Sure, they put the authentication system in place, but was that really their idea? There have been countless cases in the past (the Quake series comes to mind) where publishers have forced developers to include copy protection when the developers didn't want it.
In many situations (such as writing academic papers), quoting sources and citing them (with exact URLs) is REQUIRED. While we could simply stop using ZD as a source, if this sets a legal precedent, it might spell the end of using the web for research.
The SecurID systems I've encountered won't accept a login with the same number twice.
Still, there might be a problem where someone hijacks your connection, but you've got bigger problems at that point.
That presents another problem: if people sign their votes crypographically, they can be compelled to reveal how they voted. With the current system, if you were forced to say how you voted, you could lie and there'd be no way to tell if you were telling the truth.
Having the machines sign the votes would do no good since they could change the vote cast.
The worst part about Kim Komando is that she gives out, at best, mediocre advice. I can't listen to her for more than a few minutes before banging my head in disgust at the misdiagnoses, bad advice, etc. For example, one of her "tips of the week" was how to enable execution of EXE attachments in Outlook Express. It's turned off by default for a reason, and if you don't know enough to enable it yourself, you shouldn't have it enabled.
If you read the article, you'll see that she didn't register something like lucasnurserysucks.com, but lucasnursery.com. I'm suprised that it wasn't decided that she was using their name to trick potential customers into going to her site, since many people assume companyname.com will work. It'd be similar to someone registering slashdot.com (if it wasn't already registered) to make an anti-Slashdot site.
I highly suggest picking up a copy of the Linux Core Kernel Commentary. The first part of the book contains the code of the majority of the "core" kernel components, and the second part explains the code. It's slightly out of date, but still a good read.
That really depends on several factors, including what frequency your phone uses, what technology it uses, and how close the tower is that your phone is "connected to." In my experience, TDMA phones (of unknown frequency) make a sputtering sound, while 1900 MHz GSM phones make a humming sound. The intensity of the interference depends on how close you are to the tower, since most phones will adjust their transmission power levels to the lowest possible level.
Both companies use the same technology (TDMA and GSM), but Cingular seems to have more 850 MHz GSM towers.
I'm surprised these 2D barcodes don't have digital signatures encoded in them to verify the authenticity of the data. I think it'd cut down on the number of fake IDs used.
Many places are now using the 2D barcode to verify your age, but in many jurisdictions (such as Oregon), when you change your address, they issue you a plain STICKER with your new PDF417 barcode printed on it. Anyone with knowledge of the AAMVA standard could create their own barcode sticker, making them any age they want. This is precisely why digital signatures are needed.
When someone asks for your ID, they'd scan it into a device, which would use the issuing jurisdiction's public signature to verify the digital signature on the barcode. Assuming the data is authentic, it'd then display the encoded data on a display. The person checking your ID would compare the data on the display to that printed on the front of your ID. If both match, you can be fairly certain the ID is legit.
Of course, there'd probably have to be a law prohibiting places from storing your personal data without your explicit consent.
If you're curious about the exact data format of the barcodes and magstripes, check out the AAMVA DL/ID standard at http://www.aamva.org/Documents/stdAAMVADLIDStandrd 000630.pdf (2000 edition) or http://www.aamva.org/Documents/stdAAMVADLIDCardSpe cs_092003.pdf (2003 edition). Among other things, it also spells out recommended security measures.
If people don't protect their systems by checking this bit, and malicious packets ARE sent with this bit set, does this mean that they are partially responsible for any damage caused by the malicious packet? Are software vendors responsible for handling these packets properly?
I can see the headlines now. Longhorn machine compromised by "evil" packets, Microsoft sued.
From what I understand, even if MS is found 1% responsible and the attacker 99% responsible, MS would have to pay the majority of a large judgement since MS would almost certainly have more money than the attacker.
Generally, if you do a launch event for a game and they send you the games, you can use them in your center. You might want to contact them to be sure, though.
I used to work for a gaming center, and the solution is to just not install games with these licensing requirements. There are many popular games where you only need one copy per machine. You may also want to join iGames (http://www.igames.org/). Publishers promote their games through them, and member centers in turn receive the games at a heavily discounted price plus a license to use them.
The University of Washington has a wireless authentication system set up so that you are initially firewalled off from the Internet. When you attempt to access a web site outside of washington.edu, it performs some voodoo magic to redirect you to an authentication server. After entering your username and password, it removes the filter and redirects you back to the site you wanted to go to. The only slightly annoying aspect of it is that if you only want to use an instant messenger program or check your e-mail from a non-UW server, you must first visit a web page. When your DHCP lease expires and isn't renewed, the IP is automatically filtered again.
While IP addresses can be spoofed, you won't be able to receive much since the computer of the legit user of the IP address will kill any TCP connections you try to establish.
A similar system could be used to track bandwidth per user.
It's not illegal to enter into a contract as a minor. Minors can enter into any contract, but they can void the contract at their discretion, which is why most people won't enter into contracts with minors.
If the contract is voided by the minor, each party must be restored to the condition they would be in if the contract was never entered into. For example, if you sign up for a CD club as a minor (one of those deals where you can get 12 CDs for a penny, provided that you buy X number of CDs later), you can't just keep the CDs and never buy another. You have to return the CDs if you wish to void the contract.
If companies loan money to minors, they risk losing the interest since all a minor has to do is repay the amount loaned and void the contract. That's why they don't loan money to minors.
From reading the article, it appears that the information on the card isn't stored in a central database, but is instead stored directly on the card in an encrypted form. Imagine the chaos if the encryption algorithm and key were discovered. Free entry for everyone!
... you drive under an overpass, bridge, trees, etc. The last thing you want while playing Quake 3 from your back seat is major packet loss. Sattelite radio systems have the advantage of having terrestrial repeaters in major cities so this isn't as much of a problem for them.
Slashdot Mirror
Sure, they put the authentication system in place, but was that really their idea? There have been countless cases in the past (the Quake series comes to mind) where publishers have forced developers to include copy protection when the developers didn't want it.
Doesn't AWS BSG have bigger security problems to worry about, like, oh, their job security? ;)
Have it in animated gif form!
In many situations (such as writing academic papers), quoting sources and citing them (with exact URLs) is REQUIRED. While we could simply stop using ZD as a source, if this sets a legal precedent, it might spell the end of using the web for research.
The SecurID systems I've encountered won't accept a login with the same number twice. Still, there might be a problem where someone hijacks your connection, but you've got bigger problems at that point.
Rumor has it that TiVo will patch it within the next week, starting possibly Wednesday.
It's being attempted in Seattle.
Who cares about getting credit? I've got a whole inbox full of institutions willing to grant me degrees!
That presents another problem: if people sign their votes crypographically, they can be compelled to reveal how they voted. With the current system, if you were forced to say how you voted, you could lie and there'd be no way to tell if you were telling the truth. Having the machines sign the votes would do no good since they could change the vote cast.
The worst part about Kim Komando is that she gives out, at best, mediocre advice. I can't listen to her for more than a few minutes before banging my head in disgust at the misdiagnoses, bad advice, etc. For example, one of her "tips of the week" was how to enable execution of EXE attachments in Outlook Express. It's turned off by default for a reason, and if you don't know enough to enable it yourself, you shouldn't have it enabled.
If you pick up the quad, does it do a secure delete?
If you read the article, you'll see that she didn't register something like lucasnurserysucks.com, but lucasnursery.com. I'm suprised that it wasn't decided that she was using their name to trick potential customers into going to her site, since many people assume companyname.com will work. It'd be similar to someone registering slashdot.com (if it wasn't already registered) to make an anti-Slashdot site.
I highly suggest picking up a copy of the Linux Core Kernel Commentary. The first part of the book contains the code of the majority of the "core" kernel components, and the second part explains the code. It's slightly out of date, but still a good read.
Where in Salem? I grew up there, and have a number of friends there, so I'd like to tell them to avoid whoever you went to.
That really depends on several factors, including what frequency your phone uses, what technology it uses, and how close the tower is that your phone is "connected to." In my experience, TDMA phones (of unknown frequency) make a sputtering sound, while 1900 MHz GSM phones make a humming sound. The intensity of the interference depends on how close you are to the tower, since most phones will adjust their transmission power levels to the lowest possible level. Both companies use the same technology (TDMA and GSM), but Cingular seems to have more 850 MHz GSM towers.
I'm surprised these 2D barcodes don't have digital signatures encoded in them to verify the authenticity of the data. I think it'd cut down on the number of fake IDs used.
d 000630.pdf (2000 edition) or http://www.aamva.org/Documents/stdAAMVADLIDCardSpe cs_092003.pdf (2003 edition). Among other things, it also spells out recommended security measures.
Many places are now using the 2D barcode to verify your age, but in many jurisdictions (such as Oregon), when you change your address, they issue you a plain STICKER with your new PDF417 barcode printed on it. Anyone with knowledge of the AAMVA standard could create their own barcode sticker, making them any age they want. This is precisely why digital signatures are needed.
When someone asks for your ID, they'd scan it into a device, which would use the issuing jurisdiction's public signature to verify the digital signature on the barcode. Assuming the data is authentic, it'd then display the encoded data on a display. The person checking your ID would compare the data on the display to that printed on the front of your ID. If both match, you can be fairly certain the ID is legit.
Of course, there'd probably have to be a law prohibiting places from storing your personal data without your explicit consent.
If you're curious about the exact data format of the barcodes and magstripes, check out the AAMVA DL/ID standard at http://www.aamva.org/Documents/stdAAMVADLIDStandr
If people don't protect their systems by checking this bit, and malicious packets ARE sent with this bit set, does this mean that they are partially responsible for any damage caused by the malicious packet? Are software vendors responsible for handling these packets properly? I can see the headlines now. Longhorn machine compromised by "evil" packets, Microsoft sued. From what I understand, even if MS is found 1% responsible and the attacker 99% responsible, MS would have to pay the majority of a large judgement since MS would almost certainly have more money than the attacker.
Generally, if you do a launch event for a game and they send you the games, you can use them in your center. You might want to contact them to be sure, though.
I used to work for a gaming center, and the solution is to just not install games with these licensing requirements. There are many popular games where you only need one copy per machine. You may also want to join iGames (http://www.igames.org/). Publishers promote their games through them, and member centers in turn receive the games at a heavily discounted price plus a license to use them.
The University of Washington has a wireless authentication system set up so that you are initially firewalled off from the Internet. When you attempt to access a web site outside of washington.edu, it performs some voodoo magic to redirect you to an authentication server. After entering your username and password, it removes the filter and redirects you back to the site you wanted to go to. The only slightly annoying aspect of it is that if you only want to use an instant messenger program or check your e-mail from a non-UW server, you must first visit a web page. When your DHCP lease expires and isn't renewed, the IP is automatically filtered again. While IP addresses can be spoofed, you won't be able to receive much since the computer of the legit user of the IP address will kill any TCP connections you try to establish. A similar system could be used to track bandwidth per user.
Actually, the 386 was the first 32-bit x86 processor.
It's not illegal to enter into a contract as a minor. Minors can enter into any contract, but they can void the contract at their discretion, which is why most people won't enter into contracts with minors.
If the contract is voided by the minor, each party must be restored to the condition they would be in if the contract was never entered into. For example, if you sign up for a CD club as a minor (one of those deals where you can get 12 CDs for a penny, provided that you buy X number of CDs later), you can't just keep the CDs and never buy another. You have to return the CDs if you wish to void the contract.
If companies loan money to minors, they risk losing the interest since all a minor has to do is repay the amount loaned and void the contract. That's why they don't loan money to minors.
From reading the article, it appears that the information on the card isn't stored in a central database, but is instead stored directly on the card in an encrypted form. Imagine the chaos if the encryption algorithm and key were discovered. Free entry for everyone!
Yeah, I know that sattelite connections are laggy. I'm just making a point. ;)
... you drive under an overpass, bridge, trees, etc. The last thing you want while playing Quake 3 from your back seat is major packet loss. Sattelite radio systems have the advantage of having terrestrial repeaters in major cities so this isn't as much of a problem for them.