As clifgriffin, I speak for myself when I say that "vigilante" is not a word we ever claimed.
Maybe you never claimed to be vigilantes, but it's obviously what you're doing. Would you mind posting your full name, number, and street address so we can report you to the proper autorities for your "social experiment"?
(Calling something an "experiment" has no effect on its legality ya know.)
I believe most of us feel angry when reading about these vigilantes. I know I do. However, I would encourage all of us to remember that if these vigilantes were, say... tracking down spammers... then we would be extatic.
Speak for yourself. Maybe you're a hypocrite, but I'd be just as pissed if the program was targeted at spammers by calling it "1millionemails.exe".
Computer crime is computer crime, and this is definately it. We need reasonable, legal, long-lasting solutions to the problems of the net, not some jackass breaking into system in a vain attempt to combat what he sees as a big problem.
I believe the root issue is the still far too common "macho" attitude to "not be a wuss" when handling things like dangerous chemicals, electrical shock hazards, or non-visible dangers like nuclear or medical waste.
Then you clearly didn't RTFA.
The problem was that ALL THREE redundant generators were not working. Whether they were sabotaged or not, THE PEOPLE SUPPOSED TO BE RUNNING THEM WERE NOT THERE.
The problem wasn't somebody juggling vials of anthrax, it was the lack of personnel critical to the safety of the island.
Yet another example...... of why unions shouldn't be allowed anywhere near facilities which have the capacity for posing a serious hazard. Politics are OK in some places. A BSL-4 facility (or a nuclear reactor) is not one of them.
Normally I would disagree with a statement like that. I think the rights a worker has in this country are pretty crappy and that as a nation we need to treat or workers better, but in this case 100% agree.
This is the type of thing that should be handled by orgainzations like the military (Coast guard perhaps?), where if you don't show up for work, you go to jail. (Unless you have a reasonable excuse of course.)
The potential consequences of an incident like this are just too serious. The people who are critcal to the operation of a place like this should be under contract, and the penalty for breaking the contract should be quite severe.
A facility like this is not the place for a sit-in or strike.
So does this mean that Windows will eventually become a pure OS, with no usable applications? I mean, there are commercial "competitors" in every arena.
That's what Linux is and it works just fine on my system.
Of course, the CD I got Linux on also had apps on it, but that was by choice. If I want to get a copy of just the Linux kernel, I can.
If I want to get a copy of just the Windows operating system, I can't.
What would happen if you could get a copy of just Windows under a fair license is that companies would start selling "just windows" bundled with your choice of applications.
You could walk into a computer store and buy "just windows" bundled with Mozilla, Open Office, WinAMP, etc for $100 less than "normal windows". Microsoft would no longer be able to force you to buy their web browser, media player, etc when you bought a copy of windows.
This wouldn't mean that those computers at Best Buy would come with no apps, it means they would be availible with your choice of apps, and at a lower price.
Iraqi information minister, is that you?
FYI, if you have a contract with someone, you can just suddenly declare that contract invalid because you don't like something. Any attempts to do so would be laughed at....a lot.
"We will revoke all your windows liscenses IN ONE HOUR!"
They might prefer not to, but they definately have that option. I suppose they could even seize Microsoft assets if they wanted.
I'm not sure where you get this attitude that the EU is powerless to enforce their desicion. The US didn't get any money because they didn't award themselves any. If they had said, we want 1 billion dollars within the week, they could have had it. If MS refused, the could have seized that much from MS.
I don't remember "civil disobedience" as practiced by Ghandi or MLK including breaking things... it was generally a peaceful type of thing.
Except for the whole "getting assasinated" thing.
It think it's pretty funny how much some people will put those guys up on a pedestal as if they were perfect.
They were great rallying points for moderates, but one needs to realize that people like Malcolm X were equally if not MORE important.
If a bunch of my factory workers refuse to work, I have two options:
A. Give in.
B. Force them to work.
What stops me from doing B? The knowedge that the Malcolm X types are going to go apeshit and declare all out war. If no one supporting the cause was willing to do anything more than refuse to do things, I could just hire some thugs to force everyone to work. In the end it all comes down to violence, even if that violence never happens.
The idea the civic disobedience and violence are mutually exclusive is just crazy, especially if the violence we're talking about here is against a machine.
1) Diebold needs to modify the machines to produce a printed slip that shows the party X voted for. X is then responsible for ensuring that the slip makes it into the collection basket.
No the slip should drop into a locked box inside the machine when the person leaves the machine. The slip should be shown behind a plexiglass panel. This prevents me from voting one way an turning in a forged slip to delibeately force a recount. It also applies the KISS philisophy.
Bar codes can be used to correlate votes in the machine and votes on paper, and verify that they match.
No they can't. That would totally negate your first idea, since HUMANS CAN'T READ BARCODES. I would not be able to tell that the barcode on that slip is actually the correct one for the canidate I chose.
So how do you propose to have a representative democracy without using geographical boundaries?
The answer is pretty obvious:
In national elections, the votes are tallied nationwide.
In State elections, the votes are tallied statewide, etc.
It would work but there woould be problems. A good example would be my home state of NY. The sheer number of people living in NYC would dwarf the opinions of those upstate.
It could working states when to populations distribution is fairly uniform, but in states which have both large cities and very rural areas, the less densely poplated areas would have just about no voice in gov't.
This means for example that if the people in NYC wanted to turn say, the Adiroundacks, into a gaint garbage dump, they could.
It would also mean that you would end up with a lot of successionist groups that figure the only way to get fair representation is to break off and form their own state.
This security is no inherent quality of the software but just a consequence of very few people using the same version of linux. Linux security is essentially security by obscurity.
I'm sorry but that's just plain stupid. Do you know ANYTHING about software? Do you even know what "security by obscurity" means?
LINUX IS DEIGNED DIFFERENTLY AND DESIGN MATTERS.
What you're trying to do is like saying brand A's cars are stolen more than brand B's cars because they're more common. Sure, that will have something to do with it, but the fact the brand A's car's use shitty locks while brand B's cars use both good quality locks and an electronic theft deterrent system is going to be the main reason.
The simple fact is that if someone finds a why to jack Mozilla, they can reformat my windows PC, but not my Linux PC. Why? They're designed differently. It's not that someone can't find out how to reformat my HD under Linux, because it's somehow "obscure". That's the stupidest thing ever. The system is documented. The source code is availible. By definition it's not "obscure". It's all right there for you to see, not obscured in any way.
Here is a problem I had never thought about with open source initiatives. What happens when someone steals your source without obeying GPL or anything and turns it into a monster? It would have ben *MUCH* harder for the PhatBot authors to code their own Waste-like clustering P2P system.
The same thing you do when someone buys a hammer and then uses it to kill someone. You just deal with it.
Once you distribute something, be it a physical object like a hammer, or source code, you loose a certain amount of control over it. It's just a fact of life.
Sure you could try and make your hammer harder to kill someone with, or make it stupidly difficult to buy a hammer in the first place, but all you really end up doing is hurting people who need your hammer for legitimate purposes.
Too bad it would be both grossly illegal and probably disruptive, because it would be a great favor to the rest of the net, to counter these botnets and squish-them into oblivion (at least this generation, until the attackers learn how to do authentication of commands correctly).
The bot requires a a user/pass in order to execute a command. Only the MD5 of this password is stored within the bot.......
I was going to ask what's wrong with this but typing this message made me understand: the password travels as cleartext across the network.
A proper way to do this would be to intersting to devise. I imagine you'd need public/private key crypto and some sort of id system for either commands, bots or both.
What this is, is if Linus (who I think personally owns the Linux trademark) starting up a company with some good mates, which takes the current Linux source, close-sources it and sells it for a profit with the name Linux 2 and takes the domain name, www.linux.com as his company's front. Not only that said company heavily promotes propietry closed-source formats and programs.
He'd be the target of a huge lawsuit by all the OTHER people who have contributed to the Linux kernel.
That's the key thing here:
Linux is more that just Linus and P.G. is more that just this guy. What happening is one guy trying to co-opt the work and good name of a lot of people.
It's important to realize that the guy who holds the trademark on "Project Gutenberg" basically took the name of an established charity organization and trademarked it for himself, instead of the organization. (Even if he started it some years earlier.)
It's quite likely that the owner of this trademark could loose it if taken to court since the Project Gutenberg ORGANIZATION has been operating under this name for quite some time. While this guy may have been affiliated with the project at some point, it doesn't necessarily give him the right to take ownership of its name for his own personal purposes. Furthermore, even if a court found that the original tradmark claim was vaild it could be dismissed on the ground that the P.G. organization has been actively using this trademark for quite some time. This could result Michael Hart loosing ownership of the P.G. trademark.
If the guy wants to buy from spammers, let him. We have to fight spam from another angle, not by supressing people's rights to do stupid things.
Yes, why should we judge people who financially support those who commit FRAUD? After all, we can all to say whatever we want, even if it's not true right? WRONG
I don't know how the verizon authentication works, but on Georgia Tech's 802.11 network, in addition to requiring a WEP key, there is a webpage-based login. One thing the IT staff tells you when you ask for access is to make sure the URL is https://..., not just http
As if no one but Georgia Tech can set up a secure web server?
They should be telling them to watch for their bowser's indication that the site is "secure" and there are no warnings about the site's SSL cert.
Looking at the web address or protocol used is worthless. The important part in NOT in the location bar.
Maybe this is why people shouldn't take any document on the Web at face value unless they check the sources or credentials. Not only can there be research study oriented "fake web pages", but there also can be pranks and out of date information (many pages do not have timestamps). I know many professors at my university view Web references as something that you use at last resort, when all other reference sources fail.
That's just silly.
Sure info on the web can be false, so can info in books, newpapers, magazines, etc. In fact, it commonly is.
Your profs are just crotchety old coots.
There internet is where it's at these days. You should critically evaluate ANY source.
Sure it's easy to post fake info on the web, but it's also to look at the source. Is the page located a mid.edu, or geocities.com? Does the person give thier name and credentials, etc?
Throw a trailer on the vehicle and you'd never sell a car that you validated using the method you describe. Depending on the maturity of the engine and the system as a whole (including sensors, fuel delivery systems, etc.) it takes at least a year, probably more like two years, to develop an engine calibration.
You're being a bit overdramatic here. Yes an automaker can spend a year developing an engine calibration trying to get everthing PERFECT, but that doesn't mean you have to spend that much time or it's going to flat out suck. If that has the case companies like Haltech and Motec would die off pretty quickly.
If you believe a law that forces car manufacturers to give up their secrets on computer control is just, should should review your ideology, because you certainly don't believe in individual rights, or at least that not everyone has the same individual rights, if you grant yourself this power.
Or may you just believe that sometimes individual rights must be sacrificed for the good of the community.
It's the same type of ideology that leads to crazy things like the public roads that we drive our cars on in the first place and it's the reason all that expensive emissions equipment is on your car in the first place.
Society as whole has an interest in seeing that cars are properly maintained for both safety and emissions reasons. If you can't understand that you probably need a refresher that as a citizen of this country you have both rights and RESPONSIBILITIES.
Sometimes the needs of society are more important than your own "intellectual property", just as they as sometimes more important than your own rights to real property. Do a search on "eminent domain."
The are solutions like this.
But at the time I just needed to get the car fixed ASAP, and was already devoting my (limited) extra EE time to my RX-7.
The problem with the ODBII port design is that it's ONLY used for ODBII. This makes an interface a specialty item and automatically expensive. If they'd just made it RS-232, RS-422 or something else, I imagine even a pre-built interface cable would cost half as much.
Problem I had was I was looking at $70 a pop to get the code read, $160 for a handheld code reader at my local auto parts store, or $200 or so for a cable and software via the internet plus shipping time.
Slashdot Mirror
As clifgriffin, I speak for myself when I say that "vigilante" is not a word we ever claimed.
Maybe you never claimed to be vigilantes, but it's obviously what you're doing.
Would you mind posting your full name, number, and street address so we can report you to the proper autorities for your "social experiment"?
(Calling something an "experiment" has no effect on its legality ya know.)
I believe most of us feel angry when reading about these vigilantes. I know I do. However, I would encourage all of us to remember that if these vigilantes were, say... tracking down spammers... then we would be extatic.
Speak for yourself. Maybe you're a hypocrite, but I'd be just as pissed if the program was targeted at spammers by calling it "1millionemails.exe".
Computer crime is computer crime, and this is definately it. We need reasonable, legal, long-lasting solutions to the problems of the net, not some jackass breaking into system in a vain attempt to combat what he sees as a big problem.
I believe the root issue is the still far too common "macho" attitude to "not be a wuss" when handling things like dangerous chemicals, electrical shock hazards, or non-visible dangers like nuclear or medical waste.
Then you clearly didn't RTFA.
The problem was that ALL THREE redundant generators were not working. Whether they were sabotaged or not, THE PEOPLE SUPPOSED TO BE RUNNING THEM WERE NOT THERE.
The problem wasn't somebody juggling vials of anthrax, it was the lack of personnel critical to the safety of the island.
Yet another example... ... of why unions shouldn't be allowed anywhere near facilities which have the capacity for posing a serious hazard. Politics are OK in some places. A BSL-4 facility (or a nuclear reactor) is not one of them.
Normally I would disagree with a statement like that. I think the rights a worker has in this country are pretty crappy and that as a nation we need to treat or workers better, but in this case 100% agree.
This is the type of thing that should be handled by orgainzations like the military (Coast guard perhaps?), where if you don't show up for work, you go to jail. (Unless you have a reasonable excuse of course.)
The potential consequences of an incident like this are just too serious. The people who are critcal to the operation of a place like this should be under contract, and the penalty for breaking the contract should be quite severe.
A facility like this is not the place for a sit-in or strike.
So does this mean that Windows will eventually become a pure OS, with no usable applications? I mean, there are commercial "competitors" in every arena.
That's what Linux is and it works just fine on my system.
Of course, the CD I got Linux on also had apps on it, but that was by choice. If I want to get a copy of just the Linux kernel, I can.
If I want to get a copy of just the Windows operating system, I can't.
What would happen if you could get a copy of just Windows under a fair license is that companies would start selling "just windows" bundled with your choice of applications.
You could walk into a computer store and buy "just windows" bundled with Mozilla, Open Office, WinAMP, etc for $100 less than "normal windows". Microsoft would no longer be able to force you to buy their web browser, media player, etc when you bought a copy of windows.
This wouldn't mean that those computers at Best Buy would come with no apps, it means they would be availible with your choice of apps, and at a lower price.
I'd also invalidate ALL licenes in Europe..
Iraqi information minister, is that you? FYI, if you have a contract with someone, you can just suddenly declare that contract invalid because you don't like something. Any attempts to do so would be laughed at....a lot.
"We will revoke all your windows liscenses IN ONE HOUR!"
It's not like the EU can ban sales of Windows
Actually, they can.
They might prefer not to, but they definately have that option. I suppose they could even seize Microsoft assets if they wanted.
I'm not sure where you get this attitude that the EU is powerless to enforce their desicion. The US didn't get any money because they didn't award themselves any. If they had said, we want 1 billion dollars within the week, they could have had it. If MS refused, the could have seized that much from MS.
I don't remember "civil disobedience" as practiced by Ghandi or MLK including breaking things... it was generally a peaceful type of thing.
Except for the whole "getting assasinated" thing.
It think it's pretty funny how much some people will put those guys up on a pedestal as if they were perfect.
They were great rallying points for moderates, but one needs to realize that people like Malcolm X were equally if not MORE important.
If a bunch of my factory workers refuse to work, I have two options:
A. Give in.
B. Force them to work.
What stops me from doing B? The knowedge that the Malcolm X types are going to go apeshit and declare all out war. If no one supporting the cause was willing to do anything more than refuse to do things, I could just hire some thugs to force everyone to work. In the end it all comes down to violence, even if that violence never happens.
The idea the civic disobedience and violence are mutually exclusive is just crazy, especially if the violence we're talking about here is against a machine.
1) Diebold needs to modify the machines to produce a printed slip that shows the party X voted for. X is then responsible for ensuring that the slip makes it into the collection basket.
No the slip should drop into a locked box inside the machine when the person leaves the machine. The slip should be shown behind a plexiglass panel. This prevents me from voting one way an turning in a forged slip to delibeately force a recount. It also applies the KISS philisophy.
Bar codes can be used to correlate votes in the machine and votes on paper, and verify that they match.
No they can't. That would totally negate your first idea, since HUMANS CAN'T READ BARCODES. I would not be able to tell that the barcode on that slip is actually the correct one for the canidate I chose.
So how do you propose to have a representative democracy without using geographical boundaries?
The answer is pretty obvious:
In national elections, the votes are tallied nationwide.
In State elections, the votes are tallied statewide, etc.
It would work but there woould be problems. A good example would be my home state of NY. The sheer number of people living in NYC would dwarf the opinions of those upstate.
It could working states when to populations distribution is fairly uniform, but in states which have both large cities and very rural areas, the less densely poplated areas would have just about no voice in gov't.
This means for example that if the people in NYC wanted to turn say, the Adiroundacks, into a gaint garbage dump, they could.
It would also mean that you would end up with a lot of successionist groups that figure the only way to get fair representation is to break off and form their own state.
Still, it could definately be implemented.
When GE told Charles Proteus Steinmetz that he couldn't smoke at work anymore he said "If the cigar goes, Steinmetz goes!"
Since the guy practically invented AC, they kept both him and his cigars.
This security is no inherent quality of the software but just a consequence of very few people using the same version of linux. Linux security is essentially security by obscurity.
I'm sorry but that's just plain stupid. Do you know ANYTHING about software? Do you even know what "security by obscurity" means?
LINUX IS DEIGNED DIFFERENTLY AND DESIGN MATTERS.
What you're trying to do is like saying brand A's cars are stolen more than brand B's cars because they're more common. Sure, that will have something to do with it, but the fact the brand A's car's use shitty locks while brand B's cars use both good quality locks and an electronic theft deterrent system is going to be the main reason.
The simple fact is that if someone finds a why to jack Mozilla, they can reformat my windows PC, but not my Linux PC. Why? They're designed differently. It's not that someone can't find out how to reformat my HD under Linux, because it's somehow "obscure". That's the stupidest thing ever. The system is documented. The source code is availible. By definition it's not "obscure". It's all right there for you to see, not obscured in any way.
Here is a problem I had never thought about with open source initiatives. What happens when someone steals your source without obeying GPL or anything and turns it into a monster? It would have ben *MUCH* harder for the PhatBot authors to code their own Waste-like clustering P2P system.
The same thing you do when someone buys a hammer and then uses it to kill someone. You just deal with it.
Once you distribute something, be it a physical object like a hammer, or source code, you loose a certain amount of control over it. It's just a fact of life.
Sure you could try and make your hammer harder to kill someone with, or make it stupidly difficult to buy a hammer in the first place, but all you really end up doing is hurting people who need your hammer for legitimate purposes.
Too bad it would be both grossly illegal and probably disruptive, because it would be a great favor to the rest of the net, to counter these botnets and squish-them into oblivion (at least this generation, until the attackers learn how to do authentication of commands correctly).
The bot requires a a user/pass in order to execute a command. Only the MD5 of this password is stored within the bot.......
I was going to ask what's wrong with this but typing this message made me understand: the password travels as cleartext across the network.
A proper way to do this would be to intersting to devise. I imagine you'd need public/private key crypto and some sort of id system for either commands, bots or both.
Very good idea! I suggest you send it to the P.G. people.
What this is, is if Linus (who I think personally owns the Linux trademark) starting up a company with some good mates, which takes the current Linux source, close-sources it and sells it for a profit with the name Linux 2 and takes the domain name, www.linux.com as his company's front. Not only that said company heavily promotes propietry closed-source formats and programs.
He'd be the target of a huge lawsuit by all the OTHER people who have contributed to the Linux kernel.
That's the key thing here:
Linux is more that just Linus and P.G. is more that just this guy. What happening is one guy trying to co-opt the work and good name of a lot of people.
It's important to realize that the guy who holds the trademark on "Project Gutenberg" basically took the name of an established charity organization and trademarked it for himself, instead of the organization. (Even if he started it some years earlier.)
It's quite likely that the owner of this trademark could loose it if taken to court since the Project Gutenberg ORGANIZATION has been operating under this name for quite some time. While this guy may have been affiliated with the project at some point, it doesn't necessarily give him the right to take ownership of its name for his own personal purposes. Furthermore, even if a court found that the original tradmark claim was vaild it could be dismissed on the ground that the P.G. organization has been actively using this trademark for quite some time. This could result Michael Hart loosing ownership of the P.G. trademark.
If the guy wants to buy from spammers, let him. We have to fight spam from another angle, not by supressing people's rights to do stupid things.
Yes, why should we judge people who financially support those who commit FRAUD? After all, we can all to say whatever we want, even if it's not true right?
WRONG
I don't know how the verizon authentication works, but on Georgia Tech's 802.11 network, in addition to requiring a WEP key, there is a webpage-based login. One thing the IT staff tells you when you ask for access is to make sure the URL is https://..., not just http
As if no one but Georgia Tech can set up a secure web server?
They should be telling them to watch for their bowser's indication that the site is "secure" and there are no warnings about the site's SSL cert.
Looking at the web address or protocol used is worthless. The important part in NOT in the location bar.
I may just may be dumb, but how did the original poster surf on the Verizon Network if it was fake AP he was connecting to?
He "surfed" on the internet. The same network he would have been surfing if it had been a real Verizon AP.
Maybe this is why people shouldn't take any document on the Web at face value unless they check the sources or credentials. Not only can there be research study oriented "fake web pages", but there also can be pranks and out of date information (many pages do not have timestamps). I know many professors at my university view Web references as something that you use at last resort, when all other reference sources fail.
That's just silly.
Sure info on the web can be false, so can info in books, newpapers, magazines, etc. In fact, it commonly is.
Your profs are just crotchety old coots.
There internet is where it's at these days. You should critically evaluate ANY source.
Sure it's easy to post fake info on the web, but it's also to look at the source. Is the page located a mid.edu, or geocities.com? Does the person give thier name and credentials, etc?
Has anyone looked into doing a ECU swap from an older model that might be easier to reverse engineer?
I know this has been done with some Honda vehicles.
That's an interesting angle, do you have any links on it?
Throw a trailer on the vehicle and you'd never sell a car that you validated using the method you describe. Depending on the maturity of the engine and the system as a whole (including sensors, fuel delivery systems, etc.) it takes at least a year, probably more like two years, to develop an engine calibration.
You're being a bit overdramatic here. Yes an automaker can spend a year developing an engine calibration trying to get everthing PERFECT, but that doesn't mean you have to spend that much time or it's going to flat out suck. If that has the case companies like Haltech and Motec would die off pretty quickly.
If you believe a law that forces car manufacturers to give up their secrets on computer control is just, should should review your ideology, because you certainly don't believe in individual rights, or at least that not everyone has the same individual rights, if you grant yourself this power.
Or may you just believe that sometimes individual rights must be sacrificed for the good of the community.
It's the same type of ideology that leads to crazy things like the public roads that we drive our cars on in the first place and it's the reason all that expensive emissions equipment is on your car in the first place.
Society as whole has an interest in seeing that cars are properly maintained for both safety and emissions reasons. If you can't understand that you probably need a refresher that as a citizen of this country you have both rights and RESPONSIBILITIES.
Sometimes the needs of society are more important than your own "intellectual property", just as they as sometimes more important than your own rights to real property. Do a search on "eminent domain."
The are solutions like this.
But at the time I just needed to get the car fixed ASAP, and was already devoting my (limited) extra EE time to my RX-7.
The problem with the ODBII port design is that it's ONLY used for ODBII. This makes an interface a specialty item and automatically expensive. If they'd just made it RS-232, RS-422 or something else, I imagine even a pre-built interface cable would cost half as much.
Problem I had was I was looking at $70 a pop to get the code read, $160 for a handheld code reader at my local auto parts store, or $200 or so for a cable and software via the internet plus shipping time.