What he meant to say but didn't was, More music lovers who post a shitload amount of songs on p2p networks then state they aren't contributing to the once prosperous notion of file "SHARING" not file "DOWNLOADEVERYCATALOGFROMTHEWORLDANDWHOREITFORNORE ASON" are being sued. Hey I understand that's a hell of a long subject line.
I agree with your comment about heeding the advice of lawyers, however let me troll about the c/p'd statement you make: Generally, invoicing for other people's work is not held in high regard by the law. Assuming all is true, and they do hold patents for the work, then by law they're entitle to compensation for it no matter how much someone bitches about it. Ethical? No, Legal? Yes.
I barely answer SCO posts unless I'm posting some trollish joke about SCO suing someone for using main() in their code, but I felt like dabbling with legalities today.
So let's say that indeed no matter how obfuscated the situation is surrounding SCO, but let's say they do own the patents or copyrights or whatever to something someone else is using, then by law they do deserve what's theirs. However, ethically, they're making a big deal over anything, and it makes for good marketing in a sense that some CTO's may be scared into using nothing but Linux from SCO. Sucks to do things that way considering if they did so for (brought all these lawsuits etc) that reason, they could face more legal fees than they might have calculated if word gets out. Companies would pound them for frivolous lawsuits, etc. It would be a nightmare.
To keep this post short though, if you're following the law to the letter, not what your ethical beliefs are, and indeed SCO does own the material, they have every right to compensation.
An entire document has been written and distributed abour my case throughout federal offices with my name changed, and I laughed when my friend (who happens to be let's say be in the know) showed it to me. Purpose of my case from my perspective? Politics. It's all about money nothing more and when federal agencies need more funding come crunch time what do they do?
In recent years, The U.S. Attorney's Office for the Southern District of New York has been in the forefront of investigating and prosecuting cybercrime and intellectual property crimes. These include the arrest of Kazakhstan nationals in London in connection with the attempted extortion of Bloomberg, L.P.; the prosecution of computer security specialist Jesus Oquendo for computer hacking and electronic eavesdropping; the prosecution of a law firm paralegal for the electronic theft of a litigation trial plan; the prosecution of Raymond Torricelli for intruding into NASA computers; the theft of proprietary business plans belonging to MasterCard and the attempted sale of those plans to representatives of Visa; and the first prosecution of Internet sports gambling operations.
Uh I did time with Soricelli who happens to be a moronic packetkiddiot from IRC knows nothing about comps. I asked him little things about networking (BGP, RIP, packet sequencing, tunneling) and he knew nothing. He pleaded guilty because he supposedly broke into a CIA honeypot and his uncle was the investigated New Jersey Senator. The other guy is obvious. So out of those mentioned as the case for building this CHIPS unit, how many case were prosecuted really. One. Mine's was the first to go to trial in my disctrict, yet the gov hypes things up as if they're facing an epidemic in my district. Shady business.
Now to tell you some more little nitpicky things, that weren't allowed to come out in trial because the prosecutor objected and got his wish.. A plane ticket showing I was en route to San Jose from New York at the time on of the attacks occurred. Pretty difficult for me to hack while in the friendly skies. Secondly, I had a mail.com account for mailing list stuff (SecurityFocus, NANOG, etc) that was accessed from Indiana, England, and a slew of other places I had never been. Being its was a mail.com account I never bothered strong passwords. Thirdly, the company owners testified they left their username/password combos on PostIt notes attached to their machines.
I could go on for days with shit, but it's useless, as stated most people have that "Well he's guily because the feds say so.", or "he must be guilty because he's on the 'hacker scene': attitude. To be honest I'm not mad, saddned by the entire thing, but I've managed to learn 4 new languages, a shit load of stuff about the financial markets from White Collar trixters who defrauded companies for millions. And I managed to take some time and focus on myself, study spirituality lightly etal. So I'm not mad, just saddened
If I had to do it all again I would go right back to trial only this time I would let the ACLU media whore me around. Interesting situation I encountered was this kid named Danny from Canada. 20 years old arrested for 'Illegal Possession of Electronic Devices" or some odd shit like that. I read his entire casefile. His crime? He transpored 3 Sony Playstation 2's from Canada to Buffalo for his cousins. He also had a dime bag of marijuana in his car. Sentenced? 60 months. Its pitiful to hear about some of the shit that goes on because the mentality is, "Oh that would never happen that person has to be guilty."
Look I've worked at large corps, even Chemical Bank before it became Chemical/Manufacturers then Chase. I worked in the account reconciliation department, had access to accounts with MILLIONS not personal accounts business accounts. Never once did I think of doing anything. I've worked at a domain registrar who'd registered over the 1million mark. How easy would it have been to SELECT creditcard FROM WHERE NAME LIKE *; ? Never did I do anything wrong.
When I started AntiOffline it was extremely opposed to script kiddiots and malicious hacking, there is nothing there that glorifies malice. Yet the feds turn and say I did some stupid shit for fun, and made a juror of compilliterates believe it. Hell even I was confused by some of the crap they said in my trial. But like I said when I was younger I was no angel so I look at it as karma. Karma being I've sort of taken to Buddhism so what happened happened.
You could request for a copy of my case from any legal library or any lawyer could have a copy of the transcripts of the case. PUBLIC RECORD.
My response to an article about the case. Again, I've spent so many sleepless days and nights over it, I don't even bother answering anyone's questions, being that the bottom line is I was convicted.
Sure you have a couple million to spare? The feds have deep pockets, and you really don't want them on your ass. Nor will your friends like you much when the feds go to there house and so on and so forth. I lost the case s'all the matters for public record, me on the other hand I don't harbor bad feelings I look at is as politically motivated nothing more. As for fighting, its a losing battle. I had contacted staff at the ACLU, and they wanted to make a public thing about it, I on the other hand didn't want some free sil bullshit so I declined. EPIC? Never returned a call. It's history to all but me.
During his trial, prosecutors argued McDanel intentionally caused damage to Tornado's computer server by overloading it with too many messages and impaired the system's security by exposing its vulnerability to the public. A judge found him guilty of unauthorized access and sentenced him to 16 months in federal prison.
The problem with prosecutors is, they're quick to jump on a case and will do all sorts of stuff to get a conviction. I know because I've dealt with them
and have been incarcerated for computer intrusion and electronics eavesdropping. While at trial, federal agents purjured themselves on the stand and got
warnings. A federal agent stated "Mr. XXX is wanted for breaking into NSA, FBI, CAI, and Military machines... But he is not being charged with that right
now"... Another so called FBI computer expert stated he didn't understand what an IP address was (no bullshitting as my case and the transcripts are
public record). My ISP, my phone company testified I hadn't used the phone, nor was I online at the time it happened. Now if that is not cause for
reasonable doubt I'll go on...
Upon my arrest the agents stated they had been to my previous address of which I hadn't lived at for YEARS. So you mean to tell me, that if you think
I attacked some machine, where did you get my information from. If it were via IP they would have come straight to my address via my ISP's logs. Now
they had firewall logs with none of my information whatsoever, and they had a sniffer log which recorded the entire breakin. On the sniffer log, nothing
shows up remotely all you see are mail connections, then an attack coming from the same host the sniffer log was on.
Local attack then right? Try explaining that to a jury of 40-50 year old comp-phobic people who's favorite tv show is Judge Judy.
I was the first case in the Southern District to go to trial, and was told if I take it to trial I would face 10 years. I was offered 1year, then
6 months, then a 6 month split 3 in jail 3 under house arrest. I still fought it. Feds took this as something arrogant, I fought for my rights.
Now given I was no angel growing up (sold drugs, stole cars you name early 90'ish) I swallowed it as karma. Appeal? Sure to go through the same thing?
Wasn't worth it for me, the impact of the trial is enough to drain you, financial, mentally (if your weak).
First thing the feds thing coming into my house... High five each other... "Yes we got sil from AntiOffline..." what a scam.
Its nice to know however the DA was quickly promoted and a whole new cybersecurity *cough political bullshit* department was thrown up in NYC
So after this post... Let's see how long it will be before my PO calls up and automagically violates me for some bullshit. Meaning I spoke in a
manner the feds didn't like. Fuck a fed
SexOverIP! Act now and soon you too will have hundreds of 'Girls Gone Wild' throwing <strike>things</strike> themselves at you. Girls dig geeks! Then you can use your new VoIP for SoIP. You can also fight any e-VD with Norton Antivirus. Act now protocols are limited.
RTA. The article strongly implies that the logging will take the form of a secured, username/password pair when signing onto the service. Nothing as low-level as DHCP
RTA how about you READ MY POST logging as in what IP address is connecting. Forget username/password combos since big football players wont care if their username is bubba password football. So how do you expect to track people when some people are stupid enough to write l/p's and leave them on post it notes right on their machine.
Oh, and if you RTA, it says that students will be given no ability to place files onto this p2p network at all, so the whole discussion about a CS major's large files is moot.
Oh and no... If users won't be able to place files on it then how is it p2p it is basically an ftp client for that matter. The point of p2p is as it states peer to peer not server to peer. So who's wrong me or the usage of p2p. Bring back a tougher argument.
Well, I have seen my university's servers "slashdotted" just before tests and such (when the _humble_ box serving the course management pages get lots of hits)
So you think p2p would be the answer? How about load balancing the servers for the admins there. Look I don't want to sound grinchy or anything but p2p is definitely not the answer to the problems you're mentioning.
This would be a way to ease up on that. Plus, a well-done system would have very good classification of material and no spoofs (no porn instead of lecture notes),
That's a big if. Considering the pranksters running around such schools, think about someone getting into one of the machines and changing everything you read to something else. Wouldn't that be horrible. It's opening up another Pandora's box. As for spoofs, it could also lead to people cheating by sharing answers, etc, which one would have to normally research, which is one of the pros about getting an education. Wouldn't you want to learn it as opposed to being spoon fed it?
Plus, think of the sharing potential. One could share class notes (I have a friend who takes his class notes using a pda, writes straight to latex. The resulting.dvi files were VERY much sought after), material between universities, get data from a course I don't remember and I need to remember *right now*, etc.
Again sorry to sound trollish if I do, but if you don't remember apparently you need to do a better job for yourself instead of being too dependent on technology. In some ways I often think that the older generation scholars were much more smarter than we are. Mainly because of the abuses in technology, and this to me is sort of abusive. Learn something, study it, go out to the library get some air. Why take the chance of so called sharing when 1) information can be changed so easily so make sure that shared network is secured to the tee. 2) Wouldn't you rather socialize with someone instead of being crammed up on a machine?
what if they're a comp science major transferring large executables? You've just offended someone. What if they're in the band and have legitimate reasons to transfer music files, what if one is the band playing we will rock you or something for practice? You've just offended someone.
Oh logging? You mean as in DHCP logging? Sure but what happens when $USERJOE decides to hang out in $USERJOHN's room and oops uses his connection while there to share files with someone else? Aside from that, what happens when(if) users start doing stupid little things like hijacking addresses, arp hijacks, yadda yadda to try to circumvent the p2p programs, then you have an altogether other nightmare on your hands.
There are too many variables to contend with, and personally I see it as another method of someone 'getting even with the system' to an extent.
will allow the university to develop a technology called LionShare, a file-sharing system that requires students to log in each time.
The program is being designed as a way for students, faculty and staff to exchange personal and academic materials on a sanctioned, secure peer-to-peer network. Another advantage is that large files, which would be impossible to send via e-mail or another method, can be shared.
While it all sounds nice and warm inside, how long will it be before it becomes abused. Now wait before you think it's trolling of me to say this, think about how lax security is at colleges.
Problems aren't with p2p they're with the users of it, and while some may think sharing a file or two isn't a crime, the fact is, it adds up. So for this to work think about the kind of boolean settings someone is going to have to program to search for illegalities.
What is staff going to do when snoop|grep -i *.mp* doesn't work because users decided to rename files to madonna.zip or madonna.sda? It's just something to contend with when indeed they do get these p2p programs out. So while it all sounds nice, and the intentions are good, these 'foundations', schools, and business shouldn't advertise or rather expect no shady dealings to go on using p2p on their networks. Sure it'll be closed to the outside world for a minute or two before someone figures out how to use something like datapipe to break that theory.
Anyway the oldest machine I have working right now that I actually use is called an Adam and it was made by Coleco Vision. What is it used for you ask? An ashtray. An overgrown ashtray/beerstand nothing more. But I used it in elementary school so I won't part with it no matter how many burns it has... Besides one day it'll be a collectors item which I will sell for billions! NO! MILLIONS!
I recently had to open up a.doc file and edit it, and I found Abiword 2.0's menu items much, much easier to find (like overstrike, for instance) compared to OO's which were hard as hell to locate.
I'm sorry to be the bearer of bad news, but OO didn't purchase their SCO license which means any program written that calls main() will not function properly. If you act now however, I will gladly send you a SCO license formatted as an mp3 document via p2p to po the RIAA for the introductory low price of 3 joonix shell accounts. Supplies are limited
<?xml version="1.0"?> <prompt> <audio>What you talking about willis?</audio> </promtp>
<fiel d name="answer"> <noinput> Just because you didn't make governor... </noinuput>
<help> <audio> There is no help you're too short to compete again Ahnuld </audio>
......
Ok seriously vxml is nice and all, but its expensive as hell to set up a functional site using it. Not only do you need the programmers, you also need ivr, asr, tts, vxml interpreters, not to mention people who are good at speech (e.g. scientists), good assed db programmers. It's steep.
I know a while back Berkeley had something called Suede, SpeechWorks had an open source product open vxi (i think it was called), etc., but it's no small task.
<opinion> Personally I think ebooks are handy, but not for everyone. For example, for the geek crowd, I know I've been a lot happier carrying around 1 or 2 CD's as opposed to 1 Routing TCP/IP vols 1 & 2, Metadata Management, Advance Programming in Perl, and my Stuff magazines. It keeps my spine happier, and shoulders from being iced on the weekends.
For the college kids, when I was in school, I would have preferred having ebooks as opposed to lugging around a bagful of books. Ever run into the same situation I do when reading a book and you just wish you could find / -name *whatever*. Try doing that with a hardcover in less than a second.
They had no marketing but their concept wasn't bad. <./opinion>
As you can clearly see, the way () is used, is an obviously blatant rip-off of the way our patents are written. Sure there are open source zealots and we love them all, but realistically speaking Mr. Dundee your honor, your aboriginee, we feel it is unfair for anyone to use main() without a brand new SCO license.
Bah... They should have stated which services were actually used to access machines. If that's the case, what are the stats for false positives. Meaning are numbers for something like a Scan included. Remember scanning is done daily by millions, should this be considered an attack? Consider this... If someone scans a machine and they have no intentions of attacking it, but something done out of curiousity or some stupid reason, IDS' often see this as an attack. How did SANS gather their data, and if something like an IDS (Snort/Intrusion.com products, etal) detect some scan, did they unknowingly fudge numbers?
TBH I wouldn't care since it really doesn't affect me...
U3 Apache Web Server
Shouldn't they have stated misconfigurations of Apache...
U8 Secure Shell (SSH)
Oxymoron seeing this here. Secure Shell...
U10 Open Secure Sockets Layer (SSL)
Yay another oxymoron, or according to Bush: An oxycontin!
Multiple vulnerabilities have been found in OpenSSL, of which the most serious are the set of 4 vulnerabilities listed in CAN-2002-0655, CAN-2002-0656, CAN-2002-0557, and CAN-2002-0659. These allow the remote execution of arbitrary code as the user of the OpenSSL libraries (which in some cases, such as 'sendmail', is the 'root' user).
Who the hell uses sendmail as the root user anyway? Please email me if you do so, so I could laugh at you.
SANS should have been more responsible and stated 'Certain versions' of these programs have vulnerabilities as opposed to claiming the entire service is out of whacked. For instance OpenSSL's vuln's are so small one would have to whip out a microscope to see what it really is. They should have also stated 'misconfigurations' in certain daemons (httpd) as opposed to flagging something as insecure. Remember people are the cause of most errors and misconfig crap anyway. Maybe they can go back and post a link to "My Webserver Secure for Dummies" I mean what teh fsck?
To be honest and blunt... Who gives a rat's ass? Let's be realistic about something here; if someone purchased a product which injures you, or doesn't work to your expectations, what do you do? You get your money back and move on to another program. So what's the big deal here?
Firstly it's a free damn program, so it's not like nothing is lost unless someone is a moron knowing what they 'could' do, and still using the product.
FYI do you know how many times I see emails from companies like Symantec, Windows, and others who send emails about users on our network with the same serials... FYI I work at a mid sized ISP, and I'm sure other engineers (sys/network) can verify this claim. So why not ramble on about that type of spyware, where you spent something. Not about some cheesy p2p program of which you have umpteen million other free programs to choose from
Slashdot Mirror
I live in the UK, what they gonna do?
We could start by getting some more forgeries from you guys (Blair) then starting another war... yay!
What he meant to say but didn't was, More music lovers who post a shitload amount of songs on p2p networks then state they aren't contributing to the once prosperous notion of file "SHARING" not file "DOWNLOADEVERYCATALOGFROMTHEWORLDANDWHOREITFORNOR
mode -1
When it turns to night could participants use their sparcs, ultras, and enterprises to keep going? You did say Solar as in Sun right?
Hell if the President and chimp in charge could get away with lying here what makes you think a corporation can't.
I agree with your comment about heeding the advice of lawyers, however let me troll about the c/p'd statement you make: Generally, invoicing for other people's work is not held in high regard by the law. Assuming all is true, and they do hold patents for the work, then by law they're entitle to compensation for it no matter how much someone bitches about it. Ethical? No, Legal? Yes.
I barely answer SCO posts unless I'm posting some trollish joke about SCO suing someone for using main() in their code, but I felt like dabbling with legalities today.
So let's say that indeed no matter how obfuscated the situation is surrounding SCO, but let's say they do own the patents or copyrights or whatever to something someone else is using, then by law they do deserve what's theirs. However, ethically, they're making a big deal over anything, and it makes for good marketing in a sense that some CTO's may be scared into using nothing but Linux from SCO. Sucks to do things that way considering if they did so for (brought all these lawsuits etc) that reason, they could face more legal fees than they might have calculated if word gets out. Companies would pound them for frivolous lawsuits, etc. It would be a nightmare.
To keep this post short though, if you're following the law to the letter, not what your ethical beliefs are, and indeed SCO does own the material, they have every right to compensation.
An entire document has been written and distributed abour my case throughout federal offices with my name changed, and I laughed when my friend (who happens to be let's say be in the know) showed it to me. Purpose of my case from my perspective? Politics. It's all about money nothing more and when federal agencies need more funding come crunch time what do they do?
Uh I did time with Soricelli who happens to be a moronic packetkiddiot from IRC knows nothing about comps. I asked him little things about networking (BGP, RIP, packet sequencing, tunneling) and he knew nothing. He pleaded guilty because he supposedly broke into a CIA honeypot and his uncle was the investigated New Jersey Senator. The other guy is obvious. So out of those mentioned as the case for building this CHIPS unit, how many case were prosecuted really. One. Mine's was the first to go to trial in my disctrict, yet the gov hypes things up as if they're facing an epidemic in my district. Shady business.Now to tell you some more little nitpicky things, that weren't allowed to come out in trial because the prosecutor objected and got his wish.. A plane ticket showing I was en route to San Jose from New York at the time on of the attacks occurred. Pretty difficult for me to hack while in the friendly skies. Secondly, I had a mail.com account for mailing list stuff (SecurityFocus, NANOG, etc) that was accessed from Indiana, England, and a slew of other places I had never been. Being its was a mail.com account I never bothered strong passwords. Thirdly, the company owners testified they left their username/password combos on PostIt notes attached to their machines.
I could go on for days with shit, but it's useless, as stated most people have that "Well he's guily because the feds say so.", or "he must be guilty because he's on the 'hacker scene': attitude. To be honest I'm not mad, saddned by the entire thing, but I've managed to learn 4 new languages, a shit load of stuff about the financial markets from White Collar trixters who defrauded companies for millions. And I managed to take some time and focus on myself, study spirituality lightly etal. So I'm not mad, just saddened
yup and anyone who knows me knows I don't hide from no one nor do I hold back on saying what I feel. Understand?
Look I've worked at large corps, even Chemical Bank before it became Chemical/Manufacturers then Chase. I worked in the account reconciliation department, had access to accounts with MILLIONS not personal accounts business accounts. Never once did I think of doing anything. I've worked at a domain registrar who'd registered over the 1million mark. How easy would it have been to SELECT creditcard FROM WHERE NAME LIKE *; ? Never did I do anything wrong.
When I started AntiOffline it was extremely opposed to script kiddiots and malicious hacking, there is nothing there that glorifies malice. Yet the feds turn and say I did some stupid shit for fun, and made a juror of compilliterates believe it. Hell even I was confused by some of the crap they said in my trial. But like I said when I was younger I was no angel so I look at it as karma. Karma being I've sort of taken to Buddhism so what happened happened.
My response to an article about the case. Again, I've spent so many sleepless days and nights over it, I don't even bother answering anyone's questions, being that the bottom line is I was convicted.
Sure you have a couple million to spare? The feds have deep pockets, and you really don't want them on your ass. Nor will your friends like you much when the feds go to there house and so on and so forth. I lost the case s'all the matters for public record, me on the other hand I don't harbor bad feelings I look at is as politically motivated nothing more. As for fighting, its a losing battle. I had contacted staff at the ACLU, and they wanted to make a public thing about it, I on the other hand didn't want some free sil bullshit so I declined. EPIC? Never returned a call. It's history to all but me.
The problem with prosecutors is, they're quick to jump on a case and will do all sorts of stuff to get a conviction. I know because I've dealt with them and have been incarcerated for computer intrusion and electronics eavesdropping. While at trial, federal agents purjured themselves on the stand and got warnings. A federal agent stated "Mr. XXX is wanted for breaking into NSA, FBI, CAI, and Military machines... But he is not being charged with that right now" ... Another so called FBI computer expert stated he didn't understand what an IP address was (no bullshitting as my case and the transcripts are
public record). My ISP, my phone company testified I hadn't used the phone, nor was I online at the time it happened. Now if that is not cause for
reasonable doubt I'll go on...
Upon my arrest the agents stated they had been to my previous address of which I hadn't lived at for YEARS. So you mean to tell me, that if you think I attacked some machine, where did you get my information from. If it were via IP they would have come straight to my address via my ISP's logs. Now they had firewall logs with none of my information whatsoever, and they had a sniffer log which recorded the entire breakin. On the sniffer log, nothing shows up remotely all you see are mail connections, then an attack coming from the same host the sniffer log was on.
Local attack then right? Try explaining that to a jury of 40-50 year old comp-phobic people who's favorite tv show is Judge Judy.
I was the first case in the Southern District to go to trial, and was told if I take it to trial I would face 10 years. I was offered 1year, then 6 months, then a 6 month split 3 in jail 3 under house arrest. I still fought it. Feds took this as something arrogant, I fought for my rights. Now given I was no angel growing up (sold drugs, stole cars you name early 90'ish) I swallowed it as karma. Appeal? Sure to go through the same thing? Wasn't worth it for me, the impact of the trial is enough to drain you, financial, mentally (if your weak).
First thing the feds thing coming into my house... High five each other... "Yes we got sil from AntiOffline..." what a scam.
Its nice to know however the DA was quickly promoted and a whole new cybersecurity *cough political bullshit* department was thrown up in NYC
So after this post... Let's see how long it will be before my PO calls up and automagically violates me for some bullshit. Meaning I spoke in a manner the feds didn't like. Fuck a fed
SexOverIP! Act now and soon you too will have hundreds of 'Girls Gone Wild' throwing <strike>things</strike> themselves at you. Girls dig geeks! Then you can use your new VoIP for SoIP. You can also fight any e-VD with Norton Antivirus. Act now protocols are limited.
RTA how about you READ MY POST logging as in what IP address is connecting. Forget username/password combos since big football players wont care if their username is bubba password football. So how do you expect to track people when some people are stupid enough to write l/p's and leave them on post it notes right on their machine.
Oh, and if you RTA, it says that students will be given no ability to place files onto this p2p network at all, so the whole discussion about a CS major's large files is moot.
Oh and no... If users won't be able to place files on it then how is it p2p it is basically an ftp client for that matter. The point of p2p is as it states peer to peer not server to peer. So who's wrong me or the usage of p2p. Bring back a tougher argument.
So you think p2p would be the answer? How about load balancing the servers for the admins there. Look I don't want to sound grinchy or anything but p2p is definitely not the answer to the problems you're mentioning.
This would be a way to ease up on that. Plus, a well-done system would have very good classification of material and no spoofs (no porn instead of lecture notes),
That's a big if. Considering the pranksters running around such schools, think about someone getting into one of the machines and changing everything you read to something else. Wouldn't that be horrible. It's opening up another Pandora's box. As for spoofs, it could also lead to people cheating by sharing answers, etc, which one would have to normally research, which is one of the pros about getting an education. Wouldn't you want to learn it as opposed to being spoon fed it?
Plus, think of the sharing potential. One could share class notes (I have a friend who takes his class notes using a pda, writes straight to latex. The resulting .dvi files were VERY much sought after), material between universities, get data from a course I don't remember and I need to remember *right now*, etc.
Again sorry to sound trollish if I do, but if you don't remember apparently you need to do a better job for yourself instead of being too dependent on technology. In some ways I often think that the older generation scholars were much more smarter than we are. Mainly because of the abuses in technology, and this to me is sort of abusive. Learn something, study it, go out to the library get some air. Why take the chance of so called sharing when 1) information can be changed so easily so make sure that shared network is secured to the tee. 2) Wouldn't you rather socialize with someone instead of being crammed up on a machine?
Just my opinion...
Oh logging? You mean as in DHCP logging? Sure but what happens when $USERJOE decides to hang out in $USERJOHN's room and oops uses his connection while there to share files with someone else? Aside from that, what happens when(if) users start doing stupid little things like hijacking addresses, arp hijacks, yadda yadda to try to circumvent the p2p programs, then you have an altogether other nightmare on your hands.
There are too many variables to contend with, and personally I see it as another method of someone 'getting even with the system' to an extent.
The program is being designed as a way for students, faculty and staff to exchange personal and academic materials on a sanctioned, secure peer-to-peer network. Another advantage is that large files, which would be impossible to send via e-mail or another method, can be shared.
While it all sounds nice and warm inside, how long will it be before it becomes abused. Now wait before you think it's trolling of me to say this, think about how lax security is at colleges.
Problems aren't with p2p they're with the users of it, and while some may think sharing a file or two isn't a crime, the fact is, it adds up. So for this to work think about the kind of boolean settings someone is going to have to program to search for illegalities.
What is staff going to do when snoop|grep -i *.mp* doesn't work because users decided to rename files to madonna.zip or madonna.sda? It's just something to contend with when indeed they do get these p2p programs out. So while it all sounds nice, and the intentions are good, these 'foundations', schools, and business shouldn't advertise or rather expect no shady dealings to go on using p2p on their networks. Sure it'll be closed to the outside world for a minute or two before someone figures out how to use something like datapipe to break that theory.
Controlled? Sorry never heard of the word
Anyway the oldest machine I have working right now that I actually use is called an Adam and it was made by Coleco Vision. What is it used for you ask? An ashtray. An overgrown ashtray/beerstand nothing more. But I used it in elementary school so I won't part with it no matter how many burns it has... Besides one day it'll be a collectors item which I will sell for billions! NO! MILLIONS!
Brings tears to my eyes coming here... http://www.old-computers.com/
I recently had to open up a
I'm sorry to be the bearer of bad news, but OO didn't purchase their SCO license which means any program written that calls main() will not function properly. If you act now however, I will gladly send you a SCO license formatted as an mp3 document via p2p to po the RIAA for the introductory low price of 3 joonix shell accounts. Supplies are limited
<?xml version="1.0"?>
<prompt>
<audio>What you talking about willis?</audio>
</promtp>
<fiel d name="answer">
<noinput>
Just because you didn't make governor...
</noinuput>
<help>
<audio>
There is no help you're too short to compete again Ahnuld
</audio>
......
Ok seriously vxml is nice and all, but its
expensive as hell to set up a functional
site using it. Not only do you need the
programmers, you also need ivr, asr, tts,
vxml interpreters, not to mention people
who are good at speech (e.g. scientists),
good assed db programmers. It's steep.
I know a while back Berkeley had something
called Suede, SpeechWorks had an open source
product open vxi (i think it was called),
etc., but it's no small task.
<opinion>
Personally I think ebooks are handy, but not for everyone. For example, for the geek crowd, I know I've been a lot happier carrying around 1 or 2 CD's as opposed to 1 Routing TCP/IP vols 1 & 2, Metadata Management, Advance Programming in Perl, and my Stuff magazines. It keeps my spine happier, and shoulders from being iced on the weekends.
For the college kids, when I was in school, I would have preferred having ebooks as opposed to lugging around a bagful of books. Ever run into the same situation I do when reading a book and you just wish you could find / -name *whatever*. Try doing that with a hardcover in less than a second.
They had no marketing but their concept wasn't bad.
<./opinion>
Well you see Mr. Crocodile Hunter, Sir, the problem
all started when developers started using the
following snippets of code:
main()
{alarm(10);sleep(5);write(1," something",12);exit(0);}
As you can clearly see, the way () is used, is an
obviously blatant rip-off of the way our patents
are written. Sure there are open source zealots
and we love them all, but realistically speaking
Mr. Dundee your honor, your aboriginee, we feel
it is unfair for anyone to use main() without a
brand new SCO license.
Thank you your boomerang tossing mate.
Bah... They should have stated which services were actually used to access machines. If that's the case, what are the stats for false positives. Meaning are numbers for something like a Scan included. Remember scanning is done daily by millions, should this be considered an attack? Consider this... If someone scans a machine and they have no intentions of attacking it, but something done out of curiousity or some stupid reason, IDS' often see this as an attack. How did SANS gather their data, and if something like an IDS (Snort/Intrusion.com products, etal) detect some scan, did they unknowingly fudge numbers?
TBH I wouldn't care since it really doesn't affect me...
U3 Apache Web Server
Shouldn't they have stated misconfigurations of Apache...
U8 Secure Shell (SSH)
Oxymoron seeing this here. Secure Shell...
U10 Open Secure Sockets Layer (SSL)
Who the hell uses sendmail as the root user anyway? Please email me if you do so, so I could laugh at you.Yay another oxymoron, or according to Bush: An oxycontin!
SANS should have been more responsible and stated 'Certain versions' of these programs have vulnerabilities as opposed to claiming the entire service is out of whacked. For instance OpenSSL's vuln's are so small one would have to whip out a microscope to see what it really is. They should have also stated 'misconfigurations' in certain daemons (httpd) as opposed to flagging something as insecure. Remember people are the cause of most errors and misconfig crap anyway. Maybe they can go back and post a link to "My Webserver Secure for Dummies" I mean what teh fsck?
Create a boy band called DMCA then plit them up giving them all losing solo careers
Create a rap group RunDMC is taken but JogDMCA is available
Take the paper it was written on and donate it to public toilets
Team with R. Kelly and continue going after minors and morons
Give it to Blair or Cheney (forged of course) so they could start a war with China
Give it to Bush and tell him it's this year's economic stimulus package (he'll believe it)
Give it to Ashcroft so he could make a DMCA color coded warning system no one listens to
See there is more to the DMCA than you thought. And all along everyone was protesting... pffffft
To be honest and blunt... Who gives a rat's ass? Let's be realistic about something here; if someone purchased a product which injures you, or doesn't work to your expectations, what do you do? You get your money back and move on to another program. So what's the big deal here?
Firstly it's a free damn program, so it's not like nothing is lost unless someone is a moron knowing what they 'could' do, and still using the product.
FYI do you know how many times I see emails from companies like Symantec, Windows, and others who send emails about users on our network with the same serials... FYI I work at a mid sized ISP, and I'm sure other engineers (sys/network) can verify this claim. So why not ramble on about that type of spyware, where you spent something. Not about some cheesy p2p program of which you have umpteen million other free programs to choose from