Re:Damn MCSEs
on
Due Diligence?
·
· Score: 2, Interesting
But I've said it before. Linux is now getting to the point that the clueless people who poorly run Windows boxes are now moving over to Linux. These admins are too lazy or clueless to properly secure ANY operating system, no matter how well it's designed.
The rest of the world uses Microsoft software, so the only way to reach those people is to write in a format that they'll understand.
If you put up a web site and it doesn't render properly in Mozilla, that's a small annoyance. If it doesn't render properly in Internet Explorer, you're dead in the water. It's just that simple, you're publishing content and your audience can't see it.
That's the reason why most commerical software is written for Windows first, then ported to other OSes second. If you have an app that you want non-geeks to be able to use, you have to write for Windows.
If you want to be able to interact with other people, like read complex MS Excel spreadsheets, you have to have Excel. If open source ever figures out how to properly read an.xls file pefectly, Microsoft will change the standard in the next version just to spite you.
Open source has overtaken Microsoft in the server space, but there's a long way to go until users adopt it. Until then, if you want to work with non-geeks, you have to maintain a Windows box.
Here's the problem, small radio stations will pick up artist that way, big station groups however will not take any non-RIAA artists.
Why? Retribution. If Hot 107.9 in Syracuse breaks a local unsigned artist that way, all the major artist when they come to town will give their interviews to 93Q, and favor 93Q's concerts over Hot 107.9's. This won't be by the artist's choice, they just go where their RIAA-controled handlers send them.
When artists sign an RIAA contract, their label owns every recording they make until X number of albums are released. Which means, if the label drags its feet and refuses to release the last album of the contract, that artist's career is over. They can't take their work elsewhere unless they're a multi-millionaire who can afford enough lawyers to find a way out.
Therefore, an artist under an RIAA contract cannot directly give you rights. They can't even record a handful of songs on their own and keep the rights for themselves, the RIAA owns everything.
The best thing for you to do is avoid RIAA artists altogheter. If you make a direct agreement with the copyright holders, which in the case of unsigned artists almost always is the artist themselves, then the RIAA is not involved at all, as they don't have a copyright interest in every recording ever made, only the ones they make.
The problem is, artists might be scared to give you royalty-free rights because the RIAA has a bad habit of ignoring artists who try to go around them. Afterall, if somebody were to prove that it is possible to become a mega-star without going through the RIAA, that could be the death of the RIAA.
Artists LIKE having their recordings widely distributed as far as possible, as you are never going to go to a concert of an artist that you have never heard. Artists therefore want to be on the radio. The Payola Scandal was artists paying DJs under the table so that they would be advanced with more favorable airplay. (BTW, Payola is illegal when it's paid to the DJ. So long as it's paid to the station and disclosed somehow to the listerner, that's advertising and legal.)
For the marginal artists who can't get onto mainstream radio, they love the extra distribution. There are a lot of B-level artists under RIAA contracts who can't distribute their work by free MP3 files, even though that would be a great career move to do.
This is the same as the school system admin who sets up a mail server for the school but fails to restrict its use to only the school's IP space. Suddenly it's discovered as an open relay, published on web sites, discovered by spammers, and they find their IP space in a black hole.
They're puzzled wondering why their network is sorta-broken. Most web sites work just fine but some don't. Everybody can send out e-mail, but people are complaining that the messages are bouncing half of the time.
When they discover they've been black-holed, they don't understand why they're being punished for the actions of spammers that they think are out of their control. They want to what they spammers are doing with their network to be illegal, and they want the lawyers to make the problem go away.
Oh, all the trouble a little security knowledge could save.
There will never be a perfectly secure operating system that a dummy can run. Dummy will fall for the old trojan program trick, and open his machine up to doing things he it didn't expect to.
If Linux ever gets up to the ease-of-use level Windows has now, and therefore hits the popularity Windows has now, the virus writers will come too, and Linux will have just as many problems. Having the source is a double edged sword. If the bug is found first by a white hat, we'll find out in the form of a patch being released. If the bug is found first by a black hat, we will descover it in the form of an exploit in the wild.
Remember your Internet history. It used to be, that.com meant commercial,.org meant non-profit,.edu meant educational body,.net meant an access-providing network and.gov meant US Government.
Well, that went out the window rather quickly. Network Solutions decided in the interest of being able to sell more domains, they'd let anybody whose credit card clears own a.com,.net, or.org domain without checking to see if they really qualify for the definition of those TLDs. As a result, the TLDs lost their meaning.
For example, if.news was maintained by the Associated Press, only news organizations who are members or partners of the AP (which is almost anybody worth their salt) would be allowed to create domains under that TLD. If you are a news orgainsation that doesn't play ball with the AP, you can still publish in.com territory and let people decide for themselves if they trust you. The Onion would not be welcome in the.news TLD, and that should hopefully cut down on the number of humourous stories that result when somebody thinks information presented in The Onion is a real news report.
You can't regulate smut into the.xxx domain, because they'll insist on claiming their not smut and saying they belong in.com. So, you let them have the.xxx domain if they're smut and proud of it (putting the honest ones where they can easily be blocked), and then make sure that the smut is limited to the "free-for-all" domains by saying that they don't meet the qualifications for the resticted ones.
Common sense here... you put locked-down computers in the children's room, and a fully uncensored version of the Internet in the grown up's book area. If you want to use the grown up's computers, your library card has to indicate you're old enough.
.kids.us can't prevent that. However, if the kid is allowed to see abcnews.com, then there's nothing stopping them from going directly there.
The solution is locking the kids in the.kids.us sandbox, which is to say that first link to abcfamily.com would fail, although it'd likely become abcfamily.kids.us to keep it in the safe zone. abc.kids.us would be a kid's version of the ABC TV Network's site that accents the Saturday Morning lineup and forgets about NYPD Blue, and would link to abcnews.kids.us which would have kid-friendly version of world events, that would not bother with sex scandals.
Nope, any site like Slashdot which allows users to post content which is basically unscreened would have to be taken as untrustworthy.
I'd guess to clean up Slashdot, the kid-safe version would have to require that the comments filter be set to at least a 3 (since high-karma users can start at a 2 before the first human reads it) to make sure everything a kid sees has been approved by a human first.
I think you have it backwards. Instead of trying to box porn sites or spammers into a specific IP range, which they will certainly be trying to fight their way out of by trying to unlabeled IP addresses, what you should do is have IP addresses reserved for the sites that are deemed trustworthy, and then the remaining unmarked pool can be the anything goes area that turns into the red-light district.
That way, a "trusted" IP's content can be allowed to pass through, as any objectional content could be actioned on by informing the authority that controled that IP area. Content from "untrusted" IP space can be subjected to higher inspection, or on some networks just forbiden altogether.
NeuStar gets to decides what's "hate speech", "offensive", "obscene" or whatever.
All a.kids.us domain will indicate is that NeuStar has looked over the site and says "We think it's okay." If you do not want to deal with NeuStar, you may post your content in.com,.net.,.org, or any other domain you can get access to, just not.kids.us. If NeuStar doesn't like you, you're locked out of.kids.us, but are still free to post whatever you want elsewhere.
This is not like somebody creating a.xxx domain and then trying to remove all content that belongs in the.xxx domain from.com. NeuStar isn't trying to tell you what you can and can't post where, they're just laying out rules for what goes on in the domain they've been asked to regulate in order to be allowed to keep their.us registation business.
Yes, but a 2.4 gHz phone has the same risk of disrupting 802.11b, although it's usually seen as a reduction in bandwidth rather than a total blockade, so the user doesn't notice.
Again, this is not for mission-critical situations. Although... wireless has NEVER been for mission critical situations, because it is always subject to denial of service from simple RF jamming. If somebody's life depends on it, use a wire.
Re:License to print money
on
The Last Comdex?
·
· Score: 5, Insightful
Because large-scale trade show venues cost a fortune to rent, and ever since 9/11 those costs have risen as it has been more expensive to secure such buildings.
Couple those fixed costs of putting on a show with a decline in display floor companies because a good chunk of former presenters are either bankrupt or cutting back, and less people are being sent by those companies to look and those presenters on the floor.
Higher costs, lower income... uh oh!
Does anybody know off topic when they see it?
on
HomeSec In the News
·
· Score: 1
As spammers are quick to point out, spamming isn't illegal. The FTC is not pursuing people for the act of sending spam, they can't because that's not a crime.
These guys are being brought up not for spamming, but because the offer they made in their spam is deceptive and illegal. It'd be just as illegal if they chose buy a billboard to deliver the same message.
It's great to see that Moore's Law is still being obeyed at AMD and Intel, but is every "We've got the Fastest Chip Ever!" release still newsworthy anymore? Seems like it's the same story every time with just a slightly bigger number than the last time.
The problem I see with absolutely every new protcol, going all the way back to the telephone and postal service is that there is an inherent assumption that all communication attempts are desired, and should be brought to the attention of the recipient. Only later are additions made to secure the protocol, such as Caller ID and the Telezapper for the phone, and requirments that large packages be delivered in person to protect the mail system.
For that reason, I think eventually every commincation protocol will have requirements that clearance to send be requested before the actual payload is allowed. And furthermore, upstream routers would remember when permission is denied for a limited time and repeat the denial, therefore cutting off DOS attacks early in their journey, and assuring most people still have access to the apparent target.
But these types of filters are unique to the user. Words that might get though my filter might hit a red light in yours because you've never seen that word outside of spam. Therefore, there's no common technique that will get through all filters, and never will be one.
Any standards body needs to insist that standards it declares are standards that are not restricted by any patent limitations. If they do not, then they risk putting out a standard that one company controls, or worse, you need the permission of serveral companies.
If you want the benefits of having your technology as part of a sactioned standard, check your patents at the door.
What's "royalty-free" today can become expensive tomorrow. There needs to be a legally binding promise that the patent is effectively surrendered, that is there's never going to be an attempt to use the patent rights, before that technology can be freely used as part of something else.
That only tells them that you read their spam. In order to know what's gonna survive your filter, they'll need samples of the e-mail that you wanted to get... which is e-mail that they didn't send you and can't put a tracking bug in.
But I've said it before. Linux is now getting to the point that the clueless people who poorly run Windows boxes are now moving over to Linux. These admins are too lazy or clueless to properly secure ANY operating system, no matter how well it's designed.
He needs to stay on Windows because all the porn trojan viruses are only for IE and Windows.
The rest of the world uses Microsoft software, so the only way to reach those people is to write in a format that they'll understand.
.xls file pefectly, Microsoft will change the standard in the next version just to spite you.
If you put up a web site and it doesn't render properly in Mozilla, that's a small annoyance. If it doesn't render properly in Internet Explorer, you're dead in the water. It's just that simple, you're publishing content and your audience can't see it.
That's the reason why most commerical software is written for Windows first, then ported to other OSes second. If you have an app that you want non-geeks to be able to use, you have to write for Windows.
If you want to be able to interact with other people, like read complex MS Excel spreadsheets, you have to have Excel. If open source ever figures out how to properly read an
Open source has overtaken Microsoft in the server space, but there's a long way to go until users adopt it. Until then, if you want to work with non-geeks, you have to maintain a Windows box.
Here's the problem, small radio stations will pick up artist that way, big station groups however will not take any non-RIAA artists. Why? Retribution. If Hot 107.9 in Syracuse breaks a local unsigned artist that way, all the major artist when they come to town will give their interviews to 93Q, and favor 93Q's concerts over Hot 107.9's. This won't be by the artist's choice, they just go where their RIAA-controled handlers send them.
That's simple, that situation will never exist.
When artists sign an RIAA contract, their label owns every recording they make until X number of albums are released. Which means, if the label drags its feet and refuses to release the last album of the contract, that artist's career is over. They can't take their work elsewhere unless they're a multi-millionaire who can afford enough lawyers to find a way out.
Therefore, an artist under an RIAA contract cannot directly give you rights. They can't even record a handful of songs on their own and keep the rights for themselves, the RIAA owns everything.
It's time the music artists unionized...
The best thing for you to do is avoid RIAA artists altogheter. If you make a direct agreement with the copyright holders, which in the case of unsigned artists almost always is the artist themselves, then the RIAA is not involved at all, as they don't have a copyright interest in every recording ever made, only the ones they make. The problem is, artists might be scared to give you royalty-free rights because the RIAA has a bad habit of ignoring artists who try to go around them. Afterall, if somebody were to prove that it is possible to become a mega-star without going through the RIAA, that could be the death of the RIAA.
Artists LIKE having their recordings widely distributed as far as possible, as you are never going to go to a concert of an artist that you have never heard. Artists therefore want to be on the radio. The Payola Scandal was artists paying DJs under the table so that they would be advanced with more favorable airplay. (BTW, Payola is illegal when it's paid to the DJ. So long as it's paid to the station and disclosed somehow to the listerner, that's advertising and legal.)
For the marginal artists who can't get onto mainstream radio, they love the extra distribution. There are a lot of B-level artists under RIAA contracts who can't distribute their work by free MP3 files, even though that would be a great career move to do.
This is the same as the school system admin who sets up a mail server for the school but fails to restrict its use to only the school's IP space. Suddenly it's discovered as an open relay, published on web sites, discovered by spammers, and they find their IP space in a black hole.
They're puzzled wondering why their network is sorta-broken. Most web sites work just fine but some don't. Everybody can send out e-mail, but people are complaining that the messages are bouncing half of the time.
When they discover they've been black-holed, they don't understand why they're being punished for the actions of spammers that they think are out of their control. They want to what they spammers are doing with their network to be illegal, and they want the lawyers to make the problem go away.
Oh, all the trouble a little security knowledge could save.
There will never be a perfectly secure operating system that a dummy can run. Dummy will fall for the old trojan program trick, and open his machine up to doing things he it didn't expect to.
If Linux ever gets up to the ease-of-use level Windows has now, and therefore hits the popularity Windows has now, the virus writers will come too, and Linux will have just as many problems. Having the source is a double edged sword. If the bug is found first by a white hat, we'll find out in the form of a patch being released. If the bug is found first by a black hat, we will descover it in the form of an exploit in the wild.
Remember your Internet history. It used to be, that .com meant commercial, .org meant non-profit, .edu meant educational body, .net meant an access-providing network and .gov meant US Government.
.com, .net, or .org domain without checking to see if they really qualify for the definition of those TLDs. As a result, the TLDs lost their meaning.
.news was maintained by the Associated Press, only news organizations who are members or partners of the AP (which is almost anybody worth their salt) would be allowed to create domains under that TLD. If you are a news orgainsation that doesn't play ball with the AP, you can still publish in .com territory and let people decide for themselves if they trust you. The Onion would not be welcome in the .news TLD, and that should hopefully cut down on the number of humourous stories that result when somebody thinks information presented in The Onion is a real news report.
.xxx domain, because they'll insist on claiming their not smut and saying they belong in .com. So, you let them have the .xxx domain if they're smut and proud of it (putting the honest ones where they can easily be blocked), and then make sure that the smut is limited to the "free-for-all" domains by saying that they don't meet the qualifications for the resticted ones.
Well, that went out the window rather quickly. Network Solutions decided in the interest of being able to sell more domains, they'd let anybody whose credit card clears own a
For example, if
You can't regulate smut into the
Common sense here... you put locked-down computers in the children's room, and a fully uncensored version of the Internet in the grown up's book area. If you want to use the grown up's computers, your library card has to indicate you're old enough.
.kids.us can't prevent that. However, if the kid is allowed to see abcnews.com, then there's nothing stopping them from going directly there.
.kids.us sandbox, which is to say that first link to abcfamily.com would fail, although it'd likely become abcfamily.kids.us to keep it in the safe zone. abc.kids.us would be a kid's version of the ABC TV Network's site that accents the Saturday Morning lineup and forgets about NYPD Blue, and would link to abcnews.kids.us which would have kid-friendly version of world events, that would not bother with sex scandals.
The solution is locking the kids in the
Nope, any site like Slashdot which allows users to post content which is basically unscreened would have to be taken as untrustworthy.
I'd guess to clean up Slashdot, the kid-safe version would have to require that the comments filter be set to at least a 3 (since high-karma users can start at a 2 before the first human reads it) to make sure everything a kid sees has been approved by a human first.
I think you have it backwards. Instead of trying to box porn sites or spammers into a specific IP range, which they will certainly be trying to fight their way out of by trying to unlabeled IP addresses, what you should do is have IP addresses reserved for the sites that are deemed trustworthy, and then the remaining unmarked pool can be the anything goes area that turns into the red-light district. That way, a "trusted" IP's content can be allowed to pass through, as any objectional content could be actioned on by informing the authority that controled that IP area. Content from "untrusted" IP space can be subjected to higher inspection, or on some networks just forbiden altogether.
NeuStar gets to decides what's "hate speech", "offensive", "obscene" or whatever.
.kids.us domain will indicate is that NeuStar has looked over the site and says "We think it's okay." If you do not want to deal with NeuStar, you may post your content in .com, .net., .org, or any other domain you can get access to, just not .kids.us. If NeuStar doesn't like you, you're locked out of .kids.us, but are still free to post whatever you want elsewhere.
.xxx domain and then trying to remove all content that belongs in the .xxx domain from .com. NeuStar isn't trying to tell you what you can and can't post where, they're just laying out rules for what goes on in the domain they've been asked to regulate in order to be allowed to keep their .us registation business.
All a
This is not like somebody creating a
Yes, but a 2.4 gHz phone has the same risk of disrupting 802.11b, although it's usually seen as a reduction in bandwidth rather than a total blockade, so the user doesn't notice. Again, this is not for mission-critical situations. Although... wireless has NEVER been for mission critical situations, because it is always subject to denial of service from simple RF jamming. If somebody's life depends on it, use a wire.
Because large-scale trade show venues cost a fortune to rent, and ever since 9/11 those costs have risen as it has been more expensive to secure such buildings.
Couple those fixed costs of putting on a show with a decline in display floor companies because a good chunk of former presenters are either bankrupt or cutting back, and less people are being sent by those companies to look and those presenters on the floor.
Higher costs, lower income... uh oh!
mod parent DOWN!
As spammers are quick to point out, spamming isn't illegal. The FTC is not pursuing people for the act of sending spam, they can't because that's not a crime.
These guys are being brought up not for spamming, but because the offer they made in their spam is deceptive and illegal. It'd be just as illegal if they chose buy a billboard to deliver the same message.
It's great to see that Moore's Law is still being obeyed at AMD and Intel, but is every "We've got the Fastest Chip Ever!" release still newsworthy anymore? Seems like it's the same story every time with just a slightly bigger number than the last time.
The problem I see with absolutely every new protcol, going all the way back to the telephone and postal service is that there is an inherent assumption that all communication attempts are desired, and should be brought to the attention of the recipient. Only later are additions made to secure the protocol, such as Caller ID and the Telezapper for the phone, and requirments that large packages be delivered in person to protect the mail system.
For that reason, I think eventually every commincation protocol will have requirements that clearance to send be requested before the actual payload is allowed. And furthermore, upstream routers would remember when permission is denied for a limited time and repeat the denial, therefore cutting off DOS attacks early in their journey, and assuring most people still have access to the apparent target.
But these types of filters are unique to the user. Words that might get though my filter might hit a red light in yours because you've never seen that word outside of spam. Therefore, there's no common technique that will get through all filters, and never will be one.
Any standards body needs to insist that standards it declares are standards that are not restricted by any patent limitations. If they do not, then they risk putting out a standard that one company controls, or worse, you need the permission of serveral companies.
If you want the benefits of having your technology as part of a sactioned standard, check your patents at the door.
What's "royalty-free" today can become expensive tomorrow. There needs to be a legally binding promise that the patent is effectively surrendered, that is there's never going to be an attempt to use the patent rights, before that technology can be freely used as part of something else.
That only tells them that you read their spam. In order to know what's gonna survive your filter, they'll need samples of the e-mail that you wanted to get... which is e-mail that they didn't send you and can't put a tracking bug in.