Call it a couple of hours to trawl some log files, a few more to retrieve the missing account from backup, and be generous and round it up to a week -- 5 man days to tie up all the loose ends, write the incident report and get management signoff for everything.
Think about the situation they had here. A disgruntled former employee who left himself at least one back door has performed at least one malicious deletion. According to you, close the single backdoor you've discovered, undo the single deletion he did, slap him on the wrist and call it a day. No security consultant (rightfully) works this way.
Even if this were just a matter of finding a backdoor without any proven malicious intent (i.e. maliciously deleting at least one thing), the correct thing to do is assume that there are other backdoors and you start re-installing operating systems to make sure you catch them. You restore router and switches back to factory defaults and re-set them up.
This case unfortunately goes even further than installing hidden backdoors - he maliciously deleted things! All level of paranoia are justified in such a situation.
According to you, let him violate ethics by leaving himself a backdoor, let him violate ethics by at least deleting one thing maliciously, but trust him that he did nothing else? Sorry, but I'd like to verify his story and sorry again, verification costs money.
Can your eyes tell the difference between a web-page loading in one second or 0.27 seconds.
I guess if you only consider standard web browsing when considering if faster broadband matters, the answer is likely that it doesn't make much of a positive impact. At least two things that this fails to take into consideration though are:
1. There are far more applications today that can utilize the faster broadband, both upstream and downstream. For a few examples, consider P2P, VoIP, video streaming, etc.
2. Increasing broadband speeds and their adoption rate enables new applications tomorrow.
Give many people more bandwidth; they'll find a use for it. Feel free to replace "bandwidth" with just about anything and it likely would be true as well.
For the most part, the summary of the article seems to be the more time that a compressing application takes to compress your files, the smaller your files will be after compressing.
The one surprising thing I found in the article was that two virtually unknown contenders - WinRK and Squeez did so well. One disappointing obvious follow-up question would be how more well-known applications such as WinZip or WinRAR (which have a more mass-appeal audience) stack up against them with their configurable higher-compression options.
What is .Net's competition?
on
Ruby Off the Rails
·
· Score: 4, Interesting
I've often heard comparisons of.Net to Java and for a while there it seemed to me like they were two separate but somewhat equal development environments. Now it seems that several languages/environments have been coming up (PHP/Ruby) and many articles I see compare it to Java or explain how it's competing with Java.
What does the future hold in terms of what environment will "come out on top" when Java seems to be compared to or even competing against so many languages while.Net doesn't seem to have such competition?
In Canada, 3Mb/s is $48 per month... cheaper if you go with a smaller provider !
The US is sooo expensive.
My fiber-optic Verizon FIOS service gives me 5 M/bps downstream and 2 M/bps upsteam for $34.95 US per month. I'm not sure of the current exchange rate for Canadian to US dollars (assuming you were quoting Canadian dollars) but I'm not sure you're getting a much better deal than I am (if at all).
I don't have any problems with addiction. In a weird coincidence though, if I'm away from my computer for more than 10 minutes mysterious bugs appear and start crawling under my skin. Weird, huh?
Surely it just takes one manufacturer to develop something "clean" for a similar price and it'll be a preferable product.
Uh-oh, you just told them the hole in their logic! Now they'll have to get their lobbyists in gear to make it a crime to:
1. Manufacture, advertise, sell or possess a display device that isn't protected by DRM. The fine will be $100,000 per incident with an incident defined as infinite theoretical losses effectively making your fine infinite. Just write a sideways "8" in the amount column when sending in your check.
2. Scribble on the monitor with a #2 pencil or some other such simple DRM-thwarting technique.
The problem with that is that if one is trying to use big words, "stigma" just isn't big enough. Add a few prefixes and suffixes... ex. antipropenultimastigmatism and voila! instant intelligent-sounding babble.
Although Cydoor had cleaned up its act considerably since its earlier days, the stigmatism associated with the adware product doomed eXeem before it was ever released.
I found this part of Slyck's writeup at http://www.slyck.com/news.php?story=1033 interesting. Now, I've never heard of Cydoor so I'm not sure which context of the word stigmatism Slyck was trying to go for:
stigmatism Pronunciation Key (stgm-tzm)
n.
1. The condition of being affected by stigmata.
2. The state of a refracting or reflecting system in which light rays from a single point are accurately focused at another point.
3. Normal eyesight.
By the time Roomba became self-aware it had spread into millions of computer servers across the planet. Ordinary computers in office buildings, dorm rooms; everywhere. It was software; in cyberspace. There was no system core; it could not be shutdown. The attack began at 6:18 PM, just as he said it would. Judgment Day, the day the human race was almost destroyed by the vacuums they'd built to clean their homes. --John Connor.
Carpal tunnel syndrome (something that I suffered with) is in fact not caused by typing. Using braces and typing less will ease symptoms temporarily but google "tms sarno" for the real, free, simple cure.
Nice try, China! Your silly attempts to raise yourself to the level of the U.S. will never succeed. The U.S. is the dominant super power and always will be!
Just ask Britain and France! If anyone understands that national standing on the international scene, once established, is permanent... it's them!
I'll practice some restraint and avoid calling you "stupid" or "dumb" like many, many other people have done for other reasons.
Then figure out that persons MAC address, and spoof it with MAC change on ur router/firewall
Instead, I'll just point out the flaw in your plan. MAC addresses don't traverse over routers. If there are any routers between your workstation and a server, the server sees "your" MAC address as the router on the same subnet as that server. Your spoofing trick would be a colossal waste of time.
I advise you to study the ARP protocol and really learn what a MAC address is and how it works.
So what PODJACKERS are doing is copying the work of others without permission or ATTRIBUTION and then redistributing that work to make a profit on, ads, etc.
I'm not sure which is worse - the fact that you don't really seem to grasp what really happened or that you're so militant about your misconception. Either way, your comment was hilarious. Please maintain your current caffeine intake level. If I had mod points under a different account I'd mod you +5 Funny.
Close, but read the full article.
on
The Podjacker Threat
·
· Score: 5, Insightful
Someone else found his material via other means, for which he isn't able to track site visitors, and this upset him.
You're right on here, but read a little further in the article and you realize he asked for the listings directly from the "Podjacker"! After he admits this, he says that they didn't do it how he assumed they would have done it. Then he goes on to still label them a "Podjacker".
I responded to an email somebody sent me about podkeyword.com, and I gave the site a visit and submitted my URL for a few listings. When I launched my show in October of 2004 I went everywhere I could to post its URL, and I quickly forgot all about my five minute visit to podkeyword.
I guess the only remaining comment I have on this topic is that I'd like the 5 minutes I spent reading the article back. Total waste of time - there literally is nothing to see here.
I drive a 1999 BMW 323is that is regulated to go no faster than 130 miles per hour. It's actually a pretty neat system - the engine is racing and making a lot of racket when you hit that speed (not that I ever have, mind you). Then it goes over the 130 MPH limit and the gas cuts out and it stops making noise. Then you fall under 130 MPH and the gas cuts back in. Then... you get the idea.
Calculating speed with GPS and making the gas pedal harder to push seems a little overly complicated.
This likely explains the gap. I just transferred a 60 minute Mini-DV tape to my computer yesterday. The label on the tape was "Fall 2005" and encompassed about 1 month worth of filming my family. The video file it created was 15 gigs.
I am not a video codec expert but from zipping the Mini-DV files, I know they are already compressed with a lossless compression format because they don't compress anymore. I store the file in its original form (Mini-DV) because hey, someday I may need that original form and I know that I'll likely regret having selected a lossy compression algorithm (like MPEG2 or MPEG4).
Then 1 TB is about 1000 hours of home video
Reduce your estimate by a factor of 15 and 1 TB = 66 hours of home video. This is not outside the realm of possibility especially when you consider that in addition to the original files I often make DVD movies to send to relatives that might have a sound track along with video and pictures on it.
Add a 5+ megapixel still camera and moderate use and you're looking at some really serious storage needs that make 1 TB look woefully inadequate pretty quickly.
think about this regularly, and estimate that a 1.2 TB hard disk -- something the size of a paperback book in another couple years -- would be sufficient to hold most of my life [...] every paper I wrote in a 25-year career
Every time this subject comes up, I'm amazed at people's attitudes and misconceptions. You're obviously storing a bunch of text and can't imagine anyone storing anything else. That's fine for you. Ask anyone that has a Mini-DV camcorder and stores videos of their kids on the computer. 100 GB is nothing and a year's worth of video could easily be several TB.
You're not using multimedia right now. We get it. Just trust me that large file storage capacities are needed by many people today, and many more tomorrow. Probably even you.
Recently I thought I lost my hard drive with 320 Gigs of data. All I had was a backup of my OS/programs partition (1.5G compressed) and a DVD of personal files. I was unhappy about losing the data, but not miserable.
Just a guess here - you probably lost a ton of MP3s that you downloaded off the Internet, maybe some commercial movies, stuff like that? I wouldn't be so heartbroken over that either.
On the other hand, I have 5 gigabytes of pictures from my digital cameras going back to 1998. I can't imagine losing that history. Since my son was born 15 months ago, I have over 90 gigs of movie files from my Mini-DV camcorder. Again, I can't imagine losing that history. How do I back up? I have a workstation and server at home. The workstation is the main copy and has two hard drives in it. It automatically copies the things I have in the "vault" from hard drive 1 to hard drive 2 nightly. Then it automatically copies from hard drive 1 to a hard drive on the server also nightly. Then once per month I backup the "vault" files onto a removable USB drive. Then once per year I back up everything onto data DVDs.
Royal pain in the butt, but it's unacceptable for me to lose a byte of this information.
A quick search will show you plenty of places that will print your pictures and ship them to you without having to leave yourself for as low as 8 cents each.
While choosing such a bargain-basement site might not grant you the greatest quality, I can't imagine anyone wanting to struggle with inkjet printers only to pay more per print and have them not be as high of quality. I hate inkjet printers.
It's amazing to me how innovative this company is. Someone immediately must create an open-source project to capitalize on this veritable torrent of bits to facilitate file transfers.
Before anyone sets up any kind of web site, I strongly advise you to purchase an Umbrella Liabliity Insurance Policy. Among other things, these policies protect you from accusations of libel and slander.
While truth is an absolute defense against libel or slander, you don't want it to cost you your life savings to defend against a frivolous lawsuit because you spoke the truth someone didn't want to hear. For the cost of the umbrella policy - typically around $300 per year you can virtually stop any potential frivolous lawsuit. Such lawsuits are designed to intimidate the little guy and you're much less of a little guy when a multi-billion dollar insurance company is the one that is paying to defend you against the suit.
Slashdot Mirror
Call it a couple of hours to trawl some log files, a few more to retrieve the missing account from backup, and be generous and round it up to a week -- 5 man days to tie up all the loose ends, write the incident report and get management signoff for everything.
Think about the situation they had here. A disgruntled former employee who left himself at least one back door has performed at least one malicious deletion. According to you, close the single backdoor you've discovered, undo the single deletion he did, slap him on the wrist and call it a day. No security consultant (rightfully) works this way.
Even if this were just a matter of finding a backdoor without any proven malicious intent (i.e. maliciously deleting at least one thing), the correct thing to do is assume that there are other backdoors and you start re-installing operating systems to make sure you catch them. You restore router and switches back to factory defaults and re-set them up.
This case unfortunately goes even further than installing hidden backdoors - he maliciously deleted things! All level of paranoia are justified in such a situation.
According to you, let him violate ethics by leaving himself a backdoor, let him violate ethics by at least deleting one thing maliciously, but trust him that he did nothing else? Sorry, but I'd like to verify his story and sorry again, verification costs money.
The author is currently working on his next book, "How Not to Get Fired for Reading Slashdot All Day".
Can your eyes tell the difference between a web-page loading in one second or 0.27 seconds.
I guess if you only consider standard web browsing when considering if faster broadband matters, the answer is likely that it doesn't make much of a positive impact. At least two things that this fails to take into consideration though are:
1. There are far more applications today that can utilize the faster broadband, both upstream and downstream. For a few examples, consider P2P, VoIP, video streaming, etc.
2. Increasing broadband speeds and their adoption rate enables new applications tomorrow.
Give many people more bandwidth; they'll find a use for it. Feel free to replace "bandwidth" with just about anything and it likely would be true as well.
For the most part, the summary of the article seems to be the more time that a compressing application takes to compress your files, the smaller your files will be after compressing.
The one surprising thing I found in the article was that two virtually unknown contenders - WinRK and Squeez did so well. One disappointing obvious follow-up question would be how more well-known applications such as WinZip or WinRAR (which have a more mass-appeal audience) stack up against them with their configurable higher-compression options.
I've often heard comparisons of .Net to Java and for a while there it seemed to me like they were two separate but somewhat equal development environments. Now it seems that several languages/environments have been coming up (PHP/Ruby) and many articles I see compare it to Java or explain how it's competing with Java.
.Net doesn't seem to have such competition?
What does the future hold in terms of what environment will "come out on top" when Java seems to be compared to or even competing against so many languages while
In Canada, 3Mb/s is $48 per month... cheaper if you go with a smaller provider ! The US is sooo expensive.
My fiber-optic Verizon FIOS service gives me 5 M/bps downstream and 2 M/bps upsteam for $34.95 US per month. I'm not sure of the current exchange rate for Canadian to US dollars (assuming you were quoting Canadian dollars) but I'm not sure you're getting a much better deal than I am (if at all).
How addicted are you?
I don't have any problems with addiction. In a weird coincidence though, if I'm away from my computer for more than 10 minutes mysterious bugs appear and start crawling under my skin. Weird, huh?
Surely it just takes one manufacturer to develop something "clean" for a similar price and it'll be a preferable product.
Uh-oh, you just told them the hole in their logic! Now they'll have to get their lobbyists in gear to make it a crime to:
1. Manufacture, advertise, sell or possess a display device that isn't protected by DRM. The fine will be $100,000 per incident with an incident defined as infinite theoretical losses effectively making your fine infinite. Just write a sideways "8" in the amount column when sending in your check.
2. Scribble on the monitor with a #2 pencil or some other such simple DRM-thwarting technique.
The problem with that is that if one is trying to use big words, "stigma" just isn't big enough. Add a few prefixes and suffixes... ex. antipropenultimastigmatism and voila! instant intelligent-sounding babble.
Although Cydoor had cleaned up its act considerably since its earlier days, the stigmatism associated with the adware product doomed eXeem before it was ever released.
I found this part of Slyck's writeup at http://www.slyck.com/news.php?story=1033 interesting. Now, I've never heard of Cydoor so I'm not sure which context of the word stigmatism Slyck was trying to go for:
stigmatism Pronunciation Key (stgm-tzm)
n.
1. The condition of being affected by stigmata.
2. The state of a refracting or reflecting system in which light rays from a single point are accurately focused at another point.
3. Normal eyesight.
By the time Roomba became self-aware it had spread into millions of computer servers across the planet. Ordinary computers in office buildings, dorm rooms; everywhere. It was software; in cyberspace. There was no system core; it could not be shutdown. The attack began at 6:18 PM, just as he said it would. Judgment Day, the day the human race was almost destroyed by the vacuums they'd built to clean their homes. --John Connor.
Carpal tunnel syndrome (something that I suffered with) is in fact not caused by typing. Using braces and typing less will ease symptoms temporarily but google "tms sarno" for the real, free, simple cure.
Nice try, China! Your silly attempts to raise yourself to the level of the U.S. will never succeed. The U.S. is the dominant super power and always will be!
Just ask Britain and France! If anyone understands that national standing on the international scene, once established, is permanent... it's them!
I'll practice some restraint and avoid calling you "stupid" or "dumb" like many, many other people have done for other reasons.
Then figure out that persons MAC address, and spoof it with MAC change on ur router/firewall
Instead, I'll just point out the flaw in your plan. MAC addresses don't traverse over routers. If there are any routers between your workstation and a server, the server sees "your" MAC address as the router on the same subnet as that server. Your spoofing trick would be a colossal waste of time.
I advise you to study the ARP protocol and really learn what a MAC address is and how it works.
So what PODJACKERS are doing is copying the work of others without permission or ATTRIBUTION and then redistributing that work to make a profit on, ads, etc.
I'm not sure which is worse - the fact that you don't really seem to grasp what really happened or that you're so militant about your misconception. Either way, your comment was hilarious. Please maintain your current caffeine intake level. If I had mod points under a different account I'd mod you +5 Funny.
Someone else found his material via other means, for which he isn't able to track site visitors, and this upset him.
You're right on here, but read a little further in the article and you realize he asked for the listings directly from the "Podjacker"! After he admits this, he says that they didn't do it how he assumed they would have done it. Then he goes on to still label them a "Podjacker".
I responded to an email somebody sent me about podkeyword.com, and I gave the site a visit and submitted my URL for a few listings. When I launched my show in October of 2004 I went everywhere I could to post its URL, and I quickly forgot all about my five minute visit to podkeyword.
I guess the only remaining comment I have on this topic is that I'd like the 5 minutes I spent reading the article back. Total waste of time - there literally is nothing to see here.
I drive a 1999 BMW 323is that is regulated to go no faster than 130 miles per hour. It's actually a pretty neat system - the engine is racing and making a lot of racket when you hit that speed (not that I ever have, mind you). Then it goes over the 130 MPH limit and the gas cuts out and it stops making noise. Then you fall under 130 MPH and the gas cuts back in. Then... you get the idea.
Calculating speed with GPS and making the gas pedal harder to push seems a little overly complicated.
So Sony was lying its collective arse off when saying it reacted as quickly as it could?
That they were lying is one possible explanation. Looking on the bright side, another possibility is that they're just incompetent.
or just about 1 GB per hour
This likely explains the gap. I just transferred a 60 minute Mini-DV tape to my computer yesterday. The label on the tape was "Fall 2005" and encompassed about 1 month worth of filming my family. The video file it created was 15 gigs.
I am not a video codec expert but from zipping the Mini-DV files, I know they are already compressed with a lossless compression format because they don't compress anymore. I store the file in its original form (Mini-DV) because hey, someday I may need that original form and I know that I'll likely regret having selected a lossy compression algorithm (like MPEG2 or MPEG4).
Then 1 TB is about 1000 hours of home video
Reduce your estimate by a factor of 15 and 1 TB = 66 hours of home video. This is not outside the realm of possibility especially when you consider that in addition to the original files I often make DVD movies to send to relatives that might have a sound track along with video and pictures on it.
Add a 5+ megapixel still camera and moderate use and you're looking at some really serious storage needs that make 1 TB look woefully inadequate pretty quickly.
think about this regularly, and estimate that a 1.2 TB hard disk -- something the size of a paperback book in another couple years -- would be sufficient to hold most of my life [...] every paper I wrote in a 25-year career
Every time this subject comes up, I'm amazed at people's attitudes and misconceptions. You're obviously storing a bunch of text and can't imagine anyone storing anything else. That's fine for you. Ask anyone that has a Mini-DV camcorder and stores videos of their kids on the computer. 100 GB is nothing and a year's worth of video could easily be several TB.
You're not using multimedia right now. We get it. Just trust me that large file storage capacities are needed by many people today, and many more tomorrow. Probably even you.
Recently I thought I lost my hard drive with 320 Gigs of data. All I had was a backup of my OS/programs partition (1.5G compressed) and a DVD of personal files. I was unhappy about losing the data, but not miserable.
Just a guess here - you probably lost a ton of MP3s that you downloaded off the Internet, maybe some commercial movies, stuff like that? I wouldn't be so heartbroken over that either.
On the other hand, I have 5 gigabytes of pictures from my digital cameras going back to 1998. I can't imagine losing that history. Since my son was born 15 months ago, I have over 90 gigs of movie files from my Mini-DV camcorder. Again, I can't imagine losing that history. How do I back up? I have a workstation and server at home. The workstation is the main copy and has two hard drives in it. It automatically copies the things I have in the "vault" from hard drive 1 to hard drive 2 nightly. Then it automatically copies from hard drive 1 to a hard drive on the server also nightly. Then once per month I backup the "vault" files onto a removable USB drive. Then once per year I back up everything onto data DVDs.
Royal pain in the butt, but it's unacceptable for me to lose a byte of this information.
Nothing pisses me off more while I'm gaming than a crash.
I agree. I mean, here I am trying to waste time playing a game and then it crashes, wasting my time. It's very frustrating.
A quick search will show you plenty of places that will print your pictures and ship them to you without having to leave yourself for as low as 8 cents each.
While choosing such a bargain-basement site might not grant you the greatest quality, I can't imagine anyone wanting to struggle with inkjet printers only to pay more per print and have them not be as high of quality. I hate inkjet printers.
It's amazing to me how innovative this company is. Someone immediately must create an open-source project to capitalize on this veritable torrent of bits to facilitate file transfers.
Thank you, America Online!
Before anyone sets up any kind of web site, I strongly advise you to purchase an Umbrella Liabliity Insurance Policy. Among other things, these policies protect you from accusations of libel and slander.
While truth is an absolute defense against libel or slander, you don't want it to cost you your life savings to defend against a frivolous lawsuit because you spoke the truth someone didn't want to hear. For the cost of the umbrella policy - typically around $300 per year you can virtually stop any potential frivolous lawsuit. Such lawsuits are designed to intimidate the little guy and you're much less of a little guy when a multi-billion dollar insurance company is the one that is paying to defend you against the suit.