Personally, I hope Yahoo doesn't deactivate the group. Not that I agree with them, but Yahoo deactivating the group would be a very bad precedent, maybe even opening Yahoo up to a lawsuit...
Can't you just use the Java Anonymous Proxy or anonymizer.com and still access it? Or someone can just write a script to copy the particular banned Yahoo group and mirror it somewhere else...
When are countries going to learn that the Internet can't be stopped?
Notepad is _NOT_ a crappy tool. I've written so many Java programs, web pages, etc in that small program, it's not even funny. Notepad is exactly what I need: a no frills text editor. Besides, why should I go to the bother of getting another text editor when there's already a perfectly good one sitting on my hard drive? If I ever decide to get another text editor, I'll be downloading Microsoft's NotePad for XML.
During a lecture about the layers of the OSI model in our fourth year Computer Networks Course, Prof. Townsend was discussing the fact that the lower layers of the model could be replaced with any form of media. Despite this change, the upper layers would function as normal. In fact, others have implemented network protocols over "non-standard" media, including CPIP (carrier pigeon internet protocol) which was implemented using RFC1149, and reached speeds of 0.08bps. Prof. Townsend jokingly suggested that Internet Protocols could even run over forms of primitive communication (i.e. bongo drums, or even smoke signals). In an email sent out after class he offered extra credit to anyone who succesfully implemented TCP/IP via. Bongo Drums. I was the only one crazy enough to sign up, and thus began what was deamed as "The Bongo Project".
The next morning, wondering what I had gotten myself into, I discussed the game plan with Prof. Townsend. It was suggested to whip up a couple Linux boxes to form a transparent bridge that would serve as the Bongo Link itself. Each Linux box would then have a microphone and a pair of bongos, with each microphone "listening" to the appropriate pair of bongos (based on pitch). The pitch recognition would be a project in itself, but luckily both Prof. Townsend and Dr. Keppel-Jones from the Mathematics Department had already developed an interesting method called SAW (Sliding Averaging Window) for me to base some of my work from. With the bridge constructed, the Bongo Link could then be placed anywhere, and in testing cases it was between my PC and the residence LAN.
I had little socket programming experience, and even less experience with devices in UNIX. Jason Tackaberry, the university system administrator, offered some source code from a network monitoring project for me to scan over for some coding help. The gesture was appreciated greatly.
Weekly meetings with Prof. Townsend were scheduled to discuss my progress, as well as online chat sessions which often led to hours of debugging and perfecting pitch recognition algorithms.
By the end of the semester, the project was not 100% completed, so a demonstration was given to the class which used a set of desktop speakers which played recorded bongo beats to simulate the real thing. Since the theory had been proven, I was granted my extra credit and somehow wound up with a 99% in the class.
The final phase is almost near completion.
From the overview:
The following non-technical story has appeared in school magazines and many other news sources from around the world.
Modern and Centuries Old Technologies Meet at AUC
Daniel Reid, senior computer science student at Algoma University finished explaining his project to a room full of his peers. The room fell silent as everyone waited in eager anticipation of the demonstration that was about to begin. Danny sat down in front of an ordinary windows computer and typed a simple command, ping www.sony.co.jp This command sends a test message to the specified computer, namely a webserver on the other side of the planet in Japan.
Ah yes the humble ping test, used to test for connectivity between your computer and another. But this was no ordinary test. It would couple together one of the most primitive centuries old technologies known to man together with the one of the fastest fiber-optic backbones in the Internet.
It all began several months earlier when Professor George Townsend was lecturing to a group of computer science students taking his fourth year Computer Networks course. The topic of the day was the OSI networking model, which describes a layered method of combining different types of technologies together to form functional networking systems. During the lecture, Professor Townsend made the claim that the design of the model permits different types of technologies to be transparently connected together. He suddenly stopped in mid lecture, and stared off into space stro
At Algoma University the mature students in the fast track accelerated second degree program are not quick to accept theory without proof. As a result, Professor George Townsend offered extra credit to anyone in his forth year Computer Networks course who could take up the challenge of implementing internet based protocols over a new form of medium - Bongo Drums.
Eight weeks later, the first public demonstration was given to the class by using a simple ping packet. With a blinding 2bps speed, the class sat patiently as the packet was received in roughly 140 seconds.
Whats the point you may ask? We aren't trying to set any speed records here (actually, we have been developing some ideas for "highspeed" bongos), but rather we're showing that the lower layers of the OSI model can be replaced with any form of media without affecting the layers above it.
Look at those bongos fly! - classmate
Due to a busy semester and a Microcoded M6800 Emulator project, work on the final phase of the project has slowed. The design plans for the actual bongo hook up have been completed, and now only a few more hours are required for total completion. The demonstrations that have been conducted have used synthesized bongo beats played through desktop speakers. Due to summer work, time has ran out and the final implementation will have to wait until september.
from the "Maryland is moving ahead with the installation" link, one thing the webpage says maryland will do is "Change default passwords and passwords printed in documentation." Does anyone really need to be told this? If you're so illiterate in computers that you need to be reminded of this, you need to call in a person who reads/.:-)
Just checked the.ca.us registry, and there are a bunch of towns in calif that are willing to give you your own yourname.townname.ca.us domain name for free; unfortunately, you have to be a resident of the place, or have a business (unfortunately, no PO Boxes... damn, I could just get something at a calif mailboxes etc or something...)
If mail servers count (I am a resident of illinois, though I go to Wisconsin regularly on business) I am so going to purchase a web hosting service from a california ISP. Any people masquerading (or real) lawyers out there to give me a legal opinion on this?
How is tallying votes this hard to do? The computer was invented as a counting machine first of all, so you would think that voting would be a perfect task for computers.
1. Set up a network of computers at the polling place; doesn't matter what they are, just get a contract with Apple, Dell, etc to build a lot of cheap , 300mhz computers. Hell, you could even snap them off ebay or ask people to donate their machines for voting. 2. Clear the hard drive, then install Linux on every machine (don't have to do it manually, you can use Ghost or another imaging tool). 3. Just for the sake of this post, let's say the voting program is in Java. 4. We set up a series of computers for voting, each hardwired to a central voting location (location, not the entire state or county) computer. 5. People vote, each computer can print out a paper verify on a thermal printer. 6. At the voting location, each voting computer keeps updating the location's central computer. 7. At the end of voting, or in intervals, just have the location's central computer link up to the internet, initiate a Socket connection with the main State computer (encrypt, compress, etc too) and update the State computer on the vote tallies. And when the location's central computer isn't linking to the main State computer, physically PULL THE ETHERNET JACK OUT OF THE WALL!
Seems easy enough... Hell, why bother with a company? If open source people can build a whole OS, it doesn't seem that hard to build a well documented voting system.
And why do you even need to bother with Access? It seems to me that you could just build a Hashtable, the keys can be codes for the individual voting locations, and the values can be custom classes holding as many Vectors and Hashtables as needed to hold the choices.
So if I don't make any files available for download, the RIAA won't sue me? Also, can we tape songs off the radio and make them available? Since the radio is distributing them in the first place, aren't I just helping the proess along?
I called them too, the girl who picked up gave me the same number (650...) but when I called it, absolutely zipola. The call centers must know everyone is pissed, and is just redirecting the inquiries to an unused number...
No, because the ratings system is contained within your computer. Windows Media Player does this in another way, assigning "stars" to the music it thinks you like in the Media Library.
No, because as the author said, YOU can define where the money goes, he just says that the easiest way would be to have the computer automate the procedure.
That was a fairly neat way of handling the problem. It wouldn't be too hard to build an open protocol for this. One thing: does the government have to be involved? What about if everyone just sets up an independent organization to act as clearinghouse for the id string transactions and monies? If the government got into this, they'd probably use it as another income source, and levy another tax, going to their coffers only.
As some else mentioned, TrollTech is owned by the Canopy Group (look in the bottom left corner of the company's portfolio), the same group that owns SCO.
If we buy this, do we still have to pay $699 to SCO?
Hidden malware in offshore products raises concerns
Story by Mark Willoughby
SEPTEMBER 11, 2003 ( COMPUTERWORLD ) - "You've go to be a little paranoid to survive in this business." -- Andrew S. Grove, chairman and founder, Intel Corp., ca. 1980 The extreme difficulty in discovering a back door hidden deep within a complex application, buried among numerous modules developed offshore in a global software marketplace, is forcing those assigned to protect sensitive national security information to take defensive actions.
The threat of hidden Trojan horses and back doors surfaced this summer when the governments of the U.S. and China announced plans to strengthen national security policies covering information processed by applications written in the global software marketplace. The private sector joined the fray with the August announcement of the File Signature Database, which will use hash values to protect software integrity from malicious additions (see story).
The National Security Agency's information assurance director, Daniel Wolf, in testimony before the House Select Committee on Homeland Security's cybersecurity subcommittee in July, called for a federal lab that would "find malicious software routines that are designed to morph and burrow into critical applications." Separately, the State Council of the People's Republic of China in August directed all government ministries to buy only Chinese software in the next upgrade cycle in an effort to encourage the development of local software companies but also to protect sensitive government data.
Mark Willoughby, CISSP, is a 20-year IT industry veteran and journalist with degrees in computer science and journalism. For the past seven years, he has tracked security and risk management start-ups and is a managing consultant at MessagingGroup, a Denver-based content development specialist.
Steps taken so far
The simmering global paranoia is rooted in the realization that no simple solution exists today, experts say. It is virtually impossible to find unauthorized malware hidden deep within a sophisticated multitiered application with data normalization, messaging middleware and other modules originating from labs in a half-dozen countries.
Robert Lentz, the U.S. Defense Department's director of information assurance, said in a written statement, "The DoD currently is studying several aspects of software assurance. The DoD has a current software acquisition policy. The group studying software assurance is looking to supplement that policy with strengthened mechanisms to increase our confidence in the security of both foreign and domestic software products."
Input, a Chantilly, Va.- based technology research firm, says federal government spending on IT products and services will grow 8.5% yearly from 2003 to 2008, from $45.4 billion to $68.2 billion. Approximately half of that spending will be in areas in which the government would like to see stronger information assurance.
Incidents of back doors compromising sensitive national security information may never be known. That's not so in the private sector.
"There have been a number of cases where software was found with intentionally planted back doors," said Shawn Hernan, team leader for vulnerability handling at the CERT Coordination Center at Carnegie Mellon University. "Most of these were for providing support, although no such support option was given to commercial customers. It's happened in both proprietary and open-sourced software."
Hernan said discovering hidden malware is one of the most difficult tasks facing an assurance investigator. CERT doesn't track vulnerabilities by country of origin, he added.
Software engineering processes are only now beginning to focus on providing traceability in security code. Traceability, which would allow a given line of code or a software module to be tracked back to the developer, is viewed as the Holy Grail in combating hidden malware. Traceability is also an effectiv
IANAL, but I think this would largely be a Napster-like case, e.g. yes, the riaa did do wrong in violating the EULA, but the filesharer did wrong FIRST.
First of all, I want to say I agree with the people for you to just outsource it. Email is just too much if you're going to handle it by yourself (I'm assuming you have other computing duties).
Or, why do you have to go with IMAP? What about POP3? James (http://james.apache.org) is a nice mail server, easily customizable too if you know Java.
If you go to http://www.kazaaplus.com/, you'll see that they're charging 29.95 for "Kazaa Plus". Evidently these people thought they were legit by paying the fee...
Slashdot Mirror
I didn't say _ALL_ programs I wrote were in Notepad, I said that I had written a lot. Who modded this guy up, I want to speak to you...
Personally, I hope Yahoo doesn't deactivate the group. Not that I agree with them, but Yahoo deactivating the group would be a very bad precedent, maybe even opening Yahoo up to a lawsuit...
Can't you just use the Java Anonymous Proxy or anonymizer.com and still access it? Or someone can just write a script to copy the particular banned Yahoo group and mirror it somewhere else...
When are countries going to learn that the Internet can't be stopped?
Notepad is _NOT_ a crappy tool. I've written so many Java programs, web pages, etc in that small program, it's not even funny. Notepad is exactly what I need: a no frills text editor. Besides, why should I go to the bother of getting another text editor when there's already a perfectly good one sitting on my hard drive? If I ever decide to get another text editor, I'll be downloading Microsoft's NotePad for XML.
From the Background section:
During a lecture about the layers of the OSI model in our fourth year Computer Networks Course, Prof. Townsend was discussing the fact that the lower layers of the model could be replaced with any form of media. Despite this change, the upper layers would function as normal. In fact, others have implemented network protocols over "non-standard" media, including CPIP (carrier pigeon internet protocol) which was implemented using RFC1149, and reached speeds of 0.08bps. Prof. Townsend jokingly suggested that Internet Protocols could even run over forms of primitive communication (i.e. bongo drums, or even smoke signals). In an email sent out after class he offered extra credit to anyone who succesfully implemented TCP/IP via. Bongo Drums. I was the only one crazy enough to sign up, and thus began what was deamed as "The Bongo Project".
The next morning, wondering what I had gotten myself into, I discussed the game plan with Prof. Townsend. It was suggested to whip up a couple Linux boxes to form a transparent bridge that would serve as the Bongo Link itself. Each Linux box would then have a microphone and a pair of bongos, with each microphone "listening" to the appropriate pair of bongos (based on pitch). The pitch recognition would be a project in itself, but luckily both Prof. Townsend and Dr. Keppel-Jones from the Mathematics Department had already developed an interesting method called SAW (Sliding Averaging Window) for me to base some of my work from. With the bridge constructed, the Bongo Link could then be placed anywhere, and in testing cases it was between my PC and the residence LAN.
I had little socket programming experience, and even less experience with devices in UNIX. Jason Tackaberry, the university system administrator, offered some source code from a network monitoring project for me to scan over for some coding help. The gesture was appreciated greatly.
Weekly meetings with Prof. Townsend were scheduled to discuss my progress, as well as online chat sessions which often led to hours of debugging and perfecting pitch recognition algorithms.
By the end of the semester, the project was not 100% completed, so a demonstration was given to the class which used a set of desktop speakers which played recorded bongo beats to simulate the real thing. Since the theory had been proven, I was granted my extra credit and somehow wound up with a 99% in the class.
The final phase is almost near completion.
From the overview:
The following non-technical story has appeared in school magazines and many other news sources from around the world.
Modern and Centuries Old Technologies Meet at AUC
Daniel Reid, senior computer science student at Algoma University finished explaining his project to a room full of his peers. The room fell silent as everyone waited in eager anticipation of the demonstration that was about to begin. Danny sat down in front of an ordinary windows computer and typed a simple command, ping www.sony.co.jp This command sends a test message to the specified computer, namely a webserver on the other side of the planet in Japan.
Ah yes the humble ping test, used to test for connectivity between your computer and another. But this was no ordinary test. It would couple together one of the most primitive centuries old technologies known to man together with the one of the fastest fiber-optic backbones in the Internet.
It all began several months earlier when Professor George Townsend was lecturing to a group of computer science students taking his fourth year Computer Networks course. The topic of the day was the OSI networking model, which describes a layered method of combining different types of technologies together to form functional networking systems. During the lecture, Professor Townsend made the claim that the design of the model permits different types of technologies to be transparently connected together. He suddenly stopped in mid lecture, and stared off into space stro
At Algoma University the mature students in the fast track accelerated second degree program are not quick to accept theory without proof. As a result, Professor George Townsend offered extra credit to anyone in his forth year Computer Networks course who could take up the challenge of implementing internet based protocols over a new form of medium - Bongo Drums. Eight weeks later, the first public demonstration was given to the class by using a simple ping packet. With a blinding 2bps speed, the class sat patiently as the packet was received in roughly 140 seconds. Whats the point you may ask? We aren't trying to set any speed records here (actually, we have been developing some ideas for "highspeed" bongos), but rather we're showing that the lower layers of the OSI model can be replaced with any form of media without affecting the layers above it. Look at those bongos fly! - classmate Due to a busy semester and a Microcoded M6800 Emulator project, work on the final phase of the project has slowed. The design plans for the actual bongo hook up have been completed, and now only a few more hours are required for total completion. The demonstrations that have been conducted have used synthesized bongo beats played through desktop speakers. Due to summer work, time has ran out and the final implementation will have to wait until september.
Isn't it against AT&T's TOS to host web sites on personal cable lines? Tsk, Tsk.
Obviously, we post a mirror to their work/cell/etc
from the "Maryland is moving ahead with the installation" link, one thing the webpage says maryland will do is "Change default passwords and passwords printed in documentation." Does anyone really need to be told this? If you're so illiterate in computers that you need to be reminded of this, you need to call in a person who reads /. :-)
just as a point of reference, how much does this write once ram cost?
Just checked the .ca.us registry, and there are a bunch of towns in calif that are willing to give you your own yourname.townname.ca.us domain name for free; unfortunately, you have to be a resident of the place, or have a business (unfortunately, no PO Boxes... damn, I could just get something at a calif mailboxes etc or something...)
If mail servers count (I am a resident of illinois, though I go to Wisconsin regularly on business) I am so going to purchase a web hosting service from a california ISP. Any people masquerading (or real) lawyers out there to give me a legal opinion on this?
No, now we just require more money. Just give a couple of thousand to a good programmer, and they'll handle it.
How is tallying votes this hard to do? The computer was invented as a counting machine first of all, so you would think that voting would be a perfect task for computers.
1. Set up a network of computers at the polling place; doesn't matter what they are, just get a contract with Apple, Dell, etc to build a lot of cheap , 300mhz computers. Hell, you could even snap them off ebay or ask people to donate their machines for voting.
2. Clear the hard drive, then install Linux on every machine (don't have to do it manually, you can use Ghost or another imaging tool).
3. Just for the sake of this post, let's say the voting program is in Java.
4. We set up a series of computers for voting, each hardwired to a central voting location (location, not the entire state or county) computer.
5. People vote, each computer can print out a paper verify on a thermal printer.
6. At the voting location, each voting computer keeps updating the location's central computer.
7. At the end of voting, or in intervals, just have the location's central computer link up to the internet, initiate a Socket connection with the main State computer (encrypt, compress, etc too) and update the State computer on the vote tallies. And when the location's central computer isn't linking to the main State computer, physically PULL THE ETHERNET JACK OUT OF THE WALL!
Seems easy enough... Hell, why bother with a company? If open source people can build a whole OS, it doesn't seem that hard to build a well documented voting system.
And why do you even need to bother with Access? It seems to me that you could just build a Hashtable, the keys can be codes for the individual voting locations, and the values can be custom classes holding as many Vectors and Hashtables as needed to hold the choices.
So if I don't make any files available for download, the RIAA won't sue me?
Also, can we tape songs off the radio and make them available? Since the radio is distributing them in the first place, aren't I just helping the proess along?
Just checked windows update... it says it didn't find anything to fix... something wrong here? Keep in mind I haven't Updated for two weeks or so.
I called them too, the girl who picked up gave me the same number (650...) but when I called it, absolutely zipola. The call centers must know everyone is pissed, and is just redirecting the inquiries to an unused number...
No, because the ratings system is contained within your computer. Windows Media Player does this in another way, assigning "stars" to the music it thinks you like in the Media Library.
No, because as the author said, YOU can define where the money goes, he just says that the easiest way would be to have the computer automate the procedure.
That was a fairly neat way of handling the problem. It wouldn't be too hard to build an open protocol for this. One thing: does the government have to be involved? What about if everyone just sets up an independent organization to act as clearinghouse for the id string transactions and monies? If the government got into this, they'd probably use it as another income source, and levy another tax, going to their coffers only.
As some else mentioned, TrollTech is owned by the Canopy Group (look in the bottom left corner of the company's portfolio), the same group that owns SCO. If we buy this, do we still have to pay $699 to SCO?
Hidden malware in offshore products raises concerns
Story by Mark Willoughby
SEPTEMBER 11, 2003 ( COMPUTERWORLD ) - "You've go to be a little paranoid to survive in this business." -- Andrew S. Grove, chairman and founder, Intel Corp., ca. 1980
The extreme difficulty in discovering a back door hidden deep within a complex application, buried among numerous modules developed offshore in a global software marketplace, is forcing those assigned to protect sensitive national security information to take defensive actions.
The threat of hidden Trojan horses and back doors surfaced this summer when the governments of the U.S. and China announced plans to strengthen national security policies covering information processed by applications written in the global software marketplace. The private sector joined the fray with the August announcement of the File Signature Database, which will use hash values to protect software integrity from malicious additions (see story).
The National Security Agency's information assurance director, Daniel Wolf, in testimony before the House Select Committee on Homeland Security's cybersecurity subcommittee in July, called for a federal lab that would "find malicious software routines that are designed to morph and burrow into critical applications." Separately, the State Council of the People's Republic of China in August directed all government ministries to buy only Chinese software in the next upgrade cycle in an effort to encourage the development of local software companies but also to protect sensitive government data.
Mark Willoughby, CISSP, is a 20-year IT industry veteran and journalist with degrees in computer science and journalism. For the past seven years, he has tracked security and risk management start-ups and is a managing consultant at MessagingGroup, a Denver-based content development specialist.
Steps taken so far
The simmering global paranoia is rooted in the realization that no simple solution exists today, experts say. It is virtually impossible to find unauthorized malware hidden deep within a sophisticated multitiered application with data normalization, messaging middleware and other modules originating from labs in a half-dozen countries.
Robert Lentz, the U.S. Defense Department's director of information assurance, said in a written statement, "The DoD currently is studying several aspects of software assurance. The DoD has a current software acquisition policy. The group studying software assurance is looking to supplement that policy with strengthened mechanisms to increase our confidence in the security of both foreign and domestic software products."
Input, a Chantilly, Va.- based technology research firm, says federal government spending on IT products and services will grow 8.5% yearly from 2003 to 2008, from $45.4 billion to $68.2 billion. Approximately half of that spending will be in areas in which the government would like to see stronger information assurance.
Incidents of back doors compromising sensitive national security information may never be known. That's not so in the private sector.
"There have been a number of cases where software was found with intentionally planted back doors," said Shawn Hernan, team leader for vulnerability handling at the CERT Coordination Center at Carnegie Mellon University. "Most of these were for providing support, although no such support option was given to commercial customers. It's happened in both proprietary and open-sourced software."
Hernan said discovering hidden malware is one of the most difficult tasks facing an assurance investigator. CERT doesn't track vulnerabilities by country of origin, he added.
Software engineering processes are only now beginning to focus on providing traceability in security code. Traceability, which would allow a given line of code or a software module to be tracked back to the developer, is viewed as the Holy Grail in combating hidden malware. Traceability is also an effectiv
IANAL, but I think this would largely be a Napster-like case, e.g. yes, the riaa did do wrong in violating the EULA, but the filesharer did wrong FIRST.
First of all, I want to say I agree with the people for you to just outsource it. Email is just too much if you're going to handle it by yourself (I'm assuming you have other computing duties).
Or, why do you have to go with IMAP? What about POP3? James (http://james.apache.org) is a nice mail server, easily customizable too if you know Java.
If you go to http://www.kazaaplus.com/, you'll see that they're charging 29.95 for "Kazaa Plus". Evidently these people thought they were legit by paying the fee...