Slashdot Mirror


User: Antique+Geekmeister

Antique+Geekmeister's activity in the archive.

Stories
0
Comments
7,305
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,305

  1. Re:This could happen again ... on MelbourneIT Lapse Permitted Panix Hijack · · Score: 1

    Because then someone at Verisign would have to be awake during US business hours to handle the transfer, rather than Bangalore business hours to handle the tech support call. I'm only half kidding. Sometimes it's a lot cheaper in a corporate sense to clean up after the accidents rather than to keep from spilling the milk.

  2. Re:It doesn't look like their fault to me on MelbourneIT Lapse Permitted Panix Hijack · · Score: 1

    MelbourneIT failed to ever contact the other registrar. MelbourneIT screwed up big time.

  3. Re:Do it on Brian Hook on the ActiveX Experience · · Score: 1

    Can you put it on a web page that advertises an ActiveX based security product, so the next dozen or so CEO's and business analysts get it? And put a 37 minute time delay on it, so it's not clear what web page got them? That might demonstrate the issue and help keep them from submitting business plans that include ActiveX services.

  4. Re:ya but distros will just ignore it on LSB Submitted To ISO/IEEE · · Score: 1

    Managing /etc/sysconfig alone in SuSE requires RPM's built specifically for SuSE, no one else's RPM's will work with their system management tools and vice versa until and unless SuSE gives up on everything being managed from YaST.

    Frankly, they need to throw in the towel on YaST and hire a few webmin developers to give them a far more powerful, effective, and flexible tool that actually does the job.

  5. Re:Rogue registrars? on New York's Oldest ISP Gets Domain-Jacked · · Score: 1

    I bet they *do* host DNS for a bunch of other people, too. But the main point was to cut off a lot of DNS access to *their own* domain, since they're obviously not competent to run one.

    That would be vigilante extortion at its finest: for an example of how well this can work, look at what finally got agis.net to kick cyberpromo.com off of their network. It wasn't the multiple settled-out-of-court lawsuits against cyberpromo, it wasn't the treats at NANOG to blackhole agis.net, it was the attacks on agis.net's routers that finally got them to cut the "spamming allowed" contract with cyberpromo.net.

  6. Re:Password Recovery on New York's Oldest ISP Gets Domain-Jacked · · Score: 1

    The FBI computer crime group is one of the biggest jokes in modern law enforcement. Companies actually refer computer crime to the FBI in order to never be bothered about it again, and pretend to have done something useful.

  7. Re:Panix.com server looks like a spammers paradise on New York's Oldest ISP Gets Domain-Jacked · · Score: 1

    Don't do that! Damn it, slashdotting the DNS servers overloads them in a way that interferes with their recovery from the poisoned addresses. It can actually block the DNS zone transfers or lookups and keep the locally cached address. If you must set a check on it, reduce your frequency to something reasonable, like 15 minutes instead of 15 seconds to avoid local or upstream DNS caches from preserving old data.

  8. Re:MelbourneIT Criminals on New York's Oldest ISP Gets Domain-Jacked · · Score: 1

    You noticed that part! The sales of the panix.com mailing addresses alone can pay the thieves' bills for pulling this scam, and is a lot tougher to prove and convict anyone for than the wire fraud you are mentioning.

  9. Re:Rogue registrars? on New York's Oldest ISP Gets Domain-Jacked · · Score: 1

    A company that has no 24x7 service should not be a domain registrar for other domains, period. They have no business being in that business without an after hours contact or at least on-call support service. Blocking their DNS at the routers until they can shape up sounds like the way to correct the issue next time.

  10. Re:Panix on New York's Oldest ISP Gets Domain-Jacked · · Score: 2, Interesting

    Because BGP is a technical solution to a human problem, that of verifying users requests. And the BGP traffic is already a signifant amount of traffic to core routers: adding another layer of manipulation and complexity to them is asking for more brokenness, and many of the top-tier providers manipulate their BGP information to raise the "distance" of what are fiscally expensive routes, or to blackhole people they don't like.

    Take a look at the routing wars surrounding the various spam blackhole lists if you're curious about this.

  11. Re:This happens quite a bit... on New York's Oldest ISP Gets Domain-Jacked · · Score: 2, Informative

    The surprise isn't that such a theft happened. The surprise is that it took this long. Verisign's willingness and ability to verify their customers' identity has been a joke for years, as thousands of throwaway domains registered by spammers and other frauds have demonstrated.

    Verisign doesn't want to verify and fully identify their customers. It's a lot of work, it doesn't create extra business, and it would make the fraud domains too traceable and cost them a significant revenue source, and would make them accountable for damages when their lax policies allow such thefts. The benefit would be to legitimate customers such as panix.com, but Verisign has always been about generating new profit sources, not improving the security of current services.

    On top of Verisign's hijacking of all unassigned *.com addresses, this is another reason for ICANN to review Verisign's ownership of the .com top level servers and consider giving them to another, more reliable provider.

  12. Re:Get a clue on IBM Opens Their Patent Portfolio to Open Source · · Score: 1

    The question is "what mainframes do *not* run Linux"?

  13. Re:Basic Mechanics on Nanotech Research Works Toward Artificial Muscles · · Score: 1

    You read up first. Almost all joint machine is through muscular contraction applied to rigid elements, the bones. The points at which the muscles attach to the bone form lever arms, and the strength of the force from the muscle times the length of the attachment from the joint itself, divided by the length of the limb, gives the available force at the end of the limb. There are a few exceptions, such as the tongue muscles, but mostly they move joints.

  14. Re:What about implants? on Nanotech Research Works Toward Artificial Muscles · · Score: 1

    "Implant artificial nerves" is wildly, wildly more difficult than you seem to realize. Even the various artificial sense organs, such as the retinal implants and brain implants to provide a semblance of vision, don't do direct sensing of the nerves. No one does yet, the electrodes available don't connect to individual neurons. Electrodes that do connect to individual neurons kill the neurons over time.

  15. Re:A distributed, random web proxy? on Iran Cracks Down on Internet Sites · · Score: 1

    There were a few papers and articles published about it, about 3 years ago. Look for the keyword "ARL" for Akamai Resource Locator. It basically involves injecting a spurious http://akamaitechnologies.com header in front of the URL in question, which causes the traffic to be routed through theh Akamai servers.

    I don't know how well it works with streaming traffic, but I remember people using it to get at porn past their school's filters.

  16. Re:For closed societies on Iran Cracks Down on Internet Sites · · Score: 1

    Good point. But notice that the larger, sustainable cities and their surrounding cultures are not that Islamic.

  17. Re:There's a missing fifth fundamental freedom on Being Free is Hard to Do · · Score: 1

    I know several such available open source systems. I've been involved in running them. Don't believe everything you read from a vendor.

  18. Re:Should I bother? on Being Free is Hard to Do · · Score: 1

    Wow. Nice list. There is one point against people's use of open source tools. A lot of the "free" tools tend to suck because people didn't work on their usability, and it's hurt their marketability. This got slashdotted a while ago, when Eric Raymond wrote a long rant about open source GUI's. But there's also amazing open source projects that show the foolishness of what happens in closed, proprietary source, such as the LinuxBIOS http://www.linuxbios.org/

  19. Re:Freedom 0? on Being Free is Hard to Do · · Score: 2, Insightful

    Because it leads to fencepost errors, where the index number of the program is mistakenly used to count the number of elements in the list. You don't actually debug other people's code much, do you?

  20. Re:zerg on Iran Cracks Down on Internet Sites · · Score: 1

    Yes, Iran does. It's called FedEx, and you can trivially stuff quite a large nuke into a shipping pallet and get it delivered.

    Given the poor control of our borders that we have, and the incessant smuggling of heroin from that region, I'm sure a big chunk of cash could get a payload delivered somewhere quite interesting.

  21. Re:War? on Iran Cracks Down on Internet Sites · · Score: 1

    Don't join the National Guard for this. Join the Peace Corps, seriously. You'll do more to pacify the world, and to elevate people into freedom, more efficiently, than the National Guard can do it. And that "blood of patriets" isn't all soldiers. The Red Cross is also good if you don't want to do a full-time commitment. But joining a group where if you say "I won't do that" gets you court-martialed is potentially very bad, especially when the orders are to commit torture as we've seen in recent prison cases in Iraq.

  22. Re:For closed societies on Iran Cracks Down on Internet Sites · · Score: 1

    You're referring to them "acting cultured". Yes indeed, they have a rich and sophisticated culture. Civilized, though, in the sense of supportinig cities and living in large well-managed societies? That's another story, I think the power of the religious political leaders causes them real problems, as in Iran.

  23. Re:Not a great idea. on Iran Cracks Down on Internet Sites · · Score: 1

    You read your Che Guevara and you talk to the Afghans, who outlasted the Russians, the Palestinians who have survived the Israelies, the Jews who survived the Germans, the Iraqis who are surviving the US, the Northern Irish who survived the British. The means change all the time: carbombs seem to be in vogue right now for violent resistance. For peaceful resistance, the Internet and blogs have been wonderful ways to communicate vital information despite repressive regimes. Unfortunately, it's currently too open and trackable. The US government is seriously to blame for this, with its weirdness about encryption protocols and actively preventing the use of generally secure protocols instead of blocking encryption. And yes, they've reduced the burden of blocking crypto, but the laws are still there and still encorced against new technologies that might prevent easy email monitoring and telephone tapping and packet sniffing.

  24. Re:A distributed, random web proxy? on Iran Cracks Down on Internet Sites · · Score: 1

    Cool, good suggestion. But it's fairly easily monitored.

    Now, there's also the Akamai hack, where you rewrite your URL's into Akamai URL's, and use Akamai's distributed "content delivery network" to get around the blocks. Since it's nearly impossible to block those so-called ARL's, and lots of big sites like Yahoo and on-line gambling and porn and CNN, etc. use Akamai both for their content and for their DNS, blocking Akamai would put a serious crimp in their local access that would be noticed by everyone.

  25. Re:Yeah... Murder is illegal too... on Spamfighting Since the Death of MakeLoveNotSpam? · · Score: 1

    That won't help. The market for Amway spam, Nigerian bank fraud spam, and phishing spam will simply fill in what the Viagra companies get convicted for. The solutions have to be at the ISP level and the SMTP protocol level, because it's the only way to change the overall ease of spam and its expense to the spammer and drive them out of the business.