I think it's more of a chicken-and-egg problem. I just checked BearShare for two bands:
Pink Floyd: 1007 files, shared by 2214 people. Most popular: "Wish You Were Here" shared by 88 people.
Outkast: 595 files, shared by 2535 people. Most popular: "Hey Ya" shared by 417 people.
I can't stand "Hey Ya." It's one of very few things on the radio which actually annoy me enough to switch the station when they come on (that and the "Ba-da-ba-ba-ba" McDonald's jingle). Yet "Hey Ya" is all over P2P. "Hey Ya" is now in television commercials produced by and running on at least two networks (NBC, CBS). I think, but I'm not totally sure, that "Hey Ya" is background music in the "50 First Dates" commercial, so it's even bleeding into the movie industry. Surely it won't be long before it shows up in auto advertisements.
When you say,
The more P2P that goes on, the more Britneys and Outkasts we're going to get.
...I think you're right. But not because P2P is evil, or because P2P is killing the music industry. We're going to keep getting "Hey Ya" because, crap or not, "Hey Ya" is what people "want." (You can presumably substitute "Britney" for all occurrences of "Hey Ya" and "Outkast.")
The chicken-and-egg problem is that it's "popular," because people want to hear it, because it's all they've been hearing, because the recording industry is shoving it down everyone's throat, which makes it "popular," which gets it all over P2P, and the cycle continues.
As for the topic at hand, I'm not surprised that ISPs aren't cooperating with the RIAA's requests. The abuse desk is rarely a profit-center at an ISP, which is why so many ISPs wind up with an abysmal track record in dealing with abuse. Now they're having to create special "DMCA Compliance" desks (these days you see a lot of ISPs with dmca@ addresses) to deal with the onslaught of subpoenas. Does the RIAA really expect ISPs to willingly expand their abuse or DMCA departments, at their own expense, to send out notices to their customers on behalf of the RIAA?
I still think the spammers are probably really the people behind this one
SoBig, yeah; this one, I tend to doubt it. The word "test" shows up too much, this thing isn't polished; it looks rather like an escaped experiment.
By the way, has anyone seen the reason for the bagle/beagle confusion here? Trying to incriminate the Israelis? Or the dogs? Or both?
I doubt it's anything so sinister, it was probably just a case of the AV companies trying to get first post. The worm creates itself as bbeagle.exe, so "Beagle" seems a reasonable name. Whichever AV company was first to isolate a copy and post a writeup probably typo'd in their rush to write documentation, or maybe someone misread the filename.
Once they'd dubbed it "Bagle," most of the others followed. Symantec does call it "Beagle," but just about everyone else is leaving out the e. This seems to be a general pattern in AV, I imagine to help reduce confusion among the masses; F-Secure could call the next worm it finds "TrendSucks" and Trend Micro would probably go with it:)
Many media conglomerates do the same thing with traffic reports. Here in Memphis, one company handles traffic for all of the CBS/Viacom/Infinity radio stations, and even has a live TV studio set up in their building so they can give traffic reports to the NBC TV station.
No, I don't understand why NBC and CBS are working together in this regard, there's something weird going on. The contact info for one local radio station gives @cbs.com email addresses, but check the postal address, 1960 Union Ave. They broadcast from the same building as the local NBC affiliate.
The ClearChannel stations have their own competing alternative called the Total Traffic Network. All of the CC stations have the same guy/gal reporting the traffic each day.
Okay, I challenge you to wear a BSD t-shirt and walk around several south-US states (texas would be a good one). Trust me, those religious nuts will have you arrested. And bring the asbestos underwear because they'll probably try burning you as a devil worshiper...
I live in Tennessee, which is as bible-belt as anywhere else, and there would be no problem walking around here with a NetBSD logo (or FreeBSD Beastie) T-shirt unless you went looking for trouble, e.g. going into a church with that shirt on. About the only thing you'd catch flak for here is if you - being a pasty white unix geek like myself, no doubt - walked around wearing a T-shirt with some sort of racial reference.
One of my favorite quotes comes from the movie Hoodlum - which, incidentally, was about black gangsters in 1930s Harlem - and it goes something like "God and I have an agreement. He stays out of my house and I stay out of his." Picture Laurence Fishburne saying that in his most serious tone of voice and you'll get the reference. I don't remember the exact quote as it's been some time since I've seen the movie, but I've used the paraphrased line a few times on bible-thumpers who are trying to proselytize my way. It's always a good one to have handy when the Jehova's Witnesses come a-knockin'.
IMO the devils logo is good, the more religious nuts it pisses off the better - maybe someday they'll realise how rediculous they sound. Although I doubt it.
Don't doubt it. Like the jesus freaks say, "have faith!";)
These days it's apparently all about condensing everything into two syllables. I've been meaning to write about this for awhile now, as it's something which has been eating away at me. People are developing a disgusting (to me, at least) obsession with shortening names, and not just in technology.
The first I noticed this trend, at least as it swept the masses and thus caught my attention, was Jennifer Lopez. Sheeple were apparently too lazy to make it all the way through five syllables, so they started calling her "J-Lo." It takes one second to say "J-Lo," two at most to say "Jennifer Lopez," I don't understand why an abbreviation is needed. But society must understand, because it's commonplace.
The trend snowballed from there, and has really taken off in sports, more so than it has in tech or consumer products. Jason Williams is "J-Will," Alex Rodriguez is "A-Rod," etc. It seems like every athlete who's anyone now has his or her own "First Initial - First Syllable of Last Name" abbreviation (the sole exception being Anna Kournikova... I'm the only one who's allowed to call her A-Korn).
Why don't we call George Bush "G-Bu" or Dick Cheney "D-Chay?" Why isn't Black and Decker "B-Deck?" On the flip side, Why did WorldCom do all those commercials about "Generation D" - oops, pardon me, it was all hip lowercase, "generation d" - instead of just saying "The Digital Generaton?" Why does AT&T have to market their service as "mLife" - there's that hip lowercase letter again - instead of just calling it "Mobile Life?"
I don't know who decides which names can be cut down, or why. I don't know which parts of society are responsible for dumbing down proper human names - much less product names - or why anyone would continue to encourage such. But I really am getting tired of the disyllabic reduction.
Now whenever someone calls they get "This costumer needs to setup there voicemail etc etc" and I still get charged airtime!
It's definitely time to investigate your legal options. You'd think that for what they charge, Rogers Canada could provide a recorded message with proper spelling and grammar!
On second thought, maybe nv5's response wasn't too far off: costumers, clowns,...?
This is not going to work for domains that have dynamic IP addresses.
Sure it is, you can specify CIDR notation within your SPF record. This lets you cover the pool of IP addresses that you (or your users) might be assigned. Check out AOL's TXT record:
Instead of listing every IP address that a legitimate piece of AOL mail could possibly come from - which would be a slight bit bulky for DNS - they've specified a bunch of/24's ("class C's") where their SMTP servers reside.
I read the page but it's too early in the morning for me. Would someone please explain the idea behind SPF _understandably_?
Suppose you own a domain, let's call it sharpfang.com. You have a cable modem and your IP address is always 24.95.x.x. If you're sending out email from sharpfang.com, you always do it from your cable modem.
One day, you start getting a lot of bounced spam. Some spammer, for some reason, has decided that he would forge his latest batch of spam from @sharpfang.com email addresses. What a dick!
So, you set up SPF records for your domain. The SPF records are basically a way of telling other mail servers, "I only send mail from my cable modem connection, which will always have an IP of 24.95.x.x. If you get mail claiming to be from sharpfang.com, but it didn't come from an IP address inside 24.95.0.0/24, it's bogus!"
Now, enlightened mail server admins can reject any email with an @sharpfang.com return address but an origin IP of somewhere outside of 24.95.0.0/24. Of course, if your IP address or range changes (e.g. you're traveling, you switch ISPs) you simply update your SPF records in DNS.
SPF has dual benefits: it can reduce the load you get from joe-jobs (assuming some of the recipients' mail servers honor SPF), and it helps everyone else identify spam.
If I'm clear about what my software does, and this site was, then I ought to be free to distribute it and block popups or anything else I want. If this behavior is illegal, then popup blocking software ought to be illegal, too.
Speaking of which, if I go to expedia.com, I'm not expressing an interest in orbitz.com's product! I'm expressing an interest in Expedia.
I can see both sides of the issue here, and for once it's actually difficult for me to take sides in an issue that involves advertising (usually it's a no-brainer). I still find myself siding against WhenU, though. EULA or no EULA, their practices are sneaky and underhanded. The article claims that between Gator and WhenU, more than 30 million people are infec^Wusing this software. How many of them do you think have any fucking clue it's installed, and of those, how many have the slightest idea how to get rid of it?
It's very tricky to pin down exactly what makes one image more interesting than another, of course, so that's the real challenge...
Nah, that's easy. Just look for an abundance of green pixels in a particular image, and send those back. It definitely ups our chances of getting a look at some hot martian babes!;)
In all seriousness, cool work that you're doing. Thanks for doing it and congrats to you and everyone at NASA, MER or not.
Wow, anyone who gets 40 spam emails a day must not be very smart.
Pardon my bluntness, but that's just downright bullshit.
I'm well aware of the spam problem, I'm well aware of what's likely to get me spammed, and this has been true for years. I'm an antispammer (though lately I don't have much time for it). I've submitted over 10,000 spams to NANAS. I now receive more than 500 spams per day on one mailbox which I never made much attempt to "guard", and hundreds more per day across other mailboxes, even those boxes I've held as close personal secrets.
Yet with all this said, I don't consider myself "not very smart." See, the problem is that spam is an exponential thing. No matter how smart you are, it only takes one slip-up to permanently ruin an email address, and it doesn't even have to be my slip-up.
Let's say I order something online from a company which turns out to be unscrupulous in terms of their privacy policy. That company sells my email address to a spammer. That spammer spams the bejesus out of me and eventually sells my email address on his "millions" CD. A few spammers buy that CD and start spamming the bejesus out of me. Eventually, some of those spammers turn around and sell me out to yet more spammers. Within a month of receiving the first spam, I might be getting 50 spams per day on that address!
When I mention to other tech savvy people that I get hundreds of spam emails daily, the reaction is always, "dude, you need to quit giving out your email address!" It's way too late for that. Post to Usenet one time without munging your address, sign up for a mailing list one time without first spending half an hour researching the list and its operators and its hosting provider to see whether or not any of them are blackhat, or have a well-intentioned friend/relative enter your email address somewhere one time, and eventually that email address will be bombarded by spam.
To make matters worse, the Outlook worm-of-the-month has no problem revealing my most confidential of email addresses to the world. One box I created was given to no more than 5 people. It was totally clean and spam-free for months on end. Out of nowhere, I started getting bounced worms, because one of the few people with that address had become infected. Almost immediately, the spam started pouring in. For all I know, the wormed computer sporged worms from me to mailing lists mirrored to Usenet or the web - God help me.
Point being, you can take all the precautions you like, but unless you don't give your email address to anyone, it will eventually fall into the hands of spammers. Each person you give an email address to - no matter how much you trust them - increases your chances of being "revealed" by immense margins. And once that happens, it's all fucking downhill.
What worm maker would link to a site that hosts their webcam as well?
Recall that the high school student who released a variant of MSBlaster - the variant which was purported to have affected no more than 7,000 or so computers - was caught because his modifications interacted with his own website. If "jberg" is actually the person who wrote Jitux, it wouldn't be the first time that a worm (if you'd call Jitux a worm) contains dead giveaways as to its author.
I think a lot of people who wind up unleashing worms are just playing around, seeing if it works. They aren't thinking about the consequences because they probably weren't intending to "release a worm" in the first place. Again operating under the assumption that the homepage you posted belongs to the Jitux author, it's quite possible that he wrote the code and sent it to a couple of friends to see if it would work. Before he knew what had happened, it was in the wild. The malicious file is apparently gone, so for all we know, he deleted it himself once he figured out that his creation was alive.
Naturally, all of this is speculation. It's equally possible, and perhaps even more likely, that the "jberg" user's FTP space has been compromised to host the malicious file.
Might want to check your webpage, man. The index file is missing, and among the directory listing is at least one file which reveals your MySQL password.
It is the same thing here - the folks who are smart enough to walk away before things go south are never caught - thus we never really hear about them in the news. The only ones we hear about are the stupid ones who cash the last check and get busted.
Ponderous, man, ponderous.
This reminds me of something I saw on 20/20 or 48 Hours a couple of weeks ago. A pair of guys came up with an ingenious scam: their local horse racing track posted unclaimed winning ticket numbers on its website. Apparently, winning tickets could be fed into a machine at the track which would verify things via some OCR magic, then spit out cash money. These two guys got the bright idea to print up fake unclaimed "winning tickets" with the right font, etc. to fool the cash machines.
Everything was going just fine. They were pulling the scam and cashing out to the tune of thousands of dollars a month - as one of them said in the interview, it was "unclaimed money," it's not like they were sticking up banks. At this pace, they never would have been caught; a few grand a month was way under the radar of the gaming commission. Then, one of the fools got greedy and decided to print up a forged ticket for a practically impossible series of bets, which paid off in the millions. People got suspicious damn quick. Now they're both in jail.
It's definitely true, greed will ruin just about any successful scam. If these two guys had just kept running their few-$K/month scam, I bet they'd still be out there living the good life.
That "screenshot" was probably created by Wal-Mart's graphics department. Lots of graphics departments use Macs (and for good reason, I might add).
For all we know, that "screenshot" was "captured" before Wal-Mart's music service even existed. PHB A in the marketing department told PHB B in the graphics department that he needed a picture of a menu with choices X, Y, and Z to captivate and lure in surfers... So the graphics department did what they could.
Y'know, if I was smart enough to work out how to help people fight cancer, the last thing on my mind would be how to patent the technique. I'd want to help as many people as possible.
But before you could help a single patient, you'd be flat broke, unable to help anyone, and someone else will have patented your idea. And if you kept trying to help people anyway, that someone else would be suing your pants off to prevent you from doing so. (Hmm, I just started one sentence with "But," and the following with "And," someone alert the Grammar Nazi.)
Keep in mind that patents are not always used as tools of extortion. You can patent something and then give away licenses if you so choose. As much as I hate the apparent incompetence of the current US patent system, I'd much rather see this patent go to the guy who actually did the research - whether he tries to make millions or not - than see it go to some bloodsucking "Intellecutal Property Firm" whose business model is profiteering on the backs of others' innovation, research, work, and investments.
It seems that SourceForge is actually using PayPal to handle the donations. They're just taking 5% of PayPal's fee, at least that's how I read it, so they must have worked a deal with PayPal.
Some better information in the story would have been nice. As it was, I clicked the link to OreillyNet, which had a link to SourceForge's forums, where I had to read an entire post and then locate a link to SourceForge's Terms of Use, which then directed me to yet another page describing the Donations Terms of Use.
A lot of digging to find info about this new feature. You'd think, being a VA entity, that Slashdot would have spiced the story up with a few more relevant links!
Assuming it's really only a 5% transaction fee (the linked site states: "A few other tidbits of information about this new donation system: SF.NET is taking a 5% piece of the transaction fee," which seems to suggest that the transaction fee is larger than 5%), here is the breakdown between PayPal and SourceForge.
PayPal charges max 2.9%, plus $0.30.
If you want to donate $1.00 to your favorite Free Software project, the fee is 5 cents through SourceForge and 33 cents through PayPal.
If you want to donate $5.00, the fee is 25 cents through SourceForge and 54 cents through PayPal.
If you want to donate $10.00, the fee is 50 cents through SourceForge and 59 cents through PayPal.
If you want to donate $15, the fee is 75 cents through SourceForge and 74 cents through PayPal.
If you want to donate $20.00, the fee is $1 through SourceForge and 88 cents through PayPal.
PayPal is therefore a better solution for donations >= $15.
Slashdot Mirror
Pink Floyd: 1007 files, shared by 2214 people. Most popular: "Wish You Were Here" shared by 88 people.
Outkast: 595 files, shared by 2535 people. Most popular: "Hey Ya" shared by 417 people.
I can't stand "Hey Ya." It's one of very few things on the radio which actually annoy me enough to switch the station when they come on (that and the "Ba-da-ba-ba-ba" McDonald's jingle). Yet "Hey Ya" is all over P2P. "Hey Ya" is now in television commercials produced by and running on at least two networks (NBC, CBS). I think, but I'm not totally sure, that "Hey Ya" is background music in the "50 First Dates" commercial, so it's even bleeding into the movie industry. Surely it won't be long before it shows up in auto advertisements.
When you say,...I think you're right. But not because P2P is evil, or because P2P is killing the music industry. We're going to keep getting "Hey Ya" because, crap or not, "Hey Ya" is what people "want." (You can presumably substitute "Britney" for all occurrences of "Hey Ya" and "Outkast.")
The chicken-and-egg problem is that it's "popular," because people want to hear it, because it's all they've been hearing, because the recording industry is shoving it down everyone's throat, which makes it "popular," which gets it all over P2P, and the cycle continues.
As for the topic at hand, I'm not surprised that ISPs aren't cooperating with the RIAA's requests. The abuse desk is rarely a profit-center at an ISP, which is why so many ISPs wind up with an abysmal track record in dealing with abuse. Now they're having to create special "DMCA Compliance" desks (these days you see a lot of ISPs with dmca@ addresses) to deal with the onslaught of subpoenas. Does the RIAA really expect ISPs to willingly expand their abuse or DMCA departments, at their own expense, to send out notices to their customers on behalf of the RIAA?
Once they'd dubbed it "Bagle," most of the others followed. Symantec does call it "Beagle," but just about everyone else is leaving out the e. This seems to be a general pattern in AV, I imagine to help reduce confusion among the masses; F-Secure could call the next worm it finds "TrendSucks" and Trend Micro would probably go with it
Many media conglomerates do the same thing with traffic reports. Here in Memphis, one company handles traffic for all of the CBS/Viacom/Infinity radio stations, and even has a live TV studio set up in their building so they can give traffic reports to the NBC TV station.
No, I don't understand why NBC and CBS are working together in this regard, there's something weird going on. The contact info for one local radio station gives @cbs.com email addresses, but check the postal address, 1960 Union Ave. They broadcast from the same building as the local NBC affiliate.
The ClearChannel stations have their own competing alternative called the Total Traffic Network. All of the CC stations have the same guy/gal reporting the traffic each day.
One of my favorite quotes comes from the movie Hoodlum - which, incidentally, was about black gangsters in 1930s Harlem - and it goes something like "God and I have an agreement. He stays out of my house and I stay out of his." Picture Laurence Fishburne saying that in his most serious tone of voice and you'll get the reference. I don't remember the exact quote as it's been some time since I've seen the movie, but I've used the paraphrased line a few times on bible-thumpers who are trying to proselytize my way. It's always a good one to have handy when the Jehova's Witnesses come a-knockin'.Don't doubt it. Like the jesus freaks say, "have faith!"
If I were going to have kids, I think I'd take any potential "abbreviations" into account before naming them. Imagine naming your kid something like:
Terrence Baggart (T-Bag)
Alan Holden (A-Hole)
Vance Ginsburg (Va-G...ahh, fuck it)
In all seriousness, it's interesting how the trend towards vocal laziness causes all sorts of new implications...
These days it's apparently all about condensing everything into two syllables. I've been meaning to write about this for awhile now, as it's something which has been eating away at me. People are developing a disgusting (to me, at least) obsession with shortening names, and not just in technology.
The first I noticed this trend, at least as it swept the masses and thus caught my attention, was Jennifer Lopez. Sheeple were apparently too lazy to make it all the way through five syllables, so they started calling her "J-Lo." It takes one second to say "J-Lo," two at most to say "Jennifer Lopez," I don't understand why an abbreviation is needed. But society must understand, because it's commonplace.
The trend snowballed from there, and has really taken off in sports, more so than it has in tech or consumer products. Jason Williams is "J-Will," Alex Rodriguez is "A-Rod," etc. It seems like every athlete who's anyone now has his or her own "First Initial - First Syllable of Last Name" abbreviation (the sole exception being Anna Kournikova... I'm the only one who's allowed to call her A-Korn).
Why don't we call George Bush "G-Bu" or Dick Cheney "D-Chay?" Why isn't Black and Decker "B-Deck?" On the flip side, Why did WorldCom do all those commercials about "Generation D" - oops, pardon me, it was all hip lowercase, "generation d" - instead of just saying "The Digital Generaton?" Why does AT&T have to market their service as "mLife" - there's that hip lowercase letter again - instead of just calling it "Mobile Life?"
I don't know who decides which names can be cut down, or why. I don't know which parts of society are responsible for dumbing down proper human names - much less product names - or why anyone would continue to encourage such. But I really am getting tired of the disyllabic reduction.
Yours,
"Mo-Shit"
..to this. Only because adding "II" to the end of that title probably qualifies it for the longest title in history...
On second thought, maybe nv5's response wasn't too far off: costumers, clowns,
One day, you start getting a lot of bounced spam. Some spammer, for some reason, has decided that he would forge his latest batch of spam from @sharpfang.com email addresses. What a dick!
So, you set up SPF records for your domain. The SPF records are basically a way of telling other mail servers, "I only send mail from my cable modem connection, which will always have an IP of 24.95.x.x. If you get mail claiming to be from sharpfang.com, but it didn't come from an IP address inside 24.95.0.0/24, it's bogus!"
Now, enlightened mail server admins can reject any email with an @sharpfang.com return address but an origin IP of somewhere outside of 24.95.0.0/24. Of course, if your IP address or range changes (e.g. you're traveling, you switch ISPs) you simply update your SPF records in DNS.
SPF has dual benefits: it can reduce the load you get from joe-jobs (assuming some of the recipients' mail servers honor SPF), and it helps everyone else identify spam.
If I install KaZaA - God help me if that day ever comes! - I expect it to find me music. I don't expect its bundled programs to also "reach [me] at the exact moment [I] express an interest in [some advertiser's] product."
Speaking of which, if I go to expedia.com, I'm not expressing an interest in orbitz.com's product! I'm expressing an interest in Expedia.
I can see both sides of the issue here, and for once it's actually difficult for me to take sides in an issue that involves advertising (usually it's a no-brainer). I still find myself siding against WhenU, though. EULA or no EULA, their practices are sneaky and underhanded. The article claims that between Gator and WhenU, more than 30 million people are infec^Wusing this software. How many of them do you think have any fucking clue it's installed, and of those, how many have the slightest idea how to get rid of it?
In all seriousness, cool work that you're doing. Thanks for doing it and congrats to you and everyone at NASA, MER or not.
I'm well aware of the spam problem, I'm well aware of what's likely to get me spammed, and this has been true for years. I'm an antispammer (though lately I don't have much time for it). I've submitted over 10,000 spams to NANAS. I now receive more than 500 spams per day on one mailbox which I never made much attempt to "guard", and hundreds more per day across other mailboxes, even those boxes I've held as close personal secrets.
Yet with all this said, I don't consider myself "not very smart." See, the problem is that spam is an exponential thing. No matter how smart you are, it only takes one slip-up to permanently ruin an email address, and it doesn't even have to be my slip-up.
Let's say I order something online from a company which turns out to be unscrupulous in terms of their privacy policy. That company sells my email address to a spammer. That spammer spams the bejesus out of me and eventually sells my email address on his "millions" CD. A few spammers buy that CD and start spamming the bejesus out of me. Eventually, some of those spammers turn around and sell me out to yet more spammers. Within a month of receiving the first spam, I might be getting 50 spams per day on that address!
When I mention to other tech savvy people that I get hundreds of spam emails daily, the reaction is always, "dude, you need to quit giving out your email address!" It's way too late for that. Post to Usenet one time without munging your address, sign up for a mailing list one time without first spending half an hour researching the list and its operators and its hosting provider to see whether or not any of them are blackhat, or have a well-intentioned friend/relative enter your email address somewhere one time, and eventually that email address will be bombarded by spam.
To make matters worse, the Outlook worm-of-the-month has no problem revealing my most confidential of email addresses to the world. One box I created was given to no more than 5 people. It was totally clean and spam-free for months on end. Out of nowhere, I started getting bounced worms, because one of the few people with that address had become infected. Almost immediately, the spam started pouring in. For all I know, the wormed computer sporged worms from me to mailing lists mirrored to Usenet or the web - God help me.
Point being, you can take all the precautions you like, but unless you don't give your email address to anyone, it will eventually fall into the hands of spammers. Each person you give an email address to - no matter how much you trust them - increases your chances of being "revealed" by immense margins. And once that happens, it's all fucking downhill.
I think a lot of people who wind up unleashing worms are just playing around, seeing if it works. They aren't thinking about the consequences because they probably weren't intending to "release a worm" in the first place. Again operating under the assumption that the homepage you posted belongs to the Jitux author, it's quite possible that he wrote the code and sent it to a couple of friends to see if it would work. Before he knew what had happened, it was in the wild. The malicious file is apparently gone, so for all we know, he deleted it himself once he figured out that his creation was alive.
Naturally, all of this is speculation. It's equally possible, and perhaps even more likely, that the "jberg" user's FTP space has been compromised to host the malicious file.
Might want to check your webpage, man. The index file is missing, and among the directory listing is at least one file which reveals your MySQL password.
This reminds me of something I saw on 20/20 or 48 Hours a couple of weeks ago. A pair of guys came up with an ingenious scam: their local horse racing track posted unclaimed winning ticket numbers on its website. Apparently, winning tickets could be fed into a machine at the track which would verify things via some OCR magic, then spit out cash money. These two guys got the bright idea to print up fake unclaimed "winning tickets" with the right font, etc. to fool the cash machines.
Everything was going just fine. They were pulling the scam and cashing out to the tune of thousands of dollars a month - as one of them said in the interview, it was "unclaimed money," it's not like they were sticking up banks. At this pace, they never would have been caught; a few grand a month was way under the radar of the gaming commission. Then, one of the fools got greedy and decided to print up a forged ticket for a practically impossible series of bets, which paid off in the millions. People got suspicious damn quick. Now they're both in jail.
It's definitely true, greed will ruin just about any successful scam. If these two guys had just kept running their few-$K/month scam, I bet they'd still be out there living the good life.
For all we know, that "screenshot" was "captured" before Wal-Mart's music service even existed. PHB A in the marketing department told PHB B in the graphics department that he needed a picture of a menu with choices X, Y, and Z to captivate and lure in surfers... So the graphics department did what they could.
Don't believe everything you see online.
And fuck Wal-Mart.
Keep in mind that patents are not always used as tools of extortion. You can patent something and then give away licenses if you so choose. As much as I hate the apparent incompetence of the current US patent system, I'd much rather see this patent go to the guy who actually did the research - whether he tries to make millions or not - than see it go to some bloodsucking "Intellecutal Property Firm" whose business model is profiteering on the backs of others' innovation, research, work, and investments.
Upon further investigation, I managed to locate this:
http://sourceforge.net/tos/donations.php
It seems that SourceForge is actually using PayPal to handle the donations. They're just taking 5% of PayPal's fee, at least that's how I read it, so they must have worked a deal with PayPal.
Some better information in the story would have been nice. As it was, I clicked the link to OreillyNet, which had a link to SourceForge's forums, where I had to read an entire post and then locate a link to SourceForge's Terms of Use, which then directed me to yet another page describing the Donations Terms of Use.
A lot of digging to find info about this new feature. You'd think, being a VA entity, that Slashdot would have spiced the story up with a few more relevant links!
Assuming it's really only a 5% transaction fee (the linked site states: "A few other tidbits of information about this new donation system: SF.NET is taking a 5% piece of the transaction fee," which seems to suggest that the transaction fee is larger than 5%), here is the breakdown between PayPal and SourceForge.
PayPal charges max 2.9%, plus $0.30.
If you want to donate $1.00 to your favorite Free Software project, the fee is 5 cents through SourceForge and 33 cents through PayPal.
If you want to donate $5.00, the fee is 25 cents through SourceForge and 54 cents through PayPal.
If you want to donate $10.00, the fee is 50 cents through SourceForge and 59 cents through PayPal.
If you want to donate $15, the fee is 75 cents through SourceForge and 74 cents through PayPal.
If you want to donate $20.00, the fee is $1 through SourceForge and 88 cents through PayPal.
PayPal is therefore a better solution for donations >= $15.