And for that reason, he likely won't say ever say that "Linux" is ready for the desktop... he's waiting for a major distribution to truely have a product that's ready for businesses to use. When that happens, he'll endorce that one.
I think he's on record as saying Lindows, er, Linspire isn't that one.
Mossberg also has one of the most powerful positions in all of tech journalism... The Wall Street Journal is read by an audience of stock investors.
In short, if you're a tech company and you don't do what he says, Wall Street's going to notice what he called you out over. That'd be harmful to your stock price...
Nope. The Secret Service has a wider range of assignments than just the president.
They protect all government officials in need of protection, which at present even includes John Kerry because he has been certified as a viable candidate to become the President.
Also, they're also responsible for investigating all cases of counterfeit money.
But then: why did they both refuse FOI's on what they have already gathered about Mr. Miller? Shouldn't he be entitled to that?
Nope, because they can deny access to case records on open cases, and this case remains open because the Feds still don't know to their satisfaction what's going on here.
They don't have enough information to charge anybody. They don't have enough information to get search warrants... hell, they don't even have enough infromation to be sure did happen or even that a crime's even going to happen. Still, they've got a suspicious act that they don't know the meaning of.
Suspects rarely get access to their own files. Unless they're in jail or totally innocent, the file stays open forever awaiting information that's likely never to come.
When I was the co-webmaster of my high school website in 1999, we had a complete copy of the student handbook online.
The day after the Columbine tragedy. I was asked by some teachers to pull a map of the school hallways and classrooms off of the web. I told them I'd do that if administration asked me to, but I wasn't going to do that on my own. See, the perpetrators of the Columbine tragedy already knew their way around the building, they were both students. If it was our school, they would have been handed the maps as part of the book on day one. The teachers took that explanation, and never did elevate the issue to the administration.
However, our administration did hire a new secretary to sit just inside of the main enterance to check student IDs and issue guest passes for all vistors. I nicknamed that woman the "Columbine Canary" because as long as she was alive, we could be assured a Columbine-style attack was not in progress. She would have been powerless to stop students with guns... only friendly people would bother to register for a guest pass, insane shooters wouldn't.
Somebody who does something suspicious by definition becomes a suspect. Police investigate suspects and try to get them convicted.
They didn't arrest him, they didn't throw him in jail. They just questioned him... that's what they do when they have a suspect but not enough evidence. He didn't give up any info that let them go forward, but he also didn't convince them that he was on the up and up. Therefore, the FBI and Secret Service don't know if he's a terrorist or not... so all they can do is keep a file.
This case is never going to close. It's going straight to the cold case bin where it's going to sit forever.
The agents were called in to investigate if this kid was a threat based on one suspicious, yet not illegal, thing that he actually did. The key question was of course why he made a request for such sensitive info about tunnels he would never be allowed to access anyway. Well, the only way to answer that question is to ask the kid...
So they requested a meeting. They got the meeting. They asked him about every reason they could brainstorm about why he made the request, and didn't walk out knowing much more than they knew walking in. The question's now more-or-less impossible to answer.
And that's the end of the story. Unless he does something else to reactivate his file, this will always be an unsolved case. They'll likely never bother to do anything more, but should he ever come up again in their sights the Feds will at least have the records from this case to remind them of what he did in the past.
The Daily Texan asking for the location of security cameras to be published is at least a request that makes logical sense... the student newspaper is of course in the business of making Freedom of Information Act requests on issues that the school would rather keep under wraps.
But, assuming he's not a terrorist, why did this student want to know about the underground tunnels? He clearly isn't going to get authorized access to them. So, what value was that information to him?... that's a point that the article totally neglects. Without this kid being willing to give that explanation, no wonder he's being presumed a terrorist.
If he's got a perfectly legit reason to want to know, then he should tell us. Otherwise, I don't mind him being given extra attention every time he walks by airport security. He should have known that'd happen for making such a request without a clear reason for doing so.
Clearly, some paper-pusher at the university office freaked that somebody was using The Freedom of Information Act to force them to release information about their underground tunnels... most likely because the feds told universities to call them if anybody makes requests for information about campus infrastructure.
And, let's face it... even though it's perfectly legal to file a Freedom of Information Act request, doing so for topics like this totally out of the blue is certainly suspicious activity.
One thing to point out is that the agents called and said they wanted to speak with the student, but it doesn't appear they ever arrested him. That means he could have told them that he wasn't interested in meeting with them, or he could have walked out of the room at any time. He also could have at any time brought in a lawyer.
The moral of the story is that if you ask for some creepy information, and it's not exactly clear why you asked for it, then the FBI and Secret Service are going to have some questions to ask you, and they'll open a file on it. They won't deprive you of any of your freedoms over that alone... being confronted by men with badges who are looking for you may be a scary thing, but he could have just as well told them to leave him alone and they would have had to. He agreed to meet with them, so that's that.
They usually error towards too many pieces. Unclaimed prizes are no problem. Usually they're awarded in a "second chance giveaway".
Coke only needs a few winners whose faces they'll show in the media. They'll simply not bother telling the stories about when the prize patrol took eight hours to get to the winner, etc.
Here in Massachusetts, there's been a big controversy over contracted plow drivers being ordered to carry state-issued phones that send their GPS location back to headquarters while they do their routes. The state wants this for two reasons.
A. So they know where their plows are, and can make sure any given area is being evenly covered with service.
B. So they can detect plow drivers who are taking unauthorized breaks and dock their pay accordingly.
The plow drivers complained that there's all sorts of situations where they get stuck on a non-moving road, and they're still "on duty" despite no movement. However, the state quickly calmed those fears by pointing out that they knew the GPS coordinates of their routes, and they know the GPS coordinates of Dunkin Donuts locations. Stop on the middle of your route where they know there's a traffic problem and you'll be okay... go off your route to stop at a donut shop and you're busted.
The IRS cannot let any way of getting income be untaxed, because that way would quickly become known as a loophole by which an employer can pass money to their employees without it being taxed.
There are so many people out to beat the IRS's system, they've got to make sure they have all the bases covered.
B: The contest winner owes income tax on their winnings... even if it comes in a non-cash form they owe tax on the value of what they got.
Think of what happens when you buy a car the normal way. You pay a sales tax on the car itself, but you also have already paid income tax on the money you're going to use to pay for the car.
Yep, it's double-dipping, but that's the way the system's worked for a long time.
The only part of "no purchase necessary" that they need to take care of is making sure that the odds of a postcard winning are the same as the odds of a 12-pack winning.
Most likely, the cans won't be the actual "game piece". Instead, they'll print up serial-numbered cards, most of which say "You Lose" and one for each car they have will say "You Win!" They'll shuffle up the cards, and then drop one into each specially marked 12-pack and keep a pile aside for the mail-in entries.
12-packs that get the winning game pieces will also get the cell phone gadget. People who end up with a winning gamepiece in their SASE will get a phone number to call to claim their prize. The key thing will be that the odds of getting a a winning piece instead of a loser has to be the same by both methods... at that point, "no purchase necessary" is taken care of.
They'll also get even more detailed locations than that... by tracking the shipping process, they'll know which store wound up with the winning 12-pack. It's a safe bet that the winner will be within a 20 mile or so radius of that store.
I doubt there's going to be anything given off by this phone when it's not in use. Afterall, does a cell phone that's turned off give of any energy that can be detected?
The affected service is indeed something that cannot/should not be directly turned off because it's the Local Security Authority Subsystem Service which is more-or-less at the center of the whole permissions structure in Windows.
However, that isn't by definition a network service itself. The only way that this flaw can be exposed to the network is if there is a running network service that depends on the LSASS to do user authentication for it... LSASS isn't network-aware in itself, it's just concerned with permissions of things on the local machine. In order for the worm to work, it must depend on the help of a network service in order to be able to get to the affected service to exploit the bug.
To put it mildly, if the Sasser worm can't get get in at port 445, which is an SMB file-sharing port, then it gives up and moves on to the next potential victim. Nobody should have port 445 exposed to the open Internet unless they want to share files with the world that way, which is most likely nobody at all. In fact, users who don't have a multi-PC home network have no business having that port open in the first place, they're not going to have use for SMB.
So, if File Sharing is turned off, the LSASS flaw would still exist but Sasser wouldn't be able to exploit it remotely, the LSASS flaw would be contained to only local users on that machine. In fact, anybody behind a firewall that denies port 445 would be protected from being exploited by anything on the other side of the firewall.
In short, if SMB shipped off by default, only those who turned on File Sharing and then failed to properly firewall it from the Internet would be infected. Those who were unaware of what File Sharing did would not be...
As someone already pointed out, it says that the ship has to return safely, not the passengers. Nope. Rule 3 says "Each flight must carry at least one person..."
It does not specify if the passengers have to be alive or not. If you send up corpses, it is easier to keep them intact than it is to keep live passengers alive. It's even stricter than that. Rule 5 says "The crew must return to the Earth's surface from both flights in good health as reasonably defined and judged by the X PRIZE Review Board."
Mice? Does not say you can't send them instead of humans. Nope, but Rule 3 says "person" and I don't think mice count as people.
Try finding loopholes in the actual rules instead of the Slashdot summary of them.
Dwarfs and midgets have been barred from the Final Frontier. I guess it is back to the mines to look for precious precious mithril.... Oh, and Mini-Me, stop humping the laser!
Nah, they can fly on the X-Prize ships after they've finished going for the prize. It's the giant NBA players of the future who are being barred by such an oversight.
The rules are specific that it "can" carry three passengers, but doesn't have actually do. There only needs to be one live human on board.
However, in order to qualify for the X-Prize money, the space ship must be built with enough space for three people, and must also carry enough ballast weight to make up for the fact that they have less than three people on board.
I hope they extend the date and I also hope the prize money goes up. I think the major entrants have all spent more than $10,000.000 as it is. Still, I don't think they are doing it primarily for the money anyway.
Most are doing it for the money, but just not soley the X-Prize money. Afterall, if a team ends up finishing late or beaten by another team finishing before them... they'll still have a working reusable orbital spacecraft. That's gotta be useful for something.
Sponsors get naming rights on just about everything these days, so it's not surprising the X-Prize wasn't immune... next thing you know somebody's going to buy the rights to put ads on baseball bases.
When colleges were opening up this year, there were massive worm problems because unpatched Windows XP computers were coming straight out of the box, and they were discovering access to the Internet during their first bootups. Computers were being exploited within a matter of seconds because there were just so many infected computers. And once a new computer gets hit, it was just one more sending random attacks.
All of the RPC-flaw worms would have had much smaller impacts if only the people who actually used Remote Proceedure Calls were running it. Simply put, that'd mean next to nobody would be running that service, and therefore there'd be much fewer people at risk, and therefore much fewer people infected, and therefore much longer of a wait time before any given IP address is randomly hit with an attempt.
Microsoft's learned the moral of this tale. All recently released versions of Windows start with all non-critical services turned off until the user does something to enable them. SP2 will apply this logic retroactively to Windows XP Home, and that'll take care of most home users and college kids. This will greatly lower the odds of Windows ever being hit with worms of this size again...
That being said, Apple seems pretty good at sending out frequent security updates when needed, and it's dead easy to keep a system patched. Until I see something escaping into the wild, I'm not going to be too concerned. But I will avoid tempting fate by keeping my system patched.
When it comes to security holes... publicity is a very bad thing. When a security hole is reported accross the mass media, it sends a wake-up call to hackers. When the patch to fix that security hole is released, it sends another wake-up call.
By underplaying the importance, and quietly fixing the problem... Apple's trying to say "Please, don't notice that." No, they can't exactly muzzle the press from talking about the hole, but by not answering media questions and by not making loud announcements when they patch holes, they end up making the life of a the media a lot harder... and that just means sometimes the story won't get written. And Apple likes when that happens.
There's a two-pronged reason for being happy. Of course, Apple's marketing people are happy that their reputation isn't damaged when there's less bad media reports... but also, hackers going after Apple end up getting less information. Afterall, loud mass-media mentions of a hole reveals information to everyone, but the enemy is a subset of everyone, and giving information to the enemy is rarely a good thing.
Slashdot Mirror
And for that reason, he likely won't say ever say that "Linux" is ready for the desktop... he's waiting for a major distribution to truely have a product that's ready for businesses to use. When that happens, he'll endorce that one.
I think he's on record as saying Lindows, er, Linspire isn't that one.
Mossberg also has one of the most powerful positions in all of tech journalism... The Wall Street Journal is read by an audience of stock investors.
In short, if you're a tech company and you don't do what he says, Wall Street's going to notice what he called you out over. That'd be harmful to your stock price...
Do you really think a real terrorist is going to be that direct?
How do you know what a real terrorist will or won't do anyway?
Nope. The Secret Service has a wider range of assignments than just the president.
They protect all government officials in need of protection, which at present even includes John Kerry because he has been certified as a viable candidate to become the President.
Also, they're also responsible for investigating all cases of counterfeit money.
But then: why did they both refuse FOI's on what they have already gathered about Mr. Miller? Shouldn't he be entitled to that?
Nope, because they can deny access to case records on open cases, and this case remains open because the Feds still don't know to their satisfaction what's going on here.
They don't have enough information to charge anybody. They don't have enough information to get search warrants... hell, they don't even have enough infromation to be sure did happen or even that a crime's even going to happen. Still, they've got a suspicious act that they don't know the meaning of.
Suspects rarely get access to their own files. Unless they're in jail or totally innocent, the file stays open forever awaiting information that's likely never to come.
When I was the co-webmaster of my high school website in 1999, we had a complete copy of the student handbook online.
The day after the Columbine tragedy. I was asked by some teachers to pull a map of the school hallways and classrooms off of the web. I told them I'd do that if administration asked me to, but I wasn't going to do that on my own. See, the perpetrators of the Columbine tragedy already knew their way around the building, they were both students. If it was our school, they would have been handed the maps as part of the book on day one. The teachers took that explanation, and never did elevate the issue to the administration.
However, our administration did hire a new secretary to sit just inside of the main enterance to check student IDs and issue guest passes for all vistors. I nicknamed that woman the "Columbine Canary" because as long as she was alive, we could be assured a Columbine-style attack was not in progress. She would have been powerless to stop students with guns... only friendly people would bother to register for a guest pass, insane shooters wouldn't.
Somebody who does something suspicious by definition becomes a suspect. Police investigate suspects and try to get them convicted.
They didn't arrest him, they didn't throw him in jail. They just questioned him... that's what they do when they have a suspect but not enough evidence. He didn't give up any info that let them go forward, but he also didn't convince them that he was on the up and up. Therefore, the FBI and Secret Service don't know if he's a terrorist or not... so all they can do is keep a file.
This case is never going to close. It's going straight to the cold case bin where it's going to sit forever.
The agents were called in to investigate if this kid was a threat based on one suspicious, yet not illegal, thing that he actually did. The key question was of course why he made a request for such sensitive info about tunnels he would never be allowed to access anyway. Well, the only way to answer that question is to ask the kid...
So they requested a meeting. They got the meeting. They asked him about every reason they could brainstorm about why he made the request, and didn't walk out knowing much more than they knew walking in. The question's now more-or-less impossible to answer.
And that's the end of the story. Unless he does something else to reactivate his file, this will always be an unsolved case. They'll likely never bother to do anything more, but should he ever come up again in their sights the Feds will at least have the records from this case to remind them of what he did in the past.
The Daily Texan asking for the location of security cameras to be published is at least a request that makes logical sense... the student newspaper is of course in the business of making Freedom of Information Act requests on issues that the school would rather keep under wraps.
But, assuming he's not a terrorist, why did this student want to know about the underground tunnels? He clearly isn't going to get authorized access to them. So, what value was that information to him?... that's a point that the article totally neglects. Without this kid being willing to give that explanation, no wonder he's being presumed a terrorist.
If he's got a perfectly legit reason to want to know, then he should tell us. Otherwise, I don't mind him being given extra attention every time he walks by airport security. He should have known that'd happen for making such a request without a clear reason for doing so.
Clearly, some paper-pusher at the university office freaked that somebody was using The Freedom of Information Act to force them to release information about their underground tunnels... most likely because the feds told universities to call them if anybody makes requests for information about campus infrastructure.
And, let's face it... even though it's perfectly legal to file a Freedom of Information Act request, doing so for topics like this totally out of the blue is certainly suspicious activity.
One thing to point out is that the agents called and said they wanted to speak with the student, but it doesn't appear they ever arrested him. That means he could have told them that he wasn't interested in meeting with them, or he could have walked out of the room at any time. He also could have at any time brought in a lawyer.
The moral of the story is that if you ask for some creepy information, and it's not exactly clear why you asked for it, then the FBI and Secret Service are going to have some questions to ask you, and they'll open a file on it. They won't deprive you of any of your freedoms over that alone... being confronted by men with badges who are looking for you may be a scary thing, but he could have just as well told them to leave him alone and they would have had to. He agreed to meet with them, so that's that.
They usually error towards too many pieces. Unclaimed prizes are no problem. Usually they're awarded in a "second chance giveaway".
Coke only needs a few winners whose faces they'll show in the media. They'll simply not bother telling the stories about when the prize patrol took eight hours to get to the winner, etc.
Here in Massachusetts, there's been a big controversy over contracted plow drivers being ordered to carry state-issued phones that send their GPS location back to headquarters while they do their routes. The state wants this for two reasons.
A. So they know where their plows are, and can make sure any given area is being evenly covered with service.
B. So they can detect plow drivers who are taking unauthorized breaks and dock their pay accordingly.
The plow drivers complained that there's all sorts of situations where they get stuck on a non-moving road, and they're still "on duty" despite no movement. However, the state quickly calmed those fears by pointing out that they knew the GPS coordinates of their routes, and they know the GPS coordinates of Dunkin Donuts locations. Stop on the middle of your route where they know there's a traffic problem and you'll be okay... go off your route to stop at a donut shop and you're busted.
The IRS cannot let any way of getting income be untaxed, because that way would quickly become known as a loophole by which an employer can pass money to their employees without it being taxed.
There are so many people out to beat the IRS's system, they've got to make sure they have all the bases covered.
There's two taxes going on here...
A: Pepsi pays the tax on buying the vehile.
B: The contest winner owes income tax on their winnings... even if it comes in a non-cash form they owe tax on the value of what they got.
Think of what happens when you buy a car the normal way. You pay a sales tax on the car itself, but you also have already paid income tax on the money you're going to use to pay for the car.
Yep, it's double-dipping, but that's the way the system's worked for a long time.
The only part of "no purchase necessary" that they need to take care of is making sure that the odds of a postcard winning are the same as the odds of a 12-pack winning.
Most likely, the cans won't be the actual "game piece". Instead, they'll print up serial-numbered cards, most of which say "You Lose" and one for each car they have will say "You Win!" They'll shuffle up the cards, and then drop one into each specially marked 12-pack and keep a pile aside for the mail-in entries.
12-packs that get the winning game pieces will also get the cell phone gadget. People who end up with a winning gamepiece in their SASE will get a phone number to call to claim their prize. The key thing will be that the odds of getting a a winning piece instead of a loser has to be the same by both methods... at that point, "no purchase necessary" is taken care of.
They'll also get even more detailed locations than that... by tracking the shipping process, they'll know which store wound up with the winning 12-pack. It's a safe bet that the winner will be within a 20 mile or so radius of that store.
I doubt there's going to be anything given off by this phone when it's not in use. Afterall, does a cell phone that's turned off give of any energy that can be detected?
The affected service is indeed something that cannot/should not be directly turned off because it's the Local Security Authority Subsystem Service which is more-or-less at the center of the whole permissions structure in Windows.
However, that isn't by definition a network service itself. The only way that this flaw can be exposed to the network is if there is a running network service that depends on the LSASS to do user authentication for it... LSASS isn't network-aware in itself, it's just concerned with permissions of things on the local machine. In order for the worm to work, it must depend on the help of a network service in order to be able to get to the affected service to exploit the bug.
To put it mildly, if the Sasser worm can't get get in at port 445, which is an SMB file-sharing port, then it gives up and moves on to the next potential victim. Nobody should have port 445 exposed to the open Internet unless they want to share files with the world that way, which is most likely nobody at all. In fact, users who don't have a multi-PC home network have no business having that port open in the first place, they're not going to have use for SMB.
So, if File Sharing is turned off, the LSASS flaw would still exist but Sasser wouldn't be able to exploit it remotely, the LSASS flaw would be contained to only local users on that machine. In fact, anybody behind a firewall that denies port 445 would be protected from being exploited by anything on the other side of the firewall.
In short, if SMB shipped off by default, only those who turned on File Sharing and then failed to properly firewall it from the Internet would be infected. Those who were unaware of what File Sharing did would not be...
As someone already pointed out, it says that the ship has to return safely, not the passengers.
Nope. Rule 3 says "Each flight must carry at least one person..."
It does not specify if the passengers have to be alive or not. If you send up corpses, it is easier to keep them intact than it is to keep live passengers alive.
It's even stricter than that. Rule 5 says "The crew must return to the Earth's surface from both flights in good health as reasonably defined and judged by the X PRIZE Review Board."
Mice? Does not say you can't send them instead of humans.
Nope, but Rule 3 says "person" and I don't think mice count as people.
Try finding loopholes in the actual rules instead of the Slashdot summary of them.
Dwarfs and midgets have been barred from the Final Frontier. I guess it is back to the mines to look for precious precious mithril.... Oh, and Mini-Me, stop humping the laser!
Nah, they can fly on the X-Prize ships after they've finished going for the prize. It's the giant NBA players of the future who are being barred by such an oversight.
The rules are specific that it "can" carry three passengers, but doesn't have actually do. There only needs to be one live human on board.
However, in order to qualify for the X-Prize money, the space ship must be built with enough space for three people, and must also carry enough ballast weight to make up for the fact that they have less than three people on board.
You can read the complete rules for the details.
I hope they extend the date and I also hope the prize money goes up. I think the major entrants have all spent more than $10,000.000 as it is. Still, I don't think they are doing it primarily for the money anyway.
Most are doing it for the money, but just not soley the X-Prize money. Afterall, if a team ends up finishing late or beaten by another team finishing before them... they'll still have a working reusable orbital spacecraft. That's gotta be useful for something.
Sponsors get naming rights on just about everything these days, so it's not surprising the X-Prize wasn't immune... next thing you know somebody's going to buy the rights to put ads on baseball bases.
When colleges were opening up this year, there were massive worm problems because unpatched Windows XP computers were coming straight out of the box, and they were discovering access to the Internet during their first bootups. Computers were being exploited within a matter of seconds because there were just so many infected computers. And once a new computer gets hit, it was just one more sending random attacks.
All of the RPC-flaw worms would have had much smaller impacts if only the people who actually used Remote Proceedure Calls were running it. Simply put, that'd mean next to nobody would be running that service, and therefore there'd be much fewer people at risk, and therefore much fewer people infected, and therefore much longer of a wait time before any given IP address is randomly hit with an attempt.
Microsoft's learned the moral of this tale. All recently released versions of Windows start with all non-critical services turned off until the user does something to enable them. SP2 will apply this logic retroactively to Windows XP Home, and that'll take care of most home users and college kids. This will greatly lower the odds of Windows ever being hit with worms of this size again...
That being said, Apple seems pretty good at sending out frequent security updates when needed, and it's dead easy to keep a system patched. Until I see something escaping into the wild, I'm not going to be too concerned. But I will avoid tempting fate by keeping my system patched.
When it comes to security holes... publicity is a very bad thing. When a security hole is reported accross the mass media, it sends a wake-up call to hackers. When the patch to fix that security hole is released, it sends another wake-up call.
By underplaying the importance, and quietly fixing the problem... Apple's trying to say "Please, don't notice that." No, they can't exactly muzzle the press from talking about the hole, but by not answering media questions and by not making loud announcements when they patch holes, they end up making the life of a the media a lot harder... and that just means sometimes the story won't get written. And Apple likes when that happens.
There's a two-pronged reason for being happy. Of course, Apple's marketing people are happy that their reputation isn't damaged when there's less bad media reports... but also, hackers going after Apple end up getting less information. Afterall, loud mass-media mentions of a hole reveals information to everyone, but the enemy is a subset of everyone, and giving information to the enemy is rarely a good thing.