Most businesses that get hacked surely do the right thing and inform customers.
Heck, even some spammers do it. Look at this choice piece from buystainlessonline, it's hilarous:
From sales@buystainlessonline.com Tue Oct 22 15:46:16 2002
Return-Path: <sales@buystainlessonline.com>
Received: from xxxxxx.xxxxxxxx.xx (xxxxxx.xxxxxxxx.xx [xxx.xxx.xx.xxx])
by xxxxxx.xxx.xx (8.12.3/8.12.3/SuSE Linux 0.6) with ESMTP id g9MDkJVR020365
for <xxxxxx@xxxxxxxxxx.xxx.xx>; Tue, 22 Oct 2002 15:46:24 +0200
Received: from linuxpow.com (IDENT:qmailr@linuxpow.com [12.149.2.10])
by xxxxxx.xxxxxxxx.xx (8.11.6/8.11.6) with SMTP id g9MDkFQ16222
for <xxxxx@xxxxx.xx>; Tue, 22 Oct 2002 15:46:16 +0200
Date: Tue, 22 Oct 2002 15:46:16 +0200
Message-Id: <200210221346.g9MDkFQ16222@xxxxxx.xxxxxxxx.xx&g t;
Received: (qmail 13748 invoked from network); 22 Oct 2002 12:08:48 -0000
Received: from buystainlessonline.com (HELO ) (nobody@12.149.2.55)
by mail.buystainlessonline.com with SMTP; 22 Oct 2002 12:08:48 -0000
Subject: HACKERS ATTACKED...E-MAILS TO RESUME... PLEASE READ
To: xxxxx@xxxxx.xx
From: "BuyStainlessOnline.com" <sales@buystainlessonline.com>
Content-Type:
X-UID: 468
ATTENTION! This email will be sent twice before we resume our weekly newsletter.
Over the course of the last year, our E-mail system was attacked by HACKERS twice, resulting in the corruption of our marketing system. If you are on this E-mail list and did not request to be, please be ADVISED that this is your opportunity to be REMOVED. We have been going through our E-mail database for the last 3 months to fix errors, this has stopped us from sending our regular e-mail THE STAINLESS STEEL NETWORK. We have done our best to "CLEAN" our list. If you are getting this and wish to be removed, this is your chance. Effective 10/28/02, we will resume sending this email weekly. If you wish to be removed, click the LINK below. If you use AOL, you must COPY and PASTE the link into the browser (http://). This will remove you immediately.
Thank you for your time!
Mgmt
www.BuyStainlessOnline.com
Your Place for Stainless Today.
International 215.604.5922
Fax 215.638.4960
Click Here to REGISTER!
https://www.buystainlessonline.com/registration/re gistration.php
Unsubscribe By clicking below:
http://www.buystainlessonline.com/email/mail.php?a ction=delete&eval=125410&email=xxxxx@xxxxx.xx
Seems like some net vigilante typed 'or 1=1-- or something of that ilk into the spammer's remove link, or whatever...
I suggested a repeating pattern rather than zeroes because some UNIX systems represent an all-zero file cluster by not allocating the cluster at all. A file that contains such a cluster is called a "sparse file".
Not when writeing these zeroes. Sparse files are created by skipping over the sectors (using fseek), and then actually writing the last sector. Or, alternatively, by truncating the file to a bigger size than it currently is.
The cat/dev/zero >hugefile trick won't create a sparse file. But be careful with it on certain older versions of reiserfs: these can't deal with 100% full disks, and may mix up a couple of files in the process.
Re:Ghost is worth the money
on
Ghost for Unix
·
· Score: 2
The multicast console kicks ass -- I can ghost a tonne of workstations at one time and not kill the network.
Yeah, but Linux tools such as udpcast can do this too, and much faster as well (70 Mbps on a 100 Mbps network!)
Also, ghost understands filesystems and not raw blocks. I don't understand why reading the raw data is an advantage -- you get images the size of your hard disk or partition instead of the size of the data.
Point granted. However, udpcast is able to compress the data from the disk before it sends it out to the network, thus mitigating the effect of "almost empty" partitions. Those unused sectors will most probably be full of binary zeroes, which compress to almost nothing.
Re:g4u source code mirror
on
Ghost for Unix
·
· Score: 4, Interesting
server.sh:
cat/dev/hda | nc -l -p 5030
client.sh:
nc server 5030 >/dev/hda
This works fine, as long as you have only one receiver (client). No imagine a school who wants to image a whole classroom of 25 machines at once. Your solution will consume 25 times the bandwidth, because it will open 25 point-to-point links!
A better solution would be to use udpcast which uses Ethernet's multicast abilities to allow all PC's to be loaded from the same stream of data.
I do my backups with a stock NetBSD boot disk and dd to an NFS partition. So nyeah.
But that way you can't do any multicast. If you now want to restore your image on a whole classroom of PC's at once, each of the receiver PC's will ask for each sector on its own, and the whole thing slows down to a crawl. Not to mention that even with only one machine, NFS's performance is not exactly stellar...
Re:Alternatives
on
Ghost for Unix
·
· Score: 3, Informative
But the link states that it can be used with all file systems, which is something i have yet to see in other utilities.
Udpcast handles any filesystem just fine. Indeed, it reads directly from the device, and is thus able to handle even filesystems that are not supported by Linux. And in order to handle the case of "almost empty" partition, it supports compressed transfers: the empty, zero-filled sectors compress to almost nothing, and thus don't consume any bandwidth.
In a case of mere theft, the bank would indeed (probably) reimburse you, they are not paypal after all;-)
However, there are more things that a hacker could do than just stealing the money from your account. He could for instance reveal the data to the tax administration, and you could possibly get into lots of trouble over this.
Maybe not a big concern in the US, where the IRS has access to this information anyways, but here in Europe, this is a big issue: many countries' tax administration would pay huge amounts to get at customer lists of banks of neighboring countries, just to check that their own citizens don't have any secret stashes of dough there.
For instance, if a person goes from a Monster.com search page to his Yahoo mail account, Yahoo now knows where the person is looking for a job, what type of job he is looking for, etc. (it's all encoded in the URL). Yahoo also has access to his address book and all his email messages.
Unless he got to his yahoo mail account by clicking on a link that he found at moster.com (highly unlikely), this won't happen. On most of today's browsers, if you enter an URL manually, or if you use your bookmarks, the referer field will be empty, rather than containing whatever page happened to be displayed in the browser window. It's called referer for a reason.
Some old versions of netscape sometimes did funny things with the referer, but who continues using netscape 3.01 nowadays?
In Germany, and I believe in other EU countries, there is a law against mass lawsuits clearly designed to get money -- this is called an "Abmahnwelle" in Germany (literally means "wave of suits"). If some lawyer or company tried something like this, they'd get reprimanded and possibly even disbarred in Germany.
But then, how does Gravenreuth away with doing exactly that?
If databases really are so scary to HIPAA, then how can these "cheap Viagra" online pharmacies get away with it? These e-commerce sites are often backed by databases which hold the data that customers type into the online forms used to grant or deny the prescription. These forms include medical details such as allergies, past surgeries, various medical conditions such as Herpes, misc cardiovascular problems, etc.
Re:Hate to rain on the protest march...
on
Airborne Mouse
·
· Score: 1
Sounds very tiring, but might be useful in cramped spaces where no desk is available (cars, airliners, ect)
What if the car takes a turn? Would the gyros also react to that?
but I suspect it would be very possible, in say, the next 20 or so years that it will be in our neighborhood. It takes 90+ years to complete a cycle;
It has two "near" points to the earth (ahead and behind). Thus wouldn't it take 45+ years (rather than 20) until it gets close enough again? 20 years would put it at the farthest possible distance.
<sarcasm>
Or, we could make processors with more levels of priviliges. Ah, hell, put the string functions in the chip. Screw that, let's put the kernel in a chip.
</sarcasm>
Don't laught: the common Intel processor does indeed have four levels of privilege (even though most OS actually only use two of them...). And yes, it does have special opcodes for strings (REP MOVB) too. Only thing that is still missing seems to be the kernel integrated on a chip... Ah, the beauty of CISC.
one of the lab assistants was dipping the Oreos he was eating in the nitro before taking each bite (he was using long handled clamps for the dipping...)
Why bother with clamps? Fingers are quite adequate due to the Leidenfrost effect: body heat will evaporate the liquid nitrogen on contact, forming a nice protective film. We did that in university when experimenting with ceramic supraconductors. Clamps were provided, but we quickly noticed that they were not actually needed... Don't overdo it though, or you might discover some cute yellow stains on your fingers...
Here in Sweden automated next-in-line ticket machines are everywhere, and having to suffer them one major flaw comes immediately to light; lower efficiency.
In France and in Luxembourg we have those too, and usually people are reasonably fast to react when their number comes up.
Big advantage of such systems: you get the ticket for the meat counter, you see that it's at least 15 numbers until your turn, so you can get your other groceries while "waiting" (of course, if you're not back in time, you lose your place, so you use your judgment).
Other advantage: if there are several counters, the system manages a global queue, so no "gosh, the queue to my left is moving faster, but it's to late to change now".
Looks more efficient (and fair) to me, at least from the individual customer's point of view.
Re:You're comparing a car to an aircraft?
on
The Coming Air Age
·
· Score: 2
Before that is possible, the blades of Ka-50's co-axial rotor are jettisoned with little explosive charges.
I seem to remember that other types of helicopters solve the same problem by ejecting sideways rather than up.
Of course, department stores keep a watch over their sweaters. They don't try to make a business model out of, for example: Leaving piles of sweaters unattended at busy street corners, with a sign saying "Sweaters $39.99. Please take one and put your cash payment in this evelope"
In Denmark, they sell fruit jam and honey this way. Just a table with the jars, and a small slotted lockbox to put the cash in. I guess in some places people are more honest than in others.
Yeah, that is, except for all the diesel fuel burned by the farming machinery
Why not run the farming machinery on alcohol or on canola oil as well? Short range of these fuels should be of a lesser issue for farming machinery than for planes or cars, so this looks like a perfect use for these new fuels!
and the coal fuel burned to produce the electricity for the refinement process.
Slashdot Mirror
Would they only go into red lights, or also into the green ones?
Maybe because the hacker himself might have reported it to zone-h?
Heck, even some spammers do it. Look at this choice piece from buystainlessonline, it's hilarous:
Seems like some net vigilante typed 'or 1=1-- or something of that ilk into the spammer's remove link, or whatever...
Most banks fall in that category.
Not when writeing these zeroes. Sparse files are created by skipping over the sectors (using fseek), and then actually writing the last sector. Or, alternatively, by truncating the file to a bigger size than it currently is.
The cat /dev/zero >hugefile trick won't create a sparse file. But be careful with it on certain older versions of reiserfs: these can't deal with 100% full disks, and may mix up a couple of files in the process.
Yeah, but Linux tools such as udpcast can do this too, and much faster as well (70 Mbps on a 100 Mbps network!)
Also, ghost understands filesystems and not raw blocks. I don't understand why reading the raw data is an advantage -- you get images the size of your hard disk or partition instead of the size of the data.
Point granted. However, udpcast is able to compress the data from the disk before it sends it out to the network, thus mitigating the effect of "almost empty" partitions. Those unused sectors will most probably be full of binary zeroes, which compress to almost nothing.
This works fine, as long as you have only one receiver (client). No imagine a school who wants to image a whole classroom of 25 machines at once. Your solution will consume 25 times the bandwidth, because it will open 25 point-to-point links!
A better solution would be to use udpcast which uses Ethernet's multicast abilities to allow all PC's to be loaded from the same stream of data.
But that way you can't do any multicast. If you now want to restore your image on a whole classroom of PC's at once, each of the receiver PC's will ask for each sector on its own, and the whole thing slows down to a crawl. Not to mention that even with only one machine, NFS's performance is not exactly stellar...
Udpcast handles any filesystem just fine. Indeed, it reads directly from the device, and is thus able to handle even filesystems that are not supported by Linux. And in order to handle the case of "almost empty" partition, it supports compressed transfers: the empty, zero-filled sectors compress to almost nothing, and thus don't consume any bandwidth.
However, there are more things that a hacker could do than just stealing the money from your account. He could for instance reveal the data to the tax administration, and you could possibly get into lots of trouble over this.
Maybe not a big concern in the US, where the IRS has access to this information anyways, but here in Europe, this is a big issue: many countries' tax administration would pay huge amounts to get at customer lists of banks of neighboring countries, just to check that their own citizens don't have any secret stashes of dough there.
Unless he got to his yahoo mail account by clicking on a link that he found at moster.com (highly unlikely), this won't happen. On most of today's browsers, if you enter an URL manually, or if you use your bookmarks, the referer field will be empty, rather than containing whatever page happened to be displayed in the browser window. It's called referer for a reason.
Some old versions of netscape sometimes did funny things with the referer, but who continues using netscape 3.01 nowadays?
Well at least in this case, Paypal didn't freeze the remaining $200 after the thief took $600...
But then, how does Gravenreuth away with doing exactly that?
So I guess, by looking at the rate the dupes are posted, we should see that computer in two weeks...
If databases really are so scary to HIPAA, then how can these "cheap Viagra" online pharmacies get away with it? These e-commerce sites are often backed by databases which hold the data that customers type into the online forms used to grant or deny the prescription. These forms include medical details such as allergies, past surgeries, various medical conditions such as Herpes, misc cardiovascular problems, etc.
What if the car takes a turn? Would the gyros also react to that?
It has two "near" points to the earth (ahead and behind). Thus wouldn't it take 45+ years (rather than 20) until it gets close enough again? 20 years would put it at the farthest possible distance.
... will finally come to an end?
Why bother with clamps? Fingers are quite adequate due to the Leidenfrost effect: body heat will evaporate the liquid nitrogen on contact, forming a nice protective film. We did that in university when experimenting with ceramic supraconductors. Clamps were provided, but we quickly noticed that they were not actually needed... Don't overdo it though, or you might discover some cute yellow stains on your fingers...
In France and in Luxembourg we have those too, and usually people are reasonably fast to react when their number comes up.
Big advantage of such systems: you get the ticket for the meat counter, you see that it's at least 15 numbers until your turn, so you can get your other groceries while "waiting" (of course, if you're not back in time, you lose your place, so you use your judgment).
Other advantage: if there are several counters, the system manages a global queue, so no "gosh, the queue to my left is moving faster, but it's to late to change now".
Looks more efficient (and fair) to me, at least from the individual customer's point of view.
I seem to remember that other types of helicopters solve the same problem by ejecting sideways rather than up.
In Denmark, they sell fruit jam and honey this way. Just a table with the jars, and a small slotted lockbox to put the cash in. I guess in some places people are more honest than in others.
Or maybe, it's just a honeypot for thieves?
Why not run the farming machinery on alcohol or on canola oil as well? Short range of these fuels should be of a lesser issue for farming machinery than for planes or cars, so this looks like a perfect use for these new fuels!
and the coal fuel burned to produce the electricity for the refinement process.
Use wood ;-)
Couldn't the farm equipment run on alcohol as well?