Bare minimum is dd if=/dev/zero of=/dev/sdX before any drive is put into use while monitoring with smartctl followed by a file system and large file (50% of drive size) read and hashing.
Same thing with RAM, who doesn't stress test it with memtest before using it?
Recently I purchased a bunch of WD Red drives and all six failed within 37 hours of first spin up. Dead Red's with a 37 hours MTBF.
I logged in for the first time in several years to reply to this. I completely agree and this is the enthusiasm that we need to keep. I was a late adopter of the new handheld computers because I loved my simple candybar style unbreakable phone that always worked.
Sometimes I miss the tactile sensations of dialing a number on a rotary or the push buttons of an old Bell Labs and instead I now say "Call [Blah]" instead of looking it up in a phone book and feeling the paper.
But, we're living in the future now and that is awesome. Hold on to the past but embrace the future otherwise you'll be left behind.
All of this is fine and dandy, but they still don't tell us what the coordinates of Earth are. What good will this do us if we are abducted and need to get home?
As a commenter on Technology Review said, isn't this the same concept as NASA put on Pioneer F?
From the video, seven more opinions on what Internet meant in 1995
Stein in Oslo
There are no borders on the internet colour, age and nationality don't matter
Andrea in Washington, D.C.
It frees me to be me - not someone inconveniencing others with my needs as a deaf person.
Richard Summer in England
I can indulge my deep and abiding passion for all things Thai.
Heidi in Toronto
It has more soul than any human being I know!
Mark in Pennsylvania
The net is helping the University of Asmara in Eritrea with books on everything.
Herardo in Mexico,
It's a window to the world
Marcus in Mylan
Internet is: Liberty, friends all over the world, fun, information, anonymity, part of our every-day life and much, much more... and the cost of Internet, $200 per year in 1995
I understand your argument about any obfuscation being unacceptable, however your issues are addressed within the design. I recommend you take a look: http://www.openvotingconsortium.org/our_solution
Perhaps go through a quick sample ballot, check for yourself.
From TFWS:
In the polling place there will be a station with a scanner where you can have the barcode scanned while you're wearing headphones so you can hear your selections read to you. The ballot does not have to be removed from the folder; your privacy is assured. Then you go to the ballot box for depositing of your ballot.
Open Voting System Explained What is the Open Voting system?
The Open Voting system is very much like a traditional system in which the voter enters the voting place, marks his or her choices onto a paper ballot, and inserts the ballot into a ballot box except the voter marks the ballot using a computerized voting station rather than a pencil or colored marker. The Open Voting system preserves the paper ballot. However, which is printed in plain text that the voter can read. Voters have the opportunity to inspect the ballot to ensure that it properly reflects their choices. Poll workers then scan the ballot to count your votes and deposit it into a secure ballot box. The Open Voting system ballots contain a bar code in addition to the plain text. This bar code provides a system of accountability for recounts and prevents voters from voting more than once, although it provides confidentiality for the voter. Open Voting systems can be engineered to accommodate the special needs of those who who have physical impairments and can be operated with touch-screen features and provides audio playback for sight impaired.
Re:Big Brother and the iTunes Company
on
iTunes is Malware?
·
· Score: 1
... burn karma burn....
In order to keep this on topic, lets compare iTunes privacy risk and Grocery Store's recouping costs through data storage, I'll get to the ignorance of the parent here momentarilly.
Club cards serve one purpose, to gather data to improve the profitability of the grocery store, either through data mining or sale of information.
iTunes privacy risk apparently concerned someone to the point of comparing it to malware. Any presumption that iTunes was not gathering information was naive. Apple unfortunately has joined the ranks of the other evil corporations (will I get modded down for that comment?) and one day we will all have to realize that the purpose of a corporation is to benefit its shareholders.
Now back to club cards. Every purchase is tracked and mined and then sold as a part of on going market analysis. The discounts are usually on over stocked goods that need to be sold, and your personal information is only easier to send junk mail to as you are a customer and have a pre-existing relationship. Otherwise they would just go through the phone book or purchase from mass marketing lists.
Barcode vs. Magnetic Stripe *RING RING* Neither should be innocuous! A number is a number is a number... the next item you may want to be woried about is RFID tags, but... you never see them... so they don't matter right? *WAKE UP* Employees not using their club card? The smart ones lift one from the massive piles of them and use it. Do you really think that you cannot connect a "bar code" to a checking account? They all go back to a database where the data is processed.
Fracking disinformation goons...
To reiterate what the AC (Score: 0) said: ---
As far as tracking sales with the club card. For instance, the safeway cards that do not have magnetic stripes but rather just a barcode, that barcode does not hold a lot of information.
Ever hear of a database? They don't need to store the information on the card. All it needs is a unique number which (lo and behold) a barcode supplies. --... put out karma fire...
No, the subject of this email is not intended to piss people off. Very simply, there have been numerous discussions recently about the comparison to Germany in 1925 and how the USA is progressing. As someone who loves what this country was founded on and was, as to what it has become. The comparison initially disgusted me.
I'd love to get some Germans in on this comment, the comments I've heard sound mostly like
"That's just how it began in Germany" in reference to the PATRIOT Act, the Iraq war, and now this abomination.
"Currently no RFID tag is thin enough to meet this requirement [1/8 inch]"
WRONG.
Do some research before you make such comments. Yes - they have been able to make RFID tags thin enough to be printed, cost effective too.
BTW -- since I couldn't remember the name of the company that made these products, a google/teoma search for "RFID Paper" found the cites. Took 30 seconds.
So I just have to ask, what exemptions are going to be made? Now - or in the future? Don't most law enforcement vehicles have laptops in the front, permanently mounted? How about commercial vehicles? Delivery vehicles?
As I've read through this article, I've seen many references to cold calling, I'm amazed with all of the fuss that/.'ers and other's have made about the DO NOT CALL list...
How have people delt with the FCC's DO NOT CALL list? How does that work into people's cold calls, the costs, etc?
We all know that SCO is on it's way out, or at least we pray they are, so why don't we give the companies that are using SCO products - a solution. A migration method/spec and the software to make that migration to Linux as easy and painless as possible?
In the views of SCO, this is the worst thing that could happen, companies know that SCO is on their way out and they don't want to support SCO anymore - but in many ways, are forced to.
Sorry to give more credit to a short post, however I had supported the ACLU here about 10 years ago, and decided to donate and become a "Card Carrying Member" once again.
Well, when I donated, I specifically stated in my original donation, and on the forms, and sent an email to them, and then called - stating that my privacy was very important and that I do -not- want them to release it to anyone, for any reason, especially marketting. I used the words "Opt-Out" and about everything else possible to get the point across...
Well, when I signed up, the address I gave them I put in "C/O ACLU" just in case...
Guess where my junk mail now comes? All of it is "C/O ACLU", I called up, emailed, bitched up a storm - they still haven't removed me...
So much for honoring Opt-Out requests... My next step is to send a Cease and Decist Order...
I've been waiting for this thread for quite a while, I believe "back in the day" I wrote about an experience I had on a jobs mailing list. Which compared my three most hated people in the world: Used Car Salesmen, Lawyers, and Recruiters. At that time, I was extensively using an email address which I had managed to keep away from spam - after that email Mr. Marshall Thurman decided he would act on behalf of all of his friends and add me to hundreds of mailing lists, junk mail, send threats, etc.
That was the turning point for me no longer using any sort of recruiter, in addition to getting tired of filling out the same (non-standardized) forms which ask for everything except your mothers-mothers-fathers-mothers-maiden name.
I reverted to old-school/proven methods of job hunting, drive around, bus around, bike around, walk around - and put in applications, attach a copy of my resume and pray someone gets back to me. Then, a week later, I make the dreaded "Have you looked at my application yet?" phone call... "We'll keep your application on file for six months" (yah, in the circular bin!), "I'm sorry, you're not quite the candidate we're looking for", "I'm sorry, I don't know why you would want to work here with your extensive experience", "No sir, we're not looking for management right now"
Since that time, I have begun extensive networking. Something that I know many people are lacking in knowledge or ability to do, the "upper %10" do extensive networking, hear about all those "preppy parties"? They are networking. Joke about people who always go out for drinks after a meeting/seminar? They are networking.
Since I am neither in the upper %10, nor do I go to a lot of meetings and seminars, I came up with my own project which I have gotten GREAT support for, one-on-one networking. People decided to use the same concept for finding-a-date, I use it for meeting people and expanding my networking groups. Think of it as the REAL WORLD version of Friendster. Sit down with people for 30 seconds, exchange cards, talk about what you do, and then move on to another person, come back to talk to the other ones if you're really interested in their services.
No more uncomfortable first introductions to mechanics, CPAs, IT professionals, lawyers, that cute girl, and small-business owners. Best of all - meet these people in a one-on-one environment with other people. Uncomfortable in large groups? Don't really care about meeting people, just want to get your name out? Or do you have a GREAT idea that will change the world but don't know where to start? That's why I'm changing things...
Right now, I'm starting to take this networking project online, check out itys.net for more information.
(Pardon me starting an new thread, I didn't see anyone who came close to these comments)
It's been said before, so I'll say it again - "If you do not learn from the past, you are doomed to repeat it"
That is the whole purpose of higher education, establishing a baseline for what others have learned through out the years, with the hope that you will be able to apply it. I know very successful people that do -not- have a BS (Bull Shit) or a PhD (Piled Higher and Deeper) and are -very- successful.
Do you -really- need to know how to write a compiler in order to program? (CS reference) No. Does it help you debug? Yes. Do you need to know the chemical compound of a resister? No. Does that complete area of knowledge help you figure out what each colored line means? Not likely:)
As a side note, I've been in the INFOSEC Industry for 10 years, slowly starting my own practice (PI) with investigations while going to school (Law/Health/Business) and will go on to Norwich for their Masters in CyberEthics after struggling for the Bar. Am I doing this because I want a Doctoret or a PhD? No, I'm doing it because there is a lot that needs to be learned. Do I want to necessarilly be a PI? No, but it helps me learn things that I wouldn't learn in school.
Bmilter - Filter program for use with Sendmail July 5th, 2002
Bmilter is written in C and uses the Sendmail Milter library. Bmilter is intended to be the most capable mail filter for sendmail in existence. Every means I can find that is an effective and sensible method for filtering spam will get plugged into Bmilter. There will be some exceptions naturally...I don't intend to support any perl type of plugin or scripting and I don't intend to weigh down the process in a CPU intensive heuristics or genetic anomaly detection routine.
Until Bmilter reaches a stable production quality with message archiving, Bmilter will remain an advisory filter only. This means that Bmilter will NOT do any actual rejecting or dropping of mails. You may use your email client's built in filtering tools or if you have the option, using procmail. Bmilter inserts headers starting with X-Bmilter. Bmilter will insert a header stating the messages was fully processed by all filter methods only if the message has been scanned by all filters. Sendmail may abort Bmilter at any time, the milter program (Bmilter) has no control over this. This means that the email may have only been scanned partially or not at all.
Example:
* X-Bmilter: Message fully processed with Bmilter version xxx; timestamp
* X-Bmilter: DNSBL=True; Sender IP 200.24.71.150 found at bl.spamcop.net
* X-Bmilter: Failed Sender Verification=True; The mail server for the sender's domain doesn't support the email address that purportedly sent this email.
What Bmilter does so far.
Bmilter database Bmilter uses SQL (Postgres) to hold all the configuration, referred to from now on as the registry. Since I do everything very simple and standard with SQL, it should be a snap for anyone to add mysql etc. I personally won't do it because I don't have mysql installed and I don't want to. I'll happily apply patches sent to me however.DNS Blacklists Looks up the IP of the inbound connection against all the DNS blacklists in the Bmilter registrySMTP callback
Verifies the following:
* RFC 821, MAIL FROM:
You are required to support a NULL return path according to RFC 821. Some people disable this either because they think it's cute or because they're trying to disable spam sent with a NULL return path. Irregardless, it's broken.
* RFC 822, RCPT TO:
Sites without Postmaster accounts are simply due to admin laziness or misconfiguration. According to RFC 822, you are required to accept mail for a few specific accounts, this is one of them.
* RCPT TO:
If the sender is unknown on the machine that answers for the domain used by the sender, then either a) the site is misconfigured or b) in all probability this is a spoofed email address and the email content is spam.
Checks for a few random textual strings Right now Bmilter tests for the California ADV prefix in the Subject line. This is in preparation for regular expression implementations.Prelimiary Statistics Currently I'm cataloging the number of connections sent to Bmilter, the number of emails processed, and the number of aborts. Stats will develop for each individual filter for pass/fail/undetermined.
First thing I thought when I saw "Isn't it Time for Metric Time", I thought about HEX Time. Which although makes sense in a technological sense, it's about as easy to convert as binary time and metric time. Yah, you can count on your fingers up to thirty five in HEX... or up to 1,023 in Binary but it's just annoying to switch.
Honestly, what else are you going to get out of switching to Base-2 or Base-6 or even Base-10 for time? Easier coding? Not really, instead of the computer doing the conversion, you will be for the next couple years until it makes sense.
Think of this, how long does it take you to quit writing checks for the previous year in January? Or when we switched over to 2000, how long did you write 1900? Things like this have been proposed, anyone remember Internet Time, ie:.beat or @time? I will give Swatch Time one big kudo, during the Dot-Com era, I did see it on CNN and MSNBC once or twice, it went a bit futher than any other time went.
None of the current ideas are "intuitive" to humans, not enough studying has been done, and no one big enough has adopted it and kept it.
--- Put the X-files fanzine down and step away from the paranoid dementia. They are checking the files they know to exist. Most likely some sort of secure hash before-n-after comparison like MD5 is a part of that process.
Yes, scanning only for the files you know are there is pretty boneheaded. You're hyperventilating because Microsoft is the culprit.
Do you know why Microsoft makes so many mistakes? Because they have a lot of products. More risks, more chances to make a mistake. Take a look at the number of strikeouts homerun hitters get compared to leadoff hitters.
feh. ---
As an individual who has been responsible for the distribution of many products in the past, a virus being a part of a distribution is NOT acceptable by any stretch of dementia.
There have been comical quotes of Virual Studio.NET or jokes about "Trustworthy Computing" and a couple decent BillG skits, however the point here is that yet another company is not taking the rudimentary steps to protect it's customers.
Microsoft's products are (for better or worse) being used the world over; in schools, doctors offices, hospitals, law firms, all through out the US Government and practically everywhere else you look and there is no one that is ensuring that they are following basic security protocols.
Yes, "What if...".DLL's are being replaced (or added) by anti-US operatives, or modifications are being made adding back doors... Yah, it's a bit X-Files'ish but not that far from reality. Obviously a source CD/Drive was sent over to be burned, and was connected to an insecure network, how hard would it be to figure out what network that is and insert a DLL that tracks connections on boot? AdWare companies do it through website and software installations all the time.
OK, so thousands (maybe millions) of pages of text may be lost to some guy who was a control freak and decided to compress and encrypt a database[0], but the short term benefits of this are not entirely being used. Anti-DMCA and Anti-Euro-DMCA, showing the world that 'hackers' (White, Black, Grey, Blue, etc...) are not the evil bane of existance of the Internet.
Granted, I'm not a fan of Norgys, particularly due to an IRC channel I'm on that has had to ban *.no because of constant "A/S/L?" and mass-msg "Hi, I am a cute girl from Norway, do you want to cyber?" messages... but the point being... there -is- the chance that the Norgys did something -GOOD- for once. What if this is a spoof, hoax, trick... a Library/Institution that decided that people do actually need hackers in the world to work on all those stupid problems that otherwise would go unaddressed because people are stupid and lazy.
Erm... maybe... then again, maybe not, and well - that's giving Norgys a lot of credit...
0. However to the best of my knowledge, dBase passwords are very easy to break
Slashdot Mirror
Bare minimum is dd if=/dev/zero of=/dev/sdX before any drive is put into use while monitoring with smartctl followed by a file system and large file (50% of drive size) read and hashing.
Same thing with RAM, who doesn't stress test it with memtest before using it?
Recently I purchased a bunch of WD Red drives and all six failed within 37 hours of first spin up. Dead Red's with a 37 hours MTBF.
I hadn't heard of this, I'm sure I can find a use for this as well. Thanks for sharing.
I logged in for the first time in several years to reply to this. I completely agree and this is the enthusiasm that we need to keep. I was a late adopter of the new handheld computers because I loved my simple candybar style unbreakable phone that always worked.
Sometimes I miss the tactile sensations of dialing a number on a rotary or the push buttons of an old Bell Labs and instead I now say "Call [Blah]" instead of looking it up in a phone book and feeling the paper.
But, we're living in the future now and that is awesome. Hold on to the past but embrace the future otherwise you'll be left behind.
All of this is fine and dandy, but they still don't tell us what the coordinates of Earth are. What good will this do us if we are abducted and need to get home?
As a commenter on Technology Review said, isn't this the same concept as NASA put on Pioneer F?
... and sends through your caller ID info.
Tested on Sprint and AT&T Wireless/SBC/Cingular/AT&T.
From the video, seven more opinions on what Internet meant in 1995
... and the cost of Internet, $200 per year in 1995
Stein in Oslo
There are no borders on the internet colour, age and nationality don't matter
Andrea in Washington, D.C.
It frees me to be me - not someone inconveniencing others with my needs as a deaf person.
Richard Summer in England
I can indulge my deep and abiding passion for all things Thai.
Heidi in Toronto
It has more soul than any human being I know!
Mark in Pennsylvania
The net is helping the University of Asmara in Eritrea with books on everything.
Herardo in Mexico,
It's a window to the world
Marcus in Mylan
Internet is: Liberty, friends all over the world, fun, information, anonymity, part of our every-day life and much, much more
I understand your argument about any obfuscation being unacceptable, however your issues are addressed within the design. I recommend you take a look: http://www.openvotingconsortium.org/our_solution
Perhaps go through a quick sample ballot, check for yourself.
From TFWS:
In the polling place there will be a station with a scanner where you can have the barcode scanned while you're wearing headphones so you can hear your selections read to you. The ballot does not have to be removed from the folder; your privacy is assured. Then you go to the ballot box for depositing of your ballot.
http://www.openvotingconsortium.org/
Open Voting System Explained
What is the Open Voting system?
The Open Voting system is very much like a traditional system in which the voter enters the voting place, marks his or her choices onto a paper ballot, and inserts the ballot into a ballot box except the voter marks the ballot using a computerized voting station rather than a pencil or colored marker. The Open Voting system preserves the paper ballot. However, which is printed in plain text that the voter can read. Voters have the opportunity to inspect the ballot to ensure that it properly reflects their choices. Poll workers then scan the ballot to count your votes and deposit it into a secure ballot box. The Open Voting system ballots contain a bar code in addition to the plain text. This bar code provides a system of accountability for recounts and prevents voters from voting more than once, although it provides confidentiality for the voter. Open Voting systems can be engineered to accommodate the special needs of those who who have physical impairments and can be operated with touch-screen features and provides audio playback for sight impaired.
... burn karma burn ....
... put out karma fire ...
In order to keep this on topic, lets compare iTunes privacy risk and Grocery Store's recouping costs through data storage, I'll get to the ignorance of the parent here momentarilly.
Club cards serve one purpose, to gather data to improve the profitability of the grocery store, either through data mining or sale of information.
iTunes privacy risk apparently concerned someone to the point of comparing it to malware. Any presumption that iTunes was not gathering information was naive. Apple unfortunately has joined the ranks of the other evil corporations (will I get modded down for that comment?) and one day we will all have to realize that the purpose of a corporation is to benefit its shareholders.
Now back to club cards. Every purchase is tracked and mined and then sold as a part of on going market analysis. The discounts are usually on over stocked goods that need to be sold, and your personal information is only easier to send junk mail to as you are a customer and have a pre-existing relationship. Otherwise they would just go through the phone book or purchase from mass marketing lists.
Barcode vs. Magnetic Stripe *RING RING* Neither should be innocuous! A number is a number is a number... the next item you may want to be woried about is RFID tags, but... you never see them... so they don't matter right? *WAKE UP* Employees not using their club card? The smart ones lift one from the massive piles of them and use it. Do you really think that you cannot connect a "bar code" to a checking account? They all go back to a database where the data is processed.
Fracking disinformation goons...
To reiterate what the AC (Score: 0) said:
---
As far as tracking sales with the club card. For instance, the safeway cards that do not have magnetic stripes but rather just a barcode, that barcode does not hold a lot of information.
Ever hear of a database? They don't need to store the information on the card. All it needs is a unique number which (lo and behold) a barcode supplies.
--
No, the subject of this email is not intended to piss people off. Very simply, there have been numerous discussions recently about the comparison to Germany in 1925 and how the USA is progressing. As someone who loves what this country was founded on and was, as to what it has become. The comparison initially disgusted me.
I'd love to get some Germans in on this comment, the comments I've heard sound mostly like
"That's just how it began in Germany" in reference to the PATRIOT Act, the Iraq war, and now this abomination.
"More than adequate" ...
"I had to dump a large chunk of bad sectors"
"Currently no RFID tag is thin enough to meet this requirement [1/8 inch]"
WRONG.
Do some research before you make such comments. Yes - they have been able to make RFID tags thin enough to be printed, cost effective too.
BTW -- since I couldn't remember the name of the company that made these products, a google/teoma search for "RFID Paper" found the cites. Took 30 seconds.
CITE:
CrossID
Inkode
So I just have to ask, what exemptions are going to be made? Now - or in the future? Don't most law enforcement vehicles have laptops in the front, permanently mounted? How about commercial vehicles? Delivery vehicles?
Thanks California!
As I've read through this article, I've seen many references to cold calling, I'm amazed with all of the fuss that /.'ers and other's have made about the DO NOT CALL list...
:)
How have people delt with the FCC's DO NOT CALL list? How does that work into people's cold calls, the costs, etc?
Just wondering
Ok, so there's several questions about this.
First, if you read their FAQ, they state embedded linux doesn't exist - yes it does, STFW.
Second, yes - it's cool, but this has been available for a while, at a comparable price.
Blah.
We all know that SCO is on it's way out, or at least we pray they are, so why don't we give the companies that are using SCO products - a solution. A migration method/spec and the software to make that migration to Linux as easy and painless as possible?
In the views of SCO, this is the worst thing that could happen, companies know that SCO is on their way out and they don't want to support SCO anymore - but in many ways, are forced to.
Just my 2 bits.
Sorry to give more credit to a short post, however I had supported the ACLU here about 10 years ago, and decided to donate and become a "Card Carrying Member" once again.
Well, when I donated, I specifically stated in my original donation, and on the forms, and sent an email to them, and then called - stating that my privacy was very important and that I do -not- want them to release it to anyone, for any reason, especially marketting. I used the words "Opt-Out" and about everything else possible to get the point across...
Well, when I signed up, the address I gave them I put in "C/O ACLU" just in case...
Guess where my junk mail now comes? All of it is "C/O ACLU", I called up, emailed, bitched up a storm - they still haven't removed me...
So much for honoring Opt-Out requests... My next step is to send a Cease and Decist Order...
I've been waiting for this thread for quite a while, I believe "back in the day" I wrote about an experience I had on a jobs mailing list. Which compared my three most hated people in the world: Used Car Salesmen, Lawyers, and Recruiters. At that time, I was extensively using an email address which I had managed to keep away from spam - after that email Mr. Marshall Thurman decided he would act on behalf of all of his friends and add me to hundreds of mailing lists, junk mail, send threats, etc.
That was the turning point for me no longer using any sort of recruiter, in addition to getting tired of filling out the same (non-standardized) forms which ask for everything except your mothers-mothers-fathers-mothers-maiden name.
I reverted to old-school/proven methods of job hunting, drive around, bus around, bike around, walk around - and put in applications, attach a copy of my resume and pray someone gets back to me. Then, a week later, I make the dreaded "Have you looked at my application yet?" phone call... "We'll keep your application on file for six months" (yah, in the circular bin!), "I'm sorry, you're not quite the candidate we're looking for", "I'm sorry, I don't know why you would want to work here with your extensive experience", "No sir, we're not looking for management right now"
Since that time, I have begun extensive networking. Something that I know many people are lacking in knowledge or ability to do, the "upper %10" do extensive networking, hear about all those "preppy parties"? They are networking. Joke about people who always go out for drinks after a meeting/seminar? They are networking.
Since I am neither in the upper %10, nor do I go to a lot of meetings and seminars, I came up with my own project which I have gotten GREAT support for, one-on-one networking. People decided to use the same concept for finding-a-date, I use it for meeting people and expanding my networking groups. Think of it as the REAL WORLD version of Friendster. Sit down with people for 30 seconds, exchange cards, talk about what you do, and then move on to another person, come back to talk to the other ones if you're really interested in their services.
No more uncomfortable first introductions to mechanics, CPAs, IT professionals, lawyers, that cute girl, and small-business owners. Best of all - meet these people in a one-on-one environment with other people. Uncomfortable in large groups? Don't really care about meeting people, just want to get your name out? Or do you have a GREAT idea that will change the world but don't know where to start? That's why I'm changing things...
Right now, I'm starting to take this networking project online, check out itys.net for more information.
If you copy (steal) from one resource, it's plagiarism.
:) MIT is well aware of this concept.
If you copy from multiple resources, it's research
(Pardon me starting an new thread, I didn't see anyone who came close to these comments)
:)
It's been said before, so I'll say it again - "If you do not learn from the past, you are doomed to repeat it"
That is the whole purpose of higher education, establishing a baseline for what others have learned through out the years, with the hope that you will be able to apply it. I know very successful people that do -not- have a BS (Bull Shit) or a PhD (Piled Higher and Deeper) and are -very- successful.
Do you -really- need to know how to write a compiler in order to program? (CS reference) No. Does it help you debug? Yes. Do you need to know the chemical compound of a resister? No. Does that complete area of knowledge help you figure out what each colored line means? Not likely
As a side note, I've been in the INFOSEC Industry for 10 years, slowly starting my own practice (PI) with investigations while going to school (Law/Health/Business) and will go on to Norwich for their Masters in CyberEthics after struggling for the Bar. Am I doing this because I want a Doctoret or a PhD? No, I'm doing it because there is a lot that needs to be learned. Do I want to necessarilly be a PI? No, but it helps me learn things that I wouldn't learn in school.
Hands-on-Experience + Education, great mix.
for one fact, and one fact alone...
Keanu Reeves didn't say...
Woah.
(Must give a review)
As someone who saw the original 27 times in the theater - yah, Reloaded fit the bill and blew my mind several times.
Bmilter
Bmilter - Filter program for use with Sendmail
July 5th, 2002
Bmilter is written in C and uses the Sendmail Milter library. Bmilter is intended to be the most capable mail filter for sendmail in existence. Every means I can find that is an effective and sensible method for filtering spam will get plugged into Bmilter. There will be some exceptions naturally...I don't intend to support any perl type of plugin or scripting and I don't intend to weigh down the process in a CPU intensive heuristics or genetic anomaly detection routine.
Until Bmilter reaches a stable production quality with message archiving, Bmilter will remain an advisory filter only. This means that Bmilter will NOT do any actual rejecting or dropping of mails. You may use your email client's built in filtering tools or if you have the option, using procmail. Bmilter inserts headers starting with X-Bmilter. Bmilter will insert a header stating the messages was fully processed by all filter methods only if the message has been scanned by all filters. Sendmail may abort Bmilter at any time, the milter program (Bmilter) has no control over this. This means that the email may have only been scanned partially or not at all.
Example:
* X-Bmilter: Message fully processed with Bmilter version xxx; timestamp
* X-Bmilter: DNSBL=True; Sender IP 200.24.71.150 found at bl.spamcop.net
* X-Bmilter: Failed Sender Verification=True; The mail server for the sender's domain doesn't support the email address that purportedly sent this email.
What Bmilter does so far.
Bmilter database
Bmilter uses SQL (Postgres) to hold all the configuration, referred to from now on as the registry. Since I do everything very simple and standard with SQL, it should be a snap for anyone to add mysql etc. I personally won't do it because I don't have mysql installed and I don't want to. I'll happily apply patches sent to me however.DNS Blacklists
Looks up the IP of the inbound connection against all the DNS blacklists in the Bmilter registrySMTP callback
Verifies the following:
* RFC 821, MAIL FROM:
You are required to support a NULL return path according to RFC 821. Some people disable this either because they think it's cute or because they're trying to disable spam sent with a NULL return path. Irregardless, it's broken.
* RFC 822, RCPT TO:
Sites without Postmaster accounts are simply due to admin laziness or misconfiguration. According to RFC 822, you are required to accept mail for a few specific accounts, this is one of them.
* RCPT TO:
If the sender is unknown on the machine that answers for the domain used by the sender, then either a) the site is misconfigured or b) in all probability this is a spoofed email address and the email content is spam.
Checks for a few random textual strings
Right now Bmilter tests for the California ADV prefix in the Subject line. This is in preparation for regular expression implementations.Prelimiary Statistics
Currently I'm cataloging the number of connections sent to Bmilter, the number of emails processed, and the number of aborts. Stats will develop for each individual filter for pass/fail/undetermined.
User preferences
* Authenticated Sender (key=auth); default action: accept; alternate action: continue;
* DNS Blacklist (key=dnsbl); default action: tag; alternate actions: (remove from rcpt list|bounce);
* SMTP Callback (key=smtpcallback); default action: tag; alternate action: reject;
First thing I thought when I saw "Isn't it Time for Metric Time", I thought about HEX Time. Which although makes sense in a technological sense, it's about as easy to convert as binary time and metric time. Yah, you can count on your fingers up to thirty five in HEX... or up to 1,023 in Binary but it's just annoying to switch.
.beat or @time? I will give Swatch Time one big kudo, during the Dot-Com era, I did see it on CNN and MSNBC once or twice, it went a bit futher than any other time went.
Honestly, what else are you going to get out of switching to Base-2 or Base-6 or even Base-10 for time? Easier coding? Not really, instead of the computer doing the conversion, you will be for the next couple years until it makes sense.
Think of this, how long does it take you to quit writing checks for the previous year in January? Or when we switched over to 2000, how long did you write 1900? Things like this have been proposed, anyone remember Internet Time, ie:
None of the current ideas are "intuitive" to humans, not enough studying has been done, and no one big enough has adopted it and kept it.
Best of luck, good article though.
-M
---
.NET or jokes about "Trustworthy Computing" and a couple decent BillG skits, however the point here is that yet another company is not taking the rudimentary steps to protect it's customers.
.DLL's are being replaced (or added) by anti-US operatives, or modifications are being made adding back doors... Yah, it's a bit X-Files'ish but not that far from reality. Obviously a source CD/Drive was sent over to be burned, and was connected to an insecure network, how hard would it be to figure out what network that is and insert a DLL that tracks connections on boot? AdWare companies do it through website and software installations all the time.
Put the X-files fanzine down and step away from the paranoid dementia.
They are checking the files they know to exist. Most likely some sort of secure hash before-n-after comparison like MD5 is a part of that process.
Yes, scanning only for the files you know are there is pretty boneheaded. You're hyperventilating because Microsoft is the culprit.
Do you know why Microsoft makes so many mistakes? Because they have a lot of products. More risks, more chances to make a mistake. Take a look at the number of strikeouts homerun hitters get compared to leadoff hitters.
feh.
---
As an individual who has been responsible for the distribution of many products in the past, a virus being a part of a distribution is NOT acceptable by any stretch of dementia.
There have been comical quotes of Virual Studio
Microsoft's products are (for better or worse) being used the world over; in schools, doctors offices, hospitals, law firms, all through out the US Government and practically everywhere else you look and there is no one that is ensuring that they are following basic security protocols.
Yes, "What if..."
Just a thought...
feh. yourself.
OK, so thousands (maybe millions) of pages of text may be lost to some guy who was a control freak and decided to compress and encrypt a database[0], but the short term benefits of this are not entirely being used. Anti-DMCA and Anti-Euro-DMCA, showing the world that 'hackers' (White, Black, Grey, Blue, etc...) are not the evil bane of existance of the Internet.
Granted, I'm not a fan of Norgys, particularly due to an IRC channel I'm on that has had to ban *.no because of constant "A/S/L?" and mass-msg "Hi, I am a cute girl from Norway, do you want to cyber?" messages... but the point being... there -is- the chance that the Norgys did something -GOOD- for once. What if this is a spoof, hoax, trick... a Library/Institution that decided that people do actually need hackers in the world to work on all those stupid problems that otherwise would go unaddressed because people are stupid and lazy.
Erm... maybe... then again, maybe not, and well - that's giving Norgys a lot of credit...
0. However to the best of my knowledge, dBase passwords are very easy to break