Yeah, I looked at that a little funny, too. It's an apt analogy, but it leaves out a few details... like making up a few fake IDs to get a library card, and then breaking into the library's protected archives, and then photocopying every book you can find, at a pace that interferes with other's access to those works. (running in and out of the narrow stacks, using every copier in the building, etc.) But, yes, it's just like checking out a few million books from the library.:-)
I wouldn't use the word "assault"... he was accessing the system(s) in a manner consistent with the way they were built. (at a pace they didn't design it to handle???)
I have to question MIT's IT and Security people if they cannot locate and remove a laptop plugged into a physical port on a switch in a closet in the basement of Building 16. I've located a single "misbehaving" computer in a 9 story building, half filled with HUBS -- you had to actually go look at the hub to see which port was flashing wildly. (It took longer to lookup the MAC in the company's inventory than it did to trace it through the switches -- and hub -- to a desk.)
Hince the term "breader reactor". And any country that even draws one on the back of a napkin gets invaded by UN inspectors -- and often the US military.
Bullshit. There's nowhere on Earth to put this stuff that isn't going to be in someone's backyard. Of all the land in the US -- and that's really all of the Earth we get to use, Yucca mountain is one of a very few safe places to store nuclear waste. If you wanted to bitch about it, you should've done so 40 years ago during the site selection process. (that, btw, is back when your politicians sold you out. they knew no one would care until the site was near opening.)
This has been bashed over and over... the answer is reprocessing and breader reactors. But the US power industry won't do either of them. Reprocessing is expensive. And building a completely new reactor just isn't going to happen -- cost, politics, NIMBY...
[Note: "safe" is debatable. 10,000 years is a very long time.]
The tiny eeprom contains a boot loader. That code is MUCH smaller than the complex full interface. Somehow I doubt you've worked for any hard drive maker in the last decade.
Seagate was one of the few that would field update a drive -- through a special mode program sent to the drive... I'm aware of console ports on tape drives but not any hard drive. (esp. cheap retail drives.)
In all modern IDE/SATA drives, the firmware is stored on the plater, not in an eeprom. And for most manufacturers, it's not field accessable. Plus there's zero documentation for the firmware / internal processor(s) outside of the manufacturer's labs. (and maybe the company making the chips.) Hacking the firmware is beyond the reach of anyone who would be wowed by a $10k prize.
You are mistakenly assuming every flat tire leads to a rape, and murder. That's not the case. Very few end in such evil, but by stopping to help, you are rolling the dice.
If their "proper records" are within the colo (i.e. in the blade center management app(s)), then it's entirely possible to not know jack with all the systems in disarray. All you'd have to do is take my workstation to make me lose track of what's where. (even that's not current:-))
Except they didn't take "one server", they walked in and took 3 entire RACKS of servers. Many of the devices taken have nothing at all to do with what they're after, and as such falls outside the scope of their warrant, but being the FBI they can go unchallanged. The really bad thing is just how horribly LEO's handle the stuff they've taken... if you ever get if back, it will be throughly trashed.
Cloning a VM is amazing? The real magic(tm) is in creating the VM the first time. (something my coworkers learned recently when I made them build the windows vms for virtual center, domain controller, etc.)
He appears to have written some scripts / programs to automate a highly complex process. System admins have been doing that for as long as computers have existed. He's managed to get someone to buy his creation -- for an undisclosed amount that isn't likely to be the billions the/. crowd is making it out to be -- and that ain't bad. Me? I tend to get paid for the shit before I write it. (but I'm an old fart... I don't write code for fun.)
One has to drive rather slow and break gently, well ahead of traffic, to do well. Regen breaking can reclaim a great deal of energy, but it'll take for ever to actually slow down. Coasting over hills will also help a ton, but it's impossible to do with other traffic around -- you're forced to slow down going down hills, and run off the road going up the hills. My Lexus HS can do very well when I can glide, but with other traffic around it pisses people off:-)
(For the record, it's done 39.7mpg over one full tank. The next tank was ~32... but that was 300+ miles at over 70mph.)
The prius was being driven "all out" the whole time, while the bmw was basically at idle the whole time. If you stand on the M3, it'll get ~5, but it's a hell of a lot more fun.:-)
Also note, only the level at deck level is tied down -- most ships stack *much* higher than the deck. And there appear to be no pins between the containers.
Without government regulations and multi-million dollar lawsuits, we wouldn't. Cost-Benefit has cost many people's lives... because it's cheaper to settle than fix the problem.
Value after it's been soaking in seawater for a few days? Next to nothing. Scrape metal maybe. Rarely will you find water tight containers within the cargo pods. Even the cargo container itself wouldn't be in great shape after a few days in salt water.
Have you looked at a cargo container? They do not interlock. But they do fit together. Any interlocks are extra devices added to the pod, or it's carrier.
I've never seen a cargo ship with even one chain dogged down. Granted, they could throw chains on once at sea. The one I watched steam up the Cooper river in Charleston, SC a few weeks ago didn't have any chains anywhere. It would take some serious chains to hold an 80ft stack of pods in place.
Their "support" of coreboot is only for show. We had to drop using linuxbios/coreboot on our quad core systems because it wouldn't boot correctly (read: at all.) We had the same problem with the previous gen dual core systems -- for unknown reasons 7% would not work. Only after buying a source license for AMI(?) BIOS ($$$$$) did we find them flipping several undocumented, reserved bits which were the difference between unstable/unbootable and a fully functional system. [ALL of them work perfectly when booted from a commercial bios.] When we asked AMD about it, they told us to go away; they wouldn't even talk to anyone writing or working on GPL/opensource code.
(I'd *really* prefer coreboot. AMI... 10+ sec to boot. Core... less than a second if one removes the delays for human interaction.)
Exactly. Classic power plants can have every single component replaced over time. And in fact, they are routinely shutdown, disassembled, and repaired. The generator room is intentionally built far larger than functionally necessary for this very disassembly. Nuke plants have components that can never, ever, be repaired -- or even approached. They were designed (and licensed) for 30 year operations.
(When those licenses started expiring, the NRC renewed them instead of plunging most of the country into darkness. We had no replacements. And still don't.)
The secret created from the password and salt1 is stored in the database and is therefore open to theft. If you are in possession of that secret, you don't need the password.
If you meant they don't have the right to take down content, that's not right either. The DMCA safe harbours make clear that a site isn't responsible for the actions of 3rd parties...
That's a matter of their contract with users (i.e. the TOS most people don't even read.) The DMCA safe harbour provisions only apply when the service provider takes timely action to a take down request. Which means exactly what I've already said. (don't take my non-lawyer word for it, talk to your own lawyer. I have.) The SP gets no say in the matter... remove the content, and notify the user. The *USER* can file a counter claim; the SP's only legal course is to remove the content or face charges of infringement.
(Failing to "take action" nullifies the safe harbour and makes the SP legally responsible for the actions of their user(s).)
Slashdot Mirror
Yeah, I looked at that a little funny, too. It's an apt analogy, but it leaves out a few details... like making up a few fake IDs to get a library card, and then breaking into the library's protected archives, and then photocopying every book you can find, at a pace that interferes with other's access to those works. (running in and out of the narrow stacks, using every copier in the building, etc.) But, yes, it's just like checking out a few million books from the library. :-)
I wouldn't use the word "assault"... he was accessing the system(s) in a manner consistent with the way they were built. (at a pace they didn't design it to handle???)
I have to question MIT's IT and Security people if they cannot locate and remove a laptop plugged into a physical port on a switch in a closet in the basement of Building 16. I've located a single "misbehaving" computer in a 9 story building, half filled with HUBS -- you had to actually go look at the hub to see which port was flashing wildly. (It took longer to lookup the MAC in the company's inventory than it did to trace it through the switches -- and hub -- to a desk.)
Hince the term "breader reactor". And any country that even draws one on the back of a napkin gets invaded by UN inspectors -- and often the US military.
Bullshit. There's nowhere on Earth to put this stuff that isn't going to be in someone's backyard. Of all the land in the US -- and that's really all of the Earth we get to use, Yucca mountain is one of a very few safe places to store nuclear waste. If you wanted to bitch about it, you should've done so 40 years ago during the site selection process. (that, btw, is back when your politicians sold you out. they knew no one would care until the site was near opening.)
This has been bashed over and over... the answer is reprocessing and breader reactors. But the US power industry won't do either of them. Reprocessing is expensive. And building a completely new reactor just isn't going to happen -- cost, politics, NIMBY...
[Note: "safe" is debatable. 10,000 years is a very long time.]
The tiny eeprom contains a boot loader. That code is MUCH smaller than the complex full interface. Somehow I doubt you've worked for any hard drive maker in the last decade.
Ask Maxtor for the firmware update for your IDE/SATA drive. Seagate has updates for *SOME* drives, but not all. WD... I've not seen one in years.
(SCSI is a different fish.)
Seagate was one of the few that would field update a drive -- through a special mode program sent to the drive... I'm aware of console ports on tape drives but not any hard drive. (esp. cheap retail drives.)
In all modern IDE/SATA drives, the firmware is stored on the plater, not in an eeprom. And for most manufacturers, it's not field accessable. Plus there's zero documentation for the firmware / internal processor(s) outside of the manufacturer's labs. (and maybe the company making the chips.) Hacking the firmware is beyond the reach of anyone who would be wowed by a $10k prize.
You are mistakenly assuming every flat tire leads to a rape, and murder. That's not the case. Very few end in such evil, but by stopping to help, you are rolling the dice.
If their "proper records" are within the colo (i.e. in the blade center management app(s)), then it's entirely possible to not know jack with all the systems in disarray. All you'd have to do is take my workstation to make me lose track of what's where. (even that's not current :-))
You mean *YEARS* later. Partially disassembled, missing parts, with all the windows smashed.
They cannot seize backups they don't know about.
Except they didn't take "one server", they walked in and took 3 entire RACKS of servers. Many of the devices taken have nothing at all to do with what they're after, and as such falls outside the scope of their warrant, but being the FBI they can go unchallanged. The really bad thing is just how horribly LEO's handle the stuff they've taken... if you ever get if back, it will be throughly trashed.
Cloning a VM is amazing? The real magic(tm) is in creating the VM the first time. (something my coworkers learned recently when I made them build the windows vms for virtual center, domain controller, etc.)
He appears to have written some scripts / programs to automate a highly complex process. System admins have been doing that for as long as computers have existed. He's managed to get someone to buy his creation -- for an undisclosed amount that isn't likely to be the billions the /. crowd is making it out to be -- and that ain't bad. Me? I tend to get paid for the shit before I write it. (but I'm an old fart... I don't write code for fun.)
Tying it to the back of a truck???
One has to drive rather slow and break gently, well ahead of traffic, to do well. Regen breaking can reclaim a great deal of energy, but it'll take for ever to actually slow down. Coasting over hills will also help a ton, but it's impossible to do with other traffic around -- you're forced to slow down going down hills, and run off the road going up the hills. My Lexus HS can do very well when I can glide, but with other traffic around it pisses people off :-)
(For the record, it's done 39.7mpg over one full tank. The next tank was ~32... but that was 300+ miles at over 70mph.)
Prius: 17, M3: 19.
The prius was being driven "all out" the whole time, while the bmw was basically at idle the whole time. If you stand on the M3, it'll get ~5, but it's a hell of a lot more fun. :-)
Also note, only the level at deck level is tied down -- most ships stack *much* higher than the deck. And there appear to be no pins between the containers.
Without government regulations and multi-million dollar lawsuits, we wouldn't. Cost-Benefit has cost many people's lives... because it's cheaper to settle than fix the problem.
Value after it's been soaking in seawater for a few days? Next to nothing. Scrape metal maybe. Rarely will you find water tight containers within the cargo pods. Even the cargo container itself wouldn't be in great shape after a few days in salt water.
Have you looked at a cargo container? They do not interlock. But they do fit together. Any interlocks are extra devices added to the pod, or it's carrier.
I've never seen a cargo ship with even one chain dogged down. Granted, they could throw chains on once at sea. The one I watched steam up the Cooper river in Charleston, SC a few weeks ago didn't have any chains anywhere. It would take some serious chains to hold an 80ft stack of pods in place.
Their "support" of coreboot is only for show. We had to drop using linuxbios/coreboot on our quad core systems because it wouldn't boot correctly (read: at all.) We had the same problem with the previous gen dual core systems -- for unknown reasons 7% would not work. Only after buying a source license for AMI(?) BIOS ($$$$$) did we find them flipping several undocumented, reserved bits which were the difference between unstable/unbootable and a fully functional system. [ALL of them work perfectly when booted from a commercial bios.] When we asked AMD about it, they told us to go away; they wouldn't even talk to anyone writing or working on GPL/opensource code.
(I'd *really* prefer coreboot. AMI... 10+ sec to boot. Core... less than a second if one removes the delays for human interaction.)
Exactly. Classic power plants can have every single component replaced over time. And in fact, they are routinely shutdown, disassembled, and repaired. The generator room is intentionally built far larger than functionally necessary for this very disassembly. Nuke plants have components that can never, ever, be repaired -- or even approached. They were designed (and licensed) for 30 year operations.
(When those licenses started expiring, the NRC renewed them instead of plunging most of the country into darkness. We had no replacements. And still don't.)
200 sq.ft. is a "closet"?!? I wanna live in their house. My *office* isn't 200sq.ft.
(it's 97sq.ft. and the data center room is 577 sq.ft. - less the fire system riser closet.)
*cough*WIRE TAP*cough*
Do the same thing to a radio broadcast, TV broadcast, or phone call and see how long your door stays on it's hinges.
Correct... same mess with more math.
The secret created from the password and salt1 is stored in the database and is therefore open to theft. If you are in possession of that secret, you don't need the password.
That's a matter of their contract with users (i.e. the TOS most people don't even read.) The DMCA safe harbour provisions only apply when the service provider takes timely action to a take down request. Which means exactly what I've already said. (don't take my non-lawyer word for it, talk to your own lawyer. I have.) The SP gets no say in the matter... remove the content, and notify the user. The *USER* can file a counter claim; the SP's only legal course is to remove the content or face charges of infringement.
(Failing to "take action" nullifies the safe harbour and makes the SP legally responsible for the actions of their user(s).)