Well, I've been looking for an excuse to stop using slashdot.... it's the same bullshit over and over, and the few gems that do crop up have gotten so rare that trawling through the shit spewed by consumer-capitalist apologists is just too much.
I do not use javascript, and will not spend any effort on making this site work without it. I discovered with D2 that if you have D2 on in you prefs, set the threshold to -1, and use/. without JS enabled in the browser, you get a better experience than D1 in one way - all the comments load on 1 page. But without JS you couldn't mod, nor look at mod histories, without opening the comment in another tab and allowing JS temporarily.
What I got on the/. homepage just was a huge white position:fixed box thing floating over the content, blocking most of it. Presumably that box is hidden when JS is on, but I am not going to fight with another site that is trying to be a "web application" just for.... fuck knows why. Bandwagon jumping, I'd say. Perhaps/. think they can get 500mill out of Goldman too, if only they appeared "trendier"?
I've got 1 mod point, I'm gonna go mod taco a troll or something, and that's it.
It was worse than that.... it looks like up until very recently they could well have had their site on a Windows 2000 machine. 2000 was the best version of Windows that MS ever made, but it still had some chronic shortcomings that make it totally unsuitable for most internet-facing tasks.
Of course it is all too easy to just flame Windows, but even (especially) the MS fans will agree that using IIS5 in at least 2007 is not a clever thing to have been doing.
But lets be honest, the way that site is slinging about the word "hacker" it is clear they do not have any kind of top-notch IT... or even any clue about computers - they probably accepted what the industry told them as 100% truths, and then think that somehow some person is doing fucking magic or something to get into their server. Considering how keen they seem to be to shirk responsibility for the break ins (their list of suspect beliefs, for example), they truly do not recognise their own ignorance. The BBC miss the point too, and just go along with the hacker rhetoric as well.
Having my TV join a botnet still doesn't sound like that much of a crisis.
Right up until it is used as a proxy to download child porn, and all of a sudden you are having to explain why your IP has accessed CP to law enforcement, family, friends, the media.....
Yeah, I know CP is one of those bogey men used to persuade people to see danger from unlikely events, but an accusation of CP can be enough to ruin lives. If you can avoid it, it's probably for the best.
Also, if your TV is in a botnet then it might be inside your firewall, if you use a straight forward NAT router. The TV could be used to attack other computers on your LAN which may contain more important data.
0 comments on this piece of PR bullshit? What a surprise, the PR is leading to censorship!
All I can say is fuck off Intel, I will not be buying your products again. I do not pay for anything if it contains any form of anti-feature, no matter how appealing the features might be. When your hardware contains features that hand control of my property to a third party, that feature suddenly becomes an anti-feature. That third party will use their control ability to interfere with what I might want to do with my property, and just because some IP laws say that I am not allowed to copy some data, I will still do so if I want.
The internet exists, and computers exist. So when the market offers copies of data at n currency units (eg a DVD movie for 15UKP), but a person can make their own copy of the data at n x 10^-5 or -6, it is obvious what will happen. Industry reacts by name calling (pirates) and law-buying, and when that fails they send their slush-funds to other corrupt corporations to make their products shittier.
I'm kinda glad I moved away from Windows after XP (I have used fista once, and only a release candidate of 7), so as I use Linux moving away from intel compatibles will be easier than changing CPU architecture and OS - I know how to use the OS, so moving to ARM, Sparc, PPC, etc. is a possibility. Though in the mean time AMD will sell me a chip without anti-features.
Shit, even your boyfriend Microsoft is looking at ARM processors. I guess with the Wintel duopoly drifting towards the rocks you are looking for other sources of money without offering what the customer might actually want. So you've got into bed with Hollywood. I hope you catch something!
I had the misfortune of being at the end of a BT line for the past 10 days, and noticed throttling of torrents, at least, at some times of the day.
I had been torrenting on a Zen line and had been maxing out the line all day with the stuff I was downloading. When I tried to finish a torrent off on the BT (business grade) connection it would only go to a maximum of about 25k/sec. Fired up some other torrents, and whilst trying to figure out what was going on, the maximum overall for multiple torrents seemed to move to 35k/sec.
I SSH'd into a box on the Zen line, and had a look at a torrent there. It was maxing out the line, so I started the same torrent on my laptop from this BT line..... 35k/second. The line was capable of downloads otherwise of 90k/sec. So from my data point of 1, they were definitely throttling. As time went on, the torrent throttling appeared to go away, and by the late evening the torrents were maxing out the BT line too. Remember, business grade. Isn't the contention ratio 20:1 on that, but 50:1 on consumer services (like the Zen line I mentioned)? So it utterly reeked of them interfering, rather than just the intentionally shit set up getting in the way. Things are intentionally shit to try and protect the profits from guaranteed service services - proper leased lines.
The BT Business hub thing is a piece of shit too. The wireless range is a joke (totally unsuitable for all but the smallest of offices), the shitty BT/2wire router controls 3 networks (BTFusionnnn, BTBusinessnnn, BTOpenworld) - meaning the WLAN you want to use is noisy. There doesn't appear to be a way to upgrade the aerial either, which can be enough to cheaply solve some WLAN issues. BT are clearly providing limited kit knowing that people will have problems and will have to upgrade. I bet BT want a piece of that upgrade market - and considering the people who have BT as their ISP tend to do so because they know no better, BT know that when the clueless do have to upgrade they will come back to BT. The clueless do not recognise their cluelessness, so think they have made good decisions about who to do business with, so do not think twice (once would be a fucking novelty!) about dealing with BT again. In fact, if they went elsewhere, perhaps they had made a poor decision first time 'round? Many or most people don't want to face buyers' remorse, and some will actively try and avoid it by not thinking, so will dogmatically stick with their past decisions.
Packet loss over the shitty wireless or sub-par BT internet service through this POS business hub meant I had problems getting downloads to work from the BBC iplayer too. I use get_iplayer and the banned version of rtmpdump rather than whatever proprietary nonsense the BBC are telling you you need, and the packet loss was upsetting rtmpdump.
Anyway, after that fucking rant, fuck BT. Even though they have been broken up they clearly still are practising the same bullshit they always have. No doubt the shareholders of all the various bits of BT overlap quite considerably, so it is no surprise they still seem to act as one business.
Police are no different but the government and themselves would have you believe they are somehow ethically superior.
It's not "the government" or even police who are trying to make you believe they are ethically superior. It's been an ongoing theme from the right-wing "law and order" crowd for decades. You hear it constantly from conservative media.
That's because police are authority figures, and American conservatives are a bunch of fucking bedwetters who just can't get enough of that daddy-knows-best attitude -- even it means turning this country into a totalitarian hellhole.
Read this. Skip to page 20 to see what these folks think of the police.
"When fascism comes to America it will be wrapped in the flag and carrying the cross." -- Sinclair Lewis
I was going to reply to PopeRatzo with a link to the WP article about that book's very topic, right-wing authoritarianism, but you kinda beat me to it. I don't have any mod points, but I can do better anyway by quoting you at +2
/me dons my internet-psychologist's trousers: Some of the replies in this discussion are clearly from people who are RWAs.
I've said this before, but I'm going to repeat it:
If you are on an ISP that censors, because they inject fake 404s you cannot be sure what is a real 404 and what isn't. So if you see any 404s, call them up and get them to confirm if it is their system or if it is the actual server. And if enough people did this, the censorship would go away...... until they come up with another method, that doesn't open them up to costs. But if they do that, I'm sure we can figure something else out.
You forgot to mention that customer services will be a call you have to pay for. They will have worked it out such that implementing the censorship and turning it off for some will turn a profit - you will be giving them that profit when you jump through the hoops they want you to.
Recently t-mobile spammed my phone with some new fucking feature that I don't want - they will send you a text if someone phones you and you don't answer. Well, fuck that! The phone already says if there is a missed call, I don't need to be told twice. I also know how shit their network is, and I don't need to be kept up to date as to how shit it is.
To turn off this unasked for feature I was meant to call up (and pay) or text them (and pay). Yeah, it's a few pence, but it is the principle that I object to. So I found their corporate fax number, and rang some numbers similar to it. I ended up getting straight through to someone who was able to turn off the feature I didn't want. The thing is, I didn't get through to just some call centre peon, I wasted the time of someone better paid within t-mobile, and explained to someone who might actually be willing to understand why I was trying to waste their time and money - because I don't like having my time and money wasted with features that are only there to try and encourage the user to use their phone more.
Fox can generally be distinguished from its good twin Fax by noting that Fox has a goatee and, when speaking, tries to imply that Obama wants to enslave white people.
I though the difference was that fax sound like an unpleasant screeching noise, and fox sounds worse?
And whilst you say that, there will still be the odd fax machine about. Perhaps in some director's office who doesn't want to have to use the new system - and can pull rank to be able to not have to use it. Perhaps a legal department sometimes faxes confidential communication, and the simplest way to keep it secured is to have a simple fax machine, that doesn't have any ability to keep copies etc., in a locked room. Smaller regional offices are more likely to be stuck with older kit - I have worked for a couple of corps where the sites that executives frequently used had all the best facilities and newest (and shiniest) kit, and the rest would only get new stuff when the old stuff broke and caused a big problem. Those more minor regional offices are much more likely to have DOS-able faxes.
Anonymous - dig out those war diallers and find the hidden faxes in the corporate telephone number blocks. The publicised fax numbers will have to be handling fax-spam, and that might be useful for the corporation to be able to ignore these attacks. The targeting of non-public faxes is much more likely to lead to a cubicle full of used thermal paper, leading to direct costs for the corporations.
You fools will spend the next decade getting this "cloud" bullshit put in place. Then around 2020 or so, you'll have had 10 years worth of problems. You'll then spend until 2030 trying to undo the mess. Sometime around 2040 you'll succeed, but by that time the current IT staff will have forgotten the problems that "cloud computing" caused between 2010 and 2020, and then by 2050 they'll be in the process of centralizing again...
Solving one problem whilst making another is the basis of capitalism!
Industry knows the situation you have illustrated, and hence why this US government policy has come up: it has been lobbied for by the very companies that stand to benefit from the modern mainframe.
But you can still commit data into/var/spool/exim4 in the form of an exim config file, and exim will run commands in that config file as root if exim is launched by root or debian-exim. Which is the case here.... isn't it?
If you can run any command on a remote system as root, then surely instead of simply elevating the privilege of an existing session, you do something else to 0wn the box? The root commands put in that config file could make a new user, give that new user root privileges, and allow them to ssh in. Probably much more easily noticed, but is still remote root.
sh./test.sh' doesn't allow you to do anything that you can't do from the shell itself
As far as I can tell, and know, that above does allow a program to be run that is otherwise on a noexec partition. bsDaemon suggested that putting the mail spool on a noexec partition would stop this attack, but I don't think it will. I do know that I know enough to get by on Linux, but I also know I do not understand all the ins and outs of the system, so am perfectly willing to accept I am wrong about noexec partitions. I just don't think I am....
Part of TFA:
after that attacker gets shell with id of user Debian-exim and cwd in/var/spool/exim4 then it put file there file setuid with trivial execution of root shell: int main(int argc, char *argv[]) { setuid(0); setgid(0); setgroups(0, NULL); execl("/bin/sh", "sh", NULL); }
and create another file e.conf with following content: spool_directory = ${run{/bin/chown root:root/var/spool/exim4/setuid}}${run{/bin/chmod 4755/var/spool/exim4/setuid}}
the he runs: exim -Ce.conf -q
and gets suid bit on/var/spool/exim4/setuid everything else is trivial.
So the file setuid is set to be executable as root via exim's feature of being able to run commands from its config file. At least, I think that is what is going on. As exim will need to open port 25 I guess the program sits on disk with the suid bit set, and once port 25 is opened it drops privileges to debian-exim. But it appears exim will also execute commands from a user specified config file, and it must be doing so before it drops its privs.
I happen to have a debian virtual machine here: lintorrent:~# ls -l `which exim4` -rwsr-xr-x 1 root root 695968 2008-09-30 19:27/usr/sbin/exim4
Exim is on disk with a suid of root.
From the exim manpage:
-C <filelist>
This option causes Exim to find the run time configuration file from the given list instead of from the list specified by the CONFIGURE_FILE compile-time setting.[snip]
When this option is used by a caller other than root or the Exim user, and the list is different from the compiled-in list, Exim gives up its root privilege immediately, and runs with the real and effective uid and gid set to those of the caller.
Ahhh, because the initial exploit gives the attacker a shell as debian-exim, exim won't give up root as quick as if exim -CDodgyConfigFile is run as any other local user (apart from root). The person publicising the attack is keeping some details with himself and the exim devs, so I don't know exactly how that initial shell that is mentioned is presented. Does the attacker telnet into the server, start talking in SMTP, then just gets a shell responding after sending right secret phrase?
The final piece of the attack, going to root, summed up by "and gets suid bit on/var/spool/exim4/setuid \ everything else is trivial" could have the extra sh dropped in just in front of/var/spool/exim4/setuid. I do know that most Linux distros will ignore an suid of root on a shell script, but what is written to the mail spool isn't a shell script. It looks like C (I'm no programmer), and I didn't know you could execute uncompiled code like that... and trying it here I can't get it to work. Though I think the really important bit is that Exim will execute as root commands in a config file if exim is run as root or as the exim user (debian-exim in this case).
Wasn't modem shotgunning really called PPP frame bonding or something?..... After a wikipede it looks like channel bonding or modem bonding is more appropriate.
IIRC Windows 98 supported it, and 95 didn't, though you needed an ISP that supported it too. No idea what the state of support was like in *nix back then - probably complete. NT4 always had more sophisticated dial up than 9x, so that could probably do it, and that means every NT since is able to.
Just had a mess about with a Windows 2000 VM, and that indeed does support the shotgunnage of modems. You simply add a tick next to the modem in a dial up networking networklet properties (yeah, I'm fucked if i can remember what the microsofties call those things). And playing about with the Windows settings, if your dial up server is SLIP rather than PPP, it doesn't seem to allow multilinking (what Windows seems to call modem shottying). If this is a limitation of SLIP or MS's implementation of a SLIP client, I don't know.
The mainstream computer companies are constantly banging on about how their products are easier to use, more user friendly, etc. than the competition. This is because the majority of the market (or the profitable bit) are essentially new computer users. Or are getting a computer of their own for the first time for recreational use, when they had generally only used computers in work/school for work/school stuff.
If the market was made up of experienced users, things wouldn't be sold as "easy to use", where easy to use is "possibly intuitive for those who don't get computer concepts, and will not RTFM". Cars (yeah, ignore the.sig) aren't sold as easy to use because the market for cars is made up of people who have to demonstrate they can work a car, and hence understand what features a car will and won't have, where they will probably be, and which ones to use and when. Car buyers don't need the steering wheel to be huge and green, they don't need a wizard to wind the windows down.
It wouldn't surprise me to find out that, world wide, every year there are more new users to the internet than the previous year. This means there's lots of new users who don't know how spam works, who don't know how affiliates work, who don't know how banner ads work, who don't know how Google works, who don't know about shit like those text advert links inserted into articles, etc.. These new users possibly will not think that v14gr4 is purposefully written like that, and might even think something like computer messages can suffer interference like a radio signal can.
New users also aren't used to the fonts. Slashdotters can no doubt tell the difference between l 1 I | and o O 0, and can identify the characters correctly when they aren't alongside the ones they could be confused with, but new users? No chance. v14gra might not look that odd to a new user, and so they don't spot it as suspect. You also can't buy viagra off the shelf (or at least, I don't think you can), so when presented with it human interest does kick in for some individuals.
I do sound like I am blaming new users, but I have been using the internet long enough to have seen new users come to the internet and wise up many times. Sometimes they barely wise up, sometimes they wise up very quick, but generally they stand to be manipulated the most when new to the web. There are people though who know they are limited, and so take things extra cautiously, though they are a fucking rare breed.
New users aren't necessarily used to the concepts that computers can produce copies for virtually no effort. Whilst there is a very clear cost to spam put through your front door, there isn't with email or other forms of spam, so even if the person has thought about the economics of advertising IRL, they might not get it right when it comes to computers. And so the spam could seem more legitimate than it is (not that I see any adverts as legitimate - they exist to manipulate your decision making processes, and I do not want that done to me. So I reject all advertising, everywhere).
Anyway, the answer? Education. And proper education, not asking MS what people should be learning. And not mandated computer science for all (though it should be available, if people want it). I dunno exactly what people need, but IME if some people had some basic knowledge of concepts like files and directories, programs and data, they would find using computers much less frustrating. I feel many proprietary products (and free ones that have copied paradigms) purposefully obscure what is going on so that the user becomes dependent on the proprietary product to do a job. The user can't learn what is going on, and if they did, they might change to a different product to do the same job. And that's bad for business.
It's not just the flying glass: the heat from a larger nuke will vaporize flesh, but cardboard or whte clothing is a good defense (brief exposure to an amazingly high temperature radiant source). Duck and cover protects completely against that, and for a big nuke you'd have a second or two between the visible flash and the infrared flash.
Really? IR from a nuclear blast doesn't travel at c, whereas the visible light does? Does this make the UV faster than c, and the gamma radiation arrive before the bomb has even been dropped?
Your declaration of "fact" that doesn't correspond to physics seems to substantiate other comments in this discussion that drills like duck and cover were propaganda to make nuclear war more palatable by the general public.
When a government starts to listen to its people about nuclear weapons, and hasn't and isn't trying to convince the people that the weapons are necessary, the weapons tend to go away. cf South Africa, post apartheid.
Do you really think that Generals were sitting around figuring out how to kill civilians? Or do you maybe think they were trying to figure out how to destroy Japan's capability to produce more planes and tanks? Which seems more likely to you?
It must be nice to only be able to see the world in black or white, where complex situations are either one thing, or one other.
Such a flawless logic system wouldn't ever open you up to being manipulated into supporting certain things that might not actually be in your or your peers' interests, either. Oh no.
There's a phrase that one should never stoop to the level of an idiot, because they will go on to beat you with experience. So I am going to try and resist saying something about wishing the foreign civilians that you and your family are to most of the world are killed by not your government or military. You wouldn't be concerned of course, because it is moral and justified.
Or is it that as long as it isn't your tribe being hurt, it is moral and justified?
Attacking civilians is not justifiable. And once you do justify it to yourself, it is easy to just declare a section of your society some kind of non-citizen and wage a war on them. I wonder if you can think of any events in history that might correspond with the kind of thing you are advocating?
Me: "Sure, and enjoy the free extra I added in regoniztion of the quality software you shovelled on me."
Anyone knows if the McD at Redmond is hiring?
The jingle from the CrackDonalds adverts that goes "du du du da da, I'm lovin' it" also fits perfectly with "du du du da da, There's cum in it". And is probably much more descriptive.
Hell, a mate of mine swears a local SmackDonalds was closed down after Trading Standards found semen in food from the place (allegedly 7 different peoples'). I have tried to track the story down, but there doesn't seem to have been anything in the press about it, so I count it as an urban legend.
But I bet there are rumours like that about WhackDonalds all over the world! And lets be honest, WankDonalds is hardly the kind of place where employees are likely to have job satisfaction, and so someone ejaculating into a FuckMuffin is more than plausible.
If that puts civilians at risk, then the obvious solution is to not bomb. But I guess that isn't a possibility for warmonger-apologists like you?
The only reason putting civilians in the way is an effective strategy for some groups is because imperialists still proceed to drop bombs or otherwise open fire when there are civilians in the way!
Apart from the real biggie - everywhere but Parliament Square. And on the pavement on the same side of the road as that weapons manufacturer in Brighton. And anywhere else where organisations have taken out injunctions against people who's opinions stand in the way of their profits or agenda.
Our pigs these days appear to like to practice kettling - the boxing in of protests and then moving them out the way. The principle is pretty much the same as free speech zones[1], and both methods are probably effective, from the bourgeois' point of view.
Protesters need to come up with some methods of defeating kettling. Perhaps sitting down where they are as soon as kettling begins, so the police have to use force if they want people to move? Perhaps protests should be smaller, but lots of them. Ketting works because the pigs box in the whole protest, so will not work if the protesters surround the police, or the police can't surround the protesters.
Many small protests would be hard to manage, but if a small protest starts getting kettled, other protests can move towards the first, hopefully breaking the police lines. Protests would need some excellent coordinating, because the reason the kettling works now is due to the police's organisation and coordination. Perhaps protesters need some police spotters about the place, updating an on line resource so protesters can keep track of the police? Just don't host that resource behind a.uk! (Whew, got the rant back on topic!).
And a side business can be run selling rings, bracelets, and watches! The operation funds itself, perfect policy for politicians who want to be seen doing something.
Slashdot Mirror
Well, I've been looking for an excuse to stop using slashdot.... it's the same bullshit over and over, and the few gems that do crop up have gotten so rare that trawling through the shit spewed by consumer-capitalist apologists is just too much.
I do not use javascript, and will not spend any effort on making this site work without it. I discovered with D2 that if you have D2 on in you prefs, set the threshold to -1, and use /. without JS enabled in the browser, you get a better experience than D1 in one way - all the comments load on 1 page. But without JS you couldn't mod, nor look at mod histories, without opening the comment in another tab and allowing JS temporarily.
What I got on the /. homepage just was a huge white position:fixed box thing floating over the content, blocking most of it. Presumably that box is hidden when JS is on, but I am not going to fight with another site that is trying to be a "web application" just for.... fuck knows why. Bandwagon jumping, I'd say. Perhaps /. think they can get 500mill out of Goldman too, if only they appeared "trendier"?
I've got 1 mod point, I'm gonna go mod taco a troll or something, and that's it.
Maybe their admin password was 'password'
It was worse than that.... it looks like up until very recently they could well have had their site on a Windows 2000 machine. 2000 was the best version of Windows that MS ever made, but it still had some chronic shortcomings that make it totally unsuitable for most internet-facing tasks.
http://toolbar.netcraft.com/site_report?url=http://www.lush.co.uk
Of course it is all too easy to just flame Windows, but even (especially) the MS fans will agree that using IIS5 in at least 2007 is not a clever thing to have been doing.
But lets be honest, the way that site is slinging about the word "hacker" it is clear they do not have any kind of top-notch IT... or even any clue about computers - they probably accepted what the industry told them as 100% truths, and then think that somehow some person is doing fucking magic or something to get into their server. Considering how keen they seem to be to shirk responsibility for the break ins (their list of suspect beliefs, for example), they truly do not recognise their own ignorance. The BBC miss the point too, and just go along with the hacker rhetoric as well.
Having my TV join a botnet still doesn't sound like that much of a crisis.
Right up until it is used as a proxy to download child porn, and all of a sudden you are having to explain why your IP has accessed CP to law enforcement, family, friends, the media.....
Yeah, I know CP is one of those bogey men used to persuade people to see danger from unlikely events, but an accusation of CP can be enough to ruin lives. If you can avoid it, it's probably for the best.
Also, if your TV is in a botnet then it might be inside your firewall, if you use a straight forward NAT router. The TV could be used to attack other computers on your LAN which may contain more important data.
0 comments on this piece of PR bullshit? What a surprise, the PR is leading to censorship!
All I can say is fuck off Intel, I will not be buying your products again. I do not pay for anything if it contains any form of anti-feature, no matter how appealing the features might be. When your hardware contains features that hand control of my property to a third party, that feature suddenly becomes an anti-feature. That third party will use their control ability to interfere with what I might want to do with my property, and just because some IP laws say that I am not allowed to copy some data, I will still do so if I want.
The internet exists, and computers exist. So when the market offers copies of data at n currency units (eg a DVD movie for 15UKP), but a person can make their own copy of the data at n x 10^-5 or -6, it is obvious what will happen. Industry reacts by name calling (pirates) and law-buying, and when that fails they send their slush-funds to other corrupt corporations to make their products shittier.
I'm kinda glad I moved away from Windows after XP (I have used fista once, and only a release candidate of 7), so as I use Linux moving away from intel compatibles will be easier than changing CPU architecture and OS - I know how to use the OS, so moving to ARM, Sparc, PPC, etc. is a possibility. Though in the mean time AMD will sell me a chip without anti-features.
Shit, even your boyfriend Microsoft is looking at ARM processors. I guess with the Wintel duopoly drifting towards the rocks you are looking for other sources of money without offering what the customer might actually want. So you've got into bed with Hollywood. I hope you catch something!
I had the misfortune of being at the end of a BT line for the past 10 days, and noticed throttling of torrents, at least, at some times of the day.
I had been torrenting on a Zen line and had been maxing out the line all day with the stuff I was downloading. When I tried to finish a torrent off on the BT (business grade) connection it would only go to a maximum of about 25k/sec. Fired up some other torrents, and whilst trying to figure out what was going on, the maximum overall for multiple torrents seemed to move to 35k/sec.
I SSH'd into a box on the Zen line, and had a look at a torrent there. It was maxing out the line, so I started the same torrent on my laptop from this BT line..... 35k/second. The line was capable of downloads otherwise of 90k/sec. So from my data point of 1, they were definitely throttling. As time went on, the torrent throttling appeared to go away, and by the late evening the torrents were maxing out the BT line too. Remember, business grade. Isn't the contention ratio 20:1 on that, but 50:1 on consumer services (like the Zen line I mentioned)? So it utterly reeked of them interfering, rather than just the intentionally shit set up getting in the way. Things are intentionally shit to try and protect the profits from guaranteed service services - proper leased lines.
The BT Business hub thing is a piece of shit too. The wireless range is a joke (totally unsuitable for all but the smallest of offices), the shitty BT/2wire router controls 3 networks (BTFusionnnn, BTBusinessnnn, BTOpenworld) - meaning the WLAN you want to use is noisy. There doesn't appear to be a way to upgrade the aerial either, which can be enough to cheaply solve some WLAN issues. BT are clearly providing limited kit knowing that people will have problems and will have to upgrade. I bet BT want a piece of that upgrade market - and considering the people who have BT as their ISP tend to do so because they know no better, BT know that when the clueless do have to upgrade they will come back to BT. The clueless do not recognise their cluelessness, so think they have made good decisions about who to do business with, so do not think twice (once would be a fucking novelty!) about dealing with BT again. In fact, if they went elsewhere, perhaps they had made a poor decision first time 'round? Many or most people don't want to face buyers' remorse, and some will actively try and avoid it by not thinking, so will dogmatically stick with their past decisions.
Packet loss over the shitty wireless or sub-par BT internet service through this POS business hub meant I had problems getting downloads to work from the BBC iplayer too. I use get_iplayer and the banned version of rtmpdump rather than whatever proprietary nonsense the BBC are telling you you need, and the packet loss was upsetting rtmpdump.
Anyway, after that fucking rant, fuck BT. Even though they have been broken up they clearly still are practising the same bullshit they always have. No doubt the shareholders of all the various bits of BT overlap quite considerably, so it is no surprise they still seem to act as one business.
That's because police are authority figures, and American conservatives are a bunch of fucking bedwetters who just can't get enough of that daddy-knows-best attitude -- even it means turning this country into a totalitarian hellhole.
Read this. Skip to page 20 to see what these folks think of the police.
"When fascism comes to America it will be wrapped in the flag and carrying the cross." -- Sinclair Lewis
I was going to reply to PopeRatzo with a link to the WP article about that book's very topic, right-wing authoritarianism, but you kinda beat me to it. I don't have any mod points, but I can do better anyway by quoting you at +2
/me dons my internet-psychologist's trousers:
Some of the replies in this discussion are clearly from people who are RWAs.
Why do Sun readers have black penises?
Because the print comes off on their hands.
- Jasper Carrott
I've said this before, but I'm going to repeat it:
If you are on an ISP that censors, because they inject fake 404s you cannot be sure what is a real 404 and what isn't. So if you see any 404s, call them up and get them to confirm if it is their system or if it is the actual server. And if enough people did this, the censorship would go away...... until they come up with another method, that doesn't open them up to costs. But if they do that, I'm sure we can figure something else out.
You forgot to mention that customer services will be a call you have to pay for. They will have worked it out such that implementing the censorship and turning it off for some will turn a profit - you will be giving them that profit when you jump through the hoops they want you to.
Recently t-mobile spammed my phone with some new fucking feature that I don't want - they will send you a text if someone phones you and you don't answer. Well, fuck that! The phone already says if there is a missed call, I don't need to be told twice. I also know how shit their network is, and I don't need to be kept up to date as to how shit it is.
To turn off this unasked for feature I was meant to call up (and pay) or text them (and pay). Yeah, it's a few pence, but it is the principle that I object to. So I found their corporate fax number, and rang some numbers similar to it. I ended up getting straight through to someone who was able to turn off the feature I didn't want. The thing is, I didn't get through to just some call centre peon, I wasted the time of someone better paid within t-mobile, and explained to someone who might actually be willing to understand why I was trying to waste their time and money - because I don't like having my time and money wasted with features that are only there to try and encourage the user to use their phone more.
Fox can generally be distinguished from its good twin Fax by noting that Fox has a goatee and, when speaking, tries to imply that Obama wants to enslave white people.
I though the difference was that fax sound like an unpleasant screeching noise, and fox sounds worse?
And whilst you say that, there will still be the odd fax machine about. Perhaps in some director's office who doesn't want to have to use the new system - and can pull rank to be able to not have to use it. Perhaps a legal department sometimes faxes confidential communication, and the simplest way to keep it secured is to have a simple fax machine, that doesn't have any ability to keep copies etc., in a locked room. Smaller regional offices are more likely to be stuck with older kit - I have worked for a couple of corps where the sites that executives frequently used had all the best facilities and newest (and shiniest) kit, and the rest would only get new stuff when the old stuff broke and caused a big problem. Those more minor regional offices are much more likely to have DOS-able faxes.
Anonymous - dig out those war diallers and find the hidden faxes in the corporate telephone number blocks. The publicised fax numbers will have to be handling fax-spam, and that might be useful for the corporation to be able to ignore these attacks. The targeting of non-public faxes is much more likely to lead to a cubicle full of used thermal paper, leading to direct costs for the corporations.
You fools will spend the next decade getting this "cloud" bullshit put in place. Then around 2020 or so, you'll have had 10 years worth of problems. You'll then spend until 2030 trying to undo the mess. Sometime around 2040 you'll succeed, but by that time the current IT staff will have forgotten the problems that "cloud computing" caused between 2010 and 2020, and then by 2050 they'll be in the process of centralizing again...
Solving one problem whilst making another is the basis of capitalism!
Industry knows the situation you have illustrated, and hence why this US government policy has come up: it has been lobbied for by the very companies that stand to benefit from the modern mainframe.
d'oh! Shit, missed that :)
But you can still commit data into /var/spool/exim4 in the form of an exim config file, and exim will run commands in that config file as root if exim is launched by root or debian-exim. Which is the case here.... isn't it?
If you can run any command on a remote system as root, then surely instead of simply elevating the privilege of an existing session, you do something else to 0wn the box? The root commands put in that config file could make a new user, give that new user root privileges, and allow them to ssh in. Probably much more easily noticed, but is still remote root.
sh ./test.sh' doesn't allow you to do anything that you can't do from the shell itself
As far as I can tell, and know, that above does allow a program to be run that is otherwise on a noexec partition. bsDaemon suggested that putting the mail spool on a noexec partition would stop this attack, but I don't think it will. I do know that I know enough to get by on Linux, but I also know I do not understand all the ins and outs of the system, so am perfectly willing to accept I am wrong about noexec partitions. I just don't think I am....
Part of TFA:
after that attacker gets shell with id of user Debian-exim and cwd /var/spool/exim4
in
then it put file there file setuid with trivial execution of root shell:
int main(int argc, char *argv[])
{
setuid(0);
setgid(0);
setgroups(0, NULL);
execl("/bin/sh", "sh", NULL);
}
and create another file e.conf with following content: /var/spool/exim4/setuid}}${run{/bin/chmod 4755 /var/spool/exim4/setuid}}
spool_directory = ${run{/bin/chown
root:root
the he runs:
exim -Ce.conf -q
and gets suid bit on /var/spool/exim4/setuid
everything else is trivial.
So the file setuid is set to be executable as root via exim's feature of being able to run commands from its config file. At least, I think that is what is going on. As exim will need to open port 25 I guess the program sits on disk with the suid bit set, and once port 25 is opened it drops privileges to debian-exim. But it appears exim will also execute commands from a user specified config file, and it must be doing so before it drops its privs.
I happen to have a debian virtual machine here: /usr/sbin/exim4
lintorrent:~# ls -l `which exim4`
-rwsr-xr-x 1 root root 695968 2008-09-30 19:27
Exim is on disk with a suid of root.
From the exim manpage:
-C <filelist>
This option causes Exim to find the run time configuration file from the given list instead of from the list specified by the CONFIGURE_FILE compile-time setting.[snip]
When this option is used by a caller other than root or the Exim user, and the list is different from the compiled-in list, Exim gives up its root privilege immediately, and runs with the real and effective uid and gid set to those of the caller.
Ahhh, because the initial exploit gives the attacker a shell as debian-exim, exim won't give up root as quick as if exim -CDodgyConfigFile is run as any other local user (apart from root). The person publicising the attack is keeping some details with himself and the exim devs, so I don't know exactly how that initial shell that is mentioned is presented. Does the attacker telnet into the server, start talking in SMTP, then just gets a shell responding after sending right secret phrase?
The final piece of the attack, going to root, summed up by "and gets suid bit on /var/spool/exim4/setuid \ /var/spool/exim4/setuid. I do know that most Linux distros will ignore an suid of root on a shell script, but what is written to the mail spool isn't a shell script. It looks like C (I'm no programmer), and I didn't know you could execute uncompiled code like that... and trying it here I can't get it to work. Though I think the really important bit is that Exim will execute as root commands in a config file if exim is run as root or as the exim user (debian-exim in this case).
everything else is trivial" could have the extra sh dropped in just in front of
noexec ain't bulletproof:
root@bender:/mnt# mount -o noexec,size=10M,nr_inodes=100 -t tmpfs tmpfs ./tmp/ ./ ../ ./test.sh ./test.sh: Permission denied ./test.sh
root@bender:/mnt# cd tmp
root@bender:/mnt/tmp# echo echo blah > test.sh
root@bender:/mnt/tmp# chmod +x test.sh
root@bender:/mnt/tmp# l
total 12K
drwxrwxrwt 2 root root 80 2010-12-10 17:33
drwxr-xr-x 13 root root 4.0K 2009-01-23 04:07
-rwxr-xr-x 1 root root 10 2010-12-10 17:33 test.sh*
root@bender:/mnt/tmp#
-su:
root@bender:/mnt/tmp# sh
blah
And if I have understood this exploit, that extra sh could still be added.
Wasn't modem shotgunning really called PPP frame bonding or something?..... After a wikipede it looks like channel bonding or modem bonding is more appropriate.
IIRC Windows 98 supported it, and 95 didn't, though you needed an ISP that supported it too. No idea what the state of support was like in *nix back then - probably complete. NT4 always had more sophisticated dial up than 9x, so that could probably do it, and that means every NT since is able to.
Just had a mess about with a Windows 2000 VM, and that indeed does support the shotgunnage of modems. You simply add a tick next to the modem in a dial up networking networklet properties (yeah, I'm fucked if i can remember what the microsofties call those things). And playing about with the Windows settings, if your dial up server is SLIP rather than PPP, it doesn't seem to allow multilinking (what Windows seems to call modem shottying). If this is a limitation of SLIP or MS's implementation of a SLIP client, I don't know.
<blink> was always criminal, but I seem to remember <marquee> being the choice of the truly tasteless webmaster.
The mainstream computer companies are constantly banging on about how their products are easier to use, more user friendly, etc. than the competition. This is because the majority of the market (or the profitable bit) are essentially new computer users. Or are getting a computer of their own for the first time for recreational use, when they had generally only used computers in work/school for work/school stuff.
If the market was made up of experienced users, things wouldn't be sold as "easy to use", where easy to use is "possibly intuitive for those who don't get computer concepts, and will not RTFM". Cars (yeah, ignore the .sig) aren't sold as easy to use because the market for cars is made up of people who have to demonstrate they can work a car, and hence understand what features a car will and won't have, where they will probably be, and which ones to use and when. Car buyers don't need the steering wheel to be huge and green, they don't need a wizard to wind the windows down.
It wouldn't surprise me to find out that, world wide, every year there are more new users to the internet than the previous year. This means there's lots of new users who don't know how spam works, who don't know how affiliates work, who don't know how banner ads work, who don't know how Google works, who don't know about shit like those text advert links inserted into articles, etc.. These new users possibly will not think that v14gr4 is purposefully written like that, and might even think something like computer messages can suffer interference like a radio signal can.
New users also aren't used to the fonts. Slashdotters can no doubt tell the difference between l 1 I | and o O 0, and can identify the characters correctly when they aren't alongside the ones they could be confused with, but new users? No chance. v14gra might not look that odd to a new user, and so they don't spot it as suspect. You also can't buy viagra off the shelf (or at least, I don't think you can), so when presented with it human interest does kick in for some individuals.
I do sound like I am blaming new users, but I have been using the internet long enough to have seen new users come to the internet and wise up many times. Sometimes they barely wise up, sometimes they wise up very quick, but generally they stand to be manipulated the most when new to the web. There are people though who know they are limited, and so take things extra cautiously, though they are a fucking rare breed.
New users aren't necessarily used to the concepts that computers can produce copies for virtually no effort. Whilst there is a very clear cost to spam put through your front door, there isn't with email or other forms of spam, so even if the person has thought about the economics of advertising IRL, they might not get it right when it comes to computers. And so the spam could seem more legitimate than it is (not that I see any adverts as legitimate - they exist to manipulate your decision making processes, and I do not want that done to me. So I reject all advertising, everywhere).
Anyway, the answer? Education. And proper education, not asking MS what people should be learning. And not mandated computer science for all (though it should be available, if people want it). I dunno exactly what people need, but IME if some people had some basic knowledge of concepts like files and directories, programs and data, they would find using computers much less frustrating. I feel many proprietary products (and free ones that have copied paradigms) purposefully obscure what is going on so that the user becomes dependent on the proprietary product to do a job. The user can't learn what is going on, and if they did, they might change to a different product to do the same job. And that's bad for business.
It's not just the flying glass: the heat from a larger nuke will vaporize flesh, but cardboard or whte clothing is a good defense (brief exposure to an amazingly high temperature radiant source). Duck and cover protects completely against that, and for a big nuke you'd have a second or two between the visible flash and the infrared flash.
Really? IR from a nuclear blast doesn't travel at c, whereas the visible light does? Does this make the UV faster than c, and the gamma radiation arrive before the bomb has even been dropped?
Your declaration of "fact" that doesn't correspond to physics seems to substantiate other comments in this discussion that drills like duck and cover were propaganda to make nuclear war more palatable by the general public.
When a government starts to listen to its people about nuclear weapons, and hasn't and isn't trying to convince the people that the weapons are necessary, the weapons tend to go away. cf South Africa, post apartheid.
Do you really think that Generals were sitting around figuring out how to kill civilians? Or do you maybe think they were trying to figure out how to destroy Japan's capability to produce more planes and tanks? Which seems more likely to you?
It must be nice to only be able to see the world in black or white, where complex situations are either one thing, or one other.
Such a flawless logic system wouldn't ever open you up to being manipulated into supporting certain things that might not actually be in your or your peers' interests, either. Oh no.
There's a phrase that one should never stoop to the level of an idiot, because they will go on to beat you with experience. So I am going to try and resist saying something about wishing the foreign civilians that you and your family are to most of the world are killed by not your government or military. You wouldn't be concerned of course, because it is moral and justified.
Or is it that as long as it isn't your tribe being hurt, it is moral and justified?
Attacking civilians is not justifiable. And once you do justify it to yourself, it is easy to just declare a section of your society some kind of non-citizen and wage a war on them. I wonder if you can think of any events in history that might correspond with the kind of thing you are advocating?
I would love to serve one of the execs.
Bill Gates: "One milk shake please"
Me: *FAP FAP FAP*. *HATCHOO*. *SPIT*.
Me: "Sure, and enjoy the free extra I added in regoniztion of the quality software you shovelled on me."
Anyone knows if the McD at Redmond is hiring?
The jingle from the CrackDonalds adverts that goes "du du du da da, I'm lovin' it" also fits perfectly with "du du du da da, There's cum in it". And is probably much more descriptive.
Hell, a mate of mine swears a local SmackDonalds was closed down after Trading Standards found semen in food from the place (allegedly 7 different peoples'). I have tried to track the story down, but there doesn't seem to have been anything in the press about it, so I count it as an urban legend.
But I bet there are rumours like that about WhackDonalds all over the world! And lets be honest, WankDonalds is hardly the kind of place where employees are likely to have job satisfaction, and so someone ejaculating into a FuckMuffin is more than plausible.
If that puts civilians at risk, then the obvious solution is to not bomb. But I guess that isn't a possibility for warmonger-apologists like you?
The only reason putting civilians in the way is an effective strategy for some groups is because imperialists still proceed to drop bombs or otherwise open fire when there are civilians in the way!
Yeah, no free speech zones in the UK.
Apart from the real biggie - everywhere but Parliament Square. And on the pavement on the same side of the road as that weapons manufacturer in Brighton. And anywhere else where organisations have taken out injunctions against people who's opinions stand in the way of their profits or agenda.
Our pigs these days appear to like to practice kettling - the boxing in of protests and then moving them out the way. The principle is pretty much the same as free speech zones[1], and both methods are probably effective, from the bourgeois' point of view.
Protesters need to come up with some methods of defeating kettling. Perhaps sitting down where they are as soon as kettling begins, so the police have to use force if they want people to move? Perhaps protests should be smaller, but lots of them. Ketting works because the pigs box in the whole protest, so will not work if the protesters surround the police, or the police can't surround the protesters.
Many small protests would be hard to manage, but if a small protest starts getting kettled, other protests can move towards the first, hopefully breaking the police lines. Protests would need some excellent coordinating, because the reason the kettling works now is due to the police's organisation and coordination. Perhaps protesters need some police spotters about the place, updating an on line resource so protesters can keep track of the police? Just don't host that resource behind a .uk! (Whew, got the rant back on topic!).
[1] Such a stunningly Orwellian name!
And a side business can be run selling rings, bracelets, and watches! The operation funds itself, perfect policy for politicians who want to be seen doing something.