Could you please post the CGI script? The more people who use this, the better.
I agree with another person who replied in that a robots.txt file should protect this script. That way, legitimate and well-behaved spiders (Google, etc.) won't be adversely affected, but badly-behaved spiders (spambots, etc.) that ignore robots.txt will be severely punished.:-)
Thanks, I didn't know that. I'm a bit ignorant about Macs, since I don't have any in my house and have only used them at school, and have never used a newer iMac with an LCD. Does anyone know if the Celine Dion CD from Sony that was known to kill iMacs actually rendered the mouse and eject buttons useless on bootup, or if the whole issue was just overblown?
If I remember correctly, the CD wouldn't eject in an iMac and the machine couldn't be rebooted with the CD in. Apple refused to put an industry-standard eject hole on the iMac's CD-ROM drive. If they had put in an eject hole like everyone else, this wouldn't have been a problem. Also, if Sony (a RIAA member) hadn't used their broken copy protection, this wouldn't have been a problem. Both Apple and Sony were at fault.
Thank you! When I remove spyware from people's computers, occasionally (but definitely not often) they actually use a piece of software (like Gator) that comes with it. If I like RoboForm after I install it, it will next to KaZaA Lite on my list of spyware replacements.
I'm a techie at a doctor's office and everyone has way too many pens from the drug reps (they give us free catered lunches, too). A lot of the pens are really comfortable to write with. Even though I lose or give away pens at school, I haven't had to pay for a pen after getting this job.
More likely, MS's lawyers would say you didn't back up your data like you should be doing, and the case would be thrown out. Your failure to properly back up is as bad as Microsoft's failure to properly secure its software. I hope you still don't keep all your source code on one hard drive after that incident.
I think they'd want the highest quality possible per byte, though. If they can lower the bitrate while keeping the same quality by, say, switching from MP3 to Ogg Vorbis, they save on bandwidth and storage. Even if they have both formats, their storage needs go up, but storage is a (relatively) cheap one-time expense, and their bandwidth bill goes down from the people who grab Oggs instead of MP3s.
Black hats are going to share info, legal or not, so viruses and worms will still spread regardless of whatever gets passed into law. It will only stop white hats from sharing info, so the only source to get rid of an infection or get a patch or workaround is Symantec.
I have Win2K SP4 installed, and I still see this in Windows Update:
Recommended Update for Windows Rights Management client 1.0
Download size: 3.6 MB
The Windows Rights Management (RM) client is required for your computer to run applications that provide functionality based on RM technologies. Installing this client allows RM-aware applications to work with Windows Rights Management Services (RMS) to provide licenses for publishing and consuming RM-protected information. After you install this item, you may have to restart your computer. Read more...
I've been using Sneakemail, too, with exactly the same results. Addresses posted in WHOIS listings or on websites get the most spam. Maybe places you actually submit your address to are too scared to spam a sneakemail address, knowing that it's traceable. Or maybe we're both just lucky.
I think this monitoring company was brought in by the customers. According to the original article, the hosting company has nothing to do with them and has never had a business relationship with them. There is no contract except between the hosting customers who bought monitoring, and the monitoring company.
1) Reformat hard drive 2) Reinstall Windows from CD 3) Install the patch from CD 4) Get network access reenabled 5) Ignore recommendations and never touch Windows Update, never intall a firewall, and never install antivirus software. 6) Get hit by the next Windows worm. 7) Go to step 1. Do not ???, do not Profit!
The PHB at the small office where I work bought about 20-30 old Pentium 133 machines at auction. I bought/traded for two of them, since we weren't going to use them all at work. They still had their installs of Win95 with a NetWare client and a few company documents. Nothing very interesting, though. I still have a backup of one of them; maybe I'll look through it some more and see what I can find.
I'll use it as soon as someone produces Skype Lite without spyware, and either makes it run under Wine or develops a Linux client (my Linux box is on 24/7, and my Windows box is only on when I want to play games).
Yes! Unlike vendors of secure operating systems, Microsoft assumes that every user will need to use every MS networking and file sharing service, and opens up all the insecure ports for it. They need to turn every port OFF by default. There needs to be a nice Windows GUI to turn each service on, with options like this:
Option says: Don't share files (Recommended) Does this: turns off all SMB-related ports
Option says: Only share files to your own network Does this: allows SMB ports only to 10/8, 192.168/16, and 172.16/12
Option says: Only share files to certain computers or networks (Advanced users only) Does this: allows SMB ports only to IP ranges the user specifies
Note that there's no option for "open everything up," since that would tempt lazy or clueless people to use it, and it can already be done in the third option by allowing 0.0.0.0/0. There should be something similar for management things like Remote Registry.
Until Microsoft gets its head out of its ass, we might as well have ISPs use cable/DSL modems with built-in firewalls with a really easy web interface. That way, they can block all ports in and 25 (spam viruses and email worms) and 135 out (MSBlaster) by default, but allow the user to open any of it back up.
In the real world, though, with an insecure dominant OS and ISPs that don't care, we're screwed.
When I take my laptop to work, I like to run Nmap on my home IP address. I can make sure the only ports open are the ones I opened myself, and when I get home I'll make sure my IDS logged the scan.
It looks like those IP's are in a reserved block for whatever reason and aren't used on the Internet. Other than the weird IP range, I like the idea of having the room number in one of the octets.
Oops, I forgot to change "HTML Formatted" to "Plain Old Text" again. And I forgot to preview, too. Sorry. Here's what it should've looked like:
I use 10.0.0.0/8 at home just because it's really easy to type. The subnet I keep most of my machines in is 10.0.0.0/24, and my DMZ is 10.1.1.0/24. I give out IP's within them like this:
10.x.x.1-9 is routers 10.x.x.10-19 is computers with static IP's 10.x.x.20-99 is the DHCP range 10.x.x.100-109 is network stuff that will do DHCP 10.x.x.110-199 is servers 10.x.x.200-254 is other stuff like VMware virtual machines
This is just perfect because I can type any commonly-used IP on my home LAN using just 0, 1, and period. My router is 10.0.0.1, main rig is 10.0.0.10, computer on the other end of the house is 10.0.0.11, wireless AP is 10.0.0.101, file server is 10.0.0.110, web server is 10.1.1.110, and backup server will be 10.0.0.111. I'm even lazy when I type. Or efficient, depending on your viewpoint.;-)
Work network is 192.168.2.0/24, because that's what the guy who set it up used.
If I set up a network for someone else, I just use the default IP range on their router, which usually ends up being 192.168.0.0/24, and all other reasonable defaults, to make it easy to work on and makes a "reset to defaults" much less painful. Of course, I change stupid defaults. I turn off remote configuration if it's on, change the admin password, etc. If it's wireless, then I turn WEP on to its highest setting, change the SSID, turn off SSID broadcast, filter by MAC address, and whatever else I can do.
I use 10.0.0.0/8 at home just because it's really easy to type. The subnet I keep most of my machines in is 10.0.0.0/24, and my DMZ is 10.1.1.0/24. I give out IP's within them like this:
10.x.x.1-9 is routers
10.x.x.10-19 is computers with static IP's
10.x.x.20-99 is the DHCP range
10.x.x.100-109 is network stuff that will do DHCP
10.x.x.110-199 is servers
10.x.x.200-254 is other stuff like VMware virtual machines
This is just perfect because I can type any commonly-used IP on my home LAN using just the 0, 1, and period keys. My router is 10.0.0.1, main rig is 10.0.0.10, computer on the other end of the house is 10.0.0.11, wireless AP is 10.0.0.101, file server is 10.0.0.110, web server is 10.1.1.110, and backup server will be 10.0.0.111. I'm even lazy when I type. Or efficient, depending on your viewpoint.;-)
Work network is 192.168.2.0/24, because that's what the guy who set it up used.
If I set up a network for someone else, I just use the default IP range on their router, which usually ends up being 192.168.0.0/24, and all other reasonable defaults, to make it easy to work on and makes a "reset to defaults" much less painful. Of course, I change stupid defaults: I turn off remote configuration if it's on, change the admin password, etc. If it's wireless, then I turn WEP on to its highest setting, change the SSID, turn off SSID broadcast, filter by MAC address, and whatever else I can do.
And Thunderbird was just the code name, anyway. Code names are used during development partly to give time to make sure there won't be any conflicts with existing product names. AMD marketed the Thunderbird as the Athlon with Performance Enhancing Cache (it was the first Athlon to have a full-speed L2 cache).
Slashdot Mirror
Could you please post the CGI script? The more people who use this, the better.
:-)
I agree with another person who replied in that a robots.txt file should protect this script. That way, legitimate and well-behaved spiders (Google, etc.) won't be adversely affected, but badly-behaved spiders (spambots, etc.) that ignore robots.txt will be severely punished.
Thanks, I didn't know that. I'm a bit ignorant about Macs, since I don't have any in my house and have only used them at school, and have never used a newer iMac with an LCD. Does anyone know if the Celine Dion CD from Sony that was known to kill iMacs actually rendered the mouse and eject buttons useless on bootup, or if the whole issue was just overblown?
If I remember correctly, the CD wouldn't eject in an iMac and the machine couldn't be rebooted with the CD in. Apple refused to put an industry-standard eject hole on the iMac's CD-ROM drive. If they had put in an eject hole like everyone else, this wouldn't have been a problem. Also, if Sony (a RIAA member) hadn't used their broken copy protection, this wouldn't have been a problem. Both Apple and Sony were at fault.
Thank you! When I remove spyware from people's computers, occasionally (but definitely not often) they actually use a piece of software (like Gator) that comes with it. If I like RoboForm after I install it, it will next to KaZaA Lite on my list of spyware replacements.
Mod parent up. More.
This sounds like a lot more fun than the usual basic science class experiments with predetermined outcomes.
I'm a techie at a doctor's office and everyone has way too many pens from the drug reps (they give us free catered lunches, too). A lot of the pens are really comfortable to write with. Even though I lose or give away pens at school, I haven't had to pay for a pen after getting this job.
More likely, MS's lawyers would say you didn't back up your data like you should be doing, and the case would be thrown out. Your failure to properly back up is as bad as Microsoft's failure to properly secure its software. I hope you still don't keep all your source code on one hard drive after that incident.
I think they'd want the highest quality possible per byte, though. If they can lower the bitrate while keeping the same quality by, say, switching from MP3 to Ogg Vorbis, they save on bandwidth and storage. Even if they have both formats, their storage needs go up, but storage is a (relatively) cheap one-time expense, and their bandwidth bill goes down from the people who grab Oggs instead of MP3s.
Black hats are going to share info, legal or not, so viruses and worms will still spread regardless of whatever gets passed into law. It will only stop white hats from sharing info, so the only source to get rid of an infection or get a patch or workaround is Symantec.
I have Win2K SP4 installed, and I still see this in Windows Update:
Recommended Update for Windows Rights Management client 1.0
Download size: 3.6 MB
The Windows Rights Management (RM) client is required for your computer to run applications that provide functionality based on RM technologies. Installing this client allows RM-aware applications to work with Windows Rights Management Services (RMS) to provide licenses for publishing and consuming RM-protected information. After you install this item, you may have to restart your computer.
Read more...
I've been using Sneakemail, too, with exactly the same results. Addresses posted in WHOIS listings or on websites get the most spam. Maybe places you actually submit your address to are too scared to spam a sneakemail address, knowing that it's traceable. Or maybe we're both just lucky.
Press any key to continue, or any other key to cancel.
Someone at Compaq also posted the "any key" thing in their user forums.
I think this monitoring company was brought in by the customers. According to the original article, the hosting company has nothing to do with them and has never had a business relationship with them. There is no contract except between the hosting customers who bought monitoring, and the monitoring company.
The average (l)user isn't smart enough to follow clear directions like that and will probably screw it up. Even users from MIT.
;-)
Reformatting will get rid of whatever spyware they have, too, at least for a little while.
I'm not defending their policy. I'm just bitter from having to deal with lusers.
More likely:
1) Reformat hard drive
2) Reinstall Windows from CD
3) Install the patch from CD
4) Get network access reenabled
5) Ignore recommendations and never touch Windows Update, never intall a firewall, and never install antivirus software.
6) Get hit by the next Windows worm.
7) Go to step 1. Do not ???, do not Profit!
The PHB at the small office where I work bought about 20-30 old Pentium 133 machines at auction. I bought/traded for two of them, since we weren't going to use them all at work. They still had their installs of Win95 with a NetWare client and a few company documents. Nothing very interesting, though. I still have a backup of one of them; maybe I'll look through it some more and see what I can find.
I'll use it as soon as someone produces Skype Lite without spyware, and either makes it run under Wine or develops a Linux client (my Linux box is on 24/7, and my Windows box is only on when I want to play games).
Encryption and region coding sure fit the definition of anti-consumer, as are their lobbyists that are trying to make things like NAT and VPN illegal.
Yes! Unlike vendors of secure operating systems, Microsoft assumes that every user will need to use every MS networking and file sharing service, and opens up all the insecure ports for it. They need to turn every port OFF by default. There needs to be a nice Windows GUI to turn each service on, with options like this:
Option says: Don't share files (Recommended)
Does this: turns off all SMB-related ports
Option says: Only share files to your own network
Does this: allows SMB ports only to 10/8, 192.168/16, and 172.16/12
Option says: Only share files to certain computers or networks (Advanced users only)
Does this: allows SMB ports only to IP ranges the user specifies
Note that there's no option for "open everything up," since that would tempt lazy or clueless people to use it, and it can already be done in the third option by allowing 0.0.0.0/0. There should be something similar for management things like Remote Registry.
Until Microsoft gets its head out of its ass, we might as well have ISPs use cable/DSL modems with built-in firewalls with a really easy web interface. That way, they can block all ports in and 25 (spam viruses and email worms) and 135 out (MSBlaster) by default, but allow the user to open any of it back up.
In the real world, though, with an insecure dominant OS and ISPs that don't care, we're screwed.
Then the person whose name is associated with the ISP account is responsible, if the TOS of the ISP is like those I've seen.
When I take my laptop to work, I like to run Nmap on my home IP address. I can make sure the only ports open are the ones I opened myself, and when I get home I'll make sure my IDS logged the scan.
It looks like those IP's are in a reserved block for whatever reason and aren't used on the Internet. Other than the weird IP range, I like the idea of having the room number in one of the octets.
Oops, I forgot to change "HTML Formatted" to "Plain Old Text" again. And I forgot to preview, too. Sorry. Here's what it should've looked like:
;-)
I use 10.0.0.0/8 at home just because it's really easy to type. The subnet I keep most of my machines in is 10.0.0.0/24, and my DMZ is 10.1.1.0/24. I give out IP's within them like this:
10.x.x.1-9 is routers
10.x.x.10-19 is computers with static IP's
10.x.x.20-99 is the DHCP range
10.x.x.100-109 is network stuff that will do DHCP
10.x.x.110-199 is servers
10.x.x.200-254 is other stuff like VMware virtual machines
This is just perfect because I can type any commonly-used IP on my home LAN using just 0, 1, and period. My router is 10.0.0.1, main rig is 10.0.0.10, computer on the other end of the house is 10.0.0.11, wireless AP is 10.0.0.101, file server is 10.0.0.110, web server is 10.1.1.110, and backup server will be 10.0.0.111. I'm even lazy when I type. Or efficient, depending on your viewpoint.
Work network is 192.168.2.0/24, because that's what the guy who set it up used.
If I set up a network for someone else, I just use the default IP range on their router, which usually ends up being 192.168.0.0/24, and all other reasonable defaults, to make it easy to work on and makes a "reset to defaults" much less painful. Of course, I change stupid defaults. I turn off remote configuration if it's on, change the admin password, etc. If it's wireless, then I turn WEP on to its highest setting, change the SSID, turn off SSID broadcast, filter by MAC address, and whatever else I can do.
I use 10.0.0.0/8 at home just because it's really easy to type. The subnet I keep most of my machines in is 10.0.0.0/24, and my DMZ is 10.1.1.0/24. I give out IP's within them like this: 10.x.x.1-9 is routers 10.x.x.10-19 is computers with static IP's 10.x.x.20-99 is the DHCP range 10.x.x.100-109 is network stuff that will do DHCP 10.x.x.110-199 is servers 10.x.x.200-254 is other stuff like VMware virtual machines This is just perfect because I can type any commonly-used IP on my home LAN using just the 0, 1, and period keys. My router is 10.0.0.1, main rig is 10.0.0.10, computer on the other end of the house is 10.0.0.11, wireless AP is 10.0.0.101, file server is 10.0.0.110, web server is 10.1.1.110, and backup server will be 10.0.0.111. I'm even lazy when I type. Or efficient, depending on your viewpoint. ;-)
Work network is 192.168.2.0/24, because that's what the guy who set it up used.
If I set up a network for someone else, I just use the default IP range on their router, which usually ends up being 192.168.0.0/24, and all other reasonable defaults, to make it easy to work on and makes a "reset to defaults" much less painful. Of course, I change stupid defaults: I turn off remote configuration if it's on, change the admin password, etc. If it's wireless, then I turn WEP on to its highest setting, change the SSID, turn off SSID broadcast, filter by MAC address, and whatever else I can do.
And Thunderbird was just the code name, anyway. Code names are used during development partly to give time to make sure there won't be any conflicts with existing product names. AMD marketed the Thunderbird as the Athlon with Performance Enhancing Cache (it was the first Athlon to have a full-speed L2 cache).
IIRC, "thunderbird" refers to a fighter jet.