I'm sorry but this guy has already had time served. Even if they do find him guilty one year in jail for what he did is far more than enough. Plus 1M bail? Is he a violent criminal?...
This sounds like a classic story if ignorant people making decisions about technical crime and getting scared. I aim that both at the city and at the judge who set the original bail.
We need special technical trials for things like this within which both the defence and prosecution are allowed to bring in technical witnesses to put the case into perspective for non-technical people (as opposed to "HACKER! Get the pitch forks!").
Creative purchased their drivers off of a third party company and then just updated them over the years. This literally happened since the soundriver products began. Once Vista came out with an entirely new sound infrastructure nobody at Creative had the expertise to write a decent driver so they cobbled one together (with Microsoft's help) from their old horrible drivers.
Fact is - Creative soundscards aren't worth while because the drivers are so poor. Even if the sound hardware could potentially take load off of the CPU, you're more likely to spend endless hours messing with it and even if it does work it won't work as effectively as one might hope.
Plus low carbon energy isn't that much of a fools dream... I mean there are some really great designs for wave power floating around right now (yes, pun intended). Plus wind has some potential.
But even if we fed all the countries of the world on carbon free electricity and all had electric cars, we'd still need planes and jet engines in particular.
We could potentially build an electric jet engine-replacement (giant air compressor?), but until batteries become a lot lighter that would obviously be very counter-productive.
66% of 20+ Americans are overweight, 33% are obese (severely overweight). "Approximately 18.8 million Americans are suffering from depression at any given moment"
So if you take a cross-section of the population the average might be fat and bummed.
Plus 53% of Aircraft crashes are caused by Pilot Error. A total of 67% are caused by "human factors" (e.g. Human Error, Sabotage, Maintenance mistakes etc). 11% by weather. Which leaves a 21% chance of mechanical problems.
Which tells me you should be a lot less concerned about who builds your aircraft and instead look at how well trained your pilot and the ground crew are. Because they are more than likely the ones who will get you killed.
PS - Plus Boeing aircraft have crashed over five times more than Airbus Aircraft (but are also much more popular, so reading the above it isn't surprising).
"At least five states require registration for people who visit prostitutes, 29 require it for consensual sex between young teenagers and 32 require it for indecent exposure. Some prosecutors are now stretching the definition of âoedistributing child pornographyâ to include teens who text half-naked photos of themselves to their friends. For example, Janet Allison was found guilty of being âoeparty to the crime of child molestationâ because she let her 15-year-old daughter have sex with a boyfriend. The young couple later married."
I'm glad you're banning all 600,000 people 2/3rds of which are said to be "no danger" according to a state's own review board.
The problem with REAL null domain hijacking is that it breaks software. It breaks VPN clients in a BIG way as well as anything else that searches the Intranet for services. Since this is only active within the web browser and entirely possible to disable, it is far from the big hassle that ISP based hijacks are.
Firefox also does exactly the same thing. Also easy to disable.
I hate these misleading MpG measurements they keep giving out for electric or hybrid cars that can plug in. They can all be explained like this: x miles on battery power y miles on fuel x+y/g = z
Which is true, until the battery runs out, which it does extremely quickly. They also fail to take into account how much "fuel" comes magically out of your power socket into the car.
Frankly, I think there should be a law that says you can't include pre-stored electric power power in MpG measurements. So they would have to say "50 MpG with up to 100 miles provided by the battery!"
You've convinced me... I hope we in the EU get to pay for INCOMING calls because I'd love to pickup the bill for every SMS-Spam or Telemarketing call I get... or not...
When I was a kid I used to think it would be cool to live in the US but after reading about your horrible healthcare ("pay or die"), bad telecommunications/internet, lack of vacation time (0 mandatory, 14 days average after TWO YEARS), and completely uncompetitive wages/working conditions, meh, no thanks... I'll stay in the EU.
We have a more realistic way to live your life... Clue: It isn't JUST about work/money.
Anything under eight digits can be broken almost instantly and asking users for a password longer than eight digits is just frankly unreasonable. Heck, in your scenario, they could just reset all the passwords and access accounts freely.
As far as DoSing an account or accounts, that is entirely a different security problem and one you should address with different measures like isolation and logging.
The article repeats the same Myths of password security that we have been repeating for the last thirty years. Let me review them for you:
- Password Length is important
- Password Complexity is key (e.g. A-Z with at least one special, one number)
- Password Expiration is important
Like all good myths these have elements of truth in them but fail to really hit the nail on what the problems actually are, or namely:
- Strong login auditing is important (failed attempts, unusual patterns, etc)
- Login speed should be throttled (e.g. No 60/guesses per minute)
- Failed logins should be capped (e.g. Login wrong five times? Consult technical support)
Now we are talking about password security. You can also throw on a five length minimum. Now even if your password was "password" they would still find it extremely difficult to compromise the system since it would be slow and would break after the first five. If you tried to spread out the attempts over several weeks (making it slower still) the audit logs should be alerting the administrator to 14/failed attempts per week from China.
While everyone should keep an eye on Microsoft (*was always) this is generally a good thing for the Internet as a whole. We as consumers, and we as web-developers, alike will be a lot happier if all the major players can create a consistent experience.
If Microsoft, Mozilla, Google, and Apple are all on board before the spec' is even in the final stages we have a fairly good shot of similar behavour no matter the platform or browser.
A lot of Microsoft's "notes" on the HTML 5 spec are either - "This isn't detailed enough to implement concistently" or "Do we need this?" Both of which are fair questions to ask and something that others will want to answer before HTML 5 goes live.
I challenge you to setup a stereotypical server WITHOUT changing a configuration file by hand.
Running:
- E-Mail (IMAP, SMTP)
- Calendar (sync-ed)
- Web Server (PHP, MySQL)
- FTP Server
- Remote Desktop Connection (for re-configuring the server remotely)
- Firewall
That isn't an unreasonable setup. In fact I think I just described 75% of Small Business Servers running today. Heck I didn't even require Samba running a DC and Shares (which is also extremely common).
But perhaps instead of wasting time proving how HUGE most Linux distro's have become, they should instead work on the usability of the OS. Linux is still restricted to both advanced users and relatively advanced system administrators. Until they can decrease the learning curve and reduced the need for time consuming configuration file changes then their userbase will be small with or without customized distributions.
This isn't eBay, they can't just magic high scores.
If you game it or otherwise, everyone will end up submitting their max score, because, well... Why wouldn't they? Who cares if the other team knows you have 10.8%... Either they can beat it and will submit that score, or they cannot and won't.
While it is true that cross-EU countries do suffer charges, that will only be the case for a little longer. The phone operators have already reduced the charges once and the EU is trying to get rid of them entirely, so phoning in France or the UK costs exactly the same and receiving calls is free.
The US system is completely screwy. It is frankly shocking that you guys pay as much as we pay to send a text and on top of that you get charged to receive texts too (including adverts and other unsolicited text-spam). US voice isn't quite as bad because a lot of US carriers allow free inter-network cell calling as opposed to the fixed rates you often find in the EU.
All in all, the US seriously needs some REAL competition as opposed to a small handful of large companies fighting for business while offering exactly the same terrible deal to consumers.
Most people that run patched systems without clicking anything too silly rarely see an AV popup. Those that run a version of Flash that is two months old and are still using Adobe Reader 7 will be just as owned as if they had not been running AV at all.
AV is fine, and I myself run it, but if I ever see a detection that isn't a false-positive or bull, then that system is getting formatted within 24 hrs.
PS - Her Virtual environment might not even have a writeable virtual disk, and thus any nasties that get on-board are cleared each time she power cycles.
Do people even know what they want from a partner?
People talk and talk about wanting this trait and that trait but they often seem to date people that are nothing like they claim they want. I'm honestly convinced people in general have no idea what they want, so by extension I struggle to see how you could create a site that offers people those things...
Random selection based on
- Age
- Geographic location
- Large important decisions (e.g. Family, yes/no?)
- A few shard interests
Can you stand up to the gov' in any western country either?
You go to a protest, get filmed, facial matched, and get a note in a record. You go for something that requires security clearance and you get denied without reason.
NASA employees and other linked agencies only recently had to reveal all protests they had been in for review. If they failed to list something that might be grounds for termination (and they might be terminated for taking part).
I wouldn't go to a protest. Luckily you can still show civil disobedience online, via letter, and in-person but they're already starting to crack down on the Internet.
PS - This post isn't aimed at the US. The UK, Australia, and France immediately come to mind.
While there is a lot of speculation that China's WAPI standard would contain a backdoor, there is very little factual evidence (except to paraphrase - "it is in China's character"). The problem is that China didn't release the entire specification to the standards organisations and that is likely a large part of why their protocol was rejected.
While I have no idea if China's WAPI would contain a backdoor, I do wonder what the purpose of adding it would be. Since the internet in China is heavily monitored and filtered already, why watch the end-points? If someone is using WiFi to spread information which China doesn't approve, having a backdoor won't help nor hurt China's ability to identify that person. Just track it to the WiFi Router/Repeater and then run around with a scanner looking for a laptop (the scanner doesn't need to decode).
You might think I'm being sarcastic but really. Each time I read one of these stories about an Eve problem I only want to play the game more. I've played other MMOs and having full banking institutions, investments, and companies exist is within its self very rare.
I mean all games have some kind of monetary system and by extension a way to trade money for goods. But very few are able to recreate the real world so closely.
Take for example World of Warcraft, you have gold, and you can trade. But you'd never have real businesses exist because the game just doesn't work that way, let alone banks.
Game Programming? What in particular:
- UI / Tools
- Graphics, Physics
- Networking
- AI
- Mobile Gaming etc
But in general if you want to go into Game Programming hit a CS degree and do a game development masters. All while learning C++ and trying to develop a nice portfolio of little games you've created yourself. Try and find a Masters program with hooks into the games industry because they will be your best bet to even get a foot in the door.
If it is Game Design they do an arts degree like English Lit and then do a Masters in Game Design. Same deal with the shoe in the door thing, find the college with the best links not the best course.
The sad truth is that better methods for handling password boxes have existed for years but haven't been picked up for whatever reason. The truth is that Microsoft really does deserve a fair bit of blame considering the OS generates most password boxes.
A nice password box that I've used would display the last character you typed for a very short period of time and then convert it into a dot. So as you type you can read it back to yourself but without really making it easy for anyone around you to see your completed password. Worked great.
Slashdot Mirror
I'm sorry but this guy has already had time served. Even if they do find him guilty one year in jail for what he did is far more than enough. Plus 1M bail? Is he a violent criminal? ...
This sounds like a classic story if ignorant people making decisions about technical crime and getting scared. I aim that both at the city and at the judge who set the original bail.
We need special technical trials for things like this within which both the defence and prosecution are allowed to bring in technical witnesses to put the case into perspective for non-technical people (as opposed to "HACKER! Get the pitch forks!").
Creative purchased their drivers off of a third party company and then just updated them over the years. This literally happened since the soundriver products began. Once Vista came out with an entirely new sound infrastructure nobody at Creative had the expertise to write a decent driver so they cobbled one together (with Microsoft's help) from their old horrible drivers.
Fact is - Creative soundscards aren't worth while because the drivers are so poor. Even if the sound hardware could potentially take load off of the CPU, you're more likely to spend endless hours messing with it and even if it does work it won't work as effectively as one might hope.
Plus low carbon energy isn't that much of a fools dream...
I mean there are some really great designs for wave power floating around right now (yes, pun intended). Plus wind has some potential.
But even if we fed all the countries of the world on carbon free electricity and all had electric cars, we'd still need planes and jet engines in particular.
We could potentially build an electric jet engine-replacement (giant air compressor?), but until batteries become a lot lighter that would obviously be very counter-productive.
That was my thought too...
66% of 20+ Americans are overweight, 33% are obese (severely overweight).
"Approximately 18.8 million Americans are suffering from depression at any given moment"
So if you take a cross-section of the population the average might be fat and bummed.
Flying in general is extremely safe.
Plus 53% of Aircraft crashes are caused by Pilot Error. A total of 67% are caused by "human factors" (e.g. Human Error, Sabotage, Maintenance mistakes etc). 11% by weather. Which leaves a 21% chance of mechanical problems.
Which tells me you should be a lot less concerned about who builds your aircraft and instead look at how well trained your pilot and the ground crew are. Because they are more than likely the ones who will get you killed.
PS - Plus Boeing aircraft have crashed over five times more than Airbus Aircraft (but are also much more popular, so reading the above it isn't surprising).
"At least five states require registration for people who visit prostitutes, 29 require it for consensual sex between young teenagers and 32 require it for indecent exposure. Some prosecutors are now stretching the definition of âoedistributing child pornographyâ to include teens who text half-naked photos of themselves to their friends. For example, Janet Allison was found guilty of being âoeparty to the crime of child molestationâ because she let her 15-year-old daughter have sex with a boyfriend. The young couple later married."
I'm glad you're banning all 600,000 people 2/3rds of which are said to be "no danger" according to a state's own review board.
The problem with REAL null domain hijacking is that it breaks software. It breaks VPN clients in a BIG way as well as anything else that searches the Intranet for services. Since this is only active within the web browser and entirely possible to disable, it is far from the big hassle that ISP based hijacks are.
Firefox also does exactly the same thing. Also easy to disable.
I hate these misleading MpG measurements they keep giving out for electric or hybrid cars that can plug in. They can all be explained like this:
x miles on battery power
y miles on fuel
x+y/g = z
Which is true, until the battery runs out, which it does extremely quickly. They also fail to take into account how much "fuel" comes magically out of your power socket into the car.
Frankly, I think there should be a law that says you can't include pre-stored electric power power in MpG measurements. So they would have to say "50 MpG with up to 100 miles provided by the battery!"
You've convinced me... I hope we in the EU get to pay for INCOMING calls because I'd love to pickup the bill for every SMS-Spam or Telemarketing call I get... or not...
When I was a kid I used to think it would be cool to live in the US but after reading about your horrible healthcare ("pay or die"), bad telecommunications/internet, lack of vacation time (0 mandatory, 14 days average after TWO YEARS), and completely uncompetitive wages/working conditions, meh, no thanks... I'll stay in the EU.
We have a more realistic way to live your life... Clue: It isn't JUST about work/money.
If they have your password hashes, shows over.
Anything under eight digits can be broken almost instantly and asking users for a password longer than eight digits is just frankly unreasonable. Heck, in your scenario, they could just reset all the passwords and access accounts freely.
As far as DoSing an account or accounts, that is entirely a different security problem and one you should address with different measures like isolation and logging.
The article repeats the same Myths of password security that we have been repeating for the last thirty years. Let me review them for you:
- Password Length is important
- Password Complexity is key (e.g. A-Z with at least one special, one number)
- Password Expiration is important
Like all good myths these have elements of truth in them but fail to really hit the nail on what the problems actually are, or namely:
- Strong login auditing is important (failed attempts, unusual patterns, etc)
- Login speed should be throttled (e.g. No 60/guesses per minute)
- Failed logins should be capped (e.g. Login wrong five times? Consult technical support)
Now we are talking about password security. You can also throw on a five length minimum. Now even if your password was "password" they would still find it extremely difficult to compromise the system since it would be slow and would break after the first five. If you tried to spread out the attempts over several weeks (making it slower still) the audit logs should be alerting the administrator to 14/failed attempts per week from China.
While everyone should keep an eye on Microsoft (*was always) this is generally a good thing for the Internet as a whole. We as consumers, and we as web-developers, alike will be a lot happier if all the major players can create a consistent experience.
If Microsoft, Mozilla, Google, and Apple are all on board before the spec' is even in the final stages we have a fairly good shot of similar behavour no matter the platform or browser.
A lot of Microsoft's "notes" on the HTML 5 spec are either - "This isn't detailed enough to implement concistently" or "Do we need this?" Both of which are fair questions to ask and something that others will want to answer before HTML 5 goes live.
I challenge you to setup a stereotypical server WITHOUT changing a configuration file by hand.
Running:
- E-Mail (IMAP, SMTP)
- Calendar (sync-ed)
- Web Server (PHP, MySQL)
- FTP Server
- Remote Desktop Connection (for re-configuring the server remotely)
- Firewall
That isn't an unreasonable setup. In fact I think I just described 75% of Small Business Servers running today. Heck I didn't even require Samba running a DC and Shares (which is also extremely common).
Neat.
But perhaps instead of wasting time proving how HUGE most Linux distro's have become, they should instead work on the usability of the OS. Linux is still restricted to both advanced users and relatively advanced system administrators. Until they can decrease the learning curve and reduced the need for time consuming configuration file changes then their userbase will be small with or without customized distributions.
This isn't eBay, they can't just magic high scores.
If you game it or otherwise, everyone will end up submitting their max score, because, well... Why wouldn't they? Who cares if the other team knows you have 10.8%... Either they can beat it and will submit that score, or they cannot and won't.
*Citation needed
While it is true that cross-EU countries do suffer charges, that will only be the case for a little longer. The phone operators have already reduced the charges once and the EU is trying to get rid of them entirely, so phoning in France or the UK costs exactly the same and receiving calls is free.
The US system is completely screwy. It is frankly shocking that you guys pay as much as we pay to send a text and on top of that you get charged to receive texts too (including adverts and other unsolicited text-spam). US voice isn't quite as bad because a lot of US carriers allow free inter-network cell calling as opposed to the fixed rates you often find in the EU.
All in all, the US seriously needs some REAL competition as opposed to a small handful of large companies fighting for business while offering exactly the same terrible deal to consumers.
What is it you think Anti-Virus does?
Most people that run patched systems without clicking anything too silly rarely see an AV popup. Those that run a version of Flash that is two months old and are still using Adobe Reader 7 will be just as owned as if they had not been running AV at all.
AV is fine, and I myself run it, but if I ever see a detection that isn't a false-positive or bull, then that system is getting formatted within 24 hrs.
PS - Her Virtual environment might not even have a writeable virtual disk, and thus any nasties that get on-board are cleared each time she power cycles.
Do people even know what they want from a partner?
People talk and talk about wanting this trait and that trait but they often seem to date people that are nothing like they claim they want. I'm honestly convinced people in general have no idea what they want, so by extension I struggle to see how you could create a site that offers people those things...
Random selection based on
- Age
- Geographic location
- Large important decisions (e.g. Family, yes/no?)
- A few shard interests
Would likely have a very high success rate.
So hugely popular I've never heard of it? Nor have two of my online contacts?
I've used Last.fm before they cut the UK off, and Sky.fm for streaming radio. I'm not sure what "Spotify" is.
Can you stand up to the gov' in any western country either?
You go to a protest, get filmed, facial matched, and get a note in a record. You go for something that requires security clearance and you get denied without reason.
NASA employees and other linked agencies only recently had to reveal all protests they had been in for review. If they failed to list something that might be grounds for termination (and they might be terminated for taking part).
I wouldn't go to a protest. Luckily you can still show civil disobedience online, via letter, and in-person but they're already starting to crack down on the Internet.
PS - This post isn't aimed at the US. The UK, Australia, and France immediately come to mind.
While there is a lot of speculation that China's WAPI standard would contain a backdoor, there is very little factual evidence (except to paraphrase - "it is in China's character"). The problem is that China didn't release the entire specification to the standards organisations and that is likely a large part of why their protocol was rejected.
While I have no idea if China's WAPI would contain a backdoor, I do wonder what the purpose of adding it would be. Since the internet in China is heavily monitored and filtered already, why watch the end-points? If someone is using WiFi to spread information which China doesn't approve, having a backdoor won't help nor hurt China's ability to identify that person. Just track it to the WiFi Router/Repeater and then run around with a scanner looking for a laptop (the scanner doesn't need to decode).
You might think I'm being sarcastic but really. Each time I read one of these stories about an Eve problem I only want to play the game more. I've played other MMOs and having full banking institutions, investments, and companies exist is within its self very rare.
I mean all games have some kind of monetary system and by extension a way to trade money for goods. But very few are able to recreate the real world so closely.
Take for example World of Warcraft, you have gold, and you can trade. But you'd never have real businesses exist because the game just doesn't work that way, let alone banks.
Game Programming? What in particular:
- UI / Tools
- Graphics, Physics
- Networking
- AI
- Mobile Gaming
etc
But in general if you want to go into Game Programming hit a CS degree and do a game development masters. All while learning C++ and trying to develop a nice portfolio of little games you've created yourself. Try and find a Masters program with hooks into the games industry because they will be your best bet to even get a foot in the door.
If it is Game Design they do an arts degree like English Lit and then do a Masters in Game Design. Same deal with the shoe in the door thing, find the college with the best links not the best course.
The sad truth is that better methods for handling password boxes have existed for years but haven't been picked up for whatever reason. The truth is that Microsoft really does deserve a fair bit of blame considering the OS generates most password boxes.
A nice password box that I've used would display the last character you typed for a very short period of time and then convert it into a dot. So as you type you can read it back to yourself but without really making it easy for anyone around you to see your completed password. Worked great.