Slashdot Mirror


User: phorm

phorm's activity in the archive.

Stories
0
Comments
9,911
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 9,911

  1. Well written on Netgear Routers DoS UWisc Time Server · · Score: 1

    This was an incredibly well-written article. Not only did it give me a good understanding of the issue at hand, but more information about NTP and some even some routing stuff I want to look into now.

    As per the netgear issue, while the UWisc server may take a short beating from a slashdot link, I'm hoping that hopefully we'll at least get a good start on spreading the word about the bad Netgear routers and thus make it worth the slashdotting.

    1 question though... who pays for uWisc's bandwidth, and wouldn't even ignoring/recrafting packets still count as incoming bandwidth. That's gotta be one hell of a bill, so hopefully netgear is pitching in a bit.

  2. Actually on Gaim Speaks Out on MSN Ban · · Score: 1

    That's more like "public restricted" than "public-private." Anyone is allowed in, but there are rules (just like pretty much anywhere).

  3. And if on Using Spyware to Report Pirates? · · Score: 1

    It's connecting to the outside world through port 80, on a connection through an IE widget?

    Really, are you going to log and scan every bloody internet connection? Maybe if you're lucky you notice a light on your modem/hub blinking when it shouldn't be, or do a netstat sometime and see a connection to a server you don't remember connecting to, but you should be able to reasonably expect that you are secure (as per open relay, there are other signs, and periodic checks work well enough.)

  4. Nope on Using Spyware to Report Pirates? · · Score: 1

    The legit user bought the system knowing that it had phone-home anti-theft. The thief may become a user, but he isn't a legit one.

    None of us are saying that the person using a "pirated" version of the software is legiticized in doing so, just that not all users that appear to be pirating are doing so, and that this function is hidden so it is a violation of privacy.

  5. Is it legit if on Using Spyware to Report Pirates? · · Score: 1

    The 3rd clause on page 55 of the EULA states you must give up your firstborn to company X? No, of course not.

    Ok, that's a little dramatic. I'd say that if it was being fairly obvious that it was installing spyware. Say, a fairly visible clause that states "will install software that will report X Y browsing habits, email address, etc to our affiliates for the purpose of advertising good to you" then I would say... maybe. The software is still going to be sending them information, but can a spy really by a spy if he's jumped up and say "hey, here I am, I'm not really an FBI agent I'm on KGB payroll." Probably not....

  6. So then it's all right on Using Spyware to Report Pirates? · · Score: 1

    If I set up a secret camera in your car, just to be sure you aren't speeding. After all, we're not hurting you so long as you don't break the law, just taking down existing information.

    Oh, and the shopping habits that we've catalogued for the last three years... no worries about those either, right? After all, we're just checking so that we can inform of product that you likely want to buy, it's to your benefit.

    Oh, and while we're at it, we'll be sneaking into your house and checking every VHS tape, DVD, and CD, just in case you have any burned copies of something we own.

    Of course, if you don't like us spying you don't have to agree to this... but seeing as though it's happening without anyone frigging telling you then what you don't know won't hurt you, will it.

    Hello??? *knock* *knock*, is my point getting through yet?

  7. Re:What we want to know... on Using Spyware to Report Pirates? · · Score: 1

    If Linux is to succeed on the desktop, then third parties must be allowed to write closed-source applications for Linux

    They can, and do. Remember, the GPL doesn't state that using GPL'ed code automatically requires you GPL your app - just that you make visible the GPL code you used. Modular programming would work nicely with this.

    In that case, a vendor very well could include spyware, and being able to block just that application would be very nice.

    Yes, but if you think that this practice gets flamed in the real world, just wait until you see it in the linux world. Also, I believe that IPTables can block by application and/or running UID/GID, just not when the originating app is on a different machine (no way to tell what app is accessing what port/etc).

    Of course, the arguement against closed-source software is the same: Bad upgrade reponse; you can't debug it youself in the case of a problem; and you're S.O.L if the source company goes out of business.

  8. Doesn't on Using Spyware to Report Pirates? · · Score: 1

    CuteFTP Pro do this? I remember that at my old job I couldn't find my license so I just used a keygenned one. When I fired up the program, the first thing it did was call home and check its key - returning that it was not a valid registered key. Took me quite awhile to track down our real (legit) key so that I could use the thing, how annoying

    (I later found though, that disabling the network connection when the app started would cause it to skip the check).

  9. Re:we've already been here on Designing Virtual Worlds · · Score: 1

    No, I don't really have anything against linking to my site. I don't yet have anything on there that should be of interest to a major site. However, if I did, I'd probably label it as "please email me before linking", so that I could at least make sure my countermeasures were happily in place and install some type of apache throttling/etc. Right now I prefer not to throttle, and don't have a need for it: just hoping for the courtesy of being informed before such a need emerges (in other words, link away, but if I've asked you not to flood my server without warning, please let me know ahead of time).

  10. Re:The problem is on RIAA/MPAA vs. xMule Author, EarthStation 5 · · Score: 1

    Burning a DVD would be a pain in the butt, not to mention the cost of hardware (though that's down to only a few hundred now). DivX makes it easy though, so long as you don't need it to play in something other than a computer.

    I personally use VCD for my fansubbed anime, but they're good enough that I plan to buy 'em when they come out here (hopefully subbed and not another horrible US dub)

  11. Sounds like on Designing Virtual Worlds · · Score: 1

    This would be done by CGI (not a big deal anyhow), but is there an actual apache setting for this. I've often considered setting up something that would simply temporarily down the webserver in the event that it consumes a large amount of bandwidth of a specified small amount of time (say, a gig in under an hour) - or to as you said ignore a referer, if there is a lot of bandwidth hits coming from said referer (e.g. 100 hits and 200kb coming from slashdot starts to ignore slashdot).

  12. True with music, but movies... on RIAA/MPAA vs. xMule Author, EarthStation 5 · · Score: 1

    Have you ever tried downloading movies on kazaa. If you don't get a misnamed file, clipped file, or just have to wait several days to get the darn thing you are quite lucky, and I don't find that convenient.

    Moreover, when I want to watch a movie, I want to watch it *now*. Not "in 3-5 days when the download is complete"

    How is that any less convenient than going to the local rental store (and rental for about $3-5 is not completely unreasonable).

    And you still have to look at the quality of the product as part of the package, after all, a product is not just about how slightly inconvenient it is for you to not obtain it illegally, it's about how much the actual product is worth to you to obtain.

    As for online movies-by-demand... it's a coming thing, just like iTunes is starting to do for music. Bandwidth/etc considerations are that it may be an expensive venture initially though...

  13. Ah, but somewhere along the line on FTC Chief Bashes Anti-Spam Bills · · Score: 1

    There's a business/etc using the spammer to advertise their goods.

    And many of the big spammers I have heard of on slashdot run spam as a business, albeit a semi-private one and often home-run (defining a business as an enterprise that provides their primary income, anyhow).

  14. Re:How many others on Designing Virtual Worlds · · Score: 1

    I think it's naive (and wrong) to expect webvisitors to adhere to your warnings or disclaimers about linking

    But I suppose you think SPAM is wrong. But then... you have an email that is globally accessible too, for many even guessable. So I guess you should be securing that better too and tough luck if you get spammed with 100 goatse's in a day?

    It's called a "reasonable expection from a reasonable human being." Unfortunately, with the attitude of people today, reasonable expectation is that you will meet unreasonable people (aka the a**holes aforementioned).

    It's a sign of the degradation of society... "ain't a problem unless it's hurtin' me," correct?

  15. Re:How many others on Designing Virtual Worlds · · Score: 1

    I might even post some links to it out of spite.

    Then your an asshole. Now, if you had a huge portal or site like slashdot, and I had said article crouched in legaleze, and you still posted the damn link, you might even be liable for the huge f**ing bandwidth charges that are likely incurred if you flagrantly ignored such a notice.

    Hopefully, slashdot editors would not be so ignorant as to disregard such a warning.

    Website owners should be able to have some exectation that if they put up reasonable warnings then they don't have to put passwords or logins etc etc on every bloody page just to avoid the slashdot flood.

    I'm assuming that you don't run servers, because such a claim is simply ignorance and I wouldn't expect it from anybody who knows the work it takes to provide such a service (for free, more often than not).

  16. Re:No sh*t on Microsoft Worms Crash Ohio Nuke Plant, MD Trains · · Score: 1

    A big flashing red light, a siren or two, or something similar would also do this.

    Even if they have a GUI, and "advanced" GUI like windows still isn't needed. We're not going to use 3d vector graphics in DirectX, we just need some bars and numbers here...

    Hell, you could accomplish that with stuff written in DOS Qbasic, I'm sure there are lower-level things that can do it without windows (not recommending Qbasic though)

  17. How many others on Designing Virtual Worlds · · Score: 4, Insightful

    Start breathing a little more rapidly after discovering that their article (or worse website) has been posted up on a major site such as slashdot. Pending bandwidth disasters aside, many things are meant to be shared with the general "world-at-large," but not with a large portion of the world. More scary is when they only focus on part of a story or opinion, leading to the appearing of bias on the part of the writer.

    It's nice to see that not only did Mr Rickey put in a "full-opinion" follow-up, but that /. was good enough to post it up.

    Personally, I have a lot of stories, postings, etc that I really have no problem sharing with a random interested netter... but having several thousand people poring over and commenting on it would make me a bit green.

    A lot of slashdotters write that "if you don't want it read, don't post it"... but really there's a difference between putting something up so that global interested parties can check it out, and having it swarmed on by the masses. Makes me wonder if I should append a "property of owner XYZ, please do not copy or link this article without permission"... at least to cover my ass in some form if such an article got in the wild.

  18. Just to make note on RIAA/MPAA vs. xMule Author, EarthStation 5 · · Score: 2, Informative

    Before I get flamed to death for the parent, I suppose I should point out that:

    -I think sueing the authors of P2P apps is retarded
    -I think sending out nastygrams to almost random IP's is retarded
    -I think that the MPAA should be able to expect profit (and less "piracy") on the good movies. The others end up in bargain-bin anyhow...
    -I think that sueing heavy P2P users, or litigating them, is a workable solution
    -I think that sueing college students or teenagers for unreasonable amounts is retarded
    -I think the RIAA and MPAA could both use a new business model... but that's not entirely the problem (people are cheap)
    -I think that if you made something and millions of people were copying it without authorization you'd be pissed, too

  19. The problem is on RIAA/MPAA vs. xMule Author, EarthStation 5 · · Score: 3, Insightful

    People don't download the crap. They don't even download the good stuff to avoid getting crap. They download to avoid paying.
    Now, I'm no fan of any of the money-hungry lawsuit-happy big corps out there, but you have to use your head a bit. The RIAA business model is based around singles and one-hit-wonders. To get one decent song you want, you have to shell out for a whole CD or Album which often otherwise contains crap.

    It's not about the expense of CD's themselves... I find that a CD with 90%+ good content is worth the bucks (if it weren't funding the RIAA)... it's about getting a shitty value for our dollar.

    Now with movies it is different. Unless you go to opening night (and that's your choice) there are loads of movie reviews out quickly. The MPAA even admits that text messaging is speeding this process. Now, are these idiotic lawsuits a good thing? No.

    However, to turn the buck around, is expecting to get away with downloading perfectly good movies just to avoid paying for them a good thing either? No! The MPAA does make good movies. Over the last year I've seen lots of em (American Wedding being the latest). They were worth my cash, and if the MPAA went after users who were providing bootleg/P2P movies I think that would be great. Going after the programmers is dumb... but everyone else is trying to freeload a quality product.

    Come on people, you don't believe that anime should be "pirated", so why should movies? Want them to cost less, protest the huge f***ing wages going to bullsh*t actors or producers. Don't watch the movie. But if you go out and download Revelations insteading of paying to see/buy it... then you're no better them them... you're just being a greedy bastard.

    In summary. Nope, we don't have to pay for the crap. But the stuff being downloaded isn't crap, or at least it's in demand, or it wouldn't be downloaded. I won't be buying any RIAA music anytime soon, but I will be seeing Revelations in the theatre, as it shoudl be. How about you?

  20. We could just on Microsoft Worms Crash Ohio Nuke Plant, MD Trains · · Score: 1

    Block out the sun completely... thus depriving any insane machines of their primary source of power.

    Erm... wait... I think that scenario had a bad ending too...

  21. No sh*t on Microsoft Worms Crash Ohio Nuke Plant, MD Trains · · Score: 2, Informative

    I mean seriously, how do they get away with this crap? Yes, I understand that campaign funding allows MS to sneak in their OS to the military, etc... but to actually put this nightmare in critical systems?

    What the hell does it take, MS-inducted Chernobyl to make them realize that such an OS HAS NO PLACE in a nuclear reactor? Or how about NT crashing a critical system in a battleship?

    Have we REALLY become so pampered that we need a bloody GUI for every frickin thing we do? I don't advocate running X in linux either, it's stupid.

    If there were ever a case for a specialized proprietary system, this would be it. Just do something that does the job, and does it well. No fancy GUI crap, no million-other-f***ing-functions that can cause it to break down. Linux is a bit better than windows because you can trim it to be very specific... so something linux-based could be OK (just not a whole RedHat install, or anything else).

    I mean hell, it's security monitoring. You could work this with a few text screens, some big red lights, sirens, maybe a nice voice that says "Red Alert" a-la-startrek or something.

    We don't need a windows installation, with a million doodads and AOL messenger stating "You've got Meltdown" for a nuclear reactor. We don't need a GUI. We need something that does the job (well), and is secure. Cut out the extra crap... and with MS there is more and more crap you can't cut out ('nix has source, you can trim all you like, but in-house is still better).

    Makes you wonder exactly how many systems like this you are trusting your life too. Wonder if we'll find out tomorrow that the power-outage was caused by a virus.

  22. Blanket statements are dangerous on FTC Chief Bashes Anti-Spam Bills · · Score: 1

    You know what, most businesses don't support filetrading. They prefer to avoid the legal entanglements and inform employees that warez software and unauthorized Mp3's (aka unowned) are not permitted.

    And you know what... they're also the ones that suffer the most productivity/bandwidth/etc loss due to spam. Yes, it's a problem for everyone, even Joe SixPC... but businesses are the ones who are most affected, and thus will be the ones to push for an anti-spam solution.

  23. Don't compare on FTC Chief Bashes Anti-Spam Bills · · Score: 3, Insightful

    Underage drinking, pot use, etc...

    What you are describing are actions done by private citizens. Quite often younger citizens.

    Now in many cases, spam is a business practice: for both the spammer and whomever he/she is advertising for. While regulating businesses may not have an immediate effect, or a fully-encompassing one, it is generally more effective than regulating private citizens.
    Businesses stand to lose a lot. If pushed to bankruptcy and your business is tied to your personal life, you could even lose a house/car/etc. So yes, it could be more effective.

    Now, if most private citizens were spamming, it might be not effective (see RIAA: filesharing). I have enough faith in humanity that is just a few evils causing most of the spam.
    Getting the laws in place, and more importantly enforcing them should start to affect spam eventually, though.

  24. Have you tried... on Pressure-Induced Pains - Fact or Fiction? · · Score: 1

    A few shots of rum with coke? Obviously this won't be viable in the workplace (unless you've got a darn cool job), but I've found that this actually does quite nicely for some fo my more pounding migraines.

    The reasoning behind it: migraines are sometimes caused by tension pains. A pinched nerve, muscles pushing on something they shouldn't, etc. A few shots of rum tend to relax the muscles a bit, and thus slacks off what it causing said migraine. Alternately, perhaps some form of muscle relaxing might help too?

    It also helps explain why migraines are often stress related. Get stress, you tense up. Tense up, nerves get pinched etc etc, you get a migraine. Relaxing those muscles helps take away some of the symptons of what's ailing you.

  25. What really sucks on Ernie Ball - Model For Open-Source Transition? · · Score: 2, Interesting

    Policing existing software isn't too bad. New licenses get either stuck in a master drawer, or better with the computer they are used on so you don't have to do a count.

    Now, if you are a larger organization, you can do network installations and then limit the amount of client connections. This usually works with a lot of licenses, because you can ensure that no more than X users are ever able to run software at a time - though it may be accessible on >1 machine (samba does this nicely, BTW).

    However, here is where the shit hits the fan: users. Users that have a program at home, and want to use it at work. Users who know anti-piracy rules, but seem to think that "installing this little program" isn't a problem. So, here, we freeze all our computers so that on reboot they revert to a previous state. Only those with a password (aka the techs) can install software.

    And of course, we have to ensure that kazaa, etc are blocked in the firewall, etc etc. Again, the users. Oh, and as a note, I work in schools, and the users I speak of are more-often-than-not staff, not students. It's a bit sad really...