Slashdot Mirror


User: Antique+Geekmeister

Antique+Geekmeister's activity in the archive.

Stories
0
Comments
7,305
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,305

  1. Re:hacking != cracking on Microsoft Employee Allegedly Hacked AltaVista · · Score: 1

    Right, here we have Claims about media laziness and mindlessness from someone who can't spell "misinformed" or "researched" or "primadonna" in a 100 word essay. Try mastering spelling before you complain about someone else's grammar: your lack of writing skill for the English language discredits any claim you might make about correct usage. What do you do for a hobby to write so badly and make you think you have a right to criticize someone for using common dictionary meanings for words? Write Kirk/Spock "slash" fiction, with yourself sandwiched in the middle of every story? Or fill out your income taxes in Klingon?

  2. Re:Been there before on Microsoft Employee Allegedly Hacked AltaVista · · Score: 1

    Take a look at the guts of the kernel if you can get source access, read any of the dozens of reference books on the history and the guts of Win9x, *THOUSANDS* of web page references, and the Calder DRDOS lawsuit concerning the way Microsoft claimed that Win9x wouldn't run on anyone else's version of DOS, and later added detection code in Win95 to complain at you if you ran it on top of another DOS. Don't mistake later features of DOS, added for many operational reasons and necessary for Win3.11 and the later Win9x and WinME, for an actual change away from that core kernel. It's mostly a man behind a marketing curtain with a megaphone, saying "pay no attention to that Caldera DRDOS kernel that supports Win9x even better than ours!"

  3. Re:Seems like this is happening a lot lately... on Microsoft Employee Allegedly Hacked AltaVista · · Score: 1

    Check your references. Google reports plenty like this one, describing the attempt by DEC to port VMS to an alternative hardware platform. http://www3.sympatico.ca/n.rieck/docs/Windows-NT_i s_VMS_re-implemented.html

  4. Re:I'll take the Ph.D., thank you on Too Few American Scientists? Maybe Not · · Score: 2, Insightful

    Yeah, but you gotta feed your family and kids. And your addiction to techno-gadgets, unless your workplace buys them for you.....

  5. Re:MBA is not the end all be all on Too Few American Scientists? Maybe Not · · Score: 5, Insightful

    Yes, plenty of people would spend 6+ years studying something they have no passion for or stink at. Being a student itself is often a short career, rather than what you do when you get *out* of school.

    Plenty of people who got into computer science in the dotcom boom realized how much they wanted to do something else, and are frankly much happier now making less money. They made an educated guess during college about their talents and careers, and it turned out wrong.

    Bless the people who were such programmers, web designers, etc. and who are now doing great jobs as artists, plumbers, teachers, etc., etc.

  6. Re:hacking != cracking on Microsoft Employee Allegedly Hacked AltaVista · · Score: 2, Insightful

    I'm sorry, but when 90% of the population uses a word a certain way, that's what it means, even if the technical among us recognize vital distinctions among the different words.

    Calling them morons doesn't help. Explaining the difference to newbies might help.

  7. Re:Be Honest on Microsoft Employee Allegedly Hacked AltaVista · · Score: 1

    I don't keep such copies, except where the code was open source and published on an externally accessible FTP or HTTP site with the awareness of management. *Ever*. It's really fiscally and legally dangerous to do so. Mind you, I've been contacted on the phone and asked to find it a year later, and told the company which dumptapes to use to recover the files. Friend, take those CD's and do the microwave treatment on them. Make those trophies into flowerpots, because if you ever use extensive code from such proprietary systems you can be held criminally liable. Or give them back to the companies you took them from, because you are risking your freedom and your professional reputation by keeping those.

  8. Re:what really happened on Microsoft Employee Allegedly Hacked AltaVista · · Score: 1

    Unless you've gotten a chance to examine both sets of code, you've really gotten no chance to determine just how much he transplanted into MSN's search engine, do you? The best way to actually know it's been used or not is to be the author of course. You wouldn't be the author of both sets of code, would you? Someone stupid enough to break into his old workplace machines and steal code wouldn't be stupid enough to pop up on /. and pretend innocence, would he? Either way, as you say, being smart, or even pleasant, doesn't make you common-sense smart. And it most certainly doesn't make you honest or innocent. (It also doesn't teach you how to punctuate the phrase "common-sense smart". The article says Mr. Chavet's passport has been seized: maybe it's time for you to brush up on your English?) This case can, in theory, force Microsoft to expose the potentially stolen code to either Altavista or at least to the judge and some legal/computer experts to see if it is in fact stolen. *THAT* would demonstrate whether the code is in fact stolen. In fact, I'd recommend using Eric Raymond's "shred" utility to compare the code bases. But no one should take an unverifiable, anonymous, "he's too smart to do that kind of theft" claim about someone already shown to be a thief and a cracker. How anyone can pretend that such behavior is "harmless" or "innocent" is beyond me.

  9. Re:Similarity on Microsoft Employee Allegedly Hacked AltaVista · · Score: 1

    I'll grant Microsoft this small credit: they may not have known or realized that this employee had or would steal code from his old workplace. It would be interesting to get the guy's testimony, and compare it to his manager's and co-worker's, without allowing them to speak together and work up a story. But it helps a lot if your public and repeated corporate attitude is "write your own code, give credit and copyright notices when needed". If you don't make that kind of policy clear, and enforce it, you foster an environment where this can happen a lot. And it's clear that Microsoft does not foster this attitude, from their lengthy and extensive history of such theft, usually settled out of court in closed settlements for lots of reasons. It's also clear that they're happy to make outrageous copyright and ownership claims if it fosters their business case: take a look at Microsoft's corporate sponsorship of SCO and its lawsuits against Linux development companies like IBM to show how they use their corporate legal power to frighten and harass competitors. SCO's alleged financial status figures show that the money keeping them afloat in the midst of all the huge legal bills is the money from Microsoft partnerships. And unfortunately for Mr. Chavet, using an old account most certainly counts as "hacking". He had NDA's and various commercial relationships with his old company: he and they knew he was no longer authorized to poke around: he used an old or someone else's account.

  10. Re:Been there before on Microsoft Employee Allegedly Hacked AltaVista · · Score: 1

    This claim is wildly, wildly, wildly mistaken. Please actually look up the VMS source code theft from DEC by David Cutler, and its role in the release of NT. And keep in mind that Windows 2000 is actually NT 2.0, mislabeled, as opposed to the Windows 3.x and Win9x and WinME, which are a graphical interface living on top of DOS.

    The reason you don't see screaming about that anymore in court is not because it wasn't stolen: it's because the case was settled out of court years ago, when DEC really loathed court cases and thought they could continue innovating to be one step ahead of the thieves. (The thieves got better at it, unfortunately.)

    That source code theft is fairly apparent to former DEC employees, VMS code authors, who've glanced at the released Windows code. Unfortunately, for various copyright and trade secret reasons, they're quite reluctant to analyze it in depth, and David Cutler hired away his old VMS development team to work at Microsoft. Analyzing it in court would take another 5 years and many millions in court costs before another hand-selected by Microsoft cretinous judge like Judge White in the anti-trust case, and probably amount in only another slap-on-the-wrist in return for them many millions spent in court.

    Even the most honest company can go out of business fast standing in front of the chainsaw-laden legal power of Microsoft. It's sad, but it's amazingly difficult to convict a company that big that is so involved in the US economy, especially when the President and the Attorney General are both so pro-business.

  11. Re:Seems like this is happening a lot lately... on Microsoft Employee Allegedly Hacked AltaVista · · Score: 5, Informative

    It's also not a new practice for Microsoft. Examine the David Cutler case, where Microsoft hired away one of the core developers of VMS to help create a new, server class operating system. That new operating system was called "NT", and Mr. Cutler hired away his old team from DEC and pasted in quite a lot code from the planned but cancelled "Prism" release of VMS. The lawsuits were quite nasty, and DEC decided not to press for triple damages on every copy of NT sold in return for NT always being supported on the new Alpha chips from DEC. Of course, Intel then stole the technologies of the Alpha to use in the Pentium IV, so that guarantee became pretty useless pretty soon, and the NT on Alpha actually never worked well due to its lack of support. But hey, better to settle for a pittance in out-of-court settlement rather than actually make the thieves pay for it by breaking their fiscal back in court, right? After all, what's good for a big business is good for America, right? And it's better to let a thief get away with it and save your lawyer's fees than make sure they can never do it again and teach a valuable lesson to other large corporations, right? The hard lessons of David Cutler stealing VMS to create NT worked really well to prevent Intel stealing the Alpha technologies to create the Pentium IV, right?

  12. Re:What have they got to lose... on GIF Slips Away From Unisys; Your Move, IBM · · Score: 1

    Sure it can be called "lossless". You can save and transform and resave it as an image and not throw away any of your original data.

    PNG is cool, but it just has nowhere near the common usage and tool availability of GIF. We can indeed blame the popularity of Windows and its limited capability Internet Explorer web browser for the lack of PNG support, but as others pointed out, the lack of animation for PNG will prevent its use to replace GIF. And more than 246 colors really doesn't matter for most web or other animation, so GIF will remain extensively iNET e for the foreseeable future.

  13. Re:What have they got to lose... on GIF Slips Away From Unisys; Your Move, IBM · · Score: 1

    Bettor or not, GIF is still *the* standard for lossless image displays. This is partly due to its extremely common and well supported usage for web pages.

    IBM also has many, many more patents than they really need. It's a very powerful defensive tool for when they are accused of patent infringement: they can say "but you violated *our* patents, and they're worth a lot more than yours in this case, so if you sue us you will lost". They've tried to be good about licensing patents, but their patent vault or library is *HUGE*.

    Opening up a patent due to expire in order to foster development in this would be very helpful to my friends working in various digital video fields, fostering their use of superior open source or freeware tools to create actual, sellable content.

  14. Re:SPF is well marketed.... on Lead Developer of SPF Anti-Spam Scheme Interviewed · · Score: 1

    Every statement is incorrect with the original TXT DNS implementation of SPF. Unfortunately, adding in the Microsoft CID handling may add enough complexity with its use of XML to make bits of it conceivably true. But the TXT DNS handling is part and parcel of normal DNS handling: the original DNS query for the domain used to log the incoming SMTP connection's real hostname and do forward DNS and reverse-PTR lookups for most mail servers can trivially accomodate the additional TXT lookup. The only way to block TXT DNS records is to block DNS, period.

  15. Re:spf? on Lead Developer of SPF Anti-Spam Scheme Interviewed · · Score: 1

    Too late. The new Microsoft CallerID system is already XML based, which is causing a great deal of contention among the developers who are furious at having to support a very complex and unnecessary protocol simply in order to allow people to steal CID keys from Microsoft's customers to send their spam. The "CID" keys are going to correlate very highly with actually being spam, probably even more than those "haiku" headers or the "click here to remove" entries do.

  16. Re:SPF on Lead Developer of SPF Anti-Spam Scheme Interviewed · · Score: 3, Insightful

    Your understanding is close. Those domains that *decide to* publish SPF records, Microsoft CID tickets, etc. will do so. The new software proposals will support both, although the SPF domain setup is vastly lighter weight.

    For the foreseeable future, if you don't publish SPF, your email will still work. But if you do publish SPF, you help prevent forgery of your domain's name by spammers, people doing "joe jobs" to get you in trouble, and all the damn virus and worm email lately that pretends to be from you and gets you all the irritating bounces.

    Because SPF acts in the first few packets sent in forged email, in the "MAIL FROM" line of SMTP transmissions that is normally processed via DNS to list the claimed name of the incoming host and its real domain name, there's very, very little extra processing and you can drop blocked connections extremely quickly. This can save a huge load from your mail server, which is a huge deal for domains like aol.com and hotmail.com and big sites whose mail servers are being hammered.

    Remember, over 50% of all email is now spam. Anything so lightweight that will block so much of it for those of us who use that tool, and force the rest of the email to be so much more easily tracked as being from a forgery friendly domain, is a big deal. This also helps put a spike in the growth of "zombied" machines, by helping prevent them from being able to forge valid user's domains. Coupled with mail servers that insist that your domain does, in fact, exist in order to claim that your mail is from a real domain, it helps quite a lot.

  17. Re:So on Can A Bounty System Cure Spam? · · Score: 1

    Unfortunately, VMS is dead as an OS and has been for years. There were simply never enough applications developed for typical users to justify continuing development, despite the significant features of its kernel (many of which were stolen by David Cutler at DEC when Microsoft hired him, and brought over to use for developing NT).

    VMS and its ilk remains secure to this day because very little user-space software is actually developed or run on it, not becuase of the underlying security of the OS. UNIX has problems, but the very flat text file format and ASCII handling you decry as insecure are key features that make it usable and robust for new development, by keeping the formats and characteristics of files as simple as feasible.

  18. Re:So on Can A Bounty System Cure Spam? · · Score: 1

    This will do you little good. Various user machines will be zombied and ujsed within microseconds: Russian gangs are apparently selling lists of zombied machines to spammers to raise cash. Also, UNIX and TCP/IP are not VMS or OS/390. Comparing them this way is silly. VMS and OS/390 were more secure because no one *ran* any user services on them if they could avoid it.

  19. Re:This is crazy on Can A Bounty System Cure Spam? · · Score: 1

    Take a look at US Criminal Code, Section 18, paragraph 2701 for the Junk Fax Law for an example of how spam could be properly regulated. Unfortunately, the Direct Marketing Association has blocked every attempt in the US to get the law extended to include "unsolicited bulk communications", or plain old spam whether it's an ad or not.

  20. Re:Cure 81 doesn't work, try #82.... on Can A Bounty System Cure Spam? · · Score: 5, Informative

    Actually, far more than 50% of the spammers are in the US. The Spam Conference at MIT went into this in some depth. The US is where the bandwidth and the money are, it's where connectivity is plentiful and easy to get without showing legitimate ID, etc. So most of the spammers are there.

    But you're quite right that almost all spam is trivially trackable to where the spammer wants the money to go. Unfortunately, the CANSPAM act just made it nearly impossible to go after spammers in court, reserving that ability to federal authorities who couldn't find their own IP address if you burned it on their asses with a branding iron.

  21. Re:Cost of stock options on Should Companies Expense Stock Options? · · Score: 1

    Unfortunately, options are often used to practice fraud on employees, via management lying to the employees and by the VP's and upper management being able to manipulate the company's behavior and announcements to benefit their own, vastly larger slice of the fiscal pie, especially by knowing in advance when information that will cause all employees to be in a sales blackout will be announced and being able to do their buying, selling, and negotiations before the blackout.

    And unfortunately, options are like lottery tickets. They usually *don't* pay off, but people keep hoping their hot new company will be the big sweepstakes winner and their options will cash in big time.

    To avoid this confusion, options should not exist *at all*. The companies should be giving the employees value that can be measured: real stock. It's measurable, it is directly expensed, and it has far more value to the recipient. It also reduces the stock manipulations available to those with executive knowledge by diluting their inside knowledge among a bunch of people who actually know the company.

  22. Re:We should be more surprised on Intel Recalls New Chipset-Based Motherboards · · Score: 1

    It's not more frequent because Intel has, for many years, stolen leading technologies from more cutting edge developers. Unfortunately, now that DEC is out of businnes and the Alpha technologies entirely sold off to Intel rather than merely stolen bit-by-bit for P4 development, they're running out of other leaders to do their beta testing for them by actually developing the new product, then having Intel steal it.

    So they're running into the underlying costs of doing your own development: Surprise, surprise, surprise!

  23. Re:If the DMCA was repealed... on Boucher's Anti-DMCA Bill Gets High Profile Allies · · Score: 2, Insightful

    I copy CD's for backup regularly. Not so much for music, but for software. Also, the DMCA prevents "Fair Use" of *any* of the protected material, which is clearly preventing lawful use of the material in question. Be very careful fo the DMCA. It's use can encourage such abortions as the Microsoft "Palladium" project, designed to give the BIOS encrypted and "secure" control of all hardware based on registered keys, and thus preventing you from being able to use software or video or music without getting keys from the manufacturers. The key handling can also be used to prevent you from booting other operating systems, swapping your DVD drive to one without the copy-protection hardware built in, running unregistered DVD software that might defeat the copy protection, and in the process breaking lots of other things. It's *nasty*.

  24. Re:How many times do people have to be told on Lessons Learned From Blaster · · Score: 1

    Thank you for the offer, I'm set. Procmail is your friend for this, and there are plenty of published tools for doing this as procmail or Perl script. The "small payload" test is usually valid, but I'm waiting for some smart ass to start using bulky attachments to help worm-transmit a DOS against mail servers by bogging them down with many thousands of 1 Megabyte attachments.

  25. Re:Enterprise Level on Report From "Get The Facts" · · Score: 1

    I've actually run MS Exchange and an SQL server on the same machine. Of course, I did it on a 2 GHz, 2 Gig of RAM box running PostgresQL under Linux, using VMWare to run the Exchange server via a VNC session to allow me to detach or reconnect to it remotely and slap the Exchange server in the head as needed. And I carefully ran the Exchange server on a FAT32 file system on a distinct installed disk, to allow native Linux access to the FAT32 filesystem for better control of the system. But hey, I'm a masochist.