The university owns the bandwith, they can block it, scan it, whatever.
Try again. The taxpayers of Florida own that bandwidth.
But invading the student's PC's is an invasion of privacy. This isn't even like watching employees. In a company, the PC belongs to the company, not the employee. These are the student's personal computers. The school has absolutely no right to scan the systems. The student is therefore totally liable for anything illegal found on that PC. The university should limit its power to scanning internet traffic.
You are absolutely correct. What they should do is monitor the routers, and then disconnect those in violation of the policy. So if your machine is infected with SoBig, as soon as it starts sending out the virus, then, and only then should they cut you off. Then you can prove to the IT people that you cleaned up the machine and they can let you back on.
There is no need to invade people's computers. That's like getting pulled over and ticket becuase it looked like you might speed.
What about my Linux ISOs that I want to share with the world? It is perfectly legal to share those, yet I don't see them endeavoring to identify what is being shared, only that it's being shared.
I agree that downloading copyrighted content wastes tons of bandwidth, but that should not prevent those who share legitimate content from freely doing so.
Rontgen had discovered X rays, a momentous event that instantly revolutionized the field of physics and medicine...However, he refused to take out any patents in order that the world could freely benefit from his work. At the time of his death, Rontgen was nearly bankrupt from the inflation that followed WW I.
IIRC, the discovery of X-ray technology has been one of the biggest advances in modern medicine. At least it did not languish.
Maybe I'm being a little bit picky here, but I'd prefer the best tool for the job (yes, I am a gov't employee).
If that happens to be open source, so much the better, but I don't want to be forced to fumble around with an inadequate tool, and waste time and taxpayer dollars, just for the sake of using open source software.
Whether or not some people care to admit it (and there are pleny who still don't), sometimes the only/best tool for the job is closed-source commercial software.
I'm sorry, but you are full of it. The amount of money that the federal government spends on software procurement and maintenance is staggering. In many cases, the federal government is the only customer of some firms. Thus, all Uncle Sam has to do is say, "form now on, if you sell to us, its open source." If they company doesn't like it, then tough, they can find others to sell to (the federal government should not be in the business of propping up other businesses).
In the other case, where the federal government is the only customer, then they stand to lose absolutely nothing by opening the source, unless there is something they are trying to hide.
As far as the best tool for the job: I would hardly call an end-to-end MS desktop, running MS Office, hooked to MS Servers solution that croaks everytime a new virus comes out and paralyzes entire military installations and federal departments, the best tool for the job. I have seen that exact thing happen so many times that I cannot fathom why we still see things like the recent procurement deal the Army signed for ~$900 million that only included MS OSes.
How long until you need to get license for your child when he is born so that he can speak his native language? How about a license to learn/teach a foreign language in shool?
This on the same level of absurdity as the SCO lawsuit.
Sadly, prison terms won't be used to enforce of the new law.
Slashdot seems to me to be the place where people gripe about overly harsh sentences for people who are involved in things like P2P and software "piracy," and then say how it's totally out of whack because you go to prison for 5 years for rape and 25 for copyright infingement.
While agree that spam is a social ill and needs to be curtailed, we need to be careful not to go overboard.
How about assignments to three different intel units ranging from a couple of hundred personnel to one with about 3000 personnel, each with only a handful of Windows machines (mostly for formflow and the few admin folks), everything else running on Sun SPARC/Ultra, and SGI.
As far as user/admin ratio goes, at my last assignment I was part of a 60 airman Help Desk that administered a Windows 2K hosted LAN to over 30,000 users. How's that for a ratio?
So, you're saying that every subordinate unit depended solely on your helpdesk? They didn't have any sysadmins of their own? I find that hard to believe.
How bout we hear from those in the field that can give us a idea of what it is like behind the other side of the heavily armed gate?
Well, the gate really is not that heavily armed:-)
Considering that almost the entire US military runs on MS software, with the possible exception of some research labs and few places here and there, like intel units, that run Unix, there are tons of IT opportunities. I forget what the ratio is, but I have been assigned to some units where the sysadmin-to-user ratio was pretty darned high. Mostly because every time an MS exploiting virus hits (and I can remember quite few, at least back to '98) they scramble around trying to make sure that everything is secured, and then after it hits they run around fixing the 20% of the computers they missed in the first pass that got infected. The military also mandates that their IT people support a bunch of legacy apps, again complicating things.
The problem with this system is that it opens people who already aren't that skilled at running a computer to a new kind of attack. Imagine someone spoofing your IP and broadcasting worm packets, running up your fines.
Since part of the plan is for ISPs to monitor outbound traffic, that would only become a real issue of someone on your same subnet, that was served by the same gateway router, spoofed your address. Otherwise it would be real easy to say, "check the outbound logs on the router at xxx.xxx.xxx.1." Then it would pretty obvious that those packets originated on a different subnet and not from your machine, since the logs on your servicing gateway would be clean.
I can realy understand how someone could consider that they're doing a service for admins and all of that, but the point is that you are still breaking into a system and then turning around and saying, "hey, this is a security hole, you should fix it" is kind of like G. Guido coming down to your house, breaking in through a window with a golf-club and then saying, "Hey, I can break into your house, better listen to me or I'll do it again."
I'm sure that Adrian has some noble goals, but fundamentally when a company decides that they don't like people creeping into their system and then presses charages against those who do, it's their right to feel that their security was violated. Good luck to him really, but there are other ways you can help people protect their network security than by breaking into them.
I can see your point, but what he was doing was exposing flaws in the security of "public" places on the net. How is this any different than when the local news where I live broke into the nearby international airport's restricted area and did a report from there (this was about a year after 9/11) to show how lax security had become again.
When the journalists do it, it is a public service. When a private citizen does it, it is a crime. WTF? Personally, if I am going to be utilizing the services of these sites, I want to know that they have good security (and not just because they say so).
There is no way anyone can convince me that what he was doing was wrong. He was providing a public service, and if the public is too ungrateful to realize that, then it is really sad.
It's not like he extorted money from the comapnies, or demanded some compensation, heck he even helped them fix the holes. It is just sickening that you can't even be a good Samaritan without someone wanting to take your head off.
I admin ~25 machines remotely, most of them in a room that I don't even have access to without special arrangements. With SSH I can do that without ever having to make those arrangements, except in the case of a major upgrade or a hardware failure.
I know what you mean. I just recently migrated 12 machines (2 servers and 10 workstations) from RedHat to Debian, from home in about a week in just my spare time out of class. This including setting up services like firewalling, Apache, NFS, NIS, and a few others (particularly while preserving SSL certificates, all the users' settings, home directories and passwords). I don't have any experience administering Windows machines, but having spoken to friends of mine who do admin Windows machines at school, I get the impression what I did would be totally impossible under Windows.
My friends at school that admin Windows machines spend lots of time running around campus to fill support requests. My users just email me and I can do practically everything from home, or wherever I am.
Am I the only person that read the headline and thought this article was about a way that Iranians can launder their U.S. dollars?
I thought this was about an anonymization process *for* U.S. funds possessed by Iranians, instead of the U.S. government providing funding *for* Anonymizer (the company).
2. You find a match called "Red Hat.iso" shared from one user.
3. You notice that there are 50 other users sharing the same file.
3. The other 50 versions are named as "Goatse.cx guy and tubgirl together at last.mpg"
4. Therefore, something is very very rotten in Denmark...:-)
Of course, those other 50 people should realize that it is not polite to dupe someone into downloading a RedHat ISO. Clearly they are part of RedHat's plan to take over the entire desktop computer market.
There's a third factor that should also be taken into consideration - that of just how easy it is to completely mess up an install of the OS. Even if you have an OS that is completely user friendly, making it easy to do whatever you want, if the users have access to essential functions of the system, they *will* mess it up. An ideal OS would be user friendly, secure *and* even the most determined good intentioned meddler would be unable to make a dent in it.
Then, by your reasoning, even Windows is not ready for the desktop. I recently purchased a new piece of hardware. The instructions for installation on Win 98SE/Me went something like this (thankfully I run Linux):
Install hardware and let Windows try to install driver
Remove specific Windows driver it just installed (don't reboot)
Get driver from vendor and install
Reboot and don't let windows try to install a different driver
If hardware does not work, uninstall all drivers from the last couple of steps and start over
If all else fails, format and start with a clean isntall of the OS
I mean, seriously, what kind of crap is that? Apparently, even someone knowledgable and following the instructions to the letter could screw things up to the point they would need to reinstall the OS. Imagine how bad a clueless idiot could screw it up.
I'm really not trying to be a troll here, but if a CS department requires a specific type of operating system (and probably the software that runs on said OS) in order to teach, then it's probably not worth the money to attend. Sure, learning to program with Microsoft's code du jour might help in the short term, but nothing beats teaching fundamental computer science principles in the long term.
What happens when the next big thing comes along and all the CS grads are stuck with C# as their sole reference point?
Amen to that. Recently one of the profs at my school asked me, "What woud you think if we started teaching the data structures course in C#?" My response was, "I will transfer and tell all of my friends to transfer and start a campaign to actively discourage people from even applying to this school."
When I asked him why they even considered such a thing he said it was because MS had considered funding a new lab if they agreed to teach using VS.NET/C#
If Microsoft wants to compete and beat Google then the results of a search will have to be relevant. If they are not, then people will continue to use Google.
I'm sorry, but no. People will continue to use MSN because they buy a computer at Best Buy. The computer from Best Buy comes with Windows, which comes with IE, which doesn't let you change your default search engine without hacking the registry. It also automatically directs you to MSN search when you mistype a URL.
Would you continue to use a particular phone book if it failed to supply you with accurate or consistent phone numbers?
You would if it was the phonebook that came with your house/apartment and you either didn't know there was a different one (take the US, where many people have no idea that there exists non-Bell sources of telephone listings) or you had drive across town and stand in line for two hours to get the new one. I use that last part of the comparison because most people still use dialup and even downloading the relatively small Mozilla Firebird (~7 MB) takes a good chunk of time over dialup.
Of course, you could just argue that people would be willing to simply type in the URL or bookmark it. But many office workers I know can't get through the day without that little sidebar (which in IE points at MSN search).
... nothing that would make you want to upgrade over 2000, and that's pretty sad.
Office 2000, XP, 2003? Is there even a compelling reason to go past Office 97 (other than the fact that you can't really buy it anymore, except maybe on ebay)?
Back in the day we had operators that worked on automatic morse equipment. Whenever we had a new operator that could not get the signals to sync up we would tell him that it was because the bits were moving too fast and that he could get the signals synced by tying the patch cord in a knot. It always worked like a charm (we were all on the floor dying of laughter pretty soon).
So have can a subpoena *violate* due process of law?
IANAL, but IIRC, the problem is that DMCA allows any "rights holder" to "subpoena" any information that they believe to be related violation of their copyrights, or whatever. Basically, until the DMCA rolled along you had to have a court issue a subpoena or a warrant. Now the RIAA can just cut the judge out of the loop.
Slashdot Mirror
Just out of curiosity, what ISP is going to roll out broadband to a university dorm? That is like a non-existent market.
The university owns the bandwith, they can block it, scan it, whatever.
Try again. The taxpayers of Florida own that bandwidth.
But invading the student's PC's is an invasion of privacy. This isn't even like watching employees. In a company, the PC belongs to the company, not the employee. These are the student's personal computers. The school has absolutely no right to scan the systems. The student is therefore totally liable for anything illegal found on that PC. The university should limit its power to scanning internet traffic.
You are absolutely correct. What they should do is monitor the routers, and then disconnect those in violation of the policy. So if your machine is infected with SoBig, as soon as it starts sending out the virus, then, and only then should they cut you off. Then you can prove to the IT people that you cleaned up the machine and they can let you back on.
There is no need to invade people's computers. That's like getting pulled over and ticket becuase it looked like you might speed.
P2P applications should be blocked at colleges.
What about my Linux ISOs that I want to share with the world? It is perfectly legal to share those, yet I don't see them endeavoring to identify what is being shared, only that it's being shared.
I agree that downloading copyrighted content wastes tons of bandwidth, but that should not prevent those who share legitimate content from freely doing so.
I'd think that colleges don't have that much budget for a legal team.
Yup. No legal team whatsoever.
But with WinDVD4, I started ramping up the speed. It didn't take long to get to 2x normal speed.
Does that work with Xine? or VLC?
So Flemming's life-saving discovery went unused for more than a decade, because he wasn't greedy.
Flemming isn't the only one:
From Figures in Radiation History: Wilhelm Conrad Rontgen
IIRC, the discovery of X-ray technology has been one of the biggest advances in modern medicine. At least it did not languish.
What could be worse than a method which increases the returns on spam?
A method which increases the return on spam and but not the size of anyone's penis, Nigerian bank account, or breasts.
Maybe I'm being a little bit picky here, but I'd prefer the best tool for the job (yes, I am a gov't employee).
If that happens to be open source, so much the better, but I don't want to be forced to fumble around with an inadequate tool, and waste time and taxpayer dollars, just for the sake of using open source software.
Whether or not some people care to admit it (and there are pleny who still don't), sometimes the only/best tool for the job is closed-source commercial software.
I'm sorry, but you are full of it. The amount of money that the federal government spends on software procurement and maintenance is staggering. In many cases, the federal government is the only customer of some firms. Thus, all Uncle Sam has to do is say, "form now on, if you sell to us, its open source." If they company doesn't like it, then tough, they can find others to sell to (the federal government should not be in the business of propping up other businesses).
In the other case, where the federal government is the only customer, then they stand to lose absolutely nothing by opening the source, unless there is something they are trying to hide.
As far as the best tool for the job: I would hardly call an end-to-end MS desktop, running MS Office, hooked to MS Servers solution that croaks everytime a new virus comes out and paralyzes entire military installations and federal departments, the best tool for the job. I have seen that exact thing happen so many times that I cannot fathom why we still see things like the recent procurement deal the Army signed for ~$900 million that only included MS OSes.
How long until you need to get license for your child when he is born so that he can speak his native language? How about a license to learn/teach a foreign language in shool?
This on the same level of absurdity as the SCO lawsuit.
Sadly, prison terms won't be used to enforce of the new law.
Slashdot seems to me to be the place where people gripe about overly harsh sentences for people who are involved in things like P2P and software "piracy," and then say how it's totally out of whack because you go to prison for 5 years for rape and 25 for copyright infingement.
While agree that spam is a social ill and needs to be curtailed, we need to be careful not to go overboard.
What makes you think intel uses *nix?
How about assignments to three different intel units ranging from a couple of hundred personnel to one with about 3000 personnel, each with only a handful of Windows machines (mostly for formflow and the few admin folks), everything else running on Sun SPARC/Ultra, and SGI.
As far as user/admin ratio goes, at my last assignment I was part of a 60 airman Help Desk that administered a Windows 2K hosted LAN to over 30,000 users. How's that for a ratio?
So, you're saying that every subordinate unit depended solely on your helpdesk? They didn't have any sysadmins of their own? I find that hard to believe.
How bout we hear from those in the field that can give us a idea of what it is like behind the other side of the heavily armed gate?
Well, the gate really is not that heavily armed :-)
Considering that almost the entire US military runs on MS software, with the possible exception of some research labs and few places here and there, like intel units, that run Unix, there are tons of IT opportunities. I forget what the ratio is, but I have been assigned to some units where the sysadmin-to-user ratio was pretty darned high. Mostly because every time an MS exploiting virus hits (and I can remember quite few, at least back to '98) they scramble around trying to make sure that everything is secured, and then after it hits they run around fixing the 20% of the computers they missed in the first pass that got infected. The military also mandates that their IT people support a bunch of legacy apps, again complicating things.
The problem with this system is that it opens people who already aren't that skilled at running a computer to a new kind of attack. Imagine someone spoofing your IP and broadcasting worm packets, running up your fines.
Since part of the plan is for ISPs to monitor outbound traffic, that would only become a real issue of someone on your same subnet, that was served by the same gateway router, spoofed your address. Otherwise it would be real easy to say, "check the outbound logs on the router at xxx.xxx.xxx.1." Then it would pretty obvious that those packets originated on a different subnet and not from your machine, since the logs on your servicing gateway would be clean.
I can realy understand how someone could consider that they're doing a service for admins and all of that, but the point is that you are still breaking into a system and then turning around and saying, "hey, this is a security hole, you should fix it" is kind of like G. Guido coming down to your house, breaking in through a window with a golf-club and then saying, "Hey, I can break into your house, better listen to me or I'll do it again."
I'm sure that Adrian has some noble goals, but fundamentally when a company decides that they don't like people creeping into their system and then presses charages against those who do, it's their right to feel that their security was violated. Good luck to him really, but there are other ways you can help people protect their network security than by breaking into them.
I can see your point, but what he was doing was exposing flaws in the security of "public" places on the net. How is this any different than when the local news where I live broke into the nearby international airport's restricted area and did a report from there (this was about a year after 9/11) to show how lax security had become again.
When the journalists do it, it is a public service. When a private citizen does it, it is a crime. WTF? Personally, if I am going to be utilizing the services of these sites, I want to know that they have good security (and not just because they say so).
There is no way anyone can convince me that what he was doing was wrong. He was providing a public service, and if the public is too ungrateful to realize that, then it is really sad.
It's not like he extorted money from the comapnies, or demanded some compensation, heck he even helped them fix the holes. It is just sickening that you can't even be a good Samaritan without someone wanting to take your head off.
I admin ~25 machines remotely, most of them in a room that I don't even have access to without special arrangements. With SSH I can do that without ever having to make those arrangements, except in the case of a major upgrade or a hardware failure.
I know what you mean. I just recently migrated 12 machines (2 servers and 10 workstations) from RedHat to Debian, from home in about a week in just my spare time out of class. This including setting up services like firewalling, Apache, NFS, NIS, and a few others (particularly while preserving SSL certificates, all the users' settings, home directories and passwords). I don't have any experience administering Windows machines, but having spoken to friends of mine who do admin Windows machines at school, I get the impression what I did would be totally impossible under Windows.
My friends at school that admin Windows machines spend lots of time running around campus to fill support requests. My users just email me and I can do practically everything from home, or wherever I am.
Am I the only person that read the headline and thought this article was about a way that Iranians can launder their U.S. dollars?
I thought this was about an anonymization process *for* U.S. funds possessed by Iranians, instead of the U.S. government providing funding *for* Anonymizer (the company).
E.g., consider the following scenario...
1. You are searching for Red Hat ISOs.
2. You find a match called "Red Hat.iso" shared from one user.
3. You notice that there are 50 other users sharing the same file.
3. The other 50 versions are named as "Goatse.cx guy and tubgirl together at last.mpg"
4. Therefore, something is very very rotten in Denmark... :-)
Of course, those other 50 people should realize that it is not polite to dupe someone into downloading a RedHat ISO. Clearly they are part of RedHat's plan to take over the entire desktop computer market.
There's a third factor that should also be taken into consideration - that of just how easy it is to completely mess up an install of the OS. Even if you have an OS that is completely user friendly, making it easy to do whatever you want, if the users have access to essential functions of the system, they *will* mess it up. An ideal OS would be user friendly, secure *and* even the most determined good intentioned meddler would be unable to make a dent in it.
Then, by your reasoning, even Windows is not ready for the desktop. I recently purchased a new piece of hardware. The instructions for installation on Win 98SE/Me went something like this (thankfully I run Linux):
I mean, seriously, what kind of crap is that? Apparently, even someone knowledgable and following the instructions to the letter could screw things up to the point they would need to reinstall the OS. Imagine how bad a clueless idiot could screw it up.
This shutdown seems to be in response to a several-week-long DDoS attack on Osirusoft,
They guy is dealing with a huge DDoS attack and we link his page from the front page of /. ??
I guess we can't make things any worse, but come on. Give the guy a break.
That was done before in the first batches of Pentium 0.99999999.
So that would be why the first batches of Pentium chips are actualy 486.99999-class processors.
I'm really not trying to be a troll here, but if a CS department requires a specific type of operating system (and probably the software that runs on said OS) in order to teach, then it's probably not worth the money to attend. Sure, learning to program with Microsoft's code du jour might help in the short term, but nothing beats teaching fundamental computer science principles in the long term.
What happens when the next big thing comes along and all the CS grads are stuck with C# as their sole reference point?
Amen to that. Recently one of the profs at my school asked me, "What woud you think if we started teaching the data structures course in C#?" My response was, "I will transfer and tell all of my friends to transfer and start a campaign to actively discourage people from even applying to this school."
When I asked him why they even considered such a thing he said it was because MS had considered funding a new lab if they agreed to teach using VS.NET/C#
I was totally floored.
If Microsoft wants to compete and beat Google then the results of a search will have to be relevant. If they are not, then people will continue to use Google.
I'm sorry, but no. People will continue to use MSN because they buy a computer at Best Buy. The computer from Best Buy comes with Windows, which comes with IE, which doesn't let you change your default search engine without hacking the registry. It also automatically directs you to MSN search when you mistype a URL.
Would you continue to use a particular phone book if it failed to supply you with accurate or consistent phone numbers?
You would if it was the phonebook that came with your house/apartment and you either didn't know there was a different one (take the US, where many people have no idea that there exists non-Bell sources of telephone listings) or you had drive across town and stand in line for two hours to get the new one. I use that last part of the comparison because most people still use dialup and even downloading the relatively small Mozilla Firebird (~7 MB) takes a good chunk of time over dialup.
Of course, you could just argue that people would be willing to simply type in the URL or bookmark it. But many office workers I know can't get through the day without that little sidebar (which in IE points at MSN search).
Office 2000, XP, 2003? Is there even a compelling reason to go past Office 97 (other than the fact that you can't really buy it anymore, except maybe on ebay)?
Back in the day we had operators that worked on automatic morse equipment. Whenever we had a new operator that could not get the signals to sync up we would tell him that it was because the bits were moving too fast and that he could get the signals synced by tying the patch cord in a knot. It always worked like a charm (we were all on the floor dying of laughter pretty soon).
So have can a subpoena *violate* due process of law?
IANAL, but IIRC, the problem is that DMCA allows any "rights holder" to "subpoena" any information that they believe to be related violation of their copyrights, or whatever. Basically, until the DMCA rolled along you had to have a court issue a subpoena or a warrant. Now the RIAA can just cut the judge out of the loop.