Some of the 'tiny' viruses were very clever. The basic idea was
to create the smallest replicating.com infector. One of them
was even partially self encrypting to avoid scanners and still
managed to come in at less than 200 bytes.
How this plays out in the future is up to the public at large. If most people aren't actually worried about what information they give away and how much the sites track them then the companies will track them. If most people instead choose the anonymous options then those demanding info will disappear.
It's not a choice between anonymous or nosy sites, it's a choice
between sites that benefit from personalization and those that
don't. It may take the bottom feeder portion of the marketing
population a while to get it, but there it is.
Amazon is an example of a site that has done a great job of
collecting demographic info and history and using that to try
and determine what products to bring to your attention when
you visit their site. They also provided an easy interface for the
user to guide the interest preferences.
They made the mistake of destroying
the value of that information by selling it without my permission
and lost me as a customer forever, but the original idea and
implementation was great.
All those news sites that want personal information offer
me nothing of value for providing information. I get to see the
content whether I give accurate information or lie, so I generally
lie.
The "World's safest OS" is a stupid bit of flamebait on the part
of mi2g to generate exactly the sort of response and "buzz" we
are seeing. It does not change the fact that Linux was
successfully attcked thousands of times, that is a problem that
needs to be faced and no amount of sticking our fingers in our
ears and chanting "FUD FUD FUD" will change an unpleasant
fact.
I don't give a rat's ass how secure or insecure Windows is as
a server OS, my employeer does not have millions of dollars
in monthly revenue on Windows. We rely on Solaris and are
using a lot Linux internally and seriously considering using it for
revenue generating products. That means that the security
problems with Linux that raised by this study need thinking
about.
We purchase a lot of MS software for
enterprise use, every time our sales reps brings up using MS
software in our revenue products we laugh at him. The right
tool for the right job.
It's a user training and UI problem, seperation of privelleges
is a good additional layer of defense, but for the foreseable
future malware authors will be able to leverage any level of
local access to a full system compromise.
The fact that malware authors don't need to deal with that
additional step makes Windows a more attractive target for
such attacks right now.
While this research may show that Linux servers are over-represented in overt acts of hacking, this does not statistically make the Linux OS the least secure.
Linux is over-represented as a target of hacking because there
is so much low hanging fruit out there, same reason that
Windows is over-represented in the malware depart.
The study chose to not consider malware because that is really
a UI and social engineering problem, this study was about
attacking servers without an inside patsy and Linux came up
short. It is dishonest and dangerous to ignore these sorts of
results.
But until someone figures out how to do broadcast power, a truly wireless solution may never be possible.
This is like saying that cold fussion would be good for
the electric toothbrush industry. Trivialy true, but ignoring
what a fundamental advance he is talking about.
These messages hurt impulse buys in my case. When I see a
message like "this software contains anti-copying
technology" I remember all the times I've had
games fail to work because of buggy piracy protection.
It
means that I put off
buying the game until it has been around long enough for
users to report problems with the copy protection and
the publisher to release patches.
Sometimes I never get
around to checking and lose interest in the game.
An experienced Perl programmer could probablyl do almost any text processing task in a third of what it would take an expert C++ programmer to do.
No expert C++ programmer would do a text
processing task in C++. Most experienced
programmers would use the scripting language
they know best. They might write or use a
module written in a compiled language if
the task is more complicated than simple
text munging.
There are obvious points where authentication can be
added to the email delivery system. The problems lie
in building and administering the trust
chain. Even if an organization (or regional organizations)
can handle the technical challenges, we wind up be placing
a lot of power in the hands of a single group. Any single
group would be an easy target for government regulation.
It's not just that the technical aspects are difficult (they are),
the operational and privacy concerns are even tougher. I
agree that we cannot charge money without securing the
email infrastructure, I also think that securing the email
infrastructure would be a bad idea using any sort of
hierarchical model.
as well, i swear i've read stories about certain sites vying in random ways to have their site come up higher than the compeition's in google searches.
There are the slimy "web placement enhancement" services
that will work to increase the relevance of your site on
the most popular search engines. I think Search King
(or something like that) was the one that made the most
noise about google resisting their attempts to manipulate
pagerank for comercial sites.
Amateurs doing the same for fun and to score points on
an ideological opponent have gamed the google results,
one of the best known instances being 'santorum'.
Hmm, I had almost the same experience - except the car
was a Mitsubishi, the faulty car bit was the brake, the store was
Best Buy and the personal electronics device was a CD
burner.
I stopped and purchased consumer electronics, but it didn't
seem to help the noise my brake was making. What did I
do wrong?
Now, IE6, which is not at risk, has far surpassed the at-risk version in usage.
So lets do a wild ass guess and say IE5.0 has a
10% market share at this point. The delivery
techniques used by email worms could make sure
that nearly the entire vulnerable population is
exposed to the
exploit, have the exploit code register its host
with a simple port listener machine and the bad
guy winds up with a list of exploitable
machines.
I'd be willing to bet that someone is working on
a delivery system and support tools for the
exploit at this very moment.
Re:Your easy answer is, alas, too easy.
on
Space Burial
·
· Score: 1
That's how hardcore, how serious, the Japanese generals,
warmongers and militarists were: they wanted the world to end
I believe this to be the reaction of
all powerful men (especially old men with less
life to lose) when the circumstance that allows
them power is threatened. Tell me you don't
believe that Rumsfeld and Cheney would burn down
the world before allowing the US to be eclipsed.
At least in the case of the Japanese militarists
a bit of justice was done and showed us why the
military must be a tool of policy and never its
master. Someday I think we will learn the same
thing about business.
Re:donald duck adventures and the mad chemist
on
Comic Book Physics
·
· Score: 1
god i love comic books.
Amen:)
I loved Disney comics (Donald especially) so much
that I even read those awful Gold Key and Whitman
versions from the 60's and 70's. They had a couple
good artists, but the best was the Barks stuff
from the 40's and 50's.
Re:Your easy answer is, alas, too easy.
on
Space Burial
·
· Score: 2, Insightful
By nuking two cities, the United States forced a surrender.
In the 19th century civilian population
centers and industry had become such an important
part of a nation's ability to wage war that they
were viewed as valid military targets. Some
people use this belief as an argument that nuking
those cities was okay. That still leaves the
question of why we could not have selected a pure
military site to nuke - the damage caused would
not have been as great, but Japan would have been
able to see what sort of weapons we had available.
if the reviewer writes well, you can give her opinion more weight.
I wrote a several paragraph review on amazon about 4 years
ago. The review itself was filled with misspellings and
grammatical
errors, but got a couple hundred positive votes. After the
review had been there a couple years I saw that some tech
book review site had lifted the review, corrected the writing
errors and posted it as their own, then the review had been
picked up by amazon and attached to the book I had
reviewed.
The moral of my little anecdote is that
just because the reviewer writes well doesn't mean that they
aren't a plagiarizing weasel.
I love my Mac, really - but I wish we saw the kind
of pricing and software that is available for Windows.
That World of Warcraft will be released for Mac gives me
hope that good (and timely) games for Mac may yet come to
pass.
Spinal Tap, it goes to 11 quote
on
Hack Your Car
·
· Score: 1
Don Jolley... compares some overenthusiastic e-mechanics to the rock musicians in the movie "This Is Spinal Tap," who buy custom-made amplifiers because they go up to "11" instead of the usual "10." "They think if a little power is good, than a lot must be great," Mr. Jolley said.
Wrong Don, the Spinal Tap quote is funny because '10' and
'11' are not a measure of anything - they are just the
highest number on the dial. Horsepower and torque are
measurements, so while it may be silly to kill gas milleage
for an extra 18 horsepower there is an actual change in
the power output of the engine.
Sure thing, and this can be applied to things other than
software development. I hear the South Koreans have a new
system where 9 women can bring a baby to term in a
month.
North Korea is reputedly working on a way to have 100 men
dig a hole 100 feet deep in 1 minute.
Slashdot Mirror
If you are really worried about it then use a 'jail' or 'chroot' setup.
Some of the 'tiny' viruses were very clever. The basic idea was to create the smallest replicating .com infector. One of them
was even partially self encrypting to avoid scanners and still
managed to come in at less than 200 bytes.
It's not a choice between anonymous or nosy sites, it's a choice between sites that benefit from personalization and those that don't. It may take the bottom feeder portion of the marketing population a while to get it, but there it is.
Amazon is an example of a site that has done a great job of collecting demographic info and history and using that to try and determine what products to bring to your attention when you visit their site. They also provided an easy interface for the user to guide the interest preferences. They made the mistake of destroying the value of that information by selling it without my permission and lost me as a customer forever, but the original idea and implementation was great.
All those news sites that want personal information offer me nothing of value for providing information. I get to see the content whether I give accurate information or lie, so I generally lie.
I don't give a rat's ass how secure or insecure Windows is as a server OS, my employeer does not have millions of dollars in monthly revenue on Windows. We rely on Solaris and are using a lot Linux internally and seriously considering using it for revenue generating products. That means that the security problems with Linux that raised by this study need thinking about.
We purchase a lot of MS software for enterprise use, every time our sales reps brings up using MS software in our revenue products we laugh at him. The right tool for the right job.
The fact that malware authors don't need to deal with that additional step makes Windows a more attractive target for such attacks right now.
Linux is over-represented as a target of hacking because there is so much low hanging fruit out there, same reason that Windows is over-represented in the malware depart.
The study chose to not consider malware because that is really a UI and social engineering problem, this study was about attacking servers without an inside patsy and Linux came up short. It is dishonest and dangerous to ignore these sorts of results.
But until someone figures out how to do broadcast power, a truly wireless solution may never be possible.
This is like saying that cold fussion would be good for the electric toothbrush industry. Trivialy true, but ignoring what a fundamental advance he is talking about.
Common carrier only applies to regulated facilities like phone, cable or shippers, not ISPs and not IRC servers.
These messages hurt impulse buys in my case. When I see a message like "this software contains anti-copying technology" I remember all the times I've had games fail to work because of buggy piracy protection.
It means that I put off buying the game until it has been around long enough for users to report problems with the copy protection and the publisher to release patches. Sometimes I never get around to checking and lose interest in the game.
So are these activist judges using their powers for good or for awesome?
No expert C++ programmer would do a text processing task in C++. Most experienced programmers would use the scripting language they know best. They might write or use a module written in a compiled language if the task is more complicated than simple text munging.
If this is correct then why would RIAA subject themselves to a trial by jury?
It's not just that the technical aspects are difficult (they are), the operational and privacy concerns are even tougher. I agree that we cannot charge money without securing the email infrastructure, I also think that securing the email infrastructure would be a bad idea using any sort of hierarchical model.
There are the slimy "web placement enhancement" services that will work to increase the relevance of your site on the most popular search engines. I think Search King (or something like that) was the one that made the most noise about google resisting their attempts to manipulate pagerank for comercial sites.
Amateurs doing the same for fun and to score points on an ideological opponent have gamed the google results, one of the best known instances being 'santorum'.
Not all comercial, just mostly.
I stopped and purchased consumer electronics, but it didn't seem to help the noise my brake was making. What did I do wrong?
So lets do a wild ass guess and say IE5.0 has a 10% market share at this point. The delivery techniques used by email worms could make sure that nearly the entire vulnerable population is exposed to the exploit, have the exploit code register its host with a simple port listener machine and the bad guy winds up with a list of exploitable machines.
I'd be willing to bet that someone is working on a delivery system and support tools for the exploit at this very moment.
I believe this to be the reaction of all powerful men (especially old men with less life to lose) when the circumstance that allows them power is threatened. Tell me you don't believe that Rumsfeld and Cheney would burn down the world before allowing the US to be eclipsed.
At least in the case of the Japanese militarists a bit of justice was done and showed us why the military must be a tool of policy and never its master. Someday I think we will learn the same thing about business.
Amen :)
I loved Disney comics (Donald especially) so much that I even read those awful Gold Key and Whitman versions from the 60's and 70's. They had a couple good artists, but the best was the Barks stuff from the 40's and 50's.
In the 19th century civilian population centers and industry had become such an important part of a nation's ability to wage war that they were viewed as valid military targets. Some people use this belief as an argument that nuking those cities was okay. That still leaves the question of why we could not have selected a pure military site to nuke - the damage caused would not have been as great, but Japan would have been able to see what sort of weapons we had available.
See, only a Beloved Leader for Life who loves Daffy Duck cartoons could come up with that sort of creative solution.
I wrote a several paragraph review on amazon about 4 years ago. The review itself was filled with misspellings and grammatical errors, but got a couple hundred positive votes. After the review had been there a couple years I saw that some tech book review site had lifted the review, corrected the writing errors and posted it as their own, then the review had been picked up by amazon and attached to the book I had reviewed.
The moral of my little anecdote is that just because the reviewer writes well doesn't mean that they aren't a plagiarizing weasel.
That World of Warcraft will be released for Mac gives me hope that good (and timely) games for Mac may yet come to pass.
Wrong Don, the Spinal Tap quote is funny because '10' and '11' are not a measure of anything - they are just the highest number on the dial. Horsepower and torque are measurements, so while it may be silly to kill gas milleage for an extra 18 horsepower there is an actual change in the power output of the engine.
North Korea is reputedly working on a way to have 100 men dig a hole 100 feet deep in 1 minute.
The confusion will arise when SiteFinder gets ads.