This opens up a pandora's box of cheesy pick up lines. "Nice USB port, wanna fsck?" "You're so hot I need another heat sink on my celeron." -or- "You're so hot, are you overclocked?" "That's a nice system, but I think I could penetrate it." (at a hacker con) "I noticed you're wearing IEEE pants, which is good, because that's what you're going to be shouting later." "That LCD looks great on you...as a matter of fact, so would I."
Ell Zero Pee Aitche Tee L 0 P H T : PH = F (in crazy english) L0FT : 0 = O (in crazy 1337 5p33k) loft 1 : an upper room or floor : ATTIC 2 a : a gallery in a church or hall b : one of the upper floors of a warehouse or business building especially when not partitioned c : HAYLOFT 3 a : the backward slant of the face of a golf-club head b : the act of lofting 4 : the thickness of a fabric or insulating material (as goose down)
In 1986 Sullivan read "Profiting from Technological Innovation," an article written by University of California at Berkeley business school professor David Teece. The Teece article formed the intellectual foundation upon which Sullivan eventually built ICM Group. Teece "identified a series of steps necessary for the extraction of value from innovation," Sullivan says. "Most everything I have done has come off that early work." Two years after reading Teece's article, Sullivan founded a firm that morphed into ICM.
Is it just me, or is it ironic that ICM's furvor for intellectual property came from someone else's paper. I guess it's a shame that buisness models wern't patentable in 1986, otherwise Teece could have patented the stuff in his paper and forced Sullivan to seriously rethink strangleholds on IP. These are probably the same people who don't understand how RHAT can turn a profit, or why anyone would write open source code. --
Like you say, the Bad Guys can read that source too, and often do until they find a hole, which is true. But this also means that you've got all those exploit writers auditing open source code, looking for any chink in the armor. Once one is found, an exploit is usually published because the crackers are typically looking for recognition in their skill. 8-16 hours later there is usually a fix, and the program is now secure against that attack.
Now lets contrast that with the closed source model of security. No one (in the public) has the source, so it will taker a more skilled cracker to find exploitable bugs. What this translates to is the cracker who finds holes in the system will be more dedicated than the open source cracker. Dedication means that they are less likely to share their new found secret, and the hole is less likely to be patched.
If you don't like the sociological argument, how about the mathmatical one? Assume you have equal numbers of people looking for security holes on a closed source system and an open source system. Since its easier to audit a system that you have the code to (and almost impossible to audit one you don't), even if one cracker doesn't publish a found bug, another will most likely run across it. So you will have more found bugs, but also a higher reported bug/found bug ratio. --
Check out LIDS - the Linux Intrusion Detetion System. You can lock everyone (including root) out of doing certain things, like killing certain processes, inserting/removing modules, changing files, modifying firewall rules, and a lot of other stuff. Plus it's a lot easier for people to write stuff like this when the kernel is publicly available.
BTW, once a cracker has a command prompt on a unix system, that's all they've got. They'll be running as the UID of whatever daemon they comprimised, but they still won't have root (unless the daemon was (stupidly) running as root). Any sysadmin without massive head trauma will not allow a normal user to do root-things. Then again, with some of the setuid root binaries I've seen, I wonder if the head wounds interfere with typing:). But that's stupidity, which won't ever be preventable. All that can be done is enabling and encouraging intelligence.
As for fine tuned granularity, groups work fine for most people, but if they aren't your style, there are Access Control List patches available. Check out this one. It's all about choices. --
But what was Harrison Ford thinking? I mean, even back then he'd already done more quality work than the entire cast combined except for Peter Cushing.
Apparently the reviewer completely forgot about Sir Alec Guiness. His body of work is as impressive as Pete Cushing's and Harrison Ford's... perhaps moreso.
Which is why Alec Guiness (an anagram for Genuine Class) stayed the hell away from that POS. Check your IMDB link, he's not listed anywhere.
Guiness always had a problem with Star Wars. He loathed "those bloody awful banal lines" so much that he came up with the idea to kill off Obi-Wan. To this day he's not too keen on the whole Star Wars franchise.
None of which explains why he showed up in ESB and RoTJ if he was upset with ANH. --
My mom keeps sending me the Elf Bowling thing (even though I tell her that my system can't run it (It said Windows 95 or better, so in theory Linux should run it (English should support nested parens))). Is it a virus or a virus hoax? Last thing I need is my Mom calling me up at 12:01 on 01/01/1900 telling me her computer has the Y2K virus. --
1) Recording stuff based on what you've enjoyed in the past is all well and good -- but won't your viewing get more and more homogenous? Maybe they could build communities, so that people could recommend stuff to each other, or something -- some human element to keep it from getting too samey.
What you want is called "collaborative filtering." Imagine if the TiVo kept track of what you watch, and submitted it to their central database, along with everyone else's watching habits. They could then look for patterns, such as you watch the Tom Green show and you watch Space Ghost: Coast to Coast. Then it could match your patterns against other people's patterns, ie most people who watch Tom Green and Space Ghost also tune in to the Daily Show. The TiVo could then suggest watching the Daily Show.
If people use it to plan events to watch, it could even notice that people who watch Space Ghost and Tom Green have programmed their TiVo's to record the Hitchhiker's Guide to the Galaxy on PBS, and ask you if you want to do the same. Privacy concerns aside, this would be welcomed by most people, but wouldn't prevent homogeny in their TV viewing. Then again, most people don't mind homogeny, they even encourage it.
BTW, if this all sounds familiar, think back to the days of yore and Firefly. --
If/. is going to be publishing stuff about body modification, why not go with someone who has something to do with computers? He's been the editor of Phrack, he has really cool body modifications, and he produces code.
>rant< Personally I think that body modification is cool, but do we really need it on/.? There's a lot of good stories that are getting rejected, and we get stuff like this? I guess I would feel better about it if there weren't 200 stories in the queue right now. Some of those are probably really interesting things that we won't see. </rant> --
Well an IPO is an initial public offering, and required implicitly in order to be a publicly traded company. Some companies may use them for capital injections, but UPS just had their IPO, and they're certainly not in need of quick cash. Just another business move. --
Amazon recieved a preliminary injunction against Barnes & Noble (see previous article). What this means is that they can't use "one-click shopping" until Amazon loses the suit. Right now is the busiest shopping time of the year, so if Amazon can cut into B&N's profits, then Amazon wins, regardless of who wins the suit.
The question is, do we want our money paying the paychecks of people who feel this is the best way to do business? Vote with your dollars. --
ACtually, it is NSI's fault. The way transfering a domain works (or at least is supposed to) is the domain immediately goes to the new person. To take your car analogy, it would be as if you bought a car from someone, they gave you the keys, then someone else came along, stole your car, convinced the government that it was theirs, and offered to sell you back your car for 10x what you bought it for. --
Mastering Algorithms with Perl - 8/10 Code and Other Laws of Cyberspace - 10/10 Perl CD Bookshelf - 8/10 A Canticle for Leibowitz - 9/10 Under The Radar - 7/10 Programming Pearls (Second Edition) - 10/10 Beginning Linux Programming, 2nd Edition - 8.5/10 The Unofficial Guide to Lego Mindstorms Robots - 9/10 Cities in Flight - 8/10 The Cathedral and the Bazaar - 9/10 All Tomorrow's Parties - 7/10 Using Samba - 8/10 Sandman: The Dream Hunters - 10/10
#ifndef disclaimer I'm not humor impaired, I realize that Signal 11 doesn't actually claim to write those fortunes, I'm just trying to make sure that everyone enjoys the wit and surrealism that is Zippy. #endif
The sad state of affairs is that there aren't that many good hacks anymore. The people who break into computers nowadays tend to be too stupid to realize what a good hack would be. Creativity and the script kid tend to be an Xor situation.
I hope that there will be hacks worth hearing about, instead of what seems to be the standard defacement. I guess actually programming is too hard for these script kids.
As a student of Wayne State University, I can assure you it's not in Nebraska. It's in Detroit, Michigan and you can learn more at http://www.wayne.edu/.
Well if you're running a server and a client on two different machines, don't you need two licences anyways? I'm not familiar with Quake's licence agreement, but most don't allow you to install a program on two machines that run simultaniously.
As for tracking people who download the binaries, this isn't for ID. ID already knows there's a Linux gaming market. It's for other software publishers to look at the sales and say "Well ID made $3 trillion selling Quake for Linux, maybe we should try selling our software for Linux as well!" If people don't purchase the Linux version, Linux will continue to be marginalized as a software platform.
Slashdot Mirror
What keeps you folks where you are at the moment?
That's an easy one... Inertia!
--
If its dropping packets, check your cables.
--
This opens up a pandora's box of cheesy pick up lines.
"Nice USB port, wanna fsck?"
"You're so hot I need another heat sink on my celeron."
-or-
"You're so hot, are you overclocked?"
"That's a nice system, but I think I could penetrate it." (at a hacker con)
"I noticed you're wearing IEEE pants, which is good, because that's what you're going to be shouting later."
"That LCD looks great on you...as a matter of fact, so would I."
Make your own Hard Drive jokes.
--
You forgot the various governments worldwide that can do more to harm the Internet than MSFT, AOL and AMZN combined.
--
Ell Zero Pee Aitche Tee
L 0 P H T : PH = F (in crazy english)
L0FT : 0 = O (in crazy 1337 5p33k)
loft
1 : an upper room or floor : ATTIC
2 a : a gallery in a church or hall b : one of the upper floors of a warehouse or business building especially when not partitioned c : HAYLOFT
3 a : the backward slant of the face of a golf-club head b : the act of lofting
4 : the thickness of a fabric or insulating material (as goose down)
--
--
Like you say, the Bad Guys can read that source too, and often do until they find a hole, which is true. But this also means that you've got all those exploit writers auditing open source code, looking for any chink in the armor. Once one is found, an exploit is usually published because the crackers are typically looking for recognition in their skill. 8-16 hours later there is usually a fix, and the program is now secure against that attack.
Now lets contrast that with the closed source model of security. No one (in the public) has the source, so it will taker a more skilled cracker to find exploitable bugs. What this translates to is the cracker who finds holes in the system will be more dedicated than the open source cracker. Dedication means that they are less likely to share their new found secret, and the hole is less likely to be patched.
If you don't like the sociological argument, how about the mathmatical one? Assume you have equal numbers of people looking for security holes on a closed source system and an open source system. Since its easier to audit a system that you have the code to (and almost impossible to audit one you don't), even if one cracker doesn't publish a found bug, another will most likely run across it. So you will have more found bugs, but also a higher reported bug/found bug ratio.
--
Check out LIDS - the Linux Intrusion Detetion System. You can lock everyone (including root) out of doing certain things, like killing certain processes, inserting/removing modules, changing files, modifying firewall rules, and a lot of other stuff. Plus it's a lot easier for people to write stuff like this when the kernel is publicly available.
:). But that's stupidity, which won't ever be preventable. All that can be done is enabling and encouraging intelligence.
BTW, once a cracker has a command prompt on a unix system, that's all they've got. They'll be running as the UID of whatever daemon they comprimised, but they still won't have root (unless the daemon was (stupidly) running as root). Any sysadmin without massive head trauma will not allow a normal user to do root-things. Then again, with some of the setuid root binaries I've seen, I wonder if the head wounds interfere with typing
As for fine tuned granularity, groups work fine for most people, but if they aren't your style, there are Access Control List patches available. Check out this one. It's all about choices.
--
It's Andy Kaufman alive and well after his big cancer joke. Now he wants to have fun with the Linux crowd.
--
Guiness always had a problem with Star Wars. He loathed "those bloody awful banal lines" so much that he came up with the idea to kill off Obi-Wan. To this day he's not too keen on the whole Star Wars franchise.
None of which explains why he showed up in ESB and RoTJ if he was upset with ANH.
--
Replying to my own post, how chic.
According to http://ciac.llnl.gov/ciac/CIAC Hoaxes.html#elfbowling it is a hoax, and my mother can go on enjoying life to its fullest, thanks to shockwave games.
--
My mom keeps sending me the Elf Bowling thing (even though I tell her that my system can't run it (It said Windows 95 or better, so in theory Linux should run it (English should support nested parens))). Is it a virus or a virus hoax? Last thing I need is my Mom calling me up at 12:01 on 01/01/1900 telling me her computer has the Y2K virus.
--
If people use it to plan events to watch, it could even notice that people who watch Space Ghost and Tom Green have programmed their TiVo's to record the Hitchhiker's Guide to the Galaxy on PBS, and ask you if you want to do the same. Privacy concerns aside, this would be welcomed by most people, but wouldn't prevent homogeny in their TV viewing. Then again, most people don't mind homogeny, they even encourage it.
BTW, if this all sounds familiar, think back to the days of yore and Firefly.
--
If /. is going to be publishing stuff about body modification, why not go with someone who has something to do with computers? He's been the editor of Phrack, he has really cool body modifications, and he produces code.
/.? There's a lot of good stories that are getting rejected, and we get stuff like this? I guess I would feel better about it if there weren't 200 stories in the queue right now. Some of those are probably really interesting things that we won't see.
Check out Nirva.
>rant<
Personally I think that body modification is cool, but do we really need it on
</rant>
--
Well an IPO is an initial public offering, and required implicitly in order to be a publicly traded company. Some companies may use them for capital injections, but UPS just had their IPO, and they're certainly not in need of quick cash. Just another business move.
--
Amazon recieved a preliminary injunction against Barnes & Noble (see previous article). What this means is that they can't use "one-click shopping" until Amazon loses the suit. Right now is the busiest shopping time of the year, so if Amazon can cut into B&N's profits, then Amazon wins, regardless of who wins the suit.
The question is, do we want our money paying the paychecks of people who feel this is the best way to do business? Vote with your dollars.
--
ACtually, it is NSI's fault. The way transfering a domain works (or at least is supposed to) is the domain immediately goes to the new person. To take your car analogy, it would be as if you bought a car from someone, they gave you the keys, then someone else came along, stole your car, convinced the government that it was theirs, and offered to sell you back your car for 10x what you bought it for.
--
error 'ASP 0115'
Unexpected error
/Default.asp
A trappable error occurred in an external object. The script cannot continue running.
--
Mastering Algorithms with Perl - 8/10
Code and Other Laws of Cyberspace - 10/10
Perl CD Bookshelf - 8/10
A Canticle for Leibowitz - 9/10
Under The Radar - 7/10
Programming Pearls (Second Edition) - 10/10
Beginning Linux Programming, 2nd Edition - 8.5/10
The Unofficial Guide to Lego Mindstorms Robots - 9/10
Cities in Flight - 8/10
The Cathedral and the Bazaar - 9/10
All Tomorrow's Parties - 7/10
Using Samba - 8/10
Sandman: The Dream Hunters - 10/10
I'm pretty sure that those fortunes come from Zippy the Pinhead.
#ifndef disclaimer
I'm not humor impaired, I realize that Signal 11 doesn't actually claim to write those fortunes, I'm just trying to make sure that everyone enjoys the wit and surrealism that is Zippy.
#endif
http://www.cnn.com/US/9 911/29/internet.murder.ap/index.html
The sad state of affairs is that there aren't that many good hacks anymore. The people who break into computers nowadays tend to be too stupid to realize what a good hack would be. Creativity and the script kid tend to be an Xor situation.
If you take a look at Attrition.org's mirror of web page defacements you'll notice that both the Senate's Teleconferencing Server( Mirror ) and Michigan Public Sexual Offender Query ( Mirror )were broken into in the past week or so. Imagine the fun that could be had with the two servers. Imagine the damage. But these geniuses (rackmount and ieet respectivly) decided the best use of access to these systems was to replace the homepages.
I hope that there will be hacks worth hearing about, instead of what seems to be the standard defacement. I guess actually programming is too hard for these script kids.
--
As a student of Wayne State University, I can assure you it's not in Nebraska. It's in Detroit, Michigan and you can learn more at http://www.wayne.edu/.
--
Well if you're running a server and a client on two different machines, don't you need two licences anyways? I'm not familiar with Quake's licence agreement, but most don't allow you to install a program on two machines that run simultaniously.
As for tracking people who download the binaries, this isn't for ID. ID already knows there's a Linux gaming market. It's for other software publishers to look at the sales and say "Well ID made $3 trillion selling Quake for Linux, maybe we should try selling our software for Linux as well!" If people don't purchase the Linux version, Linux will continue to be marginalized as a software platform.
--
the link to Rep. Barr's remarks on the Highlights page?
--