All of the things described in that article are common problems in many databases, though those databases don't affect the lives of millions so drastically. There needs to be much more testing done to these systems before they are used in the real world. Errors like these would not be that bad in a small database that doesn't handle vital information, but for a massive government database this is just unnacceptable. The government needs to be more cautious with these projects.
Re:Copyright Please Read
on
Open Source Law
·
· Score: 2, Interesting
Copyright is not automatic. One must actually bother to make the effort of providing notices that this work is your intellectual property. Until then the work is considered in the public domain. In the majority of situations involving copyrighted works being included in laws, you are able to provide that information as a public service so long as you mention who the owner of the work being included is.
Re:This proves to exemplify ...
on
SARS Contained
·
· Score: 1
And 800 deaths is considered to be an epidemic.
There's already a medical term for this...
on
Addicted to Information?
·
· Score: 2, Informative
It's called obsessive compulsive disorder. All of the people in that article exhibited classic symptoms of it. Constantly checking one's email and constantly checking news are just another manifestation of it.
They're warning us about something that could affect us adversely. An unintended consequence is more crackers learning about it. You claim that it's better to be unprepared and have slightly less attacks happening than to actually be ready and have a few more attacks to worry about.
If you built a 1GHz 8086 you wouldn't get a space heater, you'd get a nice piece of modern art and a free visit from the fire department. Plus the processor itself would be the size of a modern computer or larger to accomodate the necessary circuitry to reach one gigahertz.
Apple has always been at its best when it's actually creating new things not ripping off BSD and linux like lately. Whenever Apple tries to copy off its competitors it fails miserably, look at the Mac clones and Apples forays into consoles and PDAs. To be sure Apple has its market, but it just can't compete with Linux on the larger scale.
Apple computers are generally used by a very small market: graphic designers, artists, photographers...etc. Linux on the other hand has something for everyone, it comes with a nice suite of software installed and has excellent multiuser capabilities. A business is more likely to consider linux than the Mac as an alternative for Windows. Have you ever seen a large network comprised of Macs? And home users tend to consider what their business is using when they buy computers.
Apple has begun using oss too late for it to matter. Linux is engrained in peoples' minds as the open source Unix derivative. No matter what, Apple just isn't going to change peoples' minds.
Then there's the cost. Apple products are outrageously expensive for the home user or business. No one wants to pay $1000 for a low end computer. Linux can be put on any computer and can be gotten for free. the Mac OS doesn't work on anything other than Apple's own computers.
Macs are never going to be more than a niche market because of Apple's past policies.
Quite a bit. If you look at the history of SCO, half the time they were working on Linux alongside UNIX. I'm sure a lot of SCO employees developed an affinity for Linux.
Nope, Hydrogen is used in nuclear fusion. It's much easier to generate energy with do to its high reactivity. If you look at naturally occurring fusion in stars, the vast majority of it involves hydrogen. Helium can be used in fusion too.
It's the qwerty phenomenom. People have used it so many times it's ingrained in them. Plus, just about everyone has a phone in the industrialized world and even in the developing world most people have access to a phone. Imagine trying to reassign phone numbers based on some other system to all of those people while keeping the network up. It's a system that works quite well, so why spend massive amounts to change it?
It could conceivably be built around standard DNS. After all, it's just using a different substitute for the IP address. instead of typing in www.something.com to connect to the IP address you'd be sending a certain symbol. However, the mechanism to interpret it would have to be highly advanced, able to recognize all of the weird drawing styles humans have. Typing it in is still easier because there's only one way to spell target(in english at least). From an ease of use standpoint it's just not worth it. Plus, imagine having to assign unique symbols to the billions or urls out there!
- Corrected analysis regarding use of sequence numbers to change IP address. - Added reference to alternate name "Stumbler" given to trojan by Internet Security Systems subsequent to the release of Intrusec's analysis.
Introduction:
Intrusec has completed an initial analysis of a trojan that appears to be one of several that is responsible for generating substantial scanning traffic across the Internet with a TCP window size of 55808. The trojan we have isolated appears to match many of the characteristics that others in the security community have reported for this trojan. However, we do not believe that the specific trojan we have identified is the sole source of the traffic generated, and do not know that it is a primary source.
The information we've been able to gather leads us to believe that the trojan we have captured is not the original source of the 55808 traffic that has been seen, but is rather a "copycat", created to mimic the behavior of another trojan or worm. The behavior of this copycat appears to be based on press releases, news articles, and mailing lists that described its hypothetical behavior and known output. Nonetheless, this copycat trojan appears to be actively deployed on systems across the Internet and is something security professionals should be aware of. Details contained in this analysis will be updated, and linked to linked to numerous analyses that will be done by other security researchers, as they become available.
Please visit and link to http://www.intrusec.com/55808.html to receive the latest information available regarding this trojan. There is apt to be great discussion about the nature of this "trojan" and whether in fact it is accurately characterized as a trojan, backdoor, zombie, or worm. While the specific binaries we have captured are probably described as a trojan or zombie, there is no assurance that other variants of this trojan may not be far more malicious in nature and contain worm or backdoor functionality. We are referring to the trojan we have captured, and the presumed other existing trojans generating similar traffic as "55808 Trojans," and the specific binary we have analyzed as "55808 Trojan - Variant A." All discussion in our analysis section refers specifically to the 'A' variant we have captured. Internet Security Systems subsequent to the release of this alert dubbed this "Stumbler", and refers to this same trojan by that name.
Analysis:
This trojan aims to be a distributed port scanner whose presence is very difficult to detect. It port scans random addresses across the IP address space, with a random source address also spoofed. By spoofing the source address, the trojan is able to avoid easy detection, but it also means it can not receive the results of the TCP SYN that is sent. However, since the trojan also sniffs the network it is on in promiscuous mode, it is likely, over time, to pick up scans from other installations of trojans that randomly selected a source address that happened to be on its subnet. As the number of trojans installed across the Internet grows, more spoofed packets will be sent out by each trojan, and more of the spoofed source addresses will be captured by other trojans.
Each time a reply to a trojan is seen, indicating an open port has been found, it is written to a file and saved. Daily, the trojan will then deliver the list of open ports it recorded while sniffing to a file and deliver that file to a predefined IP address.
In addition, a specially crafted packet can be sent to the subnet the trojan is listening on which contains in its sequence number the IP address the trojan should deliver the open port list to daily. How
It was only certain items that people bothered to keep out of the country, ironically a lot of the stuff that was embargoed was medical. It was probably Syria or Jordan who sold them some of it. Probably Syria, since it was also ruled by the Baath party. I doubt that anyone thought that Iraq could turn a server and some modems into a weapon of mass destruction. Although you could use them as a guidance device.
Ah but this post is just actually millions of 0 and 1s transformed into electric pulses by a modem and back. I incorporate a company in Sweden and patent binary code and the modem. Back to analog for the lot of you!
AOL also sued spammers, but for a different reason: unfair competition.
Re:Please be respectful on this topic
on
Working with ADHD?
·
· Score: 1
The problem with most of the stronger amphetamine ADHD drugs is that most of them can cause extreme insomnia because of their nature as stimulants. You should probably research into the effects of Aderall before asking your doctor for it. If you're very sensitive to even small amounts of medicine, you shouldn't take Aderall because it can really cause problems if you are affected by very small doses. Aderall is a very potent medicine and can really help some ADHD sufferers but it's definitely not for everyone who suffers from ADHD.
Slashdot Mirror
All of the things described in that article are common problems in many databases, though those databases don't affect the lives of millions so drastically. There needs to be much more testing done to these systems before they are used in the real world. Errors like these would not be that bad in a small database that doesn't handle vital information, but for a massive government database this is just unnacceptable. The government needs to be more cautious with these projects.
Copyright is not automatic. One must actually bother to make the effort of providing notices that this work is your intellectual property. Until then the work is considered in the public domain. In the majority of situations involving copyrighted works being included in laws, you are able to provide that information as a public service so long as you mention who the owner of the work being included is.
And 800 deaths is considered to be an epidemic.
It's called obsessive compulsive disorder. All of the people in that article exhibited classic symptoms of it. Constantly checking one's email and constantly checking news are just another manifestation of it.
not true, HP has been selling Red Hat linux desktops for over a month. In fact, I bought one recently.
They're warning us about something that could affect us adversely. An unintended consequence is more crackers learning about it. You claim that it's better to be unprepared and have slightly less attacks happening than to actually be ready and have a few more attacks to worry about.
If you built a 1GHz 8086 you wouldn't get a space heater, you'd get a nice piece of modern art and a free visit from the fire department. Plus the processor itself would be the size of a modern computer or larger to accomodate the necessary circuitry to reach one gigahertz.
Apple has always been at its best when it's actually creating new things not ripping off BSD and linux like lately. Whenever Apple tries to copy off its competitors it fails miserably, look at the Mac clones and Apples forays into consoles and PDAs. To be sure Apple has its market, but it just can't compete with Linux on the larger scale.
Apple computers are generally used by a very small market: graphic designers, artists, photographers...etc. Linux on the other hand has something for everyone, it comes with a nice suite of software installed and has excellent multiuser capabilities. A business is more likely to consider linux than the Mac as an alternative for Windows. Have you ever seen a large network comprised of Macs? And home users tend to consider what their business is using when they buy computers.
Apple has begun using oss too late for it to matter. Linux is engrained in peoples' minds as the open source Unix derivative. No matter what, Apple just isn't going to change peoples' minds.
Then there's the cost. Apple products are outrageously expensive for the home user or business. No one wants to pay $1000 for a low end computer. Linux can be put on any computer and can be gotten for free. the Mac OS doesn't work on anything other than Apple's own computers.
Macs are never going to be more than a niche market because of Apple's past policies.
Quite a bit. If you look at the history of SCO, half the time they were working on Linux alongside UNIX. I'm sure a lot of SCO employees developed an affinity for Linux.
Yes. everyone click on this. shlashdot and burn!
Nope, Hydrogen is used in nuclear fusion. It's much easier to generate energy with do to its high reactivity. If you look at naturally occurring fusion in stars, the vast majority of it involves hydrogen. Helium can be used in fusion too.
It's the qwerty phenomenom. People have used it so many times it's ingrained in them. Plus, just about everyone has a phone in the industrialized world and even in the developing world most people have access to a phone. Imagine trying to reassign phone numbers based on some other system to all of those people while keeping the network up. It's a system that works quite well, so why spend massive amounts to change it?
It could conceivably be built around standard DNS. After all, it's just using a different substitute for the IP address. instead of typing in www.something.com to connect to the IP address you'd be sending a certain symbol. However, the mechanism to interpret it would have to be highly advanced, able to recognize all of the weird drawing styles humans have. Typing it in is still easier because there's only one way to spell target(in english at least). From an ease of use standpoint it's just not worth it. Plus, imagine having to assign unique symbols to the billions or urls out there!
Purposefully broken? Could the RIAA be involved?
This is from intrusec itself. It goes into a lot more detail:
Intrusec Alert: 55808 Trojan Analysis
Initial Release: 6/19/03 4:30PM EDT
Latest Update: 6/19/03 11:13PM EDT
- Corrected analysis regarding use of sequence numbers to change IP
address.
- Added reference to alternate name "Stumbler" given to trojan by
Internet Security Systems subsequent to the release of Intrusec's
analysis.
Introduction:
Intrusec has completed an initial analysis of a trojan that appears to
be one of several that is responsible for generating substantial
scanning traffic across the Internet with a TCP window size of 55808.
The trojan we have isolated appears to match many of the characteristics
that others in the security community have reported for this trojan.
However, we do not believe that the specific trojan we have identified
is the sole source of the traffic generated, and do not know that it is
a primary source.
The information we've been able to gather leads us to believe that the
trojan we have captured is not the original source of the 55808 traffic
that has been seen, but is rather a "copycat", created to mimic the
behavior of another trojan or worm. The behavior of this copycat appears
to be based on press releases, news articles, and mailing lists that
described its hypothetical behavior and known output. Nonetheless, this
copycat trojan appears to be actively deployed on systems across the
Internet and is something security professionals should be aware of.
Details contained in this analysis will be updated, and linked to linked
to numerous analyses that will be done by other security researchers, as
they become available.
Please visit and link to http://www.intrusec.com/55808.html to receive
the latest
information available regarding this trojan. There is apt to be great
discussion about the nature of this "trojan" and whether in fact it is
accurately characterized as a trojan, backdoor, zombie, or worm. While
the specific binaries we have captured are probably described as a
trojan or zombie, there is no assurance that other variants of this
trojan may not be far more malicious in nature and contain worm or
backdoor functionality. We are referring to the trojan we have captured,
and the presumed other existing trojans generating similar traffic as
"55808 Trojans," and the specific binary we have analyzed as "55808
Trojan - Variant A." All discussion in our analysis section refers
specifically to the 'A' variant we have captured. Internet Security
Systems subsequent to the release of this alert dubbed this "Stumbler",
and refers to this same trojan by that name.
Analysis:
This trojan aims to be a distributed port scanner whose presence is very
difficult to detect. It port scans random addresses across the IP
address space, with a random source address also spoofed. By spoofing
the source address, the trojan is able to avoid easy detection, but it
also means it can not receive the results of the TCP SYN that is sent.
However, since the trojan also sniffs the network it is on in
promiscuous mode, it is likely, over time, to pick up scans from other
installations of trojans that randomly selected a source address that
happened to be on its subnet. As the number of trojans installed across
the Internet grows, more spoofed packets will be sent out by each
trojan, and more of the spoofed source addresses will be captured by
other trojans.
Each time a reply to a trojan is seen, indicating an open port has been
found, it is written to a file and saved. Daily, the trojan will then
deliver the list of open ports it recorded while sniffing to a file and
deliver that file to a predefined IP address.
In addition, a specially crafted packet can be sent to the subnet the
trojan is listening on which contains in its sequence number the IP
address the trojan should deliver the open port list to daily. How
It was only certain items that people bothered to keep out of the country, ironically a lot of the stuff that was embargoed was medical. It was probably Syria or Jordan who sold them some of it. Probably Syria, since it was also ruled by the Baath party. I doubt that anyone thought that Iraq could turn a server and some modems into a weapon of mass destruction. Although you could use them as a guidance device.
What SCO eats for dinner. In other words a linux user. windows users give SCO indigestion
Plus if you sign up now you get a 10% discount on Russian nukes!
Ah but this post is just actually millions of 0 and 1s transformed into electric pulses by a modem and back. I incorporate a company in Sweden and patent binary code and the modem. Back to analog for the lot of you!
AOL also sued spammers, but for a different reason: unfair competition.
The problem with most of the stronger amphetamine ADHD drugs is that most of them can cause extreme insomnia because of their nature as stimulants. You should probably research into the effects of Aderall before asking your doctor for it. If you're very sensitive to even small amounts of medicine, you shouldn't take Aderall because it can really cause problems if you are affected by very small doses. Aderall is a very potent medicine and can really help some ADHD sufferers but it's definitely not for everyone who suffers from ADHD.
Isn't M$ doing that already?
You can vote for it in that dark alley next to the river. come unarmed.
some C4 with a detonater would work better. Or one of those mini-nukes