It uses PGP to share a key between two or more people; it then uses that key to authenticate the conversation. The difference between this and OpenPGP is that OpenPGP authenticates that the owner of a given OpenPGP key sent a message. This scheme proves that someone with the shared key sent the message.
Thus, I can create a key that I send to my friend. He and I discuss things, both using that key for encryption. When we've finished, we publish the key used for the conversation, and anyone can now add to the conversation. Thus, while we keep the key secret between us, we're assured of a private conversation; when we publish the key, anyone can add to it, thus giving the denability
Ethernet is an AC signal, power over Ethernet is DC. The AC signal is supposed to go via a transformer into the ICs, which should suppress the DC component entirely, so connecting power to data is harmless. Plus at these power levels, the card should cope anyway.
Then you didn't intend to break the law, or to encourage people to break the law, thus you should be clear.
Linking is not in and of itself illegal, and it shouldn't be. It's the intent behind the linking that matters; if you are encouraging people to break the law, you run the risk of a conspiracy type charge, regardless of whether you do it by linking to filesharing opportunities, asking people to steal, or telling people to speed.
The law includes the concept of intent; their ISP or hosting provider intended to allow legitimate material to be hosted, so is in the clear. They intended to make it easy to find unauthorised sharing of copyrighted material, and are thus at risk.
If you discuss proprietary code, with the intention of breaking the law, you're at risk; if you didn't intend to break the law, you should be clear. If the intent of your link to a link site is to provide an example of what these sites look like (such as when the New York Times linked to suprnova.org) or to link people to legal file sharing, you should be clear. If you link with the intention of encouraging people to break the law (e.g. "Get your favourite music FREE from this site"), you're at risk.
Of course, if you've got a particular activity in mind, consult a decent lawyer, rather than a random unqualified slashdotter:)
And how does the tracker get set up? Presumably trackers don't hijack random machines and use them, so there's a person somewhere who set it up; if the MPAA can show that that person intended the tracker to be used for copyright infringement, then they're in trouble.
After getting hit by a spammer using my work address as his From address, then getting deluged (a few thousand) by C-R challenges, I started just replying to challenges whether or not I sent you an e-mail.
By and large, whenever I send e-mail out of the company, I'm authorised to spend money. If you blacklist me for replying to your challenges, and later I can't get hold of you to offer you money, that's not my problem, it's yours.
Cellphones regulate their output power according to the received signal strength; if Airbus put a base station on board that lets any cellphone register with it, the phones will select the lowest power level that lets them talk to the base station.
Thus, it could be true that at full power (which can be set for as much as 35km line of sight), cellphones would interfere with the plane's electronics, but at the power levels needed to communicate within a plane (considerably less than 1km) the phone is not problematic. That said, the network would be confused by a few hundred cellphones moving at high speed; you're handing over from cell to cell so often that you may not complete handover before you're needing to restart it.
Re:But for the Grace of Gabe... there go ye?
on
Given Up to Spyware?
·
· Score: 1
You can of course go further; writing a C compiler in machine code that's sufficient to compile a more advanced compiler written in C that's sufficient to compile something like GCC is possible. However, at this point, you are trusting your hardware vendors not to have put something interesting in the hardware.
In short, unless you go back to first principles and build everything in your PC from scratch, there is someone somewhere in the chain who you just have to trust. You can push that someone further and further back in the chain, but who really knows if (for example) your Intel processor and Seagate hard drive aren't compromised from the factory to do something evil?
I'd be interested to know which blacklists are by domain, not by sending IP address; I find that SpamAssassin's use of SPEWS and Spamhaus blacklists is enough to catch virtually all the spam I get, and both of those blacklists are done via sender IP, not by domain name.
So, I'd disagree with your conclusion that blacklisting doesn't work; if a spammer can use one of your IP addresses to spam, then you need to fix up your system to be more secure. A quick browse of mail logs will show any unexpected outgoing e-mail, and you can always feed your mailserver IP to spews.org and see if they list you (they're one of the most aggressive listing places).
If it's not coming from one of your IP addresses, then it doesn't affect mail sent from your domain, only from the spammer's IP addresses. Hence there is no fallout on you unless I use an aggressive list like SPEWS, and you are being blocked because your ISP hosts spammers himself.
You have a large campus, and certain employees are expected to move around campus, setting up their laptop to work wherever they happen to be. This may be in the factory, with Accounts, next to an engineer, anywhere on campus. How do you ensure that they can't leave the campus with their laptop?
A lock to the desk doesn't work; it stops them going around campus. If you're looking at this sort of solution, you don't want to rely on trust, either.
The problem you identify is a design feature of BitTorrent; it's intended to allow free downloads such as Mandrake to exploit the available upstream bandwidth of a large number of clients, so that more people can download things like the latest release.
In order to reduce the likelyhood of it being used for warez, it was specifically designed with a central authority, and no privacy features. This hasn't stopped it being used for copyright infringement, but does make it easier to use BitTorrent for things that would otherwise be an overloaded http download.
Passive fingerprinting requires access to the raw IP packets; there are various fields in TCP/IP whose definitions leaves lots of scope for different implementations to fill them in differently. As soon as the OS reconstructs the byte stream, it's too late to identify the OS.
Incidentally, the same technique is used by nmap's -O option to detect the OS it's scanning.
You can do this at a firewall level with OpenBSD's PF. By using passive OS fingerprinting blocking (or redirecting to spamd) mail from Windows hosts is easy. Of course, if the host in question is behind a firewall like PF, which can mangle packets to the point that passive fingerprinting doesn't work, this method fails; hopefully boxes that are firewalled like that aren't spam senders.
If you've got time to waste and a human on the line, you can be crueller; don't let them tell you what the product is, but insist that they tell you why they think you'll be interested. If they try and tell you what they're selling, or ask about your use of something, cut them off, and demand that they tell you why they thought you were interested in their product. If they end up admitting they just called you randomly, claim not to believe them, as they've bothered to call you, and insist they tell you why they thought you wanted to hear from you.
Gets you off their list pretty quickly, wastes plenty of their time, and is highly effective when applied to a foreign call-centre, as with the wages they're paid, foreign call-centres often don't have enough English to realise that you're not interested, and get stuck on the call until their supervisor comes round and works it out (disconnecting the call, often mid-sentence). Plus, many of these scum are using a system that determines when to dial the next target based on the time taken for previous calls. If calling people takes 15 minutes for no-sale, the machine will start assuming that a call takes 15 minutes, even though they'd make more money by cutting people off earlier. It also forces the salespeople to be even more aggressive and rude with potential customers (in order to cut off intentional wastes of time earlier), as even a real customer may want to know why they'd like the product.
MPEG-2 I-frame only has no defined bitrate to it; it can be 25MBit/s (which leaves the quality identical to DV), 50MBit/s (identical picture quality to DVCPro) or higher. DV is normally run at some multiple of 25MBit/s (so DV is 25MBit/s, DVCPro is DV at 50MBit/s etc).
This is London; had MS won, the plaintiff would be paying for their lawyers. If you understood UK law, you'd know that such a large settlement (everything he'd asked for before filing suit, plus his costs in filing, plus a chunk of money to compensate him, plus their costs so far) is unusual; a judgement of that size would only be likely if the courts felt that MS was taking the mickey by fighting it (and that's assuming that MS lawyers cost ten times what your average lawyer costs).
So, how do I do that without cheap (unfirewalled) access for 3 years? As an innocent consumer, I'd assume that I could buy the CD, then authenticate with Steam in such a way that I didn't need the CD again. What am I missing?
As it happens, I've been in positions where my only internet access is by mobile phone (at extortionate rates); how do I convert a CD purchase to a Steam purchase without redownloading all the files?
Because with a GameBoy, I put the cartridge in, play the game, get fed up, change the cartridge, play a different game, ad infinitum.
With a PC, I install the game, play the game, install another, play it, and repeat until I run out of disk space. Then I've got to work out which game I won't be playing in the near future, uninstall it, install another one, and I have to start juggling installers. If I don't want to do that, I need to open up my PC and fit a new harddrive.
The difference? Installing the game before you play it. If GB games needed installation, I'd definitely not be interested; who wants to install a game before you can play it, just because you've uninstalled it to fit something else on? And if PC games didn't need the CD, I'd be more interested; at least I wouldn't need to carry all the CDs around.
In fact, MS have settled out of court to avoid testing their EULA in the UK; this suggests that their lawyers reckon that a court would rule against them.
The case was around 8 years ago; a Cambridge professor bought Windows NT 4 as an upgrade from an earlier MS product, directly from MS, and on their recommendation. It didn't perform as MS had told him to expect, so he wrote to MS demanding a full refund, plus them paying to revert his computer to the earlier product, or a fixed copy of NT 4 that performed as expected. MS wrote back pointing to the EULA, and he filed suit. Shortly afterwards, MS paid his costs of filing, his refund, and the cost of technician time to revert NT 4 to the earlier product, plus compensation for his wasted time.
This added up to more than industry watchers had been expecting a court decision in his favour to cost MS (including the cost of litigating); thus the only reasonable explanation for MS's behaviour is that MS believed that they would lose, and didn't want the publicity of such a loss.
Also, here in the UK we have laws against unfair contract terms; even if a software supplier convinced a court that an EULA was a valid contract, they'd still have to show that either:
I had the chance to negotiate the contract terms without pressure, and chose not to do so (so no "I Agree" buttons unless I can edit the text).
Had a reasonable man been put in my position, then given the chance to negotiate contract terms, they would have accepted the contract as-is.
Slashdot Mirror
Thus, I can create a key that I send to my friend. He and I discuss things, both using that key for encryption. When we've finished, we publish the key used for the conversation, and anyone can now add to the conversation. Thus, while we keep the key secret between us, we're assured of a private conversation; when we publish the key, anyone can add to it, thus giving the denability
Ethernet is an AC signal, power over Ethernet is DC. The AC signal is supposed to go via a transformer into the ICs, which should suppress the DC component entirely, so connecting power to data is harmless. Plus at these power levels, the card should cope anyway.
Linking is not in and of itself illegal, and it shouldn't be. It's the intent behind the linking that matters; if you are encouraging people to break the law, you run the risk of a conspiracy type charge, regardless of whether you do it by linking to filesharing opportunities, asking people to steal, or telling people to speed.
If you discuss proprietary code, with the intention of breaking the law, you're at risk; if you didn't intend to break the law, you should be clear. If the intent of your link to a link site is to provide an example of what these sites look like (such as when the New York Times linked to suprnova.org) or to link people to legal file sharing, you should be clear. If you link with the intention of encouraging people to break the law (e.g. "Get your favourite music FREE from this site"), you're at risk.
Of course, if you've got a particular activity in mind, consult a decent lawyer, rather than a random unqualified slashdotter :)
And how does the tracker get set up? Presumably trackers don't hijack random machines and use them, so there's a person somewhere who set it up; if the MPAA can show that that person intended the tracker to be used for copyright infringement, then they're in trouble.
By and large, whenever I send e-mail out of the company, I'm authorised to spend money. If you blacklist me for replying to your challenges, and later I can't get hold of you to offer you money, that's not my problem, it's yours.
Thus, it could be true that at full power (which can be set for as much as 35km line of sight), cellphones would interfere with the plane's electronics, but at the power levels needed to communicate within a plane (considerably less than 1km) the phone is not problematic. That said, the network would be confused by a few hundred cellphones moving at high speed; you're handing over from cell to cell so often that you may not complete handover before you're needing to restart it.
In short, unless you go back to first principles and build everything in your PC from scratch, there is someone somewhere in the chain who you just have to trust. You can push that someone further and further back in the chain, but who really knows if (for example) your Intel processor and Seagate hard drive aren't compromised from the factory to do something evil?
So, I'd disagree with your conclusion that blacklisting doesn't work; if a spammer can use one of your IP addresses to spam, then you need to fix up your system to be more secure. A quick browse of mail logs will show any unexpected outgoing e-mail, and you can always feed your mailserver IP to spews.org and see if they list you (they're one of the most aggressive listing places).
If it's not coming from one of your IP addresses, then it doesn't affect mail sent from your domain, only from the spammer's IP addresses. Hence there is no fallout on you unless I use an aggressive list like SPEWS, and you are being blocked because your ISP hosts spammers himself.
Or get e-mail providers to support MSA, which is SMTP for mail being introduced to the network, and is supposed to run on port 587.
Should he start trying to take the laptop off-site without permission, you may decide not to trust him in future, in which case his job is at risk.
You have a large campus, and certain employees are expected to move around campus, setting up their laptop to work wherever they happen to be. This may be in the factory, with Accounts, next to an engineer, anywhere on campus. How do you ensure that they can't leave the campus with their laptop?
A lock to the desk doesn't work; it stops them going around campus. If you're looking at this sort of solution, you don't want to rely on trust, either.
In order to reduce the likelyhood of it being used for warez, it was specifically designed with a central authority, and no privacy features. This hasn't stopped it being used for copyright infringement, but does make it easier to use BitTorrent for things that would otherwise be an overloaded http download.
Incidentally, the same technique is used by nmap's -O option to detect the OS it's scanning.
You can do this at a firewall level with OpenBSD's PF. By using passive OS fingerprinting blocking (or redirecting to spamd) mail from Windows hosts is easy. Of course, if the host in question is behind a firewall like PF, which can mangle packets to the point that passive fingerprinting doesn't work, this method fails; hopefully boxes that are firewalled like that aren't spam senders.
Gets you off their list pretty quickly, wastes plenty of their time, and is highly effective when applied to a foreign call-centre, as with the wages they're paid, foreign call-centres often don't have enough English to realise that you're not interested, and get stuck on the call until their supervisor comes round and works it out (disconnecting the call, often mid-sentence). Plus, many of these scum are using a system that determines when to dial the next target based on the time taken for previous calls. If calling people takes 15 minutes for no-sale, the machine will start assuming that a call takes 15 minutes, even though they'd make more money by cutting people off earlier. It also forces the salespeople to be even more aggressive and rude with potential customers (in order to cut off intentional wastes of time earlier), as even a real customer may want to know why they'd like the product.
MPEG-2 I-frame only has no defined bitrate to it; it can be 25MBit/s (which leaves the quality identical to DV), 50MBit/s (identical picture quality to DVCPro) or higher. DV is normally run at some multiple of 25MBit/s (so DV is 25MBit/s, DVCPro is DV at 50MBit/s etc).
DV is compressed, too. MPEG-2 I-frame only is the same type of video compression as DV uses, just in a different wrapper.
This is London; had MS won, the plaintiff would be paying for their lawyers. If you understood UK law, you'd know that such a large settlement (everything he'd asked for before filing suit, plus his costs in filing, plus a chunk of money to compensate him, plus their costs so far) is unusual; a judgement of that size would only be likely if the courts felt that MS was taking the mickey by fighting it (and that's assuming that MS lawyers cost ten times what your average lawyer costs).
So, how do I do that without cheap (unfirewalled) access for 3 years? As an innocent consumer, I'd assume that I could buy the CD, then authenticate with Steam in such a way that I didn't need the CD again. What am I missing?
As it happens, I've been in positions where my only internet access is by mobile phone (at extortionate rates); how do I convert a CD purchase to a Steam purchase without redownloading all the files?
With a PC, I install the game, play the game, install another, play it, and repeat until I run out of disk space. Then I've got to work out which game I won't be playing in the near future, uninstall it, install another one, and I have to start juggling installers. If I don't want to do that, I need to open up my PC and fit a new harddrive.
The difference? Installing the game before you play it. If GB games needed installation, I'd definitely not be interested; who wants to install a game before you can play it, just because you've uninstalled it to fit something else on? And if PC games didn't need the CD, I'd be more interested; at least I wouldn't need to carry all the CDs around.
The case was around 8 years ago; a Cambridge professor bought Windows NT 4 as an upgrade from an earlier MS product, directly from MS, and on their recommendation. It didn't perform as MS had told him to expect, so he wrote to MS demanding a full refund, plus them paying to revert his computer to the earlier product, or a fixed copy of NT 4 that performed as expected. MS wrote back pointing to the EULA, and he filed suit. Shortly afterwards, MS paid his costs of filing, his refund, and the cost of technician time to revert NT 4 to the earlier product, plus compensation for his wasted time.
This added up to more than industry watchers had been expecting a court decision in his favour to cost MS (including the cost of litigating); thus the only reasonable explanation for MS's behaviour is that MS believed that they would lose, and didn't want the publicity of such a loss.
On NTFS, ReiserFS and Ext3 (Windows 2k, and Linux 2.6), I've been able to store complete DVD-9 images (8GB or so).