Is that a real concern? The previous Gulf War went very smoothly, and now Iraq is weakened by 10 years of sanctions. As useless as Iraq was last time, it's probably even weaker now. Other than replenishing munitions, is there any real logistical barrier to knocking over Iraq?
I'm aware of this, but the username in question was "ibtagmrq" which to me doesn't look susceptible to dictionary attack.
To me this username looks like a pretty fair password. It only has two vowels and uses a 'q' (without a 'u', no less). It doesn't use any numbers, but that might be good in this case as numbers are so commonly used on hotmail addresses, especially at the end.
You're claiming there's enough structure in this username to increase it's liklihood by 6 orders of magnitude. I just don't see that.
I forsee a potential abuses for this though. Annoying "spam bots" could learn to decipher the first automatic reply containing the code and then automatically send the spam, and contain the code which will allow the mail server to recieve the mail.
Anybody smart enough to make a spam bot work around this sort of thing in general will win a Nobel Prize.
There are many ways to throw them off, from the typical "remove NOSPAM from the email address to reply," to "remove the name of a bird from the email address to reply" (where the email address is FalconGeorge@home.com), and on to things like using scanned images of your email address, in handwriting.
I do this to, but it won't help when you need the address to be (more or less) public, like on a resume, or a contact address on a web page.
Also, you may be able to do this without owning your own domain using the "percent hack" - you prepend somestring% to your email address and everything previous to the percent sign is not used in addressing the mail, but you can filter on it.
Come on, AT&T knows for a fact they'll be the target of a social engineering competition, and exactly when. They'd be *stupid* not to use that information.
Not really. But it really bugs me when people want everything illegal. Anything can be misused.
It's discouraging to think of all the things that wouldn't be allowed if invented today. This most likely includes cars. All you have to do to kill somebody in a car is rotate the steering wheel a few inches to the left (or the right, for you Brits and Japanese out there). And heavens to betsy, think of zipping around with 20 gallons of highly inflammible gasoline just waiting to burst into flames.
Why deny slashdot refers in particular? They're no better or worse than referrals from anywhere else. You could save the cost of setting up the connection (to get the referrer string) just by refusing connections as necessary to stay up.
The google cache doesn't redirect links (including inline images!) to itself so it's nearly useless for reducing slashdotting.
Finally, cnn.com, news.com etc. don't need or want traffic directed away and would probably get upset about it.
It sounds like the only difference between you and the reviewers is that you have lower ("more realistic") expectations.
Using an IDS sucks up a lot of time that could be spent staying on top of security alerts, updating systems, and educating users. The question is not whether all the time you pour into your IDS is of *some* benefit, but whether you'd be better off investing your effort in something else.
No, CDR lasts longer than tape. Probably for your lifetime. Plus there are too many tape formats. Make a copy of each of your archive CDRs and you are pretty safe.
I'm not sure what you mean. Do you really think P2P networks aren't just "plain old HTTP?" The Internet has long been almost exclusively point-to-point.
The only ones "enforcing" their beliefs here are the atheists. The girl was NEVER forced to recite the two offending words, or any other part of the pledge. Her parents are simply using her to silence others with whom they disagree.
If "freedom of not hearing" overrules "freedom of speech," there will be no freedom of speech.
I would like to know why so many respondents to this story assume that this just means putting up decoy files?
While content owners now can try to block access to intellectual property pirates, they cannot use the range of technological options that they want, chiefly because some tactics are illegal under state and federal law. Berman's bill would legalize some techniques over the protests of file-sharing advocates.
I ask you, is putting up decoy files illegal? No. The "decoy file" example is itself a decoy; apparently all that's prohibited is "employing tactics that would damage or destroy pirates' own computer systems."
Now I ask you, how narrowly do you think the phrase "damage and destroy" could be interpreted? Hardly anything is ruled out for sure. Remember, this is the same legal system that considers loading something into RAM to be "making an unauthorized copy" when it suits them. The same government that interprets "regulate interstate commerce" as "do whatever we feel like."
I am going to be very angry when I can't get my tunes from emusic because the RIAA is flogging my fileswapping neighbors.
"As long as the anglo-saxons insist that the State be as small as possible, individual rights will be trampled by big croporations. Do not forget that a strong State is the best guardian of individual rights, simply by the virtue of ruling-in and checking the power of big croporations over the people."
I want to agree with you, but what about WWI and WWII? What about the Sovient Empire? And China?
Oh, I see you're arbitrarily ruling out all the lessons of history because they're just "past examples," not "actual arguments."
Is that a real concern? The previous Gulf War went very smoothly, and now Iraq is weakened by 10 years of sanctions. As useless as Iraq was last time, it's probably even weaker now. Other than replenishing munitions, is there any real logistical barrier to knocking over Iraq?
To me this username looks like a pretty fair password. It only has two vowels and uses a 'q' (without a 'u', no less). It doesn't use any numbers, but that might be good in this case as numbers are so commonly used on hotmail addresses, especially at the end.
You're claiming there's enough structure in this username to increase it's liklihood by 6 orders of magnitude. I just don't see that.
There are many ways to throw them off, from the typical "remove NOSPAM from the email address to reply," to "remove the name of a bird from the email address to reply" (where the email address is FalconGeorge@home.com), and on to things like using scanned images of your email address, in handwriting.
I do this to, but it won't help when you need the address to be (more or less) public, like on a resume, or a contact address on a web page.
Also, you may be able to do this without owning your own domain using the "percent hack" - you prepend somestring% to your email address and everything previous to the percent sign is not used in addressing the mail, but you can filter on it.
In other words I think your explanation is wrong.
Come on, AT&T knows for a fact they'll be the target of a social engineering competition, and exactly when. They'd be *stupid* not to use that information.
Not really. But it really bugs me when people want everything illegal. Anything can be misused.
It's discouraging to think of all the things that wouldn't be allowed if invented today. This most likely includes cars. All you have to do to kill somebody in a car is rotate the steering wheel a few inches to the left (or the right, for you Brits and Japanese out there). And heavens to betsy, think of zipping around with 20 gallons of highly inflammible gasoline just waiting to burst into flames.
The google cache doesn't redirect links (including inline images!) to itself so it's nearly useless for reducing slashdotting.
Finally, cnn.com, news.com etc. don't need or want traffic directed away and would probably get upset about it.
What I don't like about the shuttle is how it was created to make space travel more affordable and utterly failed to do so.
Using an IDS sucks up a lot of time that could be spent staying on top of security alerts, updating systems, and educating users. The question is not whether all the time you pour into your IDS is of *some* benefit, but whether you'd be better off investing your effort in something else.
No, CDR lasts longer than tape. Probably for your lifetime. Plus there are too many tape formats. Make a copy of each of your archive CDRs and you are pretty safe.
If the Internet had been dominated by cable companies in 1993, there would be no WWW because "normal people just want to use gopher!"
Yes! Finally the proof that McDonald's has the best food in the world!
There goes next month's TV special!
Wow, I bet that sent profits through the roof.
I'm not sure what you mean. Do you really think P2P networks aren't just "plain old HTTP?" The Internet has long been almost exclusively point-to-point.
That's your loss; some of us have better jobs.
I don't think I"ve ever read anything dumber than that.
"Honest, teacher, my paper isn't plagiarized. I downloaded it with my own bandwidth and printed it on my own paper."
They didn't have their writers on roll did they? I thought they just bought stories they liked and published them.
If "freedom of not hearing" overrules "freedom of speech," there will be no freedom of speech.
Now I ask you, how narrowly do you think the phrase "damage and destroy" could be interpreted? Hardly anything is ruled out for sure. Remember, this is the same legal system that considers loading something into RAM to be "making an unauthorized copy" when it suits them. The same government that interprets "regulate interstate commerce" as "do whatever we feel like."
I am going to be very angry when I can't get my tunes from emusic because the RIAA is flogging my fileswapping neighbors.
experts estimate that friction costs the economy $200 billion per year.
I want to agree with you, but what about WWI and WWII? What about the Sovient Empire? And China?
Oh, I see you're arbitrarily ruling out all the lessons of history because they're just "past examples," not "actual arguments."