Slashdot Mirror


User: Tackhead

Tackhead's activity in the archive.

Stories
0
Comments
6,382
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,382

  1. Re:Finally, a judge standing up to the police on Judge Demands Details Of FBI's Keylogger · · Score: 3, Interesting
    > The judge is probably wondering whether this "device" should properly be called a wire-tap in which case all the evidence from the computer will be tossed (note that IANAL).

    According to the Wired article yesterday:

    Another thing that's suspicious, says the defense, is that the log from the program ended as soon as it shows Scarfo's PGP passphrase: "The odds of someone subject to a 60-day period of observation via keystroke recording providing what was sought on the very last typed entries are alarmingly high."

    This would be impossible (or at least highly improbable) with a hardware device. With software, however, it could be done - log everything until you see PGP running and a passphrase being entered. Then stop logging.

    I have a hunch it's software, not hardware, for another reason.

    This whole case revolves around whether the FBI "placed a bug" (i.e. wiretapped) or not. "Bug" has traditionally meant a hardware device, which does not appear to be covered by the warrant. (If they had a warrant to place a bug, the defence wouldn't be arguing otherwise).

    Even the most kl00less n00b of a judge would be able to see that a Keyghost or other hardware-based key-logging device is fundamentally the same as a microphone. One logs keystrokes. The other records voice. If the warrant didn't authorize the placement of an audio bug, it probably didn't authorize placement of a keylogging bug.

    But if it's software, the Feebs can argue "Hey, it's not a device, it's just ones and zeroes on his hard drive. We left nothing, we just tweaked some magnetic lines of flux on a spinning piece of metal."

    The funny part is that this is the same FBI whose lawyers are arguing (eg. DeCSS, Sklyarov, etc.) that even source code can be a "circumvention device". I guess code is a "device" when it serves the FBI's purpose, and "not-a-device" when it... well, serves the FBI's purpose.

    The sad part is that it's going to take a pretty enclued judge to figure out that if DeCSS is a "device" for circumventing protection, then a keylogger -- even if it's just software -- is just as much a "device" for conducting a wiretap of the line between a keyboard and a computer.

    Finally, doing it in software enables them to turn the logging off after they capture the PGP passphrase. I speculate that they realized they were treading on the outer fringes of what they could legally do under this warrant, and wanted to be able to make at least some claim that they minimized the amount of data to be captured.

    All of this leads me to believe it was a software device, not a piece of hardware. "If we can't get a warrant to place a wiretap, let's do it with software, and then if the defence argues otherwise, we might at least have a shot at convincing the judge that software isn't a "bug" because it's made of bits, not atoms, and the wiretap law was written when the only technologies for wiretapping required atoms."

    (The obvious argument for the defence: "In that case, Your Honor, we submit that the instant the software ran on the defendant's computer, the FBI had effectively installed a bug. Instead of it being the cute little ones you read about in Tom Clancy novels, it was a full-tower 1G Athlon bug. But it was still a bug.")

    That said -- let's have an open mind. Maybe they're doing something more advanced than installing a Keyghost. Maybe they're using a new way of installing software known only to the 'l33t d00dz in the intelligence community.

    Finally, maybe the technology is also in place now on real threats, and the bugs - hardware or software - weren't planted by "cops operating with a warrant", but by intelligence agents (or double agents), whose lives would be jeopardized by their targets' acquiring the knowledge to detect these bugs.

    As much as I mistrust the FBI, if any of those scenarios is true (and they're all plausible), it doesn't matter how weak the FBI's case is in the case of this mobster, the tech should remain under wraps.

  2. Re:Speculation time. How does it work? on Judge Demands Details Of FBI's Keylogger · · Score: 2
    With all the speculation on hardware devices... as an extension of the c00lest idea I've heard so far, I offer the following:

    Embed a bit of non-volatile RAM in the keyboard controller chip. To retrieve the data, seize the keyboard, desolder the chip, and apply TTL to pins that are grounded when the keyboard controller chip is still soldered to the keyboard. Totally undetectable, and it could be done at the factory to every keyboard shipped.

    The privacy of Joe Average is "maintained" the the fact that Joe's keyboard is rarely seized. Just make sure NSA doesn't use these keyboards.

    I dub the idea "bugboards", and anyone who patents it has to deal with this Slashdot post constituting prior art.)

    To the tinfoil hat crowd: With a suitably large clandestine payment to Winbond, "they" could have been doing this to a good 30-40% (if not higher) of the keyboards in existence for the past 3-4 years. Save your original PC/AT keyboards!

    My personal speculation: If it's a hardware device, it's a Keyghost, possibly installed inside the keyboard. (Yes, if I were a Mafioso, I would check the keyboard port as part of a daily sweep for bugs. But I probably wouldn't grab a screwdriver and inspect the keyboard's guts.)

  3. Re:Medium damage on Code Redux · · Score: 5, Insightful
    > > I don't understand why Symantec classifies a "remote root" exploit as only "medium" damage.

    Well, given the choice between having j00r box r00ted and having something like WinCIH blank out your BIOS and wipe out your FAT...

    For security, it's critical. But the amount of data loss is minimal until after someone telnets to the open port and blows away your drive.

    Finally, consider Symantec's core market -- not the guy running a brokerage firm on a farm of IIS boxen, but home and office users of PCs worried about the virus that'll wipe out their pr0n collection. Joe Win95er really isn't at risk from Code Red II, apart from wondering why "the Internet is slow" if he's on RoadRunner.

    Considering Symantec's core audience, and what this worm could be doing to compromised systems, and yeah, I'll buy "medium".

  4. Re:it's already gotten worse on Distastful Advertising Continues: "Gatoring" · · Score: 2
    > > yesterday I was on my PC downloading MP3s and my PC printed out a roadmap, marked a store location on it and pushed me towards my car. It was unbelievable!
    >
    > Yeah, but in a few weeks, your car will be programmed to drive you there (whatever happend to the Clarion CarPC? Anybody buy one?) Even better, with the GPS feature talking to the local gendarme, you won't even break the speed limit.

    Feh! You're a couple of rank amateurs!

    My marketing director told me to work on a plug-in that won't bother mucking about with cars and GPS units to take you to the store, it brings the store to you!

    As he said -- "Why should the consumer have to deal with the complexities of having the choose whether or not to buy a product? Isn't it our job as marketers to simplify the choice process?"

    Our new version greatly simplifies the choice process. When you search for our competitor's product, for instance, our DLL doesn't just advertise our product, it doesn't just send you to our store, it saves you all this time and trouble by simply purchasing our product for you!!!

  5. Re:They just don't get it. on Distastful Advertising Continues: "Gatoring" · · Score: 5, Interesting
    > Some friends and I were just talking about this last night - when was the last time that you used RealPlayer?

    A while ago. But the only reason was because I did some testing and discovered that you can make the ancient RealPlayer 5.0 (that didn't have a lot of spam included in its user interface) work just fine with RealPlayer G2 and RealPlayer 8 streams, by simply fux0ring around with the DLLs in C:\Windoze\Program Files\Common or somewhere like that.

    Basically, you take a RP5 install, do a recursive DIR or ls over the filesystem.

    Then (on an expendable system, naturally, that you've replicated from your production box), you install the upgrades required to play files encoded with the newer RealMedia codecs, and do another DIR or ls.

    Then you diff the results and copy any new or modified DLLs onto your production system. Presto! RealPlayer 5 with "up-to-date" codecs.

    Of course, that doesn't prevent Real from including spyware/phone-home in the DLLs, nor does it prevent RealPlayer 5 from auto-nagging you every few months to upgrade.

    But it's a workable solution for all those old South Park episodes I acquired in 228K .RM files (a mixture of RealPlayer 5, G2, and RealPlayer 8 codecs) format before DiVX appeared.

    Which, come to think of it, is about the only use I have for RealPlayer, since I don't have cable.

  6. Re:It is the time on Code Red II: Shells for the Taking · · Score: 1
    > you aren't seeing the other because you're vulnerable to them!

    Yeah, I probably should have explained that I was running Apache at the time, which is what made it something to laugh at rather than worry about.

    I didn't see any actual 'sploit attempts from that IP, so either he was a harmless joker with a web browser, or he was changing the GET string based on how the server identified itself. But if he was doing that, why even send a string to an Apache server. So my hunch is he was just a guy who'd drunk too much coffee.

    (Hmm, configure Apache to misidentify itself as an IIS box the next time a worm shows up... lousy web serving idea, but a nice honeypot idea ;-)

  7. Re:If this can't break Microsoft's back nothing wi on Code Red Back For More · · Score: 2
    > Essentially, a capability is permission to do something: see a file, read it, delete it, execute it, open a network connection. In such an OS, the web server is giving capabilities to: see everything in its docroot; execute everything in it cgi-bin; receive network connexions. It cannot read your personal data; it cannot open its own network connexion. Done right, it cannot even access libraries it doesn't use. It's a very interesting concept.

    Sounds a bit like the way they're going with SELinux. And yeah, a capability-based OS would rock. Sadly, neither contender for market share (be it any version of 'doze or the various UNIXes/Linuxes) has it yet :(

    For those of you with the free time and desire to write code to make the world a better place, it'd be a hell of a good project to get involved with.

  8. Re:streaming on Who'll Be Using Ogg Vorbis Instead Of MP3? · · Score: 2
    > No one cares about patent laws. Most people using mp3s are downloading them without paying for them, do you think they care about breaking some patent laws when they steal their mp3 encoder? No way.

    I think you've got it.

    I saw a lot of posts today about geeks who say they're about to rip their 300-700 CDs into .ogg format. Hey, if you have the CDs, that's a great idea.

    But lossy-compressed-music didn't catch on just because you could stick ten albums onto a CD-R, it caught on because you could have a Pretty Damn Good copy of the music for free - as in "beer" - without owning the CD.

    If you've got 700 CDs' worth of MP3z, you're not gonna convert 'em to .ogg, because the second lossy compression (MP3 -> OGG) is going to destroy the quality of your recordings, and you won't do it. (And you probably shouldn't!)

    MP3 got its first-mover advantage because allowed for distribution of music on an unparallelled scale. For every copy of some rare or out-of-print CD or vinyl recording that can be re-ripped to .ogg, there will be several dozen, perhaps hundreds, of MP3 copies that can't, because the owners of the copies of the MP3s have no access to the original recording.

    With the audio universe populated almost entirely with MP3s, and with transcoding not being a viable option, why would anyone go through the trouble of trying to simultaneously support archives in two formats? (It's hard enough to find MP3-playing consumer electronics that correctly handle all the variations of MP3, let alone one that properly supports two formats.)

    As cool as Ogg is, I'm afraid it's destined for a niche market.

    > Ogg Vorbis is most useful for streaming media servers.

    Niche, however, isn't that bad a thing. This is a particularly good niche to be in.

    > Get the decoder into a lot of the client software people are already using (winamp, wimp, and real), and the free streaming server will "sell" like hotcakes, if it's any good.

    In fact, I think that Ogg, if it went into the streaming audio niche, could really whip some serious llama ass.

    For streaming audio, the end user probably isn't archiving the content, so the format doesn't matter. Streaming audio also includes live broadcasts, and having access to the "original CD" doesn't matter -- the "original" is the DJ's voice speaking into a mic.

    Besides, wouldn't it be nice to live in a world where aspiring webcasters no longer had to fork over $BIGNUM to RealMedia for .rm streams or MSFT for .wma streams?

  9. Re:It is the time on Code Red II: Shells for the Taking · · Score: 2
    > On a completely other note! I was thinking it would be nice if the worm copied random text strings (from the victim's hard drive) instead of the XXXXXXXXX in order to overrun the buffer :) Then it would be really interesting to read those log files!

    Well, I haven't seen that yet, but I saw something even funnier:

    999.999.999.999 - - [04/Aug/2001:23:43:18 -0400] "GET /default.ida?XXXXXXXXXXXXXXXXXJust_Kidding___Now_H ow_About_Running_Apache_Instead_of_IIS HTTP/1.0" 404 282 "-" "-"

    (Yes, just some guy with a sense of humor and a web browser, not enough Xs to trigger the overflow ;-)

  10. Re:more MS insecurity on Analysis of Passport Flaws · · Score: 2
    > > Passport's security model depends heavily on the Domain Name System
    >
    > You know, this more than anything else in the article bothered me. I can see the next big wave of MS server vulnerabilities leading to the surreptitious replacement of HOSTS files on the target machine.

    I can see that, but I can also see a wave of cookie-harvesting attempts. If the expiry dates on the persistent cookies used as authentication tokens is long enough (as it presumably must be, or the user would have to log in again every day), a worm that .ZIPs up a user's cookies and "phones home" by emailing the cookies to a set of randomly-pregenerated Yahoo (or for irony's sake, Hotmail) accounts, by filling out a web form (as, for instance, an AC posting to /. in a user-created forum), maybe even to an abandoned newsgroup, with bonus points for doing the USENET post through an open SOCKS proxy.

    Either option is possible - the HOSTS file approach would be readily-detectable, though, and easily fixed. Whoever set up the site to which the h4x0red HOSTS file pointed would also be the obvious target for investigation. The cookie-harvesting approach would offer similar ease-of-coding for the k1dd13z, but depending on the mechanism chosen for "phoning home" (and the options available to the attacker for retrieving the messages containing the cookies, including anonymizing proxies), near-total anonymity.

    As currently implemented, Passport and .NET are disasters waiting to happen, and I will entrust no confidential data with them. If my bank or broker requires their use, I will take my business elsewhere, or regress to doing my business over the phone or in meatspace.

  11. Re:Something that should happen more often. on Code Red Back For More · · Score: 3, Funny
    > Man, I'm glad that I'm not using [Microsoft Product]. This new [virus/worm/trojan] exploits a [flaw/bug/backdoor] in [Microsoft Product], and it [does/doesn't] use Outlook and the stupidity of users. Luckily, I'm running [Free alternative to Microsoft product], so I'm not at risk. In fact, [Free alternative to Microsoft product] has protected me from [any integer over 200] [viruses/worms/trojans]. And just look at the [hundreds/thousands/millions/billions] of dollars that I've saved using [Free alternative to Microsoft product]. I hope that this [Free alternative to Microsoft product] takes off, along with [free alternative to Microsoft OS]. Unfortunately, my [company/home] has to pay for the stupidity of Microsoft: this [virus/worm/trojan] sucked [250KB/250MB/250GB/250TB] of bandwidth!

    I hereby propose we adopt your post as a convention.

    We can thus encode "war stories" about the latest [worm/virus/trojan] as follows, saving Slashdot a fortune in bandwidth charges.

    For instance, I can now describe my evening as follows:

    "IIS. Code Red II. flaw. IIS. doesn't. FreeBSD. 429. worms. thousands. Apache. Apache. FreeBSD. company. worm. 6.2MB."

  12. Re:If this can't break Microsoft's back nothing wi on Code Red Back For More · · Score: 3, Insightful
    > My microwave doesn't blue screen and cook my brain inside out.
    >
    > SO WHY THE HELL IS THE CORE FUNCTIONALITY OF MY PC allowed to distribute my personal information, crash during critical functionality, be succeptable to cracks and attacks that are easily preventable.

    For his track record of trading security for market share, I'm just as happy as any Slashdotter to see Bill Gates' nuts roasted over a fire until they pop.

    But the fact is, your PC - whether it runs CP/M, BeOS, FreeBSD, Linux, or Windows XP - is fundamentally different from embedded systems like your microwave and your car.

    Design flaws can exist - in medicines, in consumer products, in closed-source applications, and yes, in open-source applications.

    The reason the "core functionality" of your PC is "allowed" to distribute your private information is because it has to be able to do so if you're going to write emails to your friends.

    The reason it's "allowed" to crash is the same reason automobiles are "allowed" to crash -- sometimes it's a design flaw (Code Red IIS exploit, BIND exploit, Ford Pinto gas tank that exploded on rear impact), and sometimes it's operator error (SirCam worm, drunk driver).

    > I hope no one keeps personal, private, confidential and financial data on there pc's.

    The only truly secure machine is the one that's been unplugged, powered down, encased in concrete, wrapped up in a Faraday cage, and then dropped into the Marianas Trench. Ya gotta do what ya gotta do.

  13. Re:VIntage Computer Festival East on Cashing In On Antique Computers · · Score: 3, Informative
    > At the VCF east, I picked up a Radio Shack Model 100 for $40, including case and manual, a bunch of old Creative Computing Issues for $1, and an obscure Psygnosis game for the Amiga called "ORK", shrinkwrapped, for $10.

    Yeah, in addition to drooling over the exhibits and expensive/rare stuff, I picked up some pretty cool stuff at VCF 4.0 last year. Lots of old software, hardware, and parts.

    (Yes, this is another shameless plug for VCF 5.0, September 15-16th, in San Jose. Why wait until after it's over to read about it on Slashdot? ;) VCF East was the first time the VCF crew put on a show for the East Coast crowd, and it should grow over the next few years.

    Meanwhile, for the Silicon Valley crowd, VCF 5.0 is also under the same roof as CA Extreme, a weekend of all the 80s arcade machines and prototypes you could imagine. Serious dr00l.

  14. Re:A whole new Bred of Hacks! on Windows XP To Block Use Of "Troublesome" Drivers · · Score: 3, Interesting
    > First one to make Windows XP NOT ALLOW OFFICE XP TO RUN --->!!WINS!!

    1) Virus/worm.
    2) ...that randomly corrupts one or two bytes in a pointer table in a .DLL installed by Orifice XP...
    3) ...that modifies itself to change which bytes its children will corrupt before attempting to propagate...
    4) ...that securely deletes itself after propagating, leaving only the corrupted .DLL files or other internals.
    5) Bonus points for doing some RTM-Worm-like cross-platform magic and using r00t exploits to leave a reservoir of Linux boxen from which it can re-emerge after the publicity dies down.

    Good thing I'm not running XP. And never will.

  15. Re:Who cares? on Congress To Address Digital Music · · Score: 2
    > If you want free music w/o the worry of copyrights move to Tailand / Singapore.

    Or just download it from the comfort of your living room today.

    Now, if you want to post copyrighted music without worry, then you might have to move...

    The fundamental problem is that even if you have no interest in violating copyrights, but just want to talk about how someone might go about copy music, even for their own use, you might still want to consider moving... but that's another /. article.

    At least it sounds like Boucher "gets it", and isn't going to completely kowtow to the RIAA party line. Props to him here. Madder props in reserve if he gets it passed in any form that still annoys RIAA.

    We'll reserve our maddest props (and campaign donations) for when he introduces legislation to repeal the DMCA. But let's take it one step at a time.

  16. Re:worked in the old days on The Death Of The Open Internet · · Score: 3, Insightful
    > The internet worked in the old days with slow dialup modems over uucp. There will always be an open internet. You can't stop it.

    Someone mentioned the L0pht/@Stake "In Case Of Fascism, Break Glass" plans for a wireless roving network of packet-switched fun.

    Suppose we update it with present tech. Imagine a few hundred geeks in any given city, using hax0r3d 802.11 gear hooked up to laptops with 80G hard drives, featuring end-to-end-encrypted store-and-forward UUCP-style transmission and replication of data. Something like a cross between Freenet and USENET, but with UUCP as opposed to NNTP as the transmission mechanism. Sure, it may take a few hours for a requested file to "hop" from one end of the country to another. Who cares, as long as you can get the data -- you send a request and later that night, the file appears.

    The world can have AOL at 53K dialup speed. Hell, they can have AOL at 500K cable modem speed. (With a 1-kilobyte paragraph of text requiring 40K of Flash Banner Ad download and 10K of HTML and Javashit to put frames and popups around it, the throughput is about the same as dialup with image autoloading off ;-) The rest of us will go, not to the stars, but underground.

  17. Re:Silly Perhaps on The Death Of The Open Internet · · Score: 2
    > Companies need to stop treating the Internet like content controled media like TV and Radio. It might be possible for things like AOL and MSN but out on the open Internet? Thats as crazy as checking everyone's phone to make sure they aren't talking about how to download "illegal" mp3s.

    Yeah, it's as as "crazy" as CALEA, which requires that telecom equipment vendors build wiretap capabilities into their equipment, and Carni^H^H^H^H^HDCS-1000, which, by design allows everyone's communications to be monitored and any "illegal" content exchange logged.

    Crazy? It's what we have now.

  18. Re: That sucks on Tux Racer 1.0 To Be Closed Source, Windows Only · · Score: 1
    > My first thought. Then I realised: the unwashed masses who don't know their asses from their elbows won't know Tux from a Stroggo, anyway, so it's "Awwwww, cute penguin!!!!!!!"

    If they don't know an ass from an elbow, they're gonna have an awful hard time figuring this game out...

    "Tech support, may I help you?"

    "Uh yeah. It says in the manual that Tux steers with his flippers, right? But aren't flippers are like arms, don't they have elbows?"

    "Yes, sir, flippers are like arms. What difficulties are you having?"

    "Well, every time I press left-arrow, he digs his left asscheek into the snow instead of his elbow. His elbow always remains in the middle of the screen no matter where he goes. I don't get it! I mean, the penguin's cute and all, but I don't get the controls, man..."

  19. Re:Politically correct on Tux Racer 1.0 To Be Closed Source, Windows Only · · Score: 2
    > Yes, having a female penguin falling down a mountain and hitting obstacles sounds far more politically correct than a male penguin. And from the user's point of view, wouldn't you almost be forced to look up her skirt?

    Speaking as a heterosexual male, if I've gotta look at a penguin's nether regions for an hour of gameplay per session, it might as well be a female penguin... It worked for Tomb Raider, didn't it? :)

  20. Re:"It's funny, laugh"? on FDA Approves Swallowable Camera · · Score: 1
    > > "Because at $450 a pop, even Hilary Rosen and Jack Valenti will finally be able to locate their asses. Albeit with the assistance of one hand, a glass of water, and an LED. "
    >
    > How much trouble could they possibly have finding their asses, when their heads are crammed so far up there?

    Good point. I guess they don't need the pill.

    But granted that their heads are shoved up their asses, I hereby volunteer to feed 'em the pill anyways. ("Nurse, get my elbow-length rubber gloves. Yeah, the special ones we keep in the big pool of tabasco-habanero sauce for, uh, sterilization purposes!")

  21. Re:What a HUGE market for this game.... on Tux Racer 1.0 To Be Closed Source, Windows Only · · Score: 2
    > Let me guess, they'll market this game to Linux fans who only use Windows.... That'll go over well.

    Hey, that probably covers half the people who read Slashdot :-)

    I can hear them all now: "Cool! In addition to the FDA's new camera-pill, which lets me look at my own ass all day long, now I can look at a penguin's ass all day long too!

  22. Douglas Adams, RIP on FDA Approves Swallowable Camera · · Score: 2
    With respect to Douglas Adams and the HHGTTG:

    Ford: "You'd better prepare yourself for the hump into hyperspace. It's unpleasantly like being drunk."

    Arthur: "What's so unpleasant about being drunk?"

    Ford: "You ask a glass of water."

    At long last, we'll know.

  23. Re:"It's funny, laugh"? on FDA Approves Swallowable Camera · · Score: 1
    > What's so funny about this? This looks like a serious leap forward in the medical field, especially for gastroenterolgists (sp?) and the like. How come the best thing you can think of for something like this is stupid little web cam sites?

    ...because gastroenterology is probably the funniest field of medicine you can get into ;-)

    The only problem with this technology is that we'll no longer be able to look at the typical RIAA or MPAA lawyer and say "so stupid they couldn't find their ass with both hands and a flashlight."

    Because at $450 a pop, even Hilary Rosen and Jack Valenti will finally be able to locate their asses. Albeit with the assistance of one hand, a glass of water, and an LED.

  24. Re:FDA?! on FDA Approves Swallowable Camera · · Score: 1
    > I read somewhere ( link please?) that they had rejected a dildo because it had a tendency to short out and cause burns :).

    To hell with the FDA's link. I want a copy of her resume', and I know a few pr0n webmasters who would probably pay good bucks for the video: "Insatiable XXVII: They Ain't Made A Dildo She Can't Burn Out" ;-)

  25. Re:Sony Sells Crap on Sony Sells Defective, Damaging CDs in Eastern Europe · · Score: 2
    > New Sony CD's will actually explode when the user tries to rip them. The new CD's have a microchip build in to detect rip-like laser movements. When the user tries to rip the CD to make a legal back-up or MP3 copies, the microchip create a small explosion, which will ignite the CD in hopes of destroying the CD burner. Sony representatives say, "Those fucking pirates are getting off easy. If we could track them better, we'd fucking kill those motherfuckers!"

    Hmm, suppose you had a bunch of microscopic springs with weights attached to them, embedded in radial gaps in the polycarbonate around the edge of the disc. On the other side of the gap is an electrical contact. You've also used some thin-film voodoo to create a battery or other store of electricity in the disc.

    If you drop the disc to the ground, only the springs on one side make contact. But if you spin the disc at faster than a certain speed (say, 1000 RPM, above the highest speed any CD will spin when playing back music at 1x, regardless of the position of the head), all of the springs make contact with the switches at once.

    *boom*!