I hadn't gotten my headphones out of my bag yet, for starters...
But that is completely unrelated to if someone ELSE sits next to me and does the same, or doesn't even think of the startup sound while I'm trying to work. I'm not going to pass a law stating you must have headphones plugged in to any laptop in that area, or at least muted, I'm just going to act on my own and throw the damn thing out the window like I previously stated.
Has it occured to anyone that a user might just wake up early morning and wants to turn on his/her computer without waking up sleeping family members?
Just today I walked into the "Maximum Quiet Study Area" for our univerisity's library, and popped open my laptop and turned it on. My gkrellm instance sounded my "alert" sound (which is actually very rare, the load was too high from the boot apparently), and I rushed to hit the mute button.
The startup sound on Vista would be before any multimedia keys are registered if it's at all like XP is, and that wouldn't have worked. Laptop speakers don't have volume control!
If Vista does require this, and I hear someone turn on their laptop with "welcome to Windows Vista!", I'm going to throw their laptop out a window, no pun intended.
If you and a group of friends were to go around your neighborhood egging people's houses, throwing small rocks at passers-by, breaking the limbs of public trees, bullying people, shooting people on the street with water guns (not necessarily filled with water) or a number of other similar acts, that would be anti-social. Anti-social behavior is often behavior which is disruptive to society in one form or another.
The use of the word "gang" below, and the bolded text above is why I never considered any of this "anti-social" behavior. Joining a gang is definitely social behavior, you are trying to climb the ladder and gain acceptance from peers.
"anti" means "opposed to or against". I am "opposed to" social behavior. Therefore, I describe it as "anti-social".
These people aren't going against "social" behavoir, but against "decent" behavoir. A more descriptive term would be "anti-decent behavoir" for people who egg houses.
Maybe we are thinking of different concepts... but "anti-social" to me means not agreeing with the concept of being social, which usually entails me sitting on my couch not speaking to another human being.
Superintendent Stuart Johnson, operations manager at Halesowen police station, said: 'I support the actions of my officers who responded to complaints from the public about "kids destroying" an ornamental cherry tree by stripping every branch from it, in an area where there have been reports of anti-social behaviour.
Since when was the word "proxy" some sort of unknown subject TO NERDS?
People are treating this as if it were something new and amazing, but people have used proxies for ages... this is just one that isn't released yet (as opposed to the billions that already exist).
So your reasons why Vista won't suck is because all the sucky features will be cracked by someone willing to be raided and thrown in jail under the DMCA?
Ah... Now, you see, we're adding rules. He'd also object if, say, I tried to run off with his car or TV. Now we're protecting property through threat of force. He'd probably also object if I put up signs accusing him of pedophelia. Now we're protecting reputation through threat of force.
All of a sudden, that hard line is a quite a bit softer and harder to define...
Walking onto my property IS force, you are being there without permission.
Putting up signs accusing me of pedophelia? Go right on ahead. I don't care.
What is the point? System administrators can administer their own computers, they usually have quite a bit of time on their hands anyway. Even if their own system is hosed during a time of crisis, all they will ever need is a computer with a NIC and a CD drive to plop Knoppix in and SSH into the servers...
I can't imagine what you would possibly have a use for...
I read the intro to your journal (or whatever that was), and I have to say, I'm glad you are reading about other things than Democracy, but Facism is definitely not the answer.
I, too, disagree with democracy, but not freedom. Democracy is basically allowing the strong/rich to bully around the weak/poor, which is absolutely ridiculous.
If you want to expand your horizons a bit more, and look to the polar opposite of what you are thinking about (if you truly have an open mind you would have no problem reading opposing viewpoints), you should read about Libertarianism. At the bare minimum, you might disagree with it and form even more opinions about your beliefs:)
Basically, Facism, Socialism, Communism, etc, to me, is nearly the same thing as democracy. A few people in power try to bully around the population as if they were playing some sort of RTS or something, trying to force each little spoke of the wheel turn the same way.
With true freedom everyone can think how they want, believe what they want, not have opinions/beliefs forced upon them, etc. You could state stuff about your thoughts about Facism without getting your door kicked down by the government, form a (willing) group of people to try to create a facist utopia if you wanted, or whatever you wanted to, just as long as you didn't harm anyone else.
The main premise of Libertarianism is absolutely no force unless defending yourself. With Facism, unless under a freedom based society with willing participants, everyone is FORCED to follow their beliefs, which severely limits people's ability to think openly and form their own opinions on matters.
Anyway, your original post probably looked like a troll solely because it seemed like you were provoking people, which is hard to gauge correctly over the Internet. I've been a mod before, and I don't read everyone's journal of posts I moderate!
The difference is, Apple and Linux aren\'t limiting you, the content providers are and Vista will implement it.
As far as OSX limiting this, that\'s impossible. It\'s hardware, so it would have to be Apple\'s monitors, and even then, I doubt they would do that since Microsoft would be the one handing out security keys and such.
Well, I'd rather have Vista + DRM/"Shackles" than nothing.
Then again, I'd rather have Mac OS X Tiger than either.
I think that's the parent's point, OSX/Linux/BSD is better than Windows, which limits you.
But does Windows Vista come with DRM of any sort? Or are you referring to the music DRM it is compatible with?
Yes, in order to view "secure" windows media content, you have to have a special monitor which can decode the encrypted content in the first place. The section of the screen with the media on a regular monitor will be either garbled or blank. This is to prevent people from copying the video by taking the raw stream from the monitor cord.
If the article is right, then this post/article is wrong. But if it really is wrong, then this article has to be right, and then the post/article has to be wrong...
big deal...last year, you could install a fresh linux server install while connected to the internet, and within 5 minutes 2 scripts running out of the west coast would have your root password changed...we tested it first hand several times with red hat...intall it while connected to the ethernet through a router/firewall ot the internet...and boom...root password changed within 5 minutes. The sources of these scripts were california and alaska..and there are/were many more like it that we researched and found.....so by the logic on this board, linux is now crappy insecure bloatware constructed by an evil corporation.....
I'm not quite sure what to say to that...
I don't think you could have a telnet server running on a system with a blank root/admin password behind a router and get hacked in 5 minutes, that's Windows, Linux, FreeBSD, Solaris... ANYTHING.
Even if your router is extremely old and unsupported, people probably won't have worms/malware/viruses/whatever searching for routers like that constantly, that's absurd. New-ish and Newer routers are usually supported by their company, so I'm not quite sure what you are talking about.
I've had a fresh install of Windows XP installed on my network (behind a router), no SP1, no SP2, no patches, no firewall, nothing, and it has never been infected by viruses (I periodically run HouseCall and NAV, which has auto-protect disabled), spyware (at that time I also run spybot (no teatimer), adaware and a couple other spyware removal things on it), or any type of malware on it.
It's been up for years, and it's never had any problems. Considering the proliferation of Windows attacks out there, the router seems to be more than enough to protect that PC. How in the world did Linux of all things (small marketshare, I'm not going to get into a security discussion) get rooted in 5 minutes?
Mods, your Insightful rating for this post was way off. I call -1, Bullshit.
They're the same people shopping in best buy that think acompletely slammed eq curve sounds good. 50hz range is rattling the upholstery of my car? check! 10k range sounds like its cutting lasers through my eyeballs? check!
Yuck. I don't think like that! If anything besides the actual speaker (the part they WANT to vibrate, not the plastic around it), I nearly puke.
As far as what we are talking about... I'm not quite sure it's possible to have a pair of headphones that you can hear outside noise with that would be considered "sounding perfect", the random ambient noises of the world around us can really screw up music. So any pair of headphones that you can hear stuff beyond the output of the headphones are all the same, essentially. Regardless, even in the most quiet conditions, the headphones I'm talking about are really good, considering the circumstances (being able to hear ambient noises and such).
I think you are missing the point... the point is he DOESN'T want any ambient noise filtered...
But $30-99? I'm going to have to go outside that range for a good set of headphones, and I don't mean more expensive. I picked up one of those head wrap headphone types at BestBuy for $10, and they are probably the best pair of headphones I've ever had (I've had headphones ranging from $1 to $50, even).
I use them in my Starcraft... I mean Computer Networking class and I can listen to music and still be able to hear everyone else as we plan attacks... for routing networks... yeah...
In the case of Google, trying to access google.com will usually force you to google.co.uk if it detects your IPs geographical origin as being in the UK.
If you want to access Google US from anywhere in the world, http://www.google.com/ncr redirects you to the US version. I'm not sure about China though.... they probably have some sort of agreement against that with them.
Re:maybe not as serious as it seems ...
on
Cross Site Cooking
·
· Score: 1
How do you tell which host is in context when you run javascript in the address bar?
If I understand what you are saying correctly, executing javascript in the address bar using the void function (NOT without it) executes javascript on the currently being displayed page as if it were called from that page. So if you were to put this code in slashdot.org's source code, it would have the same effect.
This is used as a web security tool to alter form information on pages (such as hidden values, <select> tags, and others) that people don't think to validate properly, among other things such as altering cookies (whoddathunkit?). GreaseMonkey is based on a similar concept, too.
Re:maybe not as serious as it seems ...
on
Cross Site Cooking
·
· Score: 2
As far as this article goes, problems #1 and #2 are bugs in the browser, not errors with web developer's coding, I don't know why it is presented that way. The guy says "sites rely on secure browsers, but they aren't!", the site doesn't rely on the browsers being secure at all, the user does. If the user uses an insecure browser, and his cookies get stolen because of it, the site isn't damaged at all, the user is.
On top of that, he says he tested these things on MSIE and Firefox. I'm running Firefox 1.5, and it quite definitely DOES NOT work, test it for yourself, even give it a push. Turn off "for the originating site only" under cookies, and try to create a cookie with domain ".org.". It doesn't work. Run this in your address bar (on this page):
Look at your cookies. No cook2 under ".org", ".org.", not even "slashdot.org". The cookie just isn't set. Try this on just slashdot.org as well and it will do the same thing (or it.slashdot.org, whatever, all the same).
As far as #3 goes, I'm not quite sure what he thinks the "host" field it used for. If the site he's trying to attack is under a virtual host, which a lot of sites are, it will just discard it because the host doesn't match its table. On top of that, if they don't have a virtual host, all they would have to do is look through the packets being sent and see "Host: evil.example.com" and you're screwed.
These "attacks" either don't work or will get you busted really easily. Kids, don't try this at home.
Re:This can be used in DoS attacks...
on
Cross Site Cooking
·
· Score: 1
This is a potentially serious amplification attack vector that would be really hard to clean-up.
You do realize that slashdot.org can tell browsers what to do with their cookies for their site, right? Those 1 million viewers aren't using "hacked IE" that you distribute that keep the cookie even after the site tells it to delete them.
Assuming a slashdotting gives out 1 million users to your site, as you assume (I have no idea what the real number is), you would have 80*(1 million) or 80GB of bandwidth sent to slashdot. The people at slashdot probably wouldn't notice something was up until say 40GB were used, and they would add code to delete that cookie on their site. So, now we have 120 GB of used bandwidth.
If you were really attacking slashdot that's like chump change to them. That's assuming you get 1 million hits, and they all go through (your server would buckle after 100,000 probably, unless you have massive bandwidth.
On top of all this, I have a feeling that this would be a really easy to trace attack (everyone on slashdot is getting these cookies after viewing this article... I wonder whats causing that?)... you wouldn't be laughing for long.
Slashdot Mirror
In addition to the "Introduction to Evolution" entry, there is also the "Simple English" version of Wikipedia:
http://simple.wikipedia.org/wiki/Main_Page
http://simple.wikipedia.org/wiki/Evolution
I hadn't gotten my headphones out of my bag yet, for starters...
But that is completely unrelated to if someone ELSE sits next to me and does the same, or doesn't even think of the startup sound while I'm trying to work. I'm not going to pass a law stating you must have headphones plugged in to any laptop in that area, or at least muted, I'm just going to act on my own and throw the damn thing out the window like I previously stated.
Has it occured to anyone that a user might just wake up early morning and wants to turn on his/her computer without waking up sleeping family members?
Just today I walked into the "Maximum Quiet Study Area" for our univerisity's library, and popped open my laptop and turned it on. My gkrellm instance sounded my "alert" sound (which is actually very rare, the load was too high from the boot apparently), and I rushed to hit the mute button.
The startup sound on Vista would be before any multimedia keys are registered if it's at all like XP is, and that wouldn't have worked. Laptop speakers don't have volume control!
If Vista does require this, and I hear someone turn on their laptop with "welcome to Windows Vista!", I'm going to throw their laptop out a window, no pun intended.
If you and a group of friends were to go around your neighborhood egging people's houses, throwing small rocks at passers-by, breaking the limbs of public trees, bullying people, shooting people on the street with water guns (not necessarily filled with water) or a number of other similar acts, that would be anti-social. Anti-social behavior is often behavior which is disruptive to society in one form or another.
The use of the word "gang" below, and the bolded text above is why I never considered any of this "anti-social" behavior. Joining a gang is definitely social behavior, you are trying to climb the ladder and gain acceptance from peers.
"anti" means "opposed to or against". I am "opposed to" social behavior. Therefore, I describe it as "anti-social".
These people aren't going against "social" behavoir, but against "decent" behavoir. A more descriptive term would be "anti-decent behavoir" for people who egg houses.
Like me waiting at my mailbox with my Louisville Slugger.
Oh wait that's assault...
...what?
Maybe we are thinking of different concepts... but "anti-social" to me means not agreeing with the concept of being social, which usually entails me sitting on my couch not speaking to another human being.
No, they've been 'going too far' for 50+ years now.
Superintendent Stuart Johnson, operations manager at Halesowen police station, said: 'I support the actions of my officers who responded to complaints from the public about "kids destroying" an ornamental cherry tree by stripping every branch from it, in an area where there have been reports of anti-social behaviour.
Since when was being anti-social a crime?
Exactly, this article confuses me to no end...
Since when was the word "proxy" some sort of unknown subject TO NERDS?
People are treating this as if it were something new and amazing, but people have used proxies for ages... this is just one that isn't released yet (as opposed to the billions that already exist).
So your reasons why Vista won't suck is because all the sucky features will be cracked by someone willing to be raided and thrown in jail under the DMCA?
Ah... Now, you see, we're adding rules. He'd also object if, say, I tried to run off with his car or TV. Now we're protecting property through threat of force. He'd probably also object if I put up signs accusing him of pedophelia. Now we're protecting reputation through threat of force.
All of a sudden, that hard line is a quite a bit softer and harder to define...
Walking onto my property IS force, you are being there without permission.
Putting up signs accusing me of pedophelia? Go right on ahead. I don't care.
What is the point? System administrators can administer their own computers, they usually have quite a bit of time on their hands anyway. Even if their own system is hosed during a time of crisis, all they will ever need is a computer with a NIC and a CD drive to plop Knoppix in and SSH into the servers...
I can't imagine what you would possibly have a use for...
I read the intro to your journal (or whatever that was), and I have to say, I'm glad you are reading about other things than Democracy, but Facism is definitely not the answer.
:)
I, too, disagree with democracy, but not freedom. Democracy is basically allowing the strong/rich to bully around the weak/poor, which is absolutely ridiculous.
If you want to expand your horizons a bit more, and look to the polar opposite of what you are thinking about (if you truly have an open mind you would have no problem reading opposing viewpoints), you should read about Libertarianism. At the bare minimum, you might disagree with it and form even more opinions about your beliefs
Basically, Facism, Socialism, Communism, etc, to me, is nearly the same thing as democracy. A few people in power try to bully around the population as if they were playing some sort of RTS or something, trying to force each little spoke of the wheel turn the same way.
With true freedom everyone can think how they want, believe what they want, not have opinions/beliefs forced upon them, etc. You could state stuff about your thoughts about Facism without getting your door kicked down by the government, form a (willing) group of people to try to create a facist utopia if you wanted, or whatever you wanted to, just as long as you didn't harm anyone else.
The main premise of Libertarianism is absolutely no force unless defending yourself. With Facism, unless under a freedom based society with willing participants, everyone is FORCED to follow their beliefs, which severely limits people's ability to think openly and form their own opinions on matters.
Anyway, your original post probably looked like a troll solely because it seemed like you were provoking people, which is hard to gauge correctly over the Internet. I've been a mod before, and I don't read everyone's journal of posts I moderate!
HAHAHAHA!
What happened? I know I didn't escape those quotes...
Must have been whatever perl's equivalent to addslashes/stripslashes descrepency.
The difference is, Apple and Linux aren\'t limiting you, the content providers are and Vista will implement it.
As far as OSX limiting this, that\'s impossible. It\'s hardware, so it would have to be Apple\'s monitors, and even then, I doubt they would do that since Microsoft would be the one handing out security keys and such.
Well, I'd rather have Vista + DRM/"Shackles" than nothing.
Then again, I'd rather have Mac OS X Tiger than either.
I think that's the parent's point, OSX/Linux/BSD is better than Windows, which limits you.
But does Windows Vista come with DRM of any sort? Or are you referring to the music DRM it is compatible with?
Yes, in order to view "secure" windows media content, you have to have a special monitor which can decode the encrypted content in the first place. The section of the screen with the media on a regular monitor will be either garbled or blank. This is to prevent people from copying the video by taking the raw stream from the monitor cord.
that's an improvement, how?
:P
Compared to the XP fisher-price look?
Just be grateful, OK.
XP has a classic theme, too.. In fact, I always switch to that on any PC I use that has XP on it.
I am grateful.... for the Linux community
If the article is right, then this post/article is wrong. But if it really is wrong, then this article has to be right, and then the post/article has to be wrong...
It's a paradox! The world is going to end!
big deal...last year, you could install a fresh linux server install while connected to the internet, and within 5 minutes 2 scripts running out of the west coast would have your root password changed...we tested it first hand several times with red hat...intall it while connected to the ethernet through a router/firewall ot the internet...and boom...root password changed within 5 minutes. The sources of these scripts were california and alaska..and there are/were many more like it that we researched and found.....so by the logic on this board, linux is now crappy insecure bloatware constructed by an evil corporation.....
I'm not quite sure what to say to that...
I don't think you could have a telnet server running on a system with a blank root/admin password behind a router and get hacked in 5 minutes, that's Windows, Linux, FreeBSD, Solaris... ANYTHING.
Even if your router is extremely old and unsupported, people probably won't have worms/malware/viruses/whatever searching for routers like that constantly, that's absurd. New-ish and Newer routers are usually supported by their company, so I'm not quite sure what you are talking about.
I've had a fresh install of Windows XP installed on my network (behind a router), no SP1, no SP2, no patches, no firewall, nothing, and it has never been infected by viruses (I periodically run HouseCall and NAV, which has auto-protect disabled), spyware (at that time I also run spybot (no teatimer), adaware and a couple other spyware removal things on it), or any type of malware on it.
It's been up for years, and it's never had any problems. Considering the proliferation of Windows attacks out there, the router seems to be more than enough to protect that PC. How in the world did Linux of all things (small marketshare, I'm not going to get into a security discussion) get rooted in 5 minutes?
Mods, your Insightful rating for this post was way off. I call -1, Bullshit.
They're the same people shopping in best buy that think acompletely slammed eq curve sounds good. 50hz range is rattling the upholstery of my car? check! 10k range sounds like its cutting lasers through my eyeballs? check!
Yuck. I don't think like that! If anything besides the actual speaker (the part they WANT to vibrate, not the plastic around it), I nearly puke.
As far as what we are talking about... I'm not quite sure it's possible to have a pair of headphones that you can hear outside noise with that would be considered "sounding perfect", the random ambient noises of the world around us can really screw up music. So any pair of headphones that you can hear stuff beyond the output of the headphones are all the same, essentially. Regardless, even in the most quiet conditions, the headphones I'm talking about are really good, considering the circumstances (being able to hear ambient noises and such).
I think you are missing the point... the point is he DOESN'T want any ambient noise filtered...
But $30-99? I'm going to have to go outside that range for a good set of headphones, and I don't mean more expensive. I picked up one of those head wrap headphone types at BestBuy for $10, and they are probably the best pair of headphones I've ever had (I've had headphones ranging from $1 to $50, even).
I use them in my Starcraft... I mean Computer Networking class and I can listen to music and still be able to hear everyone else as we plan attacks... for routing networks... yeah...
In the case of Google, trying to access google.com will usually force you to google.co.uk if it detects your IPs geographical origin as being in the UK.
If you want to access Google US from anywhere in the world, http://www.google.com/ncr redirects you to the US version. I'm not sure about China though.... they probably have some sort of agreement against that with them.
How do you tell which host is in context when you run javascript in the address bar?
If I understand what you are saying correctly, executing javascript in the address bar using the void function (NOT without it) executes javascript on the currently being displayed page as if it were called from that page. So if you were to put this code in slashdot.org's source code, it would have the same effect.
This is used as a web security tool to alter form information on pages (such as hidden values, <select> tags, and others) that people don't think to validate properly, among other things such as altering cookies (whoddathunkit?). GreaseMonkey is based on a similar concept, too.
As far as this article goes, problems #1 and #2 are bugs in the browser, not errors with web developer's coding, I don't know why it is presented that way. The guy says "sites rely on secure browsers, but they aren't!", the site doesn't rely on the browsers being secure at all, the user does. If the user uses an insecure browser, and his cookies get stolen because of it, the site isn't damaged at all, the user is.
On top of that, he says he tested these things on MSIE and Firefox. I'm running Firefox 1.5, and it quite definitely DOES NOT work, test it for yourself, even give it a push. Turn off "for the originating site only" under cookies, and try to create a cookie with domain ".org.". It doesn't work. Run this in your address bar (on this page):
javascript:void(document.cookie="cook1=bobjones; domain=.slashdot.org");
Now look at your cookies. "slashdot.org" has "cook1" listed with value "bobjones".
Now open a new tab/window/whatever. Open "http://slashdot.org./". Let's try this "exploit":
javascript:void(document.cookie="cook2=bobjones; domain=.org.");
Look at your cookies. No cook2 under ".org", ".org.", not even "slashdot.org". The cookie just isn't set. Try this on just slashdot.org as well and it will do the same thing (or it.slashdot.org, whatever, all the same).
As far as #3 goes, I'm not quite sure what he thinks the "host" field it used for. If the site he's trying to attack is under a virtual host, which a lot of sites are, it will just discard it because the host doesn't match its table. On top of that, if they don't have a virtual host, all they would have to do is look through the packets being sent and see "Host: evil.example.com" and you're screwed.
These "attacks" either don't work or will get you busted really easily. Kids, don't try this at home.
This is a potentially serious amplification attack vector that would be really hard to clean-up.
You do realize that slashdot.org can tell browsers what to do with their cookies for their site, right? Those 1 million viewers aren't using "hacked IE" that you distribute that keep the cookie even after the site tells it to delete them.
Assuming a slashdotting gives out 1 million users to your site, as you assume (I have no idea what the real number is), you would have 80*(1 million) or 80GB of bandwidth sent to slashdot. The people at slashdot probably wouldn't notice something was up until say 40GB were used, and they would add code to delete that cookie on their site. So, now we have 120 GB of used bandwidth.
If you were really attacking slashdot that's like chump change to them. That's assuming you get 1 million hits, and they all go through (your server would buckle after 100,000 probably, unless you have massive bandwidth.
On top of all this, I have a feeling that this would be a really easy to trace attack (everyone on slashdot is getting these cookies after viewing this article... I wonder whats causing that?)... you wouldn't be laughing for long.