Finally things start appearing which show the legal inconsistencies of DVD regarding law (decrypting DVD's, financial irregularities) however due to the fact that the MPAA has a lot of "juice" involved with the whole monopoly of it all... *oops* control of it, I doubt Australians could make enough of a dent with their case, in fact I would think they'd be like mosquitos picking at a Moose or something similar.
Instances like this where a small market makes noise would quickly be hushed, what they should have done, is contact other countries facing similar problems with this and then make noise. And if all else fails!@
They could always throw Russell Crowe in the Gladiator suit and send him to set things straight for those "mates" down under.
Submarine cables now play a dominant role in international telecommunications, since - in contrast to the limited bandwidth available for space systems - optical media offer seemingly unlimited capacity. Save where cables terminate in countries where telecommunications operators provide Comint access (such as the UK and the US), submarine cables appear intrinsically secure because of the nature of the ocean environment. 49. In October 1971, this security was shown not to exist. A US submarine, Halibut, visited the Sea of Okhotsk off the eastern USSR and recorded communications passing on a military cable to the Khamchatka Peninsula Halibut was equipped with a deep diving chamber, fully in view on the submarine's stern. The chamber was described by the US Navy as a "deep submergence rescue vehicle". The truth was that the "rescue vehicle" was welded immovably to the submarine. Once submerged, deep-sea divers exited the submarine and wrapped tapping coils around the cable. Having proven the principle, USS Halibut returned in 1972 and laid a high capacity recording pod next to the cable. The technique involved no physical damage and was unlikely to have been readily detectable.
The Okhotsk cable tapping operation continued for ten years, involving routine trips by three different specially equipped submarines to collect old pods and lay new ones; sometimes, more than one pod at a time. New targets were added in 1979. That summer, a newly converted submarine called USS Parche travelled from San Francisco under the North Pole to the Barents Sea, and laid a new cable tap near Murmansk. Its crew received a presidential citation for their achievement. The Okhotsk cable tap ended in 1982, after its location was compromised by a former NSA employee who sold information about the tap, codenamed IVY BELLS, to the Soviet Union. One of the IVY BELLS pods is now on display in the Moscow museum of the former KGB. The cable tap in the Barents Sea continued in operation, undetected, until tapping stopped in 1992.
During 1985, cable-tapping operations were extended into the Mediterranean, to intercept cables linking Europe to West Africa. (30) After the cold war ended, the USS Parche was refitted with an extended section to accommodate larger cable tapping equipment and pods. Cable taps could be laid by remote control, using drones. USS Parche continues in operation to the present day, but the precise targets of its missions remain unknown. The Clinton administration evidently places high value on its achievements, Every year from 1994 to 1997, the submarine crew has been highly commended.(31) Likely targets may include the Middle East, Mediterranean, eastern Asia, and South America. The United States is the only naval power known to have deployed deep-sea technology for this purpose.
Miniaturised inductive taps recorders have also been used to intercept underground cables.(32) Optical fibre cables, however, do not leak radio frequency signals and cannot be tapped using inductive loops. NSA and other Comint agencies have spent a great deal of money on research into tapping optical fibres, reportedly with little success. But long distance optical fibre cables are not invulnerable. The key means of access is by tampering with optoelectronic "repeaters" which boost signal levels over long distances. It follows that any submarine cable system using submerged optoelectronic repeaters cannot be considered secure from interception and communications intelligence activity.
The Wall Street Journal just ran this something similar.. (haven't checked the zdnet doc lagging on dl's) [mirror]
Anyways I doubt its impossible for the NSA to splice it, however when companies take the corrective measures to ensure this won't happen what are they going to do...
Example, say a company takes the time, and money to protect their fiber say inside inexpensive pvc pipes or something similar, who does the government expect to blame when a company finds out that 100 miles away from any shoreline, their casing has been breached? Certainly its not Joe Fisherman doing this.
Anyways aside from that nothing is going to help them when that fiber line is carrying IPSec data all the way through the connections, along with messages that have been encrypted before even being sent. So many people have little to worry about.
For those interested in Crypto Equipment and such (especially those working in the ISP segments) you can check out the Crypto Equipment Guide. Hopefully many companies will start looking at their clients (whether their employees, subscribers, etc.) more serious. I know Earthlink is taking that approach.
Maybe its time these developers list what exactly their software is being used for, and who is using it, to promote it, as opposed to waiting for groups like RIAA, MPAA to cry foul over them. Doing so would provide a nice argument, such as the ones EFF was looking for earlier.
As for the brief mention on security I browsed through, personally I don't see it as a big deal provided you know how to set perms, and or can configured some form of SSL behind it or something similar, perhaps make some rules on your firewall or IDS to ensure nothing gets broken along the way.
I can't wait to see how groups will react to cDc's Peekabooty, thats sure to be a kick in the ass for groups like RIAA, MPAA.
I'd migrate to Gnome over a Sun machine anytime, their CDE is just muderous, although I personally prefer using a Zoot installing of RH should I be working on Sun, and I can't wait till either Open or NetBSD do something solid for the U series (other than for U5's think.. U10's, Sunblades)
Either way its genuinely nice news to hear open source projects moving on, and doing something new every day, in fact it overshadows the bad news we see, Mandrake, Slackware, Eazel, however as for the not running on production machines comment... Personally I don't know anyone who runs any window manager on production machine.
Nicely written document although they should have focused likewise on posting some methods to circumvent DoS attacks. Many networking, and security admins, know of the problems arising from DoS, yet there are scores of them who know little about protecting their infrastructure from an attack.
Personally I think its a trivial job to halt denials of service attacks, but it can be done, and what someone should create is a framework for ISP's, Colleges, whoever has a networking propagating info out, to follow that shows them how to enable engress filtering so no attacks come out of their network, and an equally likewise doc that shows preventive measures.
Everyone, and their BOFH mother thats on the net, knows the effects of a DoS attacks, or what a DoS attack is, but a fraction of them know what to do about it.
Anyways for some of those admins, I have a doc called Stopping DoS which is a die hard "this-is-what-you-do-on-this-hadware" to limit DoS attacks, as well as a s(emi)tudy paper called "Theories in DoS" which is a higher protocol level look at Denials of Service, which provides a framework look into future avoidances of them.
P.S. These are docs I wrote out of spare time, etc. nothing more, so don't expect any RFC based documents such as this paper thats linked.
This is great marketing for both IBM, and Linux. First off I think this is more of a marketing tactic than IBM trying to be helpful to any developer. By having thousands of developers do their thing on the machine, they could always turn around and pimp the results as both an IBM, and joint Linux effort which is pretty cool for Linux marketing...
However on the flip side of the coin, I hope the developers rush to fill these slots as opposed to some troll who's going to use those accounts for silly shit like h4x0rf00.c programs they wanna throw up, or uneccessary other shit...
All this sounds like is a time based routing mechanism nothing more, and I don't really see how changing the IP address is going to save a misconfigured machine. For one, somewhere down the line the address is going to delegate out, so if say someone is browsing via 10.10.1.16 and they're browsing say something on my server and my logs show:
198.81.129.14
"http://www.antioffline.com/cia-soviet/" "Mozilla/4.0 (compatible; MSIE 5.5;Windows NT 5.0)"
Then about one second later
198.81.129.193 "http://www.antioffline.com/cia-soviet/" "Mozilla/4.0 (compatible; MSIE 5.5;Windows NT 5.0)"
Now this is typically another visitor or whatever, but if the connections were so repetitive enough with the same browser fingerprint coming through I can probably correlate them both together by their netblocks depending on who owned the block. So unless they plan on purchasing completely obsolete netblocks like say 198.81.129.0-255 then 198.83.0.0.-255 than how do they expect to stay obscured from view? Keep in mind that there are hardly any complete netblocks to purchase in that fashion (class A s close to impossible), so what are they really planning on doing?
Now if they partnered with ISP's to snag dhcp addresses not being used from a wide variety of places, say Earthlink here, MomandPopISP there, then it'd be a plus for them however simple traceroutes, and block lookups can give you their information. (who owns the block etc)
All it sounds like is a sort of a dhcp-round-robbin-routing set up which is not going to save them still, if someone is really intent on getting access to their networks, they'd run out of address ranges before their scheme would work.
Now on the spook/snoop side of things... I say TMTOWTPGPSAM! (There's More Than One Way To Sign PGP Sign A Message) to keep info from eyes other than the intended recipient.
Linux advocacy: VR3 framework for the Desktop?
on
Agenda, Not Hidden
·
· Score: 4
" At all times, applications can be launched by selecting one of the soft buttons at the bottom of the display. On the far left is the Agenda logo which brings up a menu of applications. The other buttons launch applications directly, and by default bring up Contacts, To Do, Schedule, Notes, the Calculator."
Why couldn't Linux developers either in Redhat or some other distro make things this simple for people who're interested in Linux for the home desktop segments? Some of the difficulties surrounding "point-and-click", "GUIville" when it comes to Linux and the average non geek user make using Linux intimidating which is one of the reasons the competition with MS as a home solution is a losing one.
No one wants to tar -zxvf foo.tar.gz ; cd $foo ;./configure ; make ; make install its too cumbersome and difficult for cluebies as opposed to something like MS' self installing executables. So while looking at the other article today which states the demise of Linux as a desktop, I stop and wonder what the hell are the developers thinking? Create a "HOME ONLY" based version of Linux without all the fancy source distributions for average joe users and market, market, market it for crying out loud.
Instead of focusing on promoting the "coolest new trick" on the Linux OS' be advised Mr. Developers, that most geek know what Linux is capable of, and while most time and money is spent marketing these new things, some of you need to go back to the core of it all and promote ease of use if you want people to start using Linux. If this VR3 is as easy to use as the article claims, than someone at one of these distributions (Redhat, whomever is left) needs to take a pad, pen, and sit down with these guys and get it right, once and for all.
where technology roamed the wires, and innovators dominated the world. There was the newest craze in high tech, yes the ultimate product offering ever to hit any market.
Many touted this technology as the next best thing, and companies flocked to support it raising capital from all walks of business life. The technology grew so fast, and was quite loved by many, so it could never faulter in the eyes of those who praised the new technology.
While it grew to new heights while slumbering in "almost-there-ville", everyone awaited its presence as it would signal the end of an era, and beginning of new life. Day after day everyone waited patiently.
Finally the new technology was ready to take its place in the world and reign supreme, sadly there was already a newer technology who'd already taken over its role...
Not even a nicely GUI-filled, easy to use distribution as Mandrake made a difference to people who love the ease of MS based products. I've never used Mandrake, but have seen co-workers use it, and claim it to be the easiest to use of all the Linux distributions.
If this is the case, then why haven't many MS users switched over to something so easy. Is it the way some of these companies market themselves, which is close to zero when it comes to mainstream magazines, or is it that too many distributions add to the confusion or something.
So far so good for Redhat however who is managing to keep in the game, and for all the Linux users, just hope this is the last distribution to go under, else your going to have some massive "Linux is dying" trolls. Not to mention (which is most important) a sad showing of the possible overall outcome for Linux, should they not hurry and capture a large portion of the home pc segment.
The whole wireless ploy has become such overkill, that it's stomach turning. The benefits of having a Palm or other device for Wireless access is not a neccessity by any means in real world scenarios, they just make things easier.
Too many companies are trying to focus on stamping out product after product while failing to give just one definite product to handle it all.
E.g. If there were a combo pager/cell/pda I think many people would flock to it, provided it wasn't filled with bloat. Not saying bloat is always bad, but I see many of these wireless PDA's on the market with nothing worth true substance to make me want to buy it.
I have my cell, page, laptop which I carry around, so other than trying to keep up with the Jones' I see no need to run out and buy something I already have by carrying around my other gizmo's.
One, my laptop stores more info than a PDA, and its easier to use than scrolling a little pen over a small ass screen. Secondly my pager sends me news every hour, and I can receive email on it too. My phone can receive the same, news, and email, so what makes the PDA companies think I need to carry extra baggage to access these features. Typical email can wait, as if there is an emergency, via pager or cellphone, I can be emailed or paged.
Should I need to store information, I would rather jot it down on good old pen and paper to xfer it to my pc's should I not have on powered on. Just imagine getting a super models phone number then smashing your PDA by accident (bad example but hopefully many will see the probs I find with PDA based stuff). You're screwed.
While companies may brainstorm on how big of a screen they should make, or what new programs they could insert on the limited diskspace, maybe one, just one vendor can do something a'la mid sized (between PDA, and Laptop sized) all in one combo phone/pager/laptop and do away with all those annoying little PDA's.
Ok so don't blame Canada, but don't blame Big Blue either, it wasn't them who set out to have someone commit this crime, it was a publicist/marketers fault for this stupid action, and it was someone else's stupidity for not drawing the line regarding morals, and money.
If Sig Sauer had paid someone to promote their guns, and some idiot decided to do something like shoot up a crowd, it would be wrong to place blame on Sig Sauer for the actions of any other than themselves. (poor example I know but I was reading Guns and Ammo earlier so sue me)
Listen there is nothing wrong with advocacy, so don't think this is a bash Linux post, it's nothing more than a reality check. You don't commit a crime (vandalism) because someone pays you to do it, that'll make you as guilty as the one who conspired the crime. The guy should have known what he was doing was wrong and opted not to do it. As for the punishment, he should do the community service for it, and be given a swift kick in the ass for being dumb.
2600 is not linking they're pointing the complete domain to Ford motors, why not copy the whole thing over, then do it? Ford did not invite 2600 to point the domain over to their site causing unwanted traffic going there via way of FuckGeneralMotors.com, I'm sure they could care less if there was a link that said Fuck you Ford, as opposed to having the whole domain point to them.
No amount of arguing can clarify this for anyone. Its morally wrong, and legally wrong, unfortunately 2600 is using legal loopholes in the wrong way to fight for their moronic cause.
We all know that in theory we should have the right to express ourselves as we feel, as it is amended, but one thing 2600 won't point out is that by creating the "FuckGeneralMotors.com" site and pointing it to Ford.com's website, they are using Ford's resources via way of bandwidth which I'm sure is unauthorized. Why not just make a virtual directory with pictures, and or information of a competitor instead of trying to reverse engineer killing two birds with one packet.
Well hopefully their AOL followers don't attempt to h4x0r me for writing this, but enough is enough, time to grow up guys. We do agree with any arguments anyone from there would care to give for the right to register the domain, however there is no one from 2600 that can realistically justify using Ford's bandwidth against Ford's will.
One of the guys from my site did a semi humorous article on the whole 2600 deal. Some people may find it informative, others will find it funny, others will call it name calling etc. Personally, I think anyone who runs around doing things to get sued for attention is a moron.
On the X Files the guys rocked because it was something new. With their own show we expected to see something as serious as the X Files in the form of the hackers which never happened. Comedy? The show flat out sucked, and it was surprising it lasted as long. Same happened with Level 9 which aired for about 4 weeks that I know of. For those who never even heard of it, it was supposed to be I guess what people think the NSA are, a bunch of hacker crime fighters which never materialzed.
I watched that show once or twice till I heard them say "his website WHATEVERTHENAMEWAS.com is untraceable, he keeps moving IP address." or something along that line, and quickly thought "stupid ass clueless producers don't even do research."
Family Guy is funny as hell tho' Stewie just owns.
Sad to see the Lone Gunmen go, maybe Chris Carter will script them into X-Files a bit more since they do have that role under lock down. But by themselves... they're boring.
Seems like the site moved the page. Anyways this is the link for the company who suckered India's goverment into buying highly priced honeypots.
http://www.peakxv.net/InterOp/interop.html
The more uninformed goverments are, the more likely cruddy laws will be passed that hinders tech sectors such as those in the industry on a security related basis. Well thankfully I don't have these laws in the US oh so great land of the free && *snicker*
Recently the Indian government was suckered into buying honeypots and in January for those who don't recall they hired a dozen script kiddies to handle security (I couldn't find the link sorry), so what I see happening is, goverments are getting scared by technology, and instead of coming up with logical solutions, they feel harsh punishments will deter someone's future actions.
Instead of creating such broad laws which can also hurt innocent people somewhere down the line, hardcore studies should be done before such broad laws are created, and every 5 or so years another study should be done to ensure the laws are working to the benefit of the people as opposed to throwing something out because of fears, or because its almost election time $WHEREVER.
Sadly it looks like we are going to have a complete world full of drones who'll either be afraid to interact, or a world full of what the government will view as anarchists if things continue with these trends.
Hrmm Dreamworks could be shifting away from using Irix and Irix based programs on SGI machines, but odds are they're using Linux based programs on SGI hardware. FYI for those who don't know too much about the graphic design/3-d industry, SGI used to make the top of the line machines for the tasks along with Irix running the programs some of which costed over 40k (most of the times it did) so to say they dropped SGI is somewhat false.
Dreamworks and other shops are likely using Linux on their existing SGI hardware as well, since their production machines are not your run of the mill eBay like SGI machines, they're likely highly stacked up SGI boxes, and I'm sure they wouldn't toss them out.
Strata Pro Studio which is actually a kick as 3-d program for Windows may have ported something to the Nix community as well but I'm not sure, its been about 4 years since I worked in the GD/GA field.
In today's news, a German corporate spy plunged 108 stories to his death while attempting to scale New York's World Trade Center in efforts to steal business plans.
Spectators were stunned to see the German who has been identified as Wolfgang Dirk Schmidt yelling "Arschlock!!" while falling to his death.
Investigators used shovels to scoop up his remains for analysis at Quantico VA, in efforts to present a case against the German goverment for inventing what they dub as "suction cups of mass destruction."
I posted something on this on a thread yesterday which wasn't so informative so here goes more information on this product I saw on Scientific American.
Input devices will have to miniaturize as well and become more direct, intuitive and able to be used while your hands (and part of your attention) are engaged elsewhere.
The Cyberlink System represents this next step in the evolution of the human-computer input interface. The Cyberlink System is a BrainBody actuated control technology that combines eye-movement, facial muscle, and brain wave bio-potentials detected at the user's forehead to generate computer inputs that can be used for a variety of tasks and recreations.
skip a paragraph
The forehead is a convenient, noninvasive measuring site rich in a variety of bio-potentials. Signals detected by three plastic sensors in a headband are sent to a Cyberlink interface box which contains a bio-amplifier and signal processor. The interface box connects to the PC computer's serial port. The forehead signals are amplified, digitized and translated by a patented decoding algorithm into multiple command signals, creating an efficient, intuitive
and easily learned hands-free control interface.
Three different types or channels of control signals are derived from the forehead signals by the Cyberlink Interface. The lowest frequency channel is called the ElectroOculoGraphic or EOG signal. This is a frequency region of the forehead bio-potential that is responsive primarily to eye movements. The EOG signal is typically used to detect left and right eye motion. This signal can be mapped to left and right cursor motion or on/off switch control.
Besides, statewatch is part of the same leftist agenda as organisations like IMC, who fear that if their "privacy" is breached, then they can't continue their terrorist campaigns against innocent people who work towards ensuring global prosperity.
You say toe * may * toe I say toe * mah * toe. One thing I will say from my perspective on this which doesn't count for shit in the real world, but I like to look at things from all angles.
Global Prosperity: Things were just fine before bills such as this, so why would you want to introduce one to ripple the waves in still water?
If you don't know the EU is passing a Cybercrime Treaty document which would (hopefully for them) give Law Enforcement Agency's the right to cross investigate crimes and act on them which at first seems like a good idea. But what's forseen is abuse.
Take the FBI who seeks a warrant and gets denied in the United States. That same agent will be able to seek another country to serve that warrant up for them, circumventing the laws of this land. See a problem with this or notion of future abuse?
Why shouldn't citizens have the same right to privacy as governments tout. If anything the governments should not be the ones to hide anything for any reason, we put them there, and we have every right to know what our government is doing.
Just because you have people that keep a close watch on government doesn't mean they're criminals, and I suggest you read the interview I did with John Young from Cryptome.org who shed light to dispel those anti government theories here.
So while you see things one way, doesn't mean its wrong, doesn't mean someone else is wrong, but there are always alternative sides to an issue which you may not see so clearly.
http://www.theregister.co.uk/content/5/19003.html The Council of the European Union, which represents the 15 member governments, will discuss implementing a policy originally designed with the FBI six years ago. It calls for the retention of "every phone call, every mobile phone call, every fax, every e-mail, every website's contents, all internet usage, from anywhere, by everyone, to be recorded, archived and be accessible for at least seven years," notes the journal.
After reading that I was a bit amused since I think its part of the Cybercrime bill they're trying to pass which would allow LEA's to exchange information, and cross warrants to be served, however for those who don't know, Dubya said no to the bill so lets get that out. (I'll find the link when I can just woke up).
Anyways here is the most insighful/interesting document I found on it with an excerpt. [link]
Privacy is dead. We are watched by 1.5m closed-circuit television cameras, more per head of population than any country on Earth. Our government, police and intelligence services have more legal powers to poke around in our private lives than those of communist China. And thanks to new technologies from mobile phones to the internet, they can use those powers to find out where we are, whom we talk or send e-mails to, and what websites we click on. According to most experts in the field, a police state with powers of control and surveillance beyond the wildest dreams of Hitler or Stalin could now be established in Britain within 24 hours. And guess what: MI5 probably read this article before you did. It was delivered by e-mail, a hopelessly insecure system. It is full of the sort of security-sensitive words the spooks look out for, and, as I shall explain, I seem to be an MI5
target.
But the weirdest thing of all is that we really don't care. To take an example that may sound trivial but isn't, the Television Licensing Authority is currently running an advertising campaign boasting of its ability to invade our privacy. Hoardings show a local street sign with the caption that declares, four people in this street don't have a TV licence and the TLA knows who they are.
Sad to see these things, but soon we're going to have an influx of either zombies, or guys like Gene Hackman's Enemy of the State character around.
Kudos to the person who made this one, although I'd still be leary about with even this one "worm" especially when groups like s0ftproject keep creating these sometimes outrageous backdoors.
Someone should set out to write an informative document which isn't so bloated with too many tech terms for the newbie Linux admin that shows them how to lock down their Linux systems on an install. I wrote a lame one about 2 1/2 years ago, but never bothered following up on it.
Education, education, and more education. I wonder how come many complain about security, when so little take a few hours to actually inform themselves of the risks/fixes for typically easy problems.
Slashdot Mirror
If only I could get early dibs on the lottery results, NASDAQ tips, and the latest mention of Nix releases
Project Megiddo a year and we still waiting
Finally things start appearing which show the legal inconsistencies of DVD regarding law (decrypting DVD's, financial irregularities) however due to the fact that the MPAA has a lot of "juice" involved with the whole monopoly of it all... *oops* control of it, I doubt Australians could make enough of a dent with their case, in fact I would think they'd be like mosquitos picking at a Moose or something similar.
Instances like this where a small market makes noise would quickly be hushed, what they should have done, is contact other countries facing similar problems with this and then make noise. And if all else fails!@
They could always throw Russell Crowe in the Gladiator suit and send him to set things straight for those "mates" down under.
Echelonomics 101
Submarine cable interception
Submarine cables now play a dominant role in international telecommunications, since - in contrast to the limited bandwidth available for space systems - optical media offer seemingly unlimited capacity. Save where cables terminate in countries where telecommunications operators provide Comint access (such as the UK and the US), submarine cables appear intrinsically secure because of the nature of the ocean environment. 49. In October 1971, this security was shown not to exist. A US submarine, Halibut, visited the Sea of Okhotsk off the eastern USSR and recorded communications passing on a military cable to the Khamchatka Peninsula Halibut was equipped with a deep diving chamber, fully in view on the submarine's stern. The chamber was described by the US Navy as a "deep submergence rescue vehicle". The truth was that the "rescue vehicle" was welded immovably to the submarine. Once submerged, deep-sea divers exited the submarine and wrapped tapping coils around the cable. Having proven the principle, USS Halibut returned in 1972 and laid a high capacity recording pod next to the cable. The technique involved no physical damage and was unlikely to have been readily detectable.
The Okhotsk cable tapping operation continued for ten years, involving routine trips by three different specially equipped submarines to collect old pods and lay new ones; sometimes, more than one pod at a time. New targets were added in 1979. That summer, a newly converted submarine called USS Parche travelled from San Francisco under the North Pole to the Barents Sea, and laid a new cable tap near Murmansk. Its crew received a presidential citation for their achievement. The Okhotsk cable tap ended in 1982, after its location was compromised by a former NSA employee who sold information about the tap, codenamed IVY BELLS, to the Soviet Union. One of the IVY BELLS pods is now on display in the Moscow museum of the former KGB. The cable tap in the Barents Sea continued in operation, undetected, until tapping stopped in 1992.
During 1985, cable-tapping operations were extended into the Mediterranean, to intercept cables linking Europe to West Africa. (30) After the cold war ended, the USS Parche was refitted with an extended section to accommodate larger cable tapping equipment and pods. Cable taps could be laid by remote control, using drones. USS Parche continues in operation to the present day, but the precise targets of its missions remain unknown. The Clinton administration evidently places high value on its achievements, Every year from 1994 to 1997, the submarine crew has been highly commended.(31) Likely targets may include the Middle East, Mediterranean, eastern Asia, and South America. The United States is the only naval power known to have deployed deep-sea technology for this purpose.
Miniaturised inductive taps recorders have also been used to intercept underground cables.(32) Optical fibre cables, however, do not leak radio frequency signals and cannot be tapped using inductive loops. NSA and other Comint agencies have spent a great deal of money on research into tapping optical fibres, reportedly with little success. But long distance optical fibre cables are not invulnerable. The key means of access is by tampering with optoelectronic "repeaters" which boost signal levels over long distances. It follows that any submarine cable system using submerged optoelectronic repeaters cannot be considered secure from interception and communications intelligence activity.
The Wall Street Journal just ran this something similar.. (haven't checked the zdnet doc lagging on dl's) [mirror]
Anyways I doubt its impossible for the NSA to splice it, however when companies take the corrective measures to ensure this won't happen what are they going to do...
Example, say a company takes the time, and money to protect their fiber say inside inexpensive pvc pipes or something similar, who does the government expect to blame when a company finds out that 100 miles away from any shoreline, their casing has been breached? Certainly its not Joe Fisherman doing this.
Anyways aside from that nothing is going to help them when that fiber line is carrying IPSec data all the way through the connections, along with messages that have been encrypted before even being sent. So many people have little to worry about.
For those interested in Crypto Equipment and such (especially those working in the ISP segments) you can check out the Crypto Equipment Guide. Hopefully many companies will start looking at their clients (whether their employees, subscribers, etc.) more serious. I know Earthlink is taking that approach.
Maybe its time these developers list what exactly their software is being used for, and who is using it, to promote it, as opposed to waiting for groups like RIAA, MPAA to cry foul over them. Doing so would provide a nice argument, such as the ones EFF was looking for earlier.
As for the brief mention on security I browsed through, personally I don't see it as a big deal provided you know how to set perms, and or can configured some form of SSL behind it or something similar, perhaps make some rules on your firewall or IDS to ensure nothing gets broken along the way.
I can't wait to see how groups will react to cDc's Peekabooty, thats sure to be a kick in the ass for groups like RIAA, MPAA.
I'd migrate to Gnome over a Sun machine anytime, their CDE is just muderous, although I personally prefer using a Zoot installing of RH should I be working on Sun, and I can't wait till either Open or NetBSD do something solid for the U series (other than for U5's think.. U10's, Sunblades)
Either way its genuinely nice news to hear open source projects moving on, and doing something new every day, in fact it overshadows the bad news we see, Mandrake, Slackware, Eazel, however as for the not running on production machines comment... Personally I don't know anyone who runs any window manager on production machine.
Nicely written document although they should have focused likewise on posting some methods to circumvent DoS attacks. Many networking, and security admins, know of the problems arising from DoS, yet there are scores of them who know little about protecting their infrastructure from an attack.
Personally I think its a trivial job to halt denials of service attacks, but it can be done, and what someone should create is a framework for ISP's, Colleges, whoever has a networking propagating info out, to follow that shows them how to enable engress filtering so no attacks come out of their network, and an equally likewise doc that shows preventive measures.
Everyone, and their BOFH mother thats on the net, knows the effects of a DoS attacks, or what a DoS attack is, but a fraction of them know what to do about it.
Anyways for some of those admins, I have a doc called Stopping DoS which is a die hard "this-is-what-you-do-on-this-hadware" to limit DoS attacks, as well as a s(emi)tudy paper called "Theories in DoS" which is a higher protocol level look at Denials of Service, which provides a framework look into future avoidances of them.
P.S. These are docs I wrote out of spare time, etc. nothing more, so don't expect any RFC based documents such as this paper thats linked.
This is great marketing for both IBM, and Linux. First off I think this is more of a marketing tactic than IBM trying to be helpful to any developer. By having thousands of developers do their thing on the machine, they could always turn around and pimp the results as both an IBM, and joint Linux effort which is pretty cool for Linux marketing...
However on the flip side of the coin, I hope the developers rush to fill these slots as opposed to some troll who's going to use those accounts for silly shit like h4x0rf00.c programs they wanna throw up, or uneccessary other shit...
Let's kill some Americans and blame Cuba
All this sounds like is a time based routing mechanism nothing more, and I don't really see how changing the IP address is going to save a misconfigured machine. For one, somewhere down the line the address is going to delegate out, so if say someone is browsing via 10.10.1.16 and they're browsing say something on my server and my logs show:
198.81.129.14
"http://www.antioffline.com/cia-soviet/" "Mozilla/4.0 (compatible; MSIE 5.5;Windows NT 5.0)"
Then about one second later
198.81.129.193 "http://www.antioffline.com/cia-soviet/" "Mozilla/4.0 (compatible; MSIE 5.5;Windows NT 5.0)"
Now this is typically another visitor or whatever, but if the connections were so repetitive enough with the same browser fingerprint coming through I can probably correlate them both together by their netblocks depending on who owned the block. So unless they plan on purchasing completely obsolete netblocks like say 198.81.129.0-255 then 198.83.0.0.-255 than how do they expect to stay obscured from view? Keep in mind that there are hardly any complete netblocks to purchase in that fashion (class A s close to impossible), so what are they really planning on doing?
Now if they partnered with ISP's to snag dhcp addresses not being used from a wide variety of places, say Earthlink here, MomandPopISP there, then it'd be a plus for them however simple traceroutes, and block lookups can give you their information. (who owns the block etc)
All it sounds like is a sort of a dhcp-round-robbin-routing set up which is not going to save them still, if someone is really intent on getting access to their networks, they'd run out of address ranges before their scheme would work.
Now on the spook/snoop side of things... I say TMTOWTPGPSAM! (There's More Than One Way To Sign PGP Sign A Message) to keep info from eyes other than the intended recipient.
" At all times, applications can be launched by selecting one of the soft buttons at the bottom of the display. On the far left is the Agenda logo which brings up a menu of applications. The other buttons launch applications directly, and by default bring up Contacts, To Do, Schedule, Notes, the Calculator."
./configure ; make ; make install its too cumbersome and difficult for cluebies as opposed to something like MS' self installing executables. So while looking at the other article today which states the demise of Linux as a desktop, I stop and wonder what the hell are the developers thinking? Create a "HOME ONLY" based version of Linux without all the fancy source distributions for average joe users and market, market, market it for crying out loud.
Why couldn't Linux developers either in Redhat or some other distro make things this simple for people who're interested in Linux for the home desktop segments? Some of the difficulties surrounding "point-and-click", "GUIville" when it comes to Linux and the average non geek user make using Linux intimidating which is one of the reasons the competition with MS as a home solution is a losing one.
No one wants to tar -zxvf foo.tar.gz ; cd $foo ;
Instead of focusing on promoting the "coolest new trick" on the Linux OS' be advised Mr. Developers, that most geek know what Linux is capable of, and while most time and money is spent marketing these new things, some of you need to go back to the core of it all and promote ease of use if you want people to start using Linux. If this VR3 is as easy to use as the article claims, than someone at one of these distributions (Redhat, whomever is left) needs to take a pad, pen, and sit down with these guys and get it right, once and for all.
where technology roamed the wires, and innovators dominated the world. There was the newest craze in high tech, yes the ultimate product offering ever to hit any market.
Many touted this technology as the next best thing, and companies flocked to support it raising capital from all walks of business life. The technology grew so fast, and was quite loved by many, so it could never faulter in the eyes of those who praised the new technology.
While it grew to new heights while slumbering in "almost-there-ville", everyone awaited its presence as it would signal the end of an era, and beginning of new life. Day after day everyone waited patiently.
Finally the new technology was ready to take its place in the world and reign supreme, sadly there was already a newer technology who'd already taken over its role...
Only on the Internet
Not even a nicely GUI-filled, easy to use distribution as Mandrake made a difference to people who love the ease of MS based products. I've never used Mandrake, but have seen co-workers use it, and claim it to be the easiest to use of all the Linux distributions.
If this is the case, then why haven't many MS users switched over to something so easy. Is it the way some of these companies market themselves, which is close to zero when it comes to mainstream magazines, or is it that too many distributions add to the confusion or something.
So far so good for Redhat however who is managing to keep in the game, and for all the Linux users, just hope this is the last distribution to go under, else your going to have some massive "Linux is dying" trolls. Not to mention (which is most important) a sad showing of the possible overall outcome for Linux, should they not hurry and capture a large portion of the home pc segment.
The whole wireless ploy has become such overkill, that it's stomach turning. The benefits of having a Palm or other device for Wireless access is not a neccessity by any means in real world scenarios, they just make things easier.
Too many companies are trying to focus on stamping out product after product while failing to give just one definite product to handle it all.
E.g. If there were a combo pager/cell/pda I think many people would flock to it, provided it wasn't filled with bloat. Not saying bloat is always bad, but I see many of these wireless PDA's on the market with nothing worth true substance to make me want to buy it.
I have my cell, page, laptop which I carry around, so other than trying to keep up with the Jones' I see no need to run out and buy something I already have by carrying around my other gizmo's.
One, my laptop stores more info than a PDA, and its easier to use than scrolling a little pen over a small ass screen. Secondly my pager sends me news every hour, and I can receive email on it too. My phone can receive the same, news, and email, so what makes the PDA companies think I need to carry extra baggage to access these features. Typical email can wait, as if there is an emergency, via pager or cellphone, I can be emailed or paged.
Should I need to store information, I would rather jot it down on good old pen and paper to xfer it to my pc's should I not have on powered on. Just imagine getting a super models phone number then smashing your PDA by accident (bad example but hopefully many will see the probs I find with PDA based stuff). You're screwed.
While companies may brainstorm on how big of a screen they should make, or what new programs they could insert on the limited diskspace, maybe one, just one vendor can do something a'la mid sized (between PDA, and Laptop sized) all in one combo phone/pager/laptop and do away with all those annoying little PDA's.
Ok so don't blame Canada, but don't blame Big Blue either, it wasn't them who set out to have someone commit this crime, it was a publicist/marketers fault for this stupid action, and it was someone else's stupidity for not drawing the line regarding morals, and money.
If Sig Sauer had paid someone to promote their guns, and some idiot decided to do something like shoot up a crowd, it would be wrong to place blame on Sig Sauer for the actions of any other than themselves. (poor example I know but I was reading Guns and Ammo earlier so sue me)
Listen there is nothing wrong with advocacy, so don't think this is a bash Linux post, it's nothing more than a reality check. You don't commit a crime (vandalism) because someone pays you to do it, that'll make you as guilty as the one who conspired the crime. The guy should have known what he was doing was wrong and opted not to do it. As for the punishment, he should do the community service for it, and be given a swift kick in the ass for being dumb.
What is Deviation v.1?
2600 is not linking they're pointing the complete domain to Ford motors, why not copy the whole thing over, then do it? Ford did not invite 2600 to point the domain over to their site causing unwanted traffic going there via way of FuckGeneralMotors.com, I'm sure they could care less if there was a link that said Fuck you Ford, as opposed to having the whole domain point to them.
No amount of arguing can clarify this for anyone. Its morally wrong, and legally wrong, unfortunately 2600 is using legal loopholes in the wrong way to fight for their moronic cause.
2600 is run by Peter Pan
One of the guys from my site did a semi humorous article on the whole 2600 deal. Some people may find it informative, others will find it funny, others will call it name calling etc. Personally, I think anyone who runs around doing things to get sued for attention is a moron.
On the X Files the guys rocked because it was something new. With their own show we expected to see something as serious as the X Files in the form of the hackers which never happened. Comedy? The show flat out sucked, and it was surprising it lasted as long. Same happened with Level 9 which aired for about 4 weeks that I know of. For those who never even heard of it, it was supposed to be I guess what people think the NSA are, a bunch of hacker crime fighters which never materialzed.
I watched that show once or twice till I heard them say "his website WHATEVERTHENAMEWAS.com is untraceable, he keeps moving IP address." or something along that line, and quickly thought "stupid ass clueless producers don't even do research."
Family Guy is funny as hell tho' Stewie just owns.
Sad to see the Lone Gunmen go, maybe Chris Carter will script them into X-Files a bit more since they do have that role under lock down. But by themselves... they're boring.
Lone Gunman
Seems like the site moved the page. Anyways this is the link for the company who suckered India's goverment into buying highly priced honeypots.
http://www.peakxv.net/InterOp/interop.html
The more uninformed goverments are, the more likely cruddy laws will be passed that hinders tech sectors such as those in the industry on a security related basis. Well thankfully I don't have these laws in the US oh so great land of the free && *snicker*
Recently the Indian government was suckered into buying honeypots and in January for those who don't recall they hired a dozen script kiddies to handle security (I couldn't find the link sorry), so what I see happening is, goverments are getting scared by technology, and instead of coming up with logical solutions, they feel harsh punishments will deter someone's future actions.
Instead of creating such broad laws which can also hurt innocent people somewhere down the line, hardcore studies should be done before such broad laws are created, and every 5 or so years another study should be done to ensure the laws are working to the benefit of the people as opposed to throwing something out because of fears, or because its almost election time $WHEREVER.
Sadly it looks like we are going to have a complete world full of drones who'll either be afraid to interact, or a world full of what the government will view as anarchists if things continue with these trends.
Hrmm Dreamworks could be shifting away from using Irix and Irix based programs on SGI machines, but odds are they're using Linux based programs on SGI hardware. FYI for those who don't know too much about the graphic design/3-d industry, SGI used to make the top of the line machines for the tasks along with Irix running the programs some of which costed over 40k (most of the times it did) so to say they dropped SGI is somewhat false.
Dreamworks and other shops are likely using Linux on their existing SGI hardware as well, since their production machines are not your run of the mill eBay like SGI machines, they're likely highly stacked up SGI boxes, and I'm sure they wouldn't toss them out.
Strata Pro Studio which is actually a kick as 3-d program for Windows may have ported something to the Nix community as well but I'm not sure, its been about 4 years since I worked in the GD/GA field.
In today's news, a German corporate spy plunged 108 stories to his death while attempting to scale New York's World Trade Center in efforts to steal business plans.
Spectators were stunned to see the German who has been identified as Wolfgang Dirk Schmidt yelling "Arschlock!!" while falling to his death.
Investigators used shovels to scoop up his remains for analysis at Quantico VA, in efforts to present a case against the German goverment for inventing what they dub as "suction cups of mass destruction."
Stay tuned
http://www.brainfingers.com/technical.htm
Myabe the author of the book can work on an offspin of this product.
Besides, statewatch is part of the same leftist agenda as organisations like IMC, who fear that if their "privacy" is breached, then they can't continue their terrorist campaigns against innocent people who work towards ensuring global prosperity.
You say toe * may * toe I say toe * mah * toe. One thing I will say from my perspective on this which doesn't count for shit in the real world, but I like to look at things from all angles.
Global Prosperity: Things were just fine before bills such as this, so why would you want to introduce one to ripple the waves in still water?
If you don't know the EU is passing a Cybercrime Treaty document which would (hopefully for them) give Law Enforcement Agency's the right to cross investigate crimes and act on them which at first seems like a good idea. But what's forseen is abuse.
Take the FBI who seeks a warrant and gets denied in the United States. That same agent will be able to seek another country to serve that warrant up for them, circumventing the laws of this land. See a problem with this or notion of future abuse?
Why shouldn't citizens have the same right to privacy as governments tout. If anything the governments should not be the ones to hide anything for any reason, we put them there, and we have every right to know what our government is doing.
Just because you have people that keep a close watch on government doesn't mean they're criminals, and I suggest you read the interview I did with John Young from Cryptome.org who shed light to dispel those anti government theories here.
So while you see things one way, doesn't mean its wrong, doesn't mean someone else is wrong, but there are always alternative sides to an issue which you may not see so clearly.
After reading that I was a bit amused since I think its part of the Cybercrime bill they're trying to pass which would allow LEA's to exchange information, and cross warrants to be served, however for those who don't know, Dubya said no to the bill so lets get that out. (I'll find the link when I can just woke up).
Anyways here is the most insighful/interesting document I found on it with an excerpt. [link]
Sad to see these things, but soon we're going to have an influx of either zombies, or guys like Gene Hackman's Enemy of the State character around.
Kudos to the person who made this one, although I'd still be leary about with even this one "worm" especially when groups like s0ftproject keep creating these sometimes outrageous backdoors.
Someone should set out to write an informative document which isn't so bloated with too many tech terms for the newbie Linux admin that shows them how to lock down their Linux systems on an install. I wrote a lame one about 2 1/2 years ago, but never bothered following up on it.
Education, education, and more education. I wonder how come many complain about security, when so little take a few hours to actually inform themselves of the risks/fixes for typically easy problems.
2600 is being run by Peter Pan