So if the phone is lawfully taken as evidence, the police shouldn't be able to employ ways to prevent you from tampering with it?
As private citizens we do certainly have an expectation of privacy, with the realization that right can be abridged with DUE PROCESS of law. Are you saying that if I'm caught on the phone after a bank heist, the police shouldn't be able to see who I called from that phone?
This is one part of the article that I don't have any problems with the cops' behavior.
Last time I filled my car up with gas I've put in the wrong ZIP code, and been forced to take my card to the attendant. I suspect that they actually check it, but if its after hours and no attendant is available would rather have the sale than send you to a different gas station. They probably assume (correctly) that you'd rather take the 30 seconds and take it inside than get back in your car and drive somewhere else.
How is it bad behavior? His step-daughter will almost certainly read it, and it had some value in context.
Without knowing his step-daughter, it's hard for us to pass judgement on him. Kids don't change much past 17, and sometimes you have to call a lemon a lemon.
This ruling may follow the letter of the law in a narrow interpretation, but not the spirit of the law.
Anyone that is already using Glider already has the ability to see any of the encounters in the game. While the purpose of other copyright-circumventing devices is to display content the user hasn't economically paid for, with Glider the user has already paid for seeing all of the content.
The intended purpose of the law was to protect revenue streams of companies by ensuring that users pay for access to copyrightable works. Blizzard is using the law in this instance to protect their revenue stream by preventing other players from quitting the game, not using it to ensure that unauthorized users don't have access.
The real problem is that Blizzard is saying 'This using broke the cheating rule, therefore they were in violation of the EULA, therefore they weren't an authorized user, therefore any attempt to go around that protection is against the law', but glider's primary purpose is to allow cheating.
(A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;
Circumventing Warden is not the primary purpose of Glider, but rather is a secondary function in order to allow the primary purpose.
coondoggie's profile website in is networkworld.com Roland's links to his blogs are rarely if ever the primary source for the submission, but rather a 'for more information...'
The law is a human invention. Society could, theoretically, wave a wand and vastly reduce the complexity of the legal system. The point which the GP is bemoaning is that the law has become so complex it requires a great deal of education to navigate it properly. There is no reason that a legal system must be as complex as it is.
The human body, by contrast, is a innately a vastly complex machine which cannot be made less complex than it is.
What's the purpose of caller ID after I've picked up the phone? I'm not going to talk to some challenge response bot if I'm someone who needs to be IDd and screened anyway.
You're still vulnerable to a MitM attack the first time that you get the cert. That's the *reason* the 'Accept this certificate' screen pops up in the first place, because you're getting a certificate signed by a certificate authority that your computer doesn't recognize/trust, and it needs validation from the user before accepting the certificate.
The purpose of a third party signing a certificate is because that third party's public key and certificate came on my computer when I received it from the manufacturer, and I (supposedly, at least) trust that third party to provide signed certificates only to the right people (i.e. providing the ebay.com cert only to ebay).
As far as SSH, if you don't already have the public key of your SSH server, or it isn't given to you in a cert signed by someone whose public key you do have on your computer, you *are* vulnerable to a MitM type attack. Note the Wikipedia entry on SSH Security Concerns regarding public keys.
SSL can't stop a man-in-the-middle attack without certificates signed by third party both participants trust. ISPs, by their very definition, are in the perfect place to perform a man-in-the-middle attack. What would be much more effective is symmetric encryption on files, with the encryption key stored in an attached CAPTCHA.
You don't have to make it impossible for ISPs to see what is being transferred, only make it so hard that it's no longer economically feasible for them to do so.
As much as I dislike Microsoft, at least they create new products. All these guys generate is headaches, and frustration without contributing to society.
Macbook Pro's have been out for over a year now, and after Intel's flaw with the Pentium FPU, they've gotten very good about formally verifying their processors. It's hard to call it first-gen hardware by now.
netcat is a far, far better utility for such activities. Telnet has formatting, and all kinds of control characters. You can interect much better with netcat.
I like how the guy from the Tribune implies that Google is making money off Google News.
Last I checked, Google News had no ads and was free, which means it's raking in $0 dollars in profit. Why in the world would Google pay to index newspaper articles when it isn't making any money off of it? I can understand getting upset if Google is using those snippings to make a profit (even though it may be covered by Fair Use in some jurisdictions)
Seriously though. They're redirecting traffic to newspapers and not making money off it. Talk about biting the hand that feeds you.
Obviously not all the government is bad at computer security. Clearly the GAO had to know what 'right' is to be able to criticize the FBI for not having adequate security measures.
It's not that the government is filled with people that don't have a clue, but rather that the technically able people usually get frustrated by bureaucracy, politics, and poor management.
C is just the next highest step above assembly if you don't use standard libaries. C is still the de facto standard for embedded systems, drivers, and kernel modules. The only thing likely to replace C is a similarly low-level language with more useful features.
Re:Why Does Encryption Need to "Scramble" Informat
on
A Mighty Number Falls
·
· Score: 1
What you're describing is basically a home grown encryption algorithm. Reverse engineering an encryption algorithm is (relatively) trivial if you have access to one of the programs generating the 'language'.
Now, given that most encryption algorithms developed by expert cryptographers prove to have chips and sometimes holes in them, what odds do you think a non-cryptographer has of making even a half-decent algorithm?
Clearly you missed the entire point of the video, which was to explain and demonstrate fair use at the same time. There's no trademark infringment because it is *clearly* not associated with Disney (not only is there a message clearly disclaiming it, the message is up 5 seconds before the trademark even appears).
The video falls under fair use as it makes brief use of copyrighted works in an educational manner, and doesn't devalue any of the material that it uses in its clips.
I wouldn't be surprised if they weren't hoping for a DMCA takedown notice by Disney.
Uhhh, XM owns the broadcasting equipment and the frequency that it's carried over (in the US). Opie's right to free speech ends at XMs right to choose who uses their property.
By that same analogy, should I have the right to spraypaint 'BUSH SUCKS' on all the billboards I can? I mean, it's obviously political speech, something well within normally constitutionally protected bounds.
Even if you get offended over this, pick and choose your battles. He didn't even get canned for something he said off the air. XM disagreed with what he did on their airtime, and they had every right to can him. You miss his show? Cancel your subscription.
How could there be no mention in this article of Title 18 1029, 1030, 2510, and 2701, which, among other things, makes most of the following illegal in most circumstances
Possession of counterfeit credentials involving interstate commerce, such as credit card numbers
Accessing a computer in an unauthorized manner
Gaining privileges in excess of those otherwise granted
Unauthorized wiretaps
While our ability to exercise certain rights is important, let us not forget that we also need the ability to restrict others from trespass and fraud.
Actually, this kind of crap goes away when you stop using NULL terminated strings and put in size checks.
It's a much more complex problem than simply using 'safe' functions. People don't always put the correct size into the size field, and there are entire classes of exploits, e.g. format string vulnerabilities, that don't use the traditional buffer overflow mechanism at all.
I've heard that the BSD folks have a saying that a bug is just an attack nobody has the intelligence to turn into an exploit yet. I take it you've never written code that crashes?
It seems to me that the threat of a lawsuit unless one pays up is exactly what constitutes extortion. Anyone know of any cases where people are standing up and taking legal action against the RIAA/corporations the RIAA is representing?
They still have to develop the firmware for people who don't want to flash their router with third party firmware, and just want to plug it in and have it work. Because they develop the firmware in house, you're paying for the 'cost' of developing the firmware no matter what's installed on the router. Also because it's developed in house, they gain nothing by leaving it off the router. Lastly, you're complicating the production process by introducing a new line onto the market.
That would have appealed to the unix crowd, and would have been almost as confusing when reading out the URL (http colon slash slash dot slash dot org).
Looks like it even gets easily mistyped when written out, too;)
The judge resides in the U.S., while the hacker is Canadian. The U.S. would have to ask for him to be extradited, and Canada would have to approve. Given how this guy is supposedly doing a justice for society, such an extradition request would be extremely politically uncomfortable for both U.S. and Canadian politicians.
Slashdot Mirror
So if the phone is lawfully taken as evidence, the police shouldn't be able to employ ways to prevent you from tampering with it?
As private citizens we do certainly have an expectation of privacy, with the realization that right can be abridged with DUE PROCESS of law. Are you saying that if I'm caught on the phone after a bank heist, the police shouldn't be able to see who I called from that phone?
This is one part of the article that I don't have any problems with the cops' behavior.
Last time I filled my car up with gas I've put in the wrong ZIP code, and been forced to take my card to the attendant. I suspect that they actually check it, but if its after hours and no attendant is available would rather have the sale than send you to a different gas station. They probably assume (correctly) that you'd rather take the 30 seconds and take it inside than get back in your car and drive somewhere else.
How is it bad behavior? His step-daughter will almost certainly read it, and it had some value in context.
Without knowing his step-daughter, it's hard for us to pass judgement on him. Kids don't change much past 17, and sometimes you have to call a lemon a lemon.
Anyone that is already using Glider already has the ability to see any of the encounters in the game. While the purpose of other copyright-circumventing devices is to display content the user hasn't economically paid for, with Glider the user has already paid for seeing all of the content.
The intended purpose of the law was to protect revenue streams of companies by ensuring that users pay for access to copyrightable works. Blizzard is using the law in this instance to protect their revenue stream by preventing other players from quitting the game, not using it to ensure that unauthorized users don't have access.
The real problem is that Blizzard is saying 'This using broke the cheating rule, therefore they were in violation of the EULA, therefore they weren't an authorized user, therefore any attempt to go around that protection is against the law', but glider's primary purpose is to allow cheating.
(A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;
Circumventing Warden is not the primary purpose of Glider, but rather is a secondary function in order to allow the primary purpose.
coondoggie's profile website in is networkworld.com Roland's links to his blogs are rarely if ever the primary source for the submission, but rather a 'for more information...'
The human body, by contrast, is a innately a vastly complex machine which cannot be made less complex than it is.
What's the purpose of caller ID after I've picked up the phone? I'm not going to talk to some challenge response bot if I'm someone who needs to be IDd and screened anyway.
The purpose of a third party signing a certificate is because that third party's public key and certificate came on my computer when I received it from the manufacturer, and I (supposedly, at least) trust that third party to provide signed certificates only to the right people (i.e. providing the ebay.com cert only to ebay).
As far as SSH, if you don't already have the public key of your SSH server, or it isn't given to you in a cert signed by someone whose public key you do have on your computer, you *are* vulnerable to a MitM type attack. Note the Wikipedia entry on SSH Security Concerns regarding public keys.
You don't have to make it impossible for ISPs to see what is being transferred, only make it so hard that it's no longer economically feasible for them to do so.
As much as I dislike Microsoft, at least they create new products. All these guys generate is headaches, and frustration without contributing to society.
Macbook Pro's have been out for over a year now, and after Intel's flaw with the Pentium FPU, they've gotten very good about formally verifying their processors. It's hard to call it first-gen hardware by now.
netcat is a far, far better utility for such activities. Telnet has formatting, and all kinds of control characters. You can interect much better with netcat.
Last I checked, Google News had no ads and was free, which means it's raking in $0 dollars in profit. Why in the world would Google pay to index newspaper articles when it isn't making any money off of it? I can understand getting upset if Google is using those snippings to make a profit (even though it may be covered by Fair Use in some jurisdictions)
Seriously though. They're redirecting traffic to newspapers and not making money off it. Talk about biting the hand that feeds you.
It's not that the government is filled with people that don't have a clue, but rather that the technically able people usually get frustrated by bureaucracy, politics, and poor management.
C is just the next highest step above assembly if you don't use standard libaries. C is still the de facto standard for embedded systems, drivers, and kernel modules. The only thing likely to replace C is a similarly low-level language with more useful features.
What you're describing is basically a home grown encryption algorithm. Reverse engineering an encryption algorithm is (relatively) trivial if you have access to one of the programs generating the 'language'. Now, given that most encryption algorithms developed by expert cryptographers prove to have chips and sometimes holes in them, what odds do you think a non-cryptographer has of making even a half-decent algorithm?
The video falls under fair use as it makes brief use of copyrighted works in an educational manner, and doesn't devalue any of the material that it uses in its clips.
I wouldn't be surprised if they weren't hoping for a DMCA takedown notice by Disney.
By that same analogy, should I have the right to spraypaint 'BUSH SUCKS' on all the billboards I can? I mean, it's obviously political speech, something well within normally constitutionally protected bounds.
Even if you get offended over this, pick and choose your battles. He didn't even get canned for something he said off the air. XM disagreed with what he did on their airtime, and they had every right to can him. You miss his show? Cancel your subscription.
If you're going to base64 encode it, just do it right and encode the bytes themselves. CfkRAp1041vYQVbFY1aIwA==
- Possession of counterfeit credentials involving interstate commerce, such as credit card numbers
- Accessing a computer in an unauthorized manner
- Gaining privileges in excess of those otherwise granted
- Unauthorized wiretaps
While our ability to exercise certain rights is important, let us not forget that we also need the ability to restrict others from trespass and fraud.It's a much more complex problem than simply using 'safe' functions. People don't always put the correct size into the size field, and there are entire classes of exploits, e.g. format string vulnerabilities, that don't use the traditional buffer overflow mechanism at all.
I've heard that the BSD folks have a saying that a bug is just an attack nobody has the intelligence to turn into an exploit yet. I take it you've never written code that crashes?
It seems to me that the threat of a lawsuit unless one pays up is exactly what constitutes extortion. Anyone know of any cases where people are standing up and taking legal action against the RIAA/corporations the RIAA is representing?
They still have to develop the firmware for people who don't want to flash their router with third party firmware, and just want to plug it in and have it work. Because they develop the firmware in house, you're paying for the 'cost' of developing the firmware no matter what's installed on the router. Also because it's developed in house, they gain nothing by leaving it off the router. Lastly, you're complicating the production process by introducing a new line onto the market.
Looks like it even gets easily mistyped when written out, too ;)
The judge resides in the U.S., while the hacker is Canadian. The U.S. would have to ask for him to be extradited, and Canada would have to approve. Given how this guy is supposedly doing a justice for society, such an extradition request would be extremely politically uncomfortable for both U.S. and Canadian politicians.