How about college campuses and boarding schools? I know plenty of people who use Playstations around here because it's easier to have a $1000 computer to do work and web browsing on and a $300 console + TV setup than to keep a computer capable of playing cutting-edge games.
Not that any of the other government programs seem to be all that successful, but this is just another example of the feds overstepping their bounds. A few reasons (many of which have already been brought up):
The federal government should not be forcing programs upon local school districts.
The federal government should not be telling people what is right and wrong. Getting action from a subordinate on the job is OK, but learning how computers work isn't. Hmm. Sounds like a very productive country.
This is the same government that has sponsored drug sales through the CIA while imprisoning people who just use similar drugs in the U.S.
This is the same government that brought you such wonderfully successful programs as: Prohibition. The WoSD. Etc.
There are more, but those are the only ones I can enumerate. I guess we can only hope that this program is as effective as DARE. At least in the town where I live, the DARE officer collects pot pipes and shows 'em off when he goes to school to discuss the evil of drugs. And he takes frequent breaks to go outside and smoke tobacco. Great example.
I think the good results of the DARE program are the bumper stickers:
DARE...to keep cops off doughnuts
DARE...to think for yourself.
So what's the slogan for the new program going to be? "BAAAHHHHHH...Microsoft good, shellcode bad"? "CARE...to leave the case on"? (CARE: Computer Abuse Resistance Education or Completely Absurd and Ridiculous anti-Education)
(The reason I bring up the DARE comparisons is the similarity in programs. Basically, it's just another form of brainwashing that we, the taxpayers, get to finance.)
I agree entirely with the other guy who responded (I wish I had a short-term memory). Phrack is not some script-kiddie-house-o'-sploits. You'd have better luck looking at securityfocus.com (one of your "responsible" groups) for those. I haven't read all of it, but the articles I did read were much more into proof-of-concept and discussing technical issues than providing.c files to compile and run against your favorite hosts (note to script kiddies: nsa.gov is probably *not* the best place to test your k3wl sploit. Now back to our regular programming.) Bugtraq probably has more 'sploits, and you cite that as a "responsible" group. The only difference is that a lot of phrack contributers find holes because it's fun and challenging, not because they're getting paid to admin hosts that use swiss-cheese-security. (Not to imply that because one is getting paid to be a security consultant one can't still be a hacker, just that I get the impression that a much greater percentage of the people posting to Phrack are hackers in the pure sense just because that's what they are (in the "Gee, I wonder how this thing works" sense, not in the "d00d, let's generate some credit card numbers!", which isn't hacking at all, unless you actually reverse engineered the system to generate numbers and whatnot. Bonus points if you build a magstripe maker from household components, but anyhow). I just wish my C and assembly skills were up to the level necessary to do some of that stuff...
How about holding people responsible for their actions, whether or not they're on drugs? If someone chooses to smoke up, get in his/her car, and causes personal injury, death, or property damage, hold them responsible. Pretty soon, the idiot druggies will be taken care of and those who aren't will have managed to find ways to keep themselves from being a threat while drugged up (perhaps by smoking/snorting/whatever in the comfort of their own homes?)
I know that QWest provides LD service for a lot of schools and colleges here in the Northeast. I guess ECCI gets contracts with individual instituions and then bundles the stuff together to get good QWest rates. From what I hear, they're pretty reliable (at least better than CampusLink, who just does individual school stuff and where you have to just *hope* stuff works).
Re:Nice way to remember multiple passwords
on
Password Overload
·
· Score: 1
Of course, mneumonic devices (SP?) also help. Classic example: By the dawn's early light Btd'el! or Bill Clinton has 15 interns under his desk! BCh15iuhd! Then it just becomes a question of which is which. (Damn, did I bash Bill Clinton or Bill Gates in my foobar login? Or did I use the same line as on goober? Or do I still even have a goober account?) That's where the earlier suggestions (ie one high-security, one medium security, and one low-security (e.g. slashdot/nytimes/etc) password). I actually use three or four, but along the same lines. Of course, I suppose I should change them at some point....
Okay, well at the same cost, I'll also send out messages into space. I'll just turn the speaker on the modem up and broadcast with the $3 walkie-talkie I have..somewhere. For a small additional fee, I'll also host any replies.
I know that, at least with zicq, you can't actually see an "invisible" user when they're logged on. However, you *can* see the message when they log off.
(zicq is a curses-based ICQ clone, and will give the message "Sparty (7335712) logged off. But they weren't online. (Invisible??)" or similar when that happens.)
I'm teaching Internet Publishing at a summer school program, and it seems like I'm always in my classroom, either working on curriculm material, fighting CGI scripts, or fixing computers that have died. (The latter largely because we run 'doze9x for workstations here...ugh.) Of course, it also means I get to keep my domain running on the school LAN (w/T1 connection), read/. during lulls in class, and eat at the dining hall. It's a near-24/7 job, but I enjoy it. I'm also living in the dorm (as a faculty member), and I get to use the athletic facilities if I get any free time. Unfortuantely, my broken wrist and the fiberglass cast on my arm is kind of putting a damper on athletics right now.
I think he did that because he was already maxing out the bandwidth. If he was getting 10GB/day in transfers while blocking robots, how much would he have gotten if every guy with disk space and bandwidth was mirroring it? (Not to mention people stealing everything and putting it up elsewhere...) The info he had up on genocide2600.com suggested that if he didn't block robots, the bandwidth simply wouldn't hold up and nobody would get access.
I recognize that it would be nice for Linux to thrash NT on a top-of-the line box, but there is one place that Linux will definitely beat NT. How about a low-end box (eg earlier Pentium or such)? I'm using a 486 that I pulled from the trash heap as a webserver, DNS server, nameserver, et al. It was actually serving 8-10 thousand hits/day for a while on a 3C509. Not too shabby. I think this is one place that Linux really shines--setting up departmental servers or low-usage webservers for smaller companies, and you can't even run NT on the same hardware.
Email isn't anonymous to begin with, unless you're bouncing through one or more anonymous servers. All this service does is provide an easier way to track down the server that originated the crap and look up publicly available info on that person. Kinda like looking at the postmark on a letter and finding contact info for the postmaster in that town.
Personally, I have blackmail set up. If a DNS check on the host name provided with EHLO fails, if a DNS check on the domain the from: line has fails, or if the To: address == From: address, I don't see the email. Occasionally, a valid email bounces. More often, it just means I don't have to deal with most of the UCE I get sent. And I post to Usenet with my real address, too.
Slashdot Mirror
How about college campuses and boarding schools? I know plenty of people who use Playstations around here because it's easier to have a $1000 computer to do work and web browsing on and a $300 console + TV setup than to keep a computer capable of playing cutting-edge games.
Not that any of the other government programs seem to be all that successful, but this is just another example of the feds overstepping their bounds. A few reasons (many of which have already been brought up):
There are more, but those are the only ones I can enumerate. I guess we can only hope that this program is as effective as DARE. At least in the town where I live, the DARE officer collects pot pipes and shows 'em off when he goes to school to discuss the evil of drugs. And he takes frequent breaks to go outside and smoke tobacco. Great example.
I think the good results of the DARE program are the bumper stickers:
So what's the slogan for the new program going to be? "BAAAHHHHHH...Microsoft good, shellcode bad"? "CARE...to leave the case on"? (CARE: Computer Abuse Resistance Education or Completely Absurd and Ridiculous anti-Education)
(The reason I bring up the DARE comparisons is the similarity in programs. Basically, it's just another form of brainwashing that we, the taxpayers, get to finance.)
I agree entirely with the other guy who responded (I wish I had a short-term memory). Phrack is not some script-kiddie-house-o'-sploits. You'd have better luck looking at securityfocus.com (one of your "responsible" groups) for those. I haven't read all of it, but the articles I did read were much more into proof-of-concept and discussing technical issues than providing .c files to compile and run against your favorite hosts (note to script kiddies: nsa.gov is probably *not* the best place to test your k3wl sploit. Now back to our regular programming.) Bugtraq probably has more 'sploits, and you cite that as a "responsible" group. The only difference is that a lot of phrack contributers find holes because it's fun and challenging, not because they're getting paid to admin hosts that use swiss-cheese-security. (Not to imply that because one is getting paid to be a security consultant one can't still be a hacker, just that I get the impression that a much greater percentage of the people posting to Phrack are hackers in the pure sense just because that's what they are (in the "Gee, I wonder how this thing works" sense, not in the "d00d, let's generate some credit card numbers!", which isn't hacking at all, unless you actually reverse engineered the system to generate numbers and whatnot. Bonus points if you build a magstripe maker from household components, but anyhow). I just wish my C and assembly skills were up to the level necessary to do some of that stuff...
How about holding people responsible for their actions, whether or not they're on drugs? If someone chooses to smoke up, get in his/her car, and causes personal injury, death, or property damage, hold them responsible. Pretty soon, the idiot druggies will be taken care of and those who aren't will have managed to find ways to keep themselves from being a threat while drugged up (perhaps by smoking/snorting/whatever in the comfort of their own homes?)
I know that QWest provides LD service for a lot of schools and colleges here in the Northeast. I guess ECCI gets contracts with individual instituions and then bundles the stuff together to get good QWest rates. From what I hear, they're pretty reliable (at least better than CampusLink, who just does individual school stuff and where you have to just *hope* stuff works).
Of course, mneumonic devices (SP?) also help. Classic example:
By the dawn's early light
Btd'el!
or
Bill Clinton has 15 interns under his desk!
BCh15iuhd!
Then it just becomes a question of which is which.
(Damn, did I bash Bill Clinton or Bill Gates in my foobar login? Or did I use the same line as on goober? Or do I still even have a goober account?)
That's where the earlier suggestions (ie one high-security, one medium security, and one low-security (e.g. slashdot/nytimes/etc) password). I actually use three or four, but along the same lines. Of course, I suppose I should change them at some point....
Okay, well at the same cost, I'll also send out messages into space. I'll just turn the speaker on the modem up and broadcast with the $3 walkie-talkie I have..somewhere. For a small additional fee, I'll also host any replies.
I know that, at least with zicq, you can't actually see an "invisible" user when they're logged on. However, you *can* see the message when they log off.
(zicq is a curses-based ICQ clone, and will give the message "Sparty (7335712) logged off. But they weren't online. (Invisible??)" or similar when that happens.)
I'm teaching Internet Publishing at a summer school program, and it seems like I'm always in my classroom, either working on curriculm material, fighting CGI scripts, or fixing computers that have died. (The latter largely because we run 'doze9x for workstations here...ugh.) Of course, it also means I get to keep my domain running on the school LAN (w/T1 connection), read /. during lulls in class, and eat at the dining hall. It's a near-24/7 job, but I enjoy it. I'm also living in the dorm (as a faculty member), and I get to use the athletic facilities if I get any free time. Unfortuantely, my broken wrist and the fiberglass cast on my arm is kind of putting a damper on athletics right now.
The c't benchmark used a Linux-based benchmarking tool that is available from them.
I think he did that because he was already maxing out the bandwidth. If he was getting 10GB/day in transfers while blocking robots, how much would he have gotten if every guy with disk space and bandwidth was mirroring it? (Not to mention people stealing everything and putting it up elsewhere...) The info he had up on genocide2600.com suggested that if he didn't block robots, the bandwidth simply wouldn't hold up and nobody would get access.
I recognize that it would be nice for Linux to thrash NT on a top-of-the line box, but there is one place that Linux will definitely beat NT. How about a low-end box (eg earlier Pentium or such)? I'm using a 486 that I pulled from the trash heap as a webserver, DNS server, nameserver, et al. It was actually serving 8-10 thousand hits/day for a while on a 3C509. Not too shabby. I think this is one place that Linux really shines--setting up departmental servers or low-usage webservers for smaller companies, and you can't even run NT on the same hardware.
Email isn't anonymous to begin with, unless you're bouncing through one or more anonymous servers. All this service does is provide an easier way to track down the server that originated the crap and look up publicly available info on that person. Kinda like looking at the postmark on a letter and finding contact info for the postmaster in that town.
Personally, I have blackmail set up. If a DNS check on the host name provided with EHLO fails, if a DNS check on the domain the from: line has fails, or if the To: address == From: address, I don't see the email. Occasionally, a valid email bounces. More often, it just means I don't have to deal with most of the UCE I get sent. And I post to Usenet with my real address, too.