insecure.org on 8/16/2002, and one posted to slashdot.org on 5/30/2003).
First, the quote from today:
I did not actually break into any troll boxes, although I did imply that in a misguided attempts to use some of their trolling rhetorical devices against them.
Incidently, Sdem is also incompetent at securing his computer. That is a glaring deficiency for someone who spends most of his time annoying and harrassing others. Thus, our investigation was able to progress well beyond simply viewing his public Internet posts. We were monitoring his system in real time, and are providing dozens of (somewhat) interesting screen shots below. We were also going to post some of his files, passwords, and full keystroke logs, but that would be gratuitously mean. After all, he is only a high school kid, so maybe he will mend his ways. Sdem: if you are reading this, change your passwords before we change our mind:).
So, not only did Mr. Fyodor illegally access the victim's PC (18 U.S.C. 1030(a)(2)), but he also unlawfully intercepted and disclosed the contents of communications on that machine (18 U.S.C. 2511(1)(b), (1)(c), et al) and threatened to make further disclosures to injure the victim's property and/or reputation (18 U.S.C. 875(d)).
In other words, if word of your exploits makes it up to the Justice Department, you are going to be fucked. We know full well that the Bush administration likes to makeexamples, especially of slimy Russian hackers. What reason do you have to believe you won't be next in line?
In the past, Microsoft has mainly concerned itself with positioning Windows NT based servers against the superior Linux-based products from Debian, Red Hat, and Caldera.
This memo demonstrates an important shift in their strategy: they are now in a position where they are competing against Linux on thedesktop, having lost many key battles on the server side. This means that, despite religious crusades and many rifts in the Open Source community, the competition between such projects as KDE, GNOME, and XFree86 has produced better products that are now able to compete on a level playing field with the Windows XP desktop. We know this only because Microsoft said so itself.
Eight years ago when I first started running Linux, I knew it wasn't ready for the desktop. During the internet gold rush of the late 1990s I knew it still wasn't ready for the desktop. But today it is. There is no turning back now - unless Microsoft manages to lock us out of our PCs they will have no chance to reverse the tide, and Windows will lose in the end.
How many people have actually been prosecuted for using an open wireless network without authorization?
And how many of those people (if any) were malicious hackers?
Why don't our legislators spend their time protecting innocent people (Skylarov, Felten, Serebryany, etc.) from laws like the DMCA that have been abused, instead of saying "hey, it's legal to wardrive, which nobody has ever been maliciously prosecuted for"?
...that despite one (maybe two soon) PATRIOT acts, Terry v. Ohio, the DMCA, Microsoft, military tribunals, and John Ashcroft, this is still a better place to live than 95% of the other countries in the world. At least here we don't lock people up and invade the privacy of their homes just because they're sick.
Those of us who are old enough to remember when the Berlin Wall crumbled in 1990 know to credit Ronald Reagan with killing Communism.
However, nobody knew that the Communist government of China, just as nimble as it was repressive, would be able to exploit its immense pool of cheap labor to remain a powerful force through the dawn of the 21st century.
But now we are seeing that power crumble. As Altavista, Lycos, and Yahoo realized in the late 1990s, it is impossible to become the best search engine portal just by becoming the biggest. Google brought us good results, minimal pages that weren't influenced by bribery or (in most cases) manipulation, and quick easy searches. Is that something that China's 200 competing portals will be able to bring to the customer's desktop? I think not.
Don't ever forget that the only possible outcome of a compromise is a poor product. Too many cooks in the kitchen inevitably produce something that none of them like and nobody will eat. Good design needs to be engineered into the product, not cobbled on at the end. And that is why Google will win this battle and beat Chinese Communism at its own game. And for that we will owe them much gratitude.
They're damned if they do and they're damned if they don't. Remember what happened to the fee-driven, content provider friendly Napster?
People buy TiVo for the freedom it gives them to control their viewing patterns and to skip commercials. When that freedom goes away, people will stop buying the units. It's as simple as that.
You can turn Multi-Room Viewing off on any DVR. You decide which DVRs can share programming. Television programming is not under TiVo's control. Programming providers may restrict or limit the transfer of particular programs. TiVo does not guarantee access to or transfer of any particular program.
They're asking us to pay $100 per unit to let the content providers decide what shows we can transfer? I like how they blame "programming providers" for crippling their software.
My TiVo is a great toy, but it's looking like it's time for this company to die. First they fire RB, and now they snuggle up to the content industry? Screw them, it's time to cancel my subscription and start hacking my box. They had a chance to earn their subscription fee from me, but they blew it when they decided that they were going to give Hollywood control over my own equipment.
Ok, let me get this straight: according to the article, these students were operating large local area file swapping networks, which included large amounts of copyrighted material that they didn't have the rights to distribute.
How is this an example of throwing the baby out with the bathwater? These kids broke the law and the record companies are taking legal action against them for it. And as far as I'm concerned, they deserve to pay the price for their actions. Organized illegal file swapping is organized crime, nothing more and nothing less. If you're big enough to make a name for yourself on campus, you need to deal with the consequences.
Why would you suppose there isn't much competition in broadband access, in a college town no less (where the thirst for bandwidth is undoubtedly severe)?
Could it have something to do with the fact that until July, a private ISP's biggest competitor is practically giving away unlimited bandwidth for free?
This has nothing to do with the fact that your internet use is mostly focused on stealing copyrighted materials. Cornell doesn't care that you are a freeloader and have no morals, because they know that what comes around goes around. What they care about is that people like you are costing them 40% more every year, because of simple economics. And they are about to end the party once and for all.
When you have access to a resource, you have an obligation to use it responsibly. If you fail to do so, either you or your provider will be penalized for your excesses. There's no such thing as a free lunch. Somebody always pays.
Contrary to popular belief (and, yes, contrary to my own usage patterns in
college), Universities provide network resources for academic uses.
This usually means that they intend for those networks to be used for
research (this is often the main reason the institution exists), completing
assignments, and communicating with one's professors and peers. These
networks are not and never have been intended to be used for
entertainment purposes.
Cornell's change is a Good Thing(tm) in that they will encourage private
entities to provide metered, regulated internet service to the members of
the campus community. In this way, the individual members, not the
aggregate, will be responsible for paying for the proportion of resources
they use. Because, after all, when everybody agrees to divide the check,
most of the people at the table order lobster. It's time for the liberals
at universities to drop their Ivory Tower facade and face the fact that
human nature is a greedy algorithm.
Note that these were not small time players. This guy had $133,000 in DSS related monies flying through his Paypal account. (Also note that Paypal sent the FBI a transaction log, same day service, with no warrant. A sobering reminder that eBay/Paypal does not care about your privacy.)
Although the consumer broadband landscape is hardly a profitable area in
today's business environment, the DirecTV unit's death could not be chalked
up to slim margins alone. Just as they have utterly
failed to prevent the theft of their premium television channels,
DirecTV had placed little or no access control on their broadband network.
I know this for a fact because I know of no fewer than five people who are
able to get internet service from DirecTV for free, with some slightly
modified equipment. Obviously, hiring a bunch
of half wits to secure your network does not help the matter.
At the risk of stating the obvious, dark fiber that was laid to strengthen
the internet backbone and inter-LATA communication circuits has no
commercial application whatsoever in this day and age. Why? Let's
step back and look at the facts:
Dark fiber doesn't serve homes or businesses. I have looked
at maps of where the dark fiber along I-5 was buried, and I can assure you
that it was buried where the right-of-way was cheap - NOT close to any
people or commercial entities that could benefit from fiber. Obviously,
the last mile problem has not been solved by burying fiber that was just
intended to improve connectivity amongst COs anyway.
The backbone is fast enough as it is. Although the looming
collapse of Worldcom's UUnet is frightening, their IP operations will
undoubtedly be sold to competitors, who will keep the network running. The
bottleneck is not on the internet; it is between the POP and the average
consumer, who is generally too stingy to get a faster connection than
dialup.
Wireless solutions are taking over the last mile. Between the
four wireless carriers who now offer unlimited IP communications on their
networks, and the numerous companies striving to blanket the nation's
metropolitan areas with pay-per-month unlimited 802.11b hotspots, fiber is
quickly becoming yesterday's news. Although for long distance dedicated
lines it cannot be beat, fiber has little or no impact on the average geek
or consumer today.
Although most dot-coms were killed by infeasible business models and a lack
of a viable, marketable product, there was something much more insidious
that sounded the death knell for Liquid Audio: affirmative action. I had
several friends of Asian descent who worked there, and they all agreed that
the upper management flagrantly and frequently promoted incompetent whites,
and clueless blacks from outside the company, into management positions.
This led to the formation of a company run by a non-technical old boys
club, who did not understand the limitations of the technology and did not
understand the possibilities behind what they could have been doing.
I have seen similar actions result in disasterous results at other
companies, such as CompUSA and Qualcomm. The need to be politically
correct and to have a diverse, apartheid-like management team has trumped
the business requirement to have competent managers who understand what
their engineers are working on. Only when Asians are promoted into
management, as Americans are, and can have their voices heard will most
tech companies start to understand what they are doing and begin to turn a
profit. But ignoring your workers is not a good first step along that
path.
Slashdot Mirror
Just dig your old Commodore 64 out of the ground, and dial up a BBS.
Here is the video you are referring to: http://www.youtube.com/watch?v=lTJCqOlh_4w
These individuals were trespassing and had shackled themselves together. The officers gave them ample opportunities to leave the premises on their own, and even showed them the OC spray in the cup and gave them a final chance, but the suspects refused to budge. They were bound and determined to become martyrs for the cause.
If you were an officer in this situation, what would you do?
(Keep in mind that you have been dispatched to remove these individuals, and if they are still there when you leave the scene, you will be written up for insubordination.)
Fyodor is more of a "cracker", to use the proper term. A few years ago, Fyodor got caught breaking into a Windows PC owned by somebody who had humiliated him online.
Just desserts? Maybe. Ethical? Not a chance. Somebody with that level of skill should be using his abilities for good, not evil.
Despite all of Guido Van Sustren's claims to the contrary, Python's garbage collector just doesn't work correctly, allowing the programmer to create a circular reference which never gets resolved. This is a critical impediment to writing mission critical applications in Python, as they will eventually run out of memory and fail.
Python is an excellent beginner's language, well-suited to replace Visual Basic or possibly even Perl for many tasks. But testing about unit testing before we address a fundamental design flaw such as memory leakage is tantamount to putting the cart before the horse. Python's memory issues need to be fixed before the language can break out of its niche.
I too have been subjected to unreasonable rules and regulations: I have worked in jobs where we did not have internet access (making researching simple problems difficult at best), were not allowed to use the phone or email for personal conversations, and were forced to run Windows on the desktop, complete with spyware that loaded from a login script each time we logged on to the domain.
What is sad about these jobs is that bad software environments are a form of psychological torture. Originally intended to make workers productive, they often have the opposite effect, forcing workers to get approval and jump through hoops to perform simple coding tasks that their competitors can do within seconds because their machines were not locked down. This is one of the main reasons that American companies are losing ground to outsourced workers in India: our managers feel that they need to control and micromanage the workforce as much as possible, whereas the foreign workers are so plentiful, expendible, and primitive that they can just be replaced if their productivity is below par. American companies would benefit immensely from adopting this simpler model and giving us tech workers the freedom we deserve in the workplace.
Not necessarily, but it is true in this case. The "smart" programmers favored by DSS thieves have extra logic that glitches the card's supply voltage and clock line to circumvent the card's security. That is the major (legal) distinction.
One of my neighbors used to brag all the time about having this sort of setup, but he was none too happy when the sheriff's department nailed him for selling hacked cards and then turned over his customer list to DTV for lawsuit purposes. I guess there is justice in this world.
The sites that sold the devices advertised them as signal theft devices. That is why the sites got busted in the first place.
Would an intelligent consumer buy white flour from a cocaine dealer? I think not.
In some cases this decision is clear cut: the largest and costliest criminals should be dealt with first. But in a lot of cases on your Cybercrime page (notably, some of the targets in Operation Decrypt) you chose to prosecute a few of the "small fry." The same dragnet that netted convictions for a $14 million offender also snared a few guys who only caused losses of $7000. Interestingly, among the latter persons were some of the most skilled embedded security experts alive today.
So, how often do you target offenders based on pressure from the crime victim, high visibility, high (criminal) intelligence, or other factors not directly related to the crime? And who, besides the prosecutor's office, weighs in (indirectly or directly) on these decisions?
For instance:
Case in point: my roommate was sued by a major staffing company because of "alleged" violations of his noncompete agreement. He talked to literally dozens of attorneys before he found one who was willing to take the case. On the first court date the attorney he hired filed a motion to dismiss and won.
It can be difficult to fight "the man" but patience and determinism will pay off in the long run.
First, the quote from today:
And now, the quote from yesteryear:
So, not only did Mr. Fyodor illegally access the victim's PC (18 U.S.C. 1030(a)(2)), but he also unlawfully intercepted and disclosed the contents of communications on that machine (18 U.S.C. 2511(1)(b), (1)(c), et al) and threatened to make further disclosures to injure the victim's property and/or reputation (18 U.S.C. 875(d)).
In other words, if word of your exploits makes it up to the Justice Department, you are going to be fucked. We know full well that the Bush administration likes to make examples, especially of slimy Russian hackers. What reason do you have to believe you won't be next in line?
This memo demonstrates an important shift in their strategy: they are now in a position where they are competing against Linux on thedesktop, having lost many key battles on the server side. This means that, despite religious crusades and many rifts in the Open Source community, the competition between such projects as KDE, GNOME, and XFree86 has produced better products that are now able to compete on a level playing field with the Windows XP desktop. We know this only because Microsoft said so itself.
Eight years ago when I first started running Linux, I knew it wasn't ready for the desktop. During the internet gold rush of the late 1990s I knew it still wasn't ready for the desktop. But today it is. There is no turning back now - unless Microsoft manages to lock us out of our PCs they will have no chance to reverse the tide, and Windows will lose in the end.
And how many of those people (if any) were malicious hackers?
Why don't our legislators spend their time protecting innocent people (Skylarov, Felten, Serebryany, etc.) from laws like the DMCA that have been abused, instead of saying "hey, it's legal to wardrive, which nobody has ever been maliciously prosecuted for"?
$DEITY Bless America!
However, nobody knew that the Communist government of China, just as nimble as it was repressive, would be able to exploit its immense pool of cheap labor to remain a powerful force through the dawn of the 21st century.
But now we are seeing that power crumble. As Altavista, Lycos, and Yahoo realized in the late 1990s, it is impossible to become the best search engine portal just by becoming the biggest. Google brought us good results, minimal pages that weren't influenced by bribery or (in most cases) manipulation, and quick easy searches. Is that something that China's 200 competing portals will be able to bring to the customer's desktop? I think not.
Don't ever forget that the only possible outcome of a compromise is a poor product. Too many cooks in the kitchen inevitably produce something that none of them like and nobody will eat. Good design needs to be engineered into the product, not cobbled on at the end. And that is why Google will win this battle and beat Chinese Communism at its own game. And for that we will owe them much gratitude.
People buy TiVo for the freedom it gives them to control their viewing patterns and to skip commercials. When that freedom goes away, people will stop buying the units. It's as simple as that.
You can turn Multi-Room Viewing off on any DVR. You decide which DVRs can share programming. Television programming is not under TiVo's control. Programming providers may restrict or limit the transfer of particular programs. TiVo does not guarantee access to or transfer of any particular program.
They're asking us to pay $100 per unit to let the content providers decide what shows we can transfer? I like how they blame "programming providers" for crippling their software.
My TiVo is a great toy, but it's looking like it's time for this company to die. First they fire RB, and now they snuggle up to the content industry? Screw them, it's time to cancel my subscription and start hacking my box. They had a chance to earn their subscription fee from me, but they blew it when they decided that they were going to give Hollywood control over my own equipment.
How is this an example of throwing the baby out with the bathwater? These kids broke the law and the record companies are taking legal action against them for it. And as far as I'm concerned, they deserve to pay the price for their actions. Organized illegal file swapping is organized crime, nothing more and nothing less. If you're big enough to make a name for yourself on campus, you need to deal with the consequences.
Could it have something to do with the fact that until July, a private ISP's biggest competitor is practically giving away unlimited bandwidth for free?
This has nothing to do with the fact that your internet use is mostly focused on stealing copyrighted materials. Cornell doesn't care that you are a freeloader and have no morals, because they know that what comes around goes around. What they care about is that people like you are costing them 40% more every year, because of simple economics. And they are about to end the party once and for all.
When you have access to a resource, you have an obligation to use it responsibly. If you fail to do so, either you or your provider will be penalized for your excesses. There's no such thing as a free lunch. Somebody always pays.
Cornell's change is a Good Thing(tm) in that they will encourage private entities to provide metered, regulated internet service to the members of the campus community. In this way, the individual members, not the aggregate, will be responsible for paying for the proportion of resources they use. Because, after all, when everybody agrees to divide the check, most of the people at the table order lobster. It's time for the liberals at universities to drop their Ivory Tower facade and face the fact that human nature is a greedy algorithm.
Note that these were not small time players. This guy had $133,000 in DSS related monies flying through his Paypal account. (Also note that Paypal sent the FBI a transaction log, same day service, with no warrant. A sobering reminder that eBay/Paypal does not care about your privacy.)
Although the consumer broadband landscape is hardly a profitable area in today's business environment, the DirecTV unit's death could not be chalked up to slim margins alone. Just as they have utterly failed to prevent the theft of their premium television channels, DirecTV had placed little or no access control on their broadband network. I know this for a fact because I know of no fewer than five people who are able to get internet service from DirecTV for free, with some slightly modified equipment. Obviously, hiring a bunch of half wits to secure your network does not help the matter.
I have seen similar actions result in disasterous results at other companies, such as CompUSA and Qualcomm. The need to be politically correct and to have a diverse, apartheid-like management team has trumped the business requirement to have competent managers who understand what their engineers are working on. Only when Asians are promoted into management, as Americans are, and can have their voices heard will most tech companies start to understand what they are doing and begin to turn a profit. But ignoring your workers is not a good first step along that path.