Tell them you have worked on software code to properly control Macintosh motherboard chipsets all the way to plugins to Instant messengers to increase functionality.
Leave out all semi-ethical or romhacking stuff, unless it's Zsnes or older system emulators. Better yet, say that you've worked on real-time assembly code-translations between 2 very different systems. And List the processors used. R65000, X86, Mips, Z80, et cetera.
Youre right. NPR had a special on today about this very thing.
Ashcroft was the one responsible for this, and it has lead these plastic ankle braclets onto what I would consider the hurt, violated, and ill-treated.
One person so interviewed was an Indian who came to the US (legal means) and found work in a restauraunt. Now he's assistant manager and he's being attacked with governmnetal harassment cause he's petitioning (and suing) to stay here in the US.
To put it bluntly, he's a tax-paying contributing member of this society.. The INS is harassing him with extremly obtuse technology, which includes staying in his house from 6PM to 6AM with NO exceptions.
It makes me sad that my Tax dollars contribute to these shit programs.
That Linus is a person, and not a GOD as some people worship him as.
Its actually pretty damned nice to see a bunch of people get together and make something as big as the Linux Kernel. Linus started it, but we all will finish it.
Still, I fail to see how some bugs would be super-bad, as the article seems to say. Id rather have a crash bug, rather than a SUID change bug.. STill, not all security comes from the Kernel. Some security comes from network filter drivers, some com from the application, which many hackers target, and whatnot. Though, the kernel is a great place to attack if you have that guest acct and "want" root;P
And I wasnt trying to justify anything, except that users ought to learn the basics of the hazards of the Internet. Even explaining to them that you need a program like a "Virus Scanner" to find them, and then you hand them a link or 2 to some popular anti-crapware scanners.
But then again, poeple learn how to drive, how to manage finance, how to build things, yet getting help (from Google or a friend) and applying that help is somehow above most peoples' grasps.
---I don't know how or why you were modded as "Flamebait". Your post is insightful.
Well, either I was "flaming" or I really found a big point of contention in the Tech community.
---There is a different standard on the web, where willful ignorance is forgiven.
Well, it's not just with the web. It's with computers and computerized technology. People are afraid cause they dont want to "mess it up", even if it's just setting a clock from 12:00 to your time.
People deal with complex life issues every day. Finance, personnal skills (to keep a job), general task management. Finance can get to be a bloody mess, as you have to deal with incoming junk mail and then determining the bills from solicitations.
---Obviously not everyone can be an uber-geek, but as with anything out there, using a PC, or going online, requires a little bit of knowledge. If people are not going to pay attention to whatever shows up on their PC, or they're just going to click straight through install wizards, they ought to share some of the blame.
Of course everybody cant be a uber-geek. Not everybody can be Richard Petty, but you sure can still learn the laws of the road, and drive safely by them. That doesnt mean you have to know the cc displacement of your engine, aerodynamics of your vehicle, air intake control via spoiler, control rod timings, and car geek things. You still need to know how to change a tire, check/add/drain fluids and general maintenance. Let the mechanics handle the bigger stuff, as they should.
---Case in point: BBSpot posted a satire article about a Nigerian billionaire philanthropist. And while the site clearly states that it is completely satire, Brian Briggs still got emails asking for details about the Nigerian.
Too true, but that shows a different point in human behavior: Greed. There is no extent to what someone in this culture would do to get a buck. The rest above is concerning intentional ignorance, which I abhor.
Im unsure of the state of your system, but this gives me a hint.
--It only showed one every couple hours so I was blaming the ad on AIM / webpages getting things past firefox.
Not knowing the types of things you do on your machine, Im guessing your infection vector is AIM's ads. Since they use IE's engine to display (check for yourself.. they do) you end up opening yourself to the hacks and cracks of IE. Still, IE has no priviledge escalation bug to worry about, so as long as you run as a user and not an admin, you should be safe as long as you take your data and copy it into another profile.
My suggestion would to be to pitch AIM and get GAIM. Multi-protocol, and now AoL-Time Warner is acting nicer to 3'rd party clients.
Still, you also need to consider watching out for rogue WMA's, WMV's and other Microsoft Media garbage. You can insert all sorts of executable code within them, including running programs from a URL directly (yes, that bad). I observed a friend watch a WMV porn vid from a BT download. Was it.. every 2 minutes, it would respawn all the programs, 5 pop-unders and 2 "install-for-free-pr0n".
Do you buy watches on the corner near the grungy club in the big city? Do they say "Rolex"?
Well, do you buy anything off of a fold-up table off a street vendor who just LOOKS slimy?
Well.. And if somebldy believes the "Critical Windows Media Player Update", why dont the users check on the "Windows Update" button at the top of the start bar?
If they do it that way (which is not exactly THAT hard to notice), they can gat the patch from a KNOWN GOOD source.
After all, would you buy (assuming you had a prescription for it) and ingest Ritalin you bought off of that street vendor? They "do undercut the big pharmacies".
I run a slew of different operating systems, which include Windows and Linux. I know what programs I run, and when. If i suspect a program to be... naughty, I create another account and run it in there.
No matter what OS you run, you can limit permissions and run questionable apps mostly safely. Like I reiterate, it s a fault of the user for not watching what he does on the machine.
You surf porn sites and run "programs" to download porn, you're gonna get infected. You download illegally copied works, youre gonna get infected. You open absolutely every attachment, even if it says "happy98.exe", you're gonna get infected.
is it Spyware when you click OK? Is it spyware when you let it stay on your system? Is it spyware when you let it run?
When does the user take responsibility over what somebody/something else does?
Seriously, it has to do with peoples' rights and how many intentionally do not inform themselves what they do, and their repurcussions involved.
If we applied to what normal people do online (and then blame), what would you say if somebody cashed those "Loan Checks" sent in the mail? Most people know its a acceptance of a loan. Yet, common sense is thrown out the window on the net.
We all can agree that Microsoft _was_ a monopoly (I dare not hold that assumption today). Monopolies require stricter governmnetal controls, and in general, must act in a reasonable interest of the people (while of course, keeping stockholders happy).
If the governmnet allows a monopoly to survive, is that not a office of profit? By the governnment not taking actions to dismember the company, does not it lead to by sanctioning the company?
No Title of Nobility shall be granted by the United States: And no Person holding any Office of Profit or Trust under them, shall, without the Consent of the Congress, accept of any present, Emolument, Office, or Title, of any kind whatever, from any King, Prince, or foreign State.
Office of profit? Perhaps that means someone who controls vast amounts of money.
Does this deny, and make unconstitutional Bill Gates's "reward"?
---I think people expect open source projects to be managed 'openly', too -- to have decisions discussed and publicized on mailing lists, even if there is a final arbiter.
Well, what would you do if you were offered X amount of money to go brand a FireFox browser with a corporate logo? If the company wants it secret, well.. then it has to do with if teh X dollars is worth the secrecy.
In most cases, it is.
---That's not Mozilla's approch, AFAICT. I don't think it's right or wrong, but it should be clarified to avoid giving volunteers the wrong idea about their relationship with the Mozilla.
They're a 501(c)3 non-profit corporation. Go read that general piece of law and Mozilla's Charter.
Then again, you still donate code under the MPL.
---I've contributed many hours to Mozilla.org (though I'm certainly not among the top contributors). From my perspective, Mozilla.org operates more like a private business than a community project; it's more like volunteering for Google, a business that seems 'not evil'.
Sure is. It also provides a way to have money non-taxed, a big incentive. They also have many corporate protections otherwise not usually obtained.
And about Google, they're a sellout. Once they went public, they really lost control of what they want to do. Now they have an externalizing factor of what they "cant" do. Now, if they were to spend more money on R&D and the stockholders thought the research was wasted, Sue Sue Sue.
---I know the budget is different and some systems (e.g. bugzilla) are designed to incorporate volunteer participation, but that doesn't affect volunteers' relationsihips with Mozilla.org. Moz.org makes decisions and operates a business, independently of the community.
---Perhaps the way to describe it would be as the software equivalent of America's public TV and radio.
?? The way to describe it is by calling it what it is. 501(c)3 Non-Profit Corporation.
As a (now former) board member of a non-profit under 501(c)3 , I understand what kind of things might have happened.
And to tell the truth, as long as the source stays open, I dont care how you increase mindshare... well, other than following the law;)
And really, getting IE off of machines and getting branded Firefox borwsers is actually a damned good idea. Keep up the good work and fight the Good Fight.
Either remove the RFID bug or fry it with microwaves.
Either way, just guarantee there's nothing to harvest information from.
Still, I fail to understand why anybody would want encryption on it.. Encryption schemes are broken, as are signing algorythims and other complex mathematical constructs. COnsidering how long passports have been around, would you trust your data to DES?
Slashdot Mirror
I second that!
I'd love to see the charred remains of a server after 3 arso^H^H^H^Hslashdottings.
Gah. You did it wrong then.
Tell them you have worked on software code to properly control Macintosh motherboard chipsets all the way to plugins to Instant messengers to increase functionality.
Leave out all semi-ethical or romhacking stuff, unless it's Zsnes or older system emulators. Better yet, say that you've worked on real-time assembly code-translations between 2 very different systems. And List the processors used. R65000, X86, Mips, Z80, et cetera.
Well, its the positive aspect of Open SOurce under GPL.
Pay somebody who does Linux kernel programming (not cutting teeth on mm or somesuch) to write it for you.
Yeah, and you find out they said more than "Start Date" and "Termination Date", and you can have their ass in court for slander.
Youre right. NPR had a special on today about this very thing.
Ashcroft was the one responsible for this, and it has lead these plastic ankle braclets onto what I would consider the hurt, violated, and ill-treated.
One person so interviewed was an Indian who came to the US (legal means) and found work in a restauraunt. Now he's assistant manager and he's being attacked with governmnetal harassment cause he's petitioning (and suing) to stay here in the US.
To put it bluntly, he's a tax-paying contributing member of this society..
The INS is harassing him with extremly obtuse technology, which includes staying in his house from 6PM to 6AM with NO exceptions.
It makes me sad that my Tax dollars contribute to these shit programs.
Nonono, My boss committed suicide after that big project was due.
He was stabbed in the back 6 times.
---And when aliens talk about blackholes, they don't mean DNS.
;-P
That sucks.
Im prolly going there anyways.. Guess Ill invite someone along so I have company ;-P
That Linus is a person, and not a GOD as some people worship him as.
;P
Its actually pretty damned nice to see a bunch of people get together and make something as big as the Linux Kernel. Linus started it, but we all will finish it.
Still, I fail to see how some bugs would be super-bad, as the article seems to say. Id rather have a crash bug, rather than a SUID change bug.. STill, not all security comes from the Kernel. Some security comes from network filter drivers, some com from the application, which many hackers target, and whatnot. Though, the kernel is a great place to attack if you have that guest acct and "want" root
Yeah, I guess +5 IS what I deserve ;)
And I wasnt trying to justify anything, except that users ought to learn the basics of the hazards of the Internet. Even explaining to them that you need a program like a "Virus Scanner" to find them, and then you hand them a link or 2 to some popular anti-crapware scanners.
But then again, poeple learn how to drive, how to manage finance, how to build things, yet getting help (from Google or a friend) and applying that help is somehow above most peoples' grasps.
---I don't know how or why you were modded as "Flamebait". Your post is insightful.
Well, either I was "flaming" or I really found a big point of contention in the Tech community.
---There is a different standard on the web, where willful ignorance is forgiven.
Well, it's not just with the web. It's with computers and computerized technology. People are afraid cause they dont want to "mess it up", even if it's just setting a clock from 12:00 to your time.
People deal with complex life issues every day. Finance, personnal skills (to keep a job), general task management. Finance can get to be a bloody mess, as you have to deal with incoming junk mail and then determining the bills from solicitations.
---Obviously not everyone can be an uber-geek, but as with anything out there, using a PC, or going online, requires a little bit of knowledge. If people are not going to pay attention to whatever shows up on their PC, or they're just going to click straight through install wizards, they ought to share some of the blame.
Of course everybody cant be a uber-geek. Not everybody can be Richard Petty, but you sure can still learn the laws of the road, and drive safely by them. That doesnt mean you have to know the cc displacement of your engine, aerodynamics of your vehicle, air intake control via spoiler, control rod timings, and car geek things. You still need to know how to change a tire, check/add/drain fluids and general maintenance. Let the mechanics handle the bigger stuff, as they should.
---Case in point: BBSpot posted a satire article about a Nigerian billionaire philanthropist. And while the site clearly states that it is completely satire, Brian Briggs still got emails asking for details about the Nigerian.
Too true, but that shows a different point in human behavior: Greed. There is no extent to what someone in this culture would do to get a buck. The rest above is concerning intentional ignorance, which I abhor.
Im unsure of the state of your system, but this gives me a hint.
--It only showed one every couple hours so I was blaming the ad on AIM / webpages getting things past firefox.
Not knowing the types of things you do on your machine, Im guessing your infection vector is AIM's ads. Since they use IE's engine to display (check for yourself.. they do) you end up opening yourself to the hacks and cracks of IE. Still, IE has no priviledge escalation bug to worry about, so as long as you run as a user and not an admin, you should be safe as long as you take your data and copy it into another profile.
My suggestion would to be to pitch AIM and get GAIM. Multi-protocol, and now AoL-Time Warner is acting nicer to 3'rd party clients.
Still, you also need to consider watching out for rogue WMA's, WMV's and other Microsoft Media garbage. You can insert all sorts of executable code within them, including running programs from a URL directly (yes, that bad). I observed a friend watch a WMV porn vid from a BT download. Was it.. every 2 minutes, it would respawn all the programs, 5 pop-unders and 2 "install-for-free-pr0n".
Go read my thread about user responsibility.
Course it was flamebaited immediately.
Gotta wonder if I really hit a nerve saying what I did.
Do you buy watches on the corner near the grungy club in the big city? Do they say "Rolex"?
Well, do you buy anything off of a fold-up table off a street vendor who just LOOKS slimy?
Well.. And if somebldy believes the "Critical Windows Media Player Update", why dont the users check on the "Windows Update" button at the top of the start bar?
If they do it that way (which is not exactly THAT hard to notice), they can gat the patch from a KNOWN GOOD source.
After all, would you buy (assuming you had a prescription for it) and ingest Ritalin you bought off of that street vendor? They "do undercut the big pharmacies".
Thats exactly my point.
I run a slew of different operating systems, which include Windows and Linux. I know what programs I run, and when. If i suspect a program to be... naughty, I create another account and run it in there.
No matter what OS you run, you can limit permissions and run questionable apps mostly safely. Like I reiterate, it s a fault of the user for not watching what he does on the machine.
You surf porn sites and run "programs" to download porn, you're gonna get infected. You download illegally copied works, youre gonna get infected. You open absolutely every attachment, even if it says "happy98.exe", you're gonna get infected.
is it Spyware when you click OK?
Is it spyware when you let it stay on your system?
Is it spyware when you let it run?
When does the user take responsibility over what somebody/something else does?
Seriously, it has to do with peoples' rights and how many intentionally do not inform themselves what they do, and their repurcussions involved.
If we applied to what normal people do online (and then blame), what would you say if somebody cashed those "Loan Checks" sent in the mail? Most people know its a acceptance of a loan. Yet, common sense is thrown out the window on the net.
Can you define "Pedantic" ?
That's where I tend to disagree.
We all can agree that Microsoft _was_ a monopoly (I dare not hold that assumption today). Monopolies require stricter governmnetal controls, and in general, must act in a reasonable interest of the people (while of course, keeping stockholders happy).
If the governmnet allows a monopoly to survive, is that not a office of profit? By the governnment not taking actions to dismember the company, does not it lead to by sanctioning the company?
Of the Constitution states:
No Title of Nobility shall be granted by the United States: And no Person holding any Office of Profit or Trust under them, shall, without the Consent of the Congress, accept of any present, Emolument, Office, or Title, of any kind whatever, from any King, Prince, or foreign State.
Office of profit? Perhaps that means someone who controls vast amounts of money.
Does this deny, and make unconstitutional Bill Gates's "reward"?
---I think people expect open source projects to be managed 'openly', too -- to have decisions discussed and publicized on mailing lists, even if there is a final arbiter.
Well, what would you do if you were offered X amount of money to go brand a FireFox browser with a corporate logo? If the company wants it secret, well.. then it has to do with if teh X dollars is worth the secrecy.
In most cases, it is.
---That's not Mozilla's approch, AFAICT. I don't think it's right or wrong, but it should be clarified to avoid giving volunteers the wrong idea about their relationship with the Mozilla.
They're a 501(c)3 non-profit corporation. Go read that general piece of law and Mozilla's Charter.
Then again, you still donate code under the MPL.
---I've contributed many hours to Mozilla.org (though I'm certainly not among the top contributors). From my perspective, Mozilla.org operates more like a private business than a community project; it's more like volunteering for Google, a business that seems 'not evil'.
Sure is. It also provides a way to have money non-taxed, a big incentive. They also have many corporate protections otherwise not usually obtained.
And about Google, they're a sellout. Once they went public, they really lost control of what they want to do. Now they have an externalizing factor of what they "cant" do. Now, if they were to spend more money on R&D and the stockholders thought the research was wasted, Sue Sue Sue.
---I know the budget is different and some systems (e.g. bugzilla) are designed to incorporate volunteer participation, but that doesn't affect volunteers' relationsihips with Mozilla.org. Moz.org makes decisions and operates a business, independently of the community.
---Perhaps the way to describe it would be as the software equivalent of America's public TV and radio.
?? The way to describe it is by calling it what it is. 501(c)3 Non-Profit Corporation.
As a (now former) board member of a non-profit under 501(c)3 , I understand what kind of things might have happened.
;)
And to tell the truth, as long as the source stays open, I dont care how you increase mindshare... well, other than following the law
And really, getting IE off of machines and getting branded Firefox borwsers is actually a damned good idea. Keep up the good work and fight the Good Fight.
Sure am. The story of Abraham and who the "Rightful Son" was, is what I thought the split between Islam and Judiasm was.
I thought the Arabs were the indigenous peoples of the Middle East (between Europe and Asia).
??Im confused??
Well, you reverse the algo.
;P
Im not familiar with the interworkings of SHA-1 personally, but understand crypto ideas.
I assume that SHA-1 throws away parts of the numbers needed to reverse SHA-1.
Still, the message is a 1-1 as long as it's the SHA-1 signature size or less... I GUESS you could brute force it
SHA-1 IS an encryption algo IF your message is the same size or smaller than the SHA-1 keysize.
Encryption implies a 1-1 ratio of encrypted content to plaintext. Signing implies there's a 1-many ratio between signed content to plaintext.
There IS a 1-1 ratio on a SHA-1 message when it's smaller or equal to the bits in SHA-1.
Either remove the RFID bug or fry it with microwaves.
Either way, just guarantee there's nothing to harvest information from.
Still, I fail to understand why anybody would want encryption on it.. Encryption schemes are broken, as are signing algorythims and other complex mathematical constructs. COnsidering how long passports have been around, would you trust your data to DES?