Um, he has two computers ( 1 Windows, 1 Linux ), he has dual boot (Windows/Linux )? There are probably more ways, but I think it's clear enough already.
I agree 100%. I don't even get spam that much since I use emial aliases like there is no tomorrow, but I but in my job as tech support, spam-related trouble calls is reaching about 50% of my total volume. Sad thing is my answer is mostly "I can't do anything about ( people forging your address in the "from" field"/sending you spam about child porn, etc ). Setting up email filters in MS Outlook used to work, but now the from field is almost always forged and variable, our email servers are outsourced, so I can't apply any company-wide filtering tools.
Anyway, I digressed a lot, but just wanted to let the parent poster know at least one person agreed with him.
I read all the replies to this post...cmon guys, don't flame him. You are all acting as if he is just karma-whoring. I mean, he has a good plan. Just read it. "Bring Federal case to a civil court..what?" Disregard what I was going to say...fire at will.
Yes, he left his no-privilege-having user account logged in. That is why he had to use the su command to switch to root user ( by entering the root password ) before running the killall command. Hmm, your example left root logged in, so wouldn't that be as ironic as the first post ( as per your post )?
>How about last week... One of our competitors >that pride themselves on being the best in the >industry with Security and using Linux Servers as >their flagship of security had about 100 >customer's web servers root hacked. So the kernel was Linux( some version ), what was the web server? You are saying that 100 web servers were hacked, and then mention Linux, but without stating that the kernel was the problem. So I don't know what you are saying is insecure, the web server or the kernel.
Now, if you are going for a more general statement, like OSS is not secure by default, now you are arguing at a more general level. Open Source just means someone wrote an application ( could have been some newbie writing their first network application, for example ) who made the source code available to people who did not develop it. So yes, no guarantee that an arbitrary
OSS application is more secure than a similar Closed Source application. Now, in practice, OSS is generally more secure because anyone can analyze and publish ( and ifx! ) security problems within the code. With closed source, this is not an option. Heck, these days just disclosing a security flaw can land you in jail(DMCA)!. Remembe r Skylarov and the more recent Gamespy stores?
Now go one more level, and assume the application user is being a bit selective in which OSS app to use, and now you can have a much greater chance of having secure software if you choose a widely used application whose source code has been scoured by many eyes many times over.
I am starting to beat a dead horse, so I will end my post with this. OSS has much greater chance to be secure, and is much easier to secure ( from user point of view ) than a closed source application. AND there is no guarantee an application is secure soley because it is closed or open source.
I agree that anything that anything ( non userspace ) is not the OS should be both separable and replaceable without any adverse effects on the OS itself. I don't think this is possible with Window XP or the up and coming 2003, which makes it virtually impossible for M$ to comply with some of these anti-monopoly judgement terms without breaking their OS. Yeah, yeah, many of you love Windows, good for you. But try and be objective here, if you know anything about software design, you will know that modularity is important at all levels.
For example, I recently had to change the way a function of my user account management tool worked. All I had to do was change a few lines within the function and it was done. Later I needed to use that function in another program and all I did was copy/paste the code into the other program and I was done. Why was it so easy? I make each function standalone, so that all it needs for the calling function to tell it what to do, and then it returns the results of what it did. This makes it really easy to just copy/paste the function into other programs ( I may make a library later on ) because it doesn't not depend on anything outside of itself, and nothing outside of it depends on it. i.e. I can just comment out the line of the main program that calls the function and everything is hunky-dory.
Apply this to Windows OS, and they should be able to remove media player without the OS even noticin g it is gone, and in WMP would be easily replaceable or updateable without affecting the stability of the OS. Make sense?
Some of you may argue that what if a function is critical to the OS. Obviously if you remove the memory management tool you are going to have problems, but is a media playing program necessary for an OS to run? It's a user-space program! So the answer is "no."
So, if you were a virus writer, how would you get this exploit past the user's firewall/ssh restrictions? Email virus? Ok. Lets say you sent virus as binary email attachment? Now we are at a critical point, would the average linux user click on it? If so, then, I wonder what a good, general purpose fix for this would be. Perhaps to sandbox email attachments? Interesting problem. Of course, in most cases damage would be limited by user rights, but I would like to see a good, general purpose solution to this type of vulnerability.
Word. Plus, who says it is me being hijacked? Maybe I set up the router for a customer and wasn't aware of this "feature". Actually, that may be good thing as it will generate a $100 service call for me to go do a firmware upgrade on the customers router.
Good idea, I don't install java, disable most javascript, and don't install Macromedia Flash player. All this stuff disabled/not installed and I don't feel I am missing anything, Personally, I think anything I am missing was just fluff and not really useful content anyhow.
Hmm, the company spent months ( at least ) on developing the product and planning its marketing. They knew what they were doing. I understand their in business to make money, and that the economy ( U.S. ) is in a slump, but intentially changing the product to do something it is not supposed to do ( routers are not supposed to redirect clients to web sites without the owner/operators knowledge or consent, they are supposed to route packets, and maybe additional features such as packet filtering/nat/etc ). So when I buy one, I expect it to do exactly that and nothing else. Otherwise, it really isn't a working router and is also not reliable. So yes, they are on my blacklist and will probably stay there...well...forever.
Actually it doesn't matter if the router is on a private network or not, it will try to connect to Belkin's web site. In fact, it is probably even worse if the network is not connected to the Internet as the router will cause the client computer to have wait for a timeout on the connection.
Yah. But the ability to make your content ( whatever it was ) was viewed as privilige that the provider was willing to foot the bill for. I still work under this premise ( ok, my web server is being rebuilt by me, but it was up for a couple of years ) such that I understood that if I wanted to run a web site I would have to foot the bill, but for me it was/is worth it. The only type of funding I accepted was 100% optional paypal donations, and that is most likely the only kind I would ever accept.
So, as a web site owner/runner, I clearly see that advertisements totally ruin the users ( person browsing the site ) experience, why can't others see that?
I would love to go back to the pre-commercialized Internet. Back then web site shared information without trying to spam you with adsvertisements, gather personal information so they could sell it, it was content, pure and simple. I have run many web sites, all free of advertisements, no forcing logins to view content, cookies, etc. If advertisements were to one day just "disappear", sites dependent upon ad-revenue would probably go offline, but they would be replaced with ad-free sites and the WWW experience would be all the richer.
In this hypothetical ad-free WWW environment, technologies such as those that run Freenet would be necessary to allow sites with large readership, but that would only strengthen the sense of community amongst surfers, which I see as a good thing. Of course, you would still have to worry about who would run the Internet backbone and other nodes/services if you want to entirely remove the commercial aspect of the WWW/Internet. But that problem is beyone the scope of this post ( plus I don't have a solution ).
I agree. I would like to add it would not be that big of a problem in all cities. After I read the original article about the mirt device, I started counting traffic lights in my town that had the sensors...very few, maybe 10 out of a 1000. This device would not be useful where I live.
This must be your first troll, because it is done so badly. Dude, you got to obscure what you are saying a bit more so its harder for the reader to catch the fallacy of your logic, especially in the first few sentences. A good troll is never read all the way through, because the reader is so inflamed at the first sentence or two, that they hit the reply button almost immediately. So, put the semi-plausible statements first, and the absolute junk reasoning at the end.
In the case of downloading music, look for some of the "I am a music store owner and my sales have dropped through the floor" posts. Those are usually well-done ( but overused ) trolls you can use as an template.
Unfortunately, the model will only allow media created by verifyable parties ( who pay the Microsoft tax to get a certificate ), so there goes the theory it will let people play their own content ( without forking out $$$ to M$ ).
Very good idea. In fact, we can make such a program work like Seti where the clients dowload blocks of data to send to 's network and then send back reports of what they have done so it can be tallied up and the sender can be ranked by how much data they sent. That way you can have a competitive atmosphere that should give people an incentive to participate.
Do have any links that list out the hosts + protocol for different spyware programs? That would be a good tool to get me started on it.
That shows your ignorance of Islam. Women are not second class citizens in Islam. They can work, hold political office, etc. the same as men. Yes, their bodies should be covered in public, just as men should be covered below the knees and above the navel.
Most misconceptions about the religion come from the media, and secondly they are the result when culture gets confused with religion. I.E. in Saudi Arabia women are not allow to drive. That is culture and not religion as Islam does not forbid that. Persians wore gold rings through their nose to signify nobility, some thought that was religion, but Islam forbids men to wear gold so obviously it was actually culture that dictated that. I could go on all day , turbans, prayer rugs, are culture and tradition but are often confused with religion.
My employer scanned every computer and had the IT people remove it. Then they blocked Plaxo at the firewall and gave Plaxo a list of every known employee who had an account with them and requested that the accounts be terminated immediately.
They muttered something about customer contact info being confidential information...go figure.
Slashdot Mirror
Um, he has two computers ( 1 Windows, 1 Linux ), he has dual boot (Windows/Linux )? There are probably more ways, but I think it's clear enough already.
I agree 100%. I don't even get spam that much since I use emial aliases like there is no tomorrow, but I but in my job as tech support, spam-related trouble calls is reaching about 50% of my total volume. Sad thing is my answer is mostly "I can't do anything about ( people forging your address in the "from" field"/sending you spam about child porn, etc ). Setting up email filters in MS Outlook used to work, but now the from field is almost always forged and variable, our email servers are outsourced, so I can't apply any company-wide filtering tools.
Anyway, I digressed a lot, but just wanted to let the parent poster know at least one person agreed with him.
Move along, nothing to see here...
$5 is about right. My copy only had one page that said "fdisk and install another OS"
I read all the replies to this post...cmon guys, don't flame him. You are all acting as if he is just karma-whoring. I mean, he has a good plan. Just read it. "Bring Federal case to a civil court..what?" Disregard what I was going to say...fire at will.
Actually it looks like Michael Jackson will be his cell mate. The songs "beat it" and "thriller" come to mind...
Yes, he left his no-privilege-having user account logged in. That is why he had to use the su command to switch to root user ( by entering the root password ) before running the killall command. Hmm, your example left root logged in, so wouldn't that be as ironic as the first post ( as per your post )?
>How about last week... One of our competitors >that pride themselves on being the best in the >industry with Security and using Linux Servers as >their flagship of security had about 100 >customer's web servers root hacked.
So the kernel was Linux( some version ), what was the web server? You are saying that 100 web servers were hacked, and then mention Linux, but without stating that the kernel was the problem. So I don't know what you are saying is insecure, the web server or the kernel.
Now, if you are going for a more general statement, like OSS is not secure by default, now you are arguing at a more general level. Open Source just means someone wrote an application ( could have been some newbie writing their first network application, for example ) who made the source code available to people who did not develop it. So yes, no guarantee that an arbitrary
OSS application is more secure than a similar Closed Source application. Now, in practice, OSS is generally more secure because anyone can analyze and publish ( and ifx! ) security problems within the code. With closed source, this is not an option. Heck, these days just disclosing a security flaw can land you in jail(DMCA)!. Remembe r Skylarov and the more recent Gamespy stores?
Now go one more level, and assume the application user is being a bit selective in which OSS app to use, and now you can have a much greater chance of having secure software if you choose a widely used application whose source code has been scoured by many eyes many times over.
I am starting to beat a dead horse, so I will end my post with this. OSS has much greater chance to be secure, and is much easier to secure ( from user point of view ) than a closed source application. AND there is no guarantee an application is secure soley because it is closed or open source.
I agree that anything that anything ( non userspace ) is not the OS should be both separable and replaceable without any adverse effects on the OS itself. I don't think this is possible with Window XP or the up and coming 2003, which makes it virtually impossible for M$ to comply with some of these anti-monopoly judgement terms without breaking their OS. Yeah, yeah, many of you love Windows, good for you. But try and be objective here, if you know anything about software design, you will know that modularity is important at all levels.
For example, I recently had to change the way a function of my user account management tool worked. All I had to do was change a few lines within the function and it was done. Later I needed to use that function in another program and all I did was copy/paste the code into the other program and I was done. Why was it so easy? I make each function standalone, so that all it needs for the calling function to tell it what to do, and then it returns the results of what it did. This makes it really easy to just copy/paste the function into other programs ( I may make a library later on ) because it doesn't not depend on anything outside of itself, and nothing outside of it depends on it. i.e. I can just comment out the line of the main program that calls the function and everything is hunky-dory.
Apply this to Windows OS, and they should be able to remove media player without the OS even noticin g it is gone, and in WMP would be easily replaceable or updateable without affecting the stability of the OS. Make sense?
Some of you may argue that what if a function is critical to the OS. Obviously if you remove the memory management tool you are going to have problems, but is a media playing program necessary for an OS to run? It's a user-space program! So the answer is "no."
So, if you were a virus writer, how would you get this exploit past the user's firewall/ssh restrictions? Email virus? Ok. Lets say you sent virus as binary email attachment? Now we are at a critical point, would the average linux user click on it? If so, then, I wonder what a good, general purpose fix for this would be. Perhaps to sandbox email attachments? Interesting problem. Of course, in most cases damage would be limited by user rights, but I would like to see a good, general purpose solution to this type of vulnerability.
Word. Plus, who says it is me being hijacked? Maybe I set up the router for a customer and wasn't aware of this "feature". Actually, that may be good thing as it will generate a $100 service call for me to go do a firmware upgrade on the customers router.
Good idea, I don't install java, disable most javascript, and don't install Macromedia Flash player. All this stuff disabled/not installed and I don't feel I am missing anything, Personally, I think anything I am missing was just fluff and not really useful content anyhow.
My $.02
So that they can be answered in the MMPORG! Seriously though, I doubt this Matrix MMPORG will ever see the light of day.
Hmm, the company spent months ( at least ) on developing the product and planning its marketing. They knew what they were doing. I understand their in business to make money, and that the economy ( U.S. ) is in a slump, but intentially changing the product to do something it is not supposed to do ( routers are not supposed to redirect clients to web sites without the owner/operators knowledge or consent, they are supposed to route packets, and maybe additional features such as packet filtering/nat/etc ). So when I buy one, I expect it to do exactly that and nothing else. Otherwise, it really isn't a working router and is also not reliable. So yes, they are on my blacklist and will probably stay there...well...forever.
Me neither. They are also on my blacklist now, too.
Actually it doesn't matter if the router is on a private network or not, it will try to connect to Belkin's web site. In fact, it is probably even worse if the network is not connected to the Internet as the router will cause the client computer to have wait for a timeout on the connection.
Yah. But the ability to make your content ( whatever it was ) was viewed as privilige that the provider was willing to foot the bill for. I still work under this premise ( ok, my web server is being rebuilt by
me, but it was up for a couple of years ) such that I understood that if I wanted to run a web site I would have to foot the bill, but for me it was/is worth it. The only type of funding I accepted was 100% optional paypal donations, and that is most likely the only kind I would ever accept.
So, as a web site owner/runner, I clearly see that advertisements totally ruin the users ( person browsing the site ) experience, why can't others see that?
I would love to go back to the pre-commercialized Internet. Back then web site shared information without trying to spam you with adsvertisements, gather personal information so they could sell it, it was content, pure and simple. I have run many web sites, all free of advertisements, no forcing logins to view content, cookies, etc. If advertisements were to one day just "disappear", sites dependent upon ad-revenue would probably go offline, but they would be replaced with ad-free sites and the WWW experience would be all the richer.
In this hypothetical ad-free WWW environment, technologies such as those that run Freenet would be necessary to allow sites with large readership, but that would only strengthen the sense of community amongst surfers, which I see as a good thing. Of course, you would still have to worry about who would run the Internet backbone and other nodes/services if you want to entirely remove the commercial aspect of the WWW/Internet. But that problem is beyone the scope of this post ( plus I don't have a solution ).
I agree. I would like to add it would not be that big of a problem in all cities. After I read the original article about the mirt device, I started counting traffic lights in my town
that had the sensors...very few, maybe 10 out of a 1000. This device would not be useful where I live.
This must be your first troll, because it is done so badly. Dude, you got to obscure what you are saying a bit more so its harder for the reader to catch the fallacy of your logic, especially in the first few sentences. A good troll is never read all the way through, because the reader is so inflamed at the first sentence or two, that they hit the reply button almost immediately. So, put the semi-plausible statements first, and the absolute junk reasoning at the end.
In the case of downloading music, look for some of the "I am a music store owner and my sales have dropped through the floor" posts. Those are usually well-done ( but overused ) trolls you can use as an template.
Unfortunately, the model will only allow media created by verifyable parties ( who pay the Microsoft tax to get a certificate ), so there goes the theory it will let people play their own content ( without forking out $$$ to M$ ).
Very good idea. In fact, we can make such a program work like Seti where the clients dowload blocks of data to send to 's network and then send back reports of what they have done so it can be tallied up and the sender can be ranked by how much data they sent. That way you can have a competitive atmosphere that should give people an incentive to participate.
Do have any links that list out the hosts + protocol for different spyware programs? That would be a good tool to get me started on it.
That shows your ignorance of Islam. Women are not second class citizens in Islam. They can work, hold political office, etc. the same as men. Yes, their bodies should be covered in public, just as men should be covered below the knees and above the navel.
Most misconceptions about the religion come from the media, and secondly they are the result when culture gets confused with religion. I.E. in Saudi Arabia women are not allow to drive. That is culture and not religion as Islam does not forbid that. Persians wore gold rings through their nose to signify nobility, some thought that was religion, but Islam forbids men to wear gold so obviously it was actually culture that dictated that. I could go on all day , turbans, prayer rugs, are culture and tradition but are often confused with religion.
I hope this clears things up a bit.
My employer scanned every computer and had the IT people remove it. Then they blocked Plaxo at the firewall and gave Plaxo a list of every known employee who had an account with them and requested that the accounts be terminated immediately.
They muttered something about customer contact info being confidential information...go figure.
Your bike is safe...for now.