The idea that we should give up some of our freedoms to be safer is worrisome because it's a slippery slope. There's also discussion in the US of postponing elections because the terrorists might be planning to strike the polls. (Isn't this disturbingly similar to the way Hitler assumed power?)
On one hand, who can argue with the idea that the government should be able to thwart terrorist attacks? One the other, where does the freedom-for-safety exchange end?
I'm sort of imagining seeing video of Britney Spears saying, "I think we should just have faith in Diebold." (Sort of like the footage we saw in Fahrenheit 9/11 supporting Bush.) Now that would inspire some confidence.
Thanks, I took a look at this, but it mostly seems to be just listings from public phonebooks. I'm suspecting that DMV/Census data has quite a bit more information, e.g. the information on people with unlisted numbers.
Bloggers as Journalists
on
We the Media
·
· Score: 1
I'm curious about the implications of bloggers being considered journalists. They're getting some press passes, e.g., to the Democratic National Convention, and the better ones have some readership. However, are they then subject to the same legal issues that more traditional media have to deal with? If a blogger gets something wrong, could they be slapped with a libel suit? What about invasion of privacy for writing about people they know who are not public figures?
You must not be as inherently honest as I am.
Probably not.
I didn't know any valid zip codes other than my own.
I think 90210 is popular for that reason.:) Also, I remember zip and area codes from places I used to live or have visited.
It's real easy to run the data against a universal name and address database to get the people who put in real info. Heck, I think the government even sells it as census data. If not, It's the state DMV.
That's a little disturbing - sounds like it would be as helpful to stalkers as it would be to marketing companies.
I'd love to talk with a sysadmin to find the amount of fakes though. I bet it's less than 25% real info.
I'd also be curious about the proportion of fake data.
It's also easier to just type in stuff at random than it is to answer the questions accurately. I'm curious whether the data the companies collect this way is as valuable as they assume it is.
But, buyers are seldom "perfectly rational." Once someone bids on an item, the bidder forms an attachment to it -- when outbid, there's a competition with the other bidders. Bidders rationalize raising their previous "maximum price", because they really want the item, and "maybe it's worth more than I thought."
I think you're right. On a side note, it's fascinated me to watch the drama surrounding some of the Greek pins on Ebay. Some members got very concerned about "rescuing" their organization's pins from outsiders, and as a result, the prices have jumped. http://college3.nytimes.com/guests/articles/2002/0 8/11/1029512.xml
The article says There also are risks to opening the technology vault. EBay has to contend with a legion of "auction snipers," Web sites that automatically enter preset bids during the waning seconds of auctions.
Is this really much of a problem? Ebay itself has functionality that allows users to enter the maximum that they're willing to pay, and it auto-increments their bid based on this. Also, even if bid-sniping was a major issue, there have been scripts around for a long time that do this.
As the first article notes, there are some FCC rules about antenna use within the US. Would the Defcon product be within these limits? The Wired article didn't seem to say.
Well, realistically, I think the US would be quite interested in defending Australia because it 1) has some military bases there, and 2) has crucial technology (e.g., satellite listening posts) that allow it to "observe" what's going on in other parts of the world.
So if the company claims ownership of anything you come up with, even if it's not related to your work, does that mean that they're also liable for it? Imagine John Q Public worked for FacelessCorp, and they had such an agreement. What if John's after-hours hobby included virus creation and one of them caused a big problem? Is FacelessCorp liable since they claim to "own" it?
Oh, I wasn't denying that Vegas (at least at one time) had a mob presence.:) I just meant that the Gaming Commission apparently excluded the two-bit operators who'd been caught cheating (which I thought might correspond to the script kiddies).
It's hard to swallow the idea that blackhats are only concerned about encouraging admins to patch their systems. It's like vandalizing someone's property and then claming that you were only trying to motivate them to improve their security. I mean, how heartwarming.
As far as the message board exploit, sure, most people would prefer the path of least resistance. However, not everyone has the skill to write customized exploits - it sounds like most script kiddies don't. The prepackaged scripts and blackhat tools make it possible for those with limited technical knowledge to still do damage. And there are a *lot* of clueless people out there.
I'm doubting that it would be the folks who've been caught cheating, but I've been wrong before. It sounds like the Nevada Gaming Commission regulates gaming employees. http://gaming.nv.gov/
Re:Just one thing that very few learn...
on
Blackhat/Defcon Report
·
· Score: 3, Insightful
One real security problem is that the complexity of attacks is increased, but the difficulty of launching them has decreased. The more skilled hackers create scripts or point-and-click tools, and the script kiddies can use them without having to know much about what they're doing. One book had a transcript of a conversation from an irc hacking channel, and some of the "hackers" seemed to be lacking in basic knowledge. For example, one of them wasn't too sure how to mount a second hard drive in Linux.
I'm not sure what motivates the more talented black hats to create easy-to-use programs for script kiddies. Someone suggested that they didn't want to bother deploying them. It also occurred to me that the script kiddies would be more likely to get caught and prosecuted if anything went wrong.
I've heard of "hactivists" targeting child pornography sites. This makes a little more sense. But vandalizing a legal website, even one you disagree with, seems childish and malicious.
Re:Just one thing that very few learn...
on
Blackhat/Defcon Report
·
· Score: 5, Insightful
To paraphase Gene Spafford when he talked about the idea of hiring hackers as security experts, an arsonist isn't necessarily well-qualified to be on a fire department.
Just as a side note, the US and Australia have been allies for years. Australia hosts US military and surveillance operations. This was mentioned in The Falcon and the Snowman, where the US intelligence was using a station in Alice Springs (Australia) to gather signals from Rhyolite intelligence satellites. According to the book, the US had promised to share everything with the Australians but apparently didn't do this. However, Australia seems to be quite tolerant, and is still cooperating with US military and intelligence.
Slashdot Mirror
The idea that we should give up some of our freedoms to be safer is worrisome because it's a slippery slope. There's also discussion in the US of postponing elections because the terrorists might be planning to strike the polls. (Isn't this disturbingly similar to the way Hitler assumed power?)
On one hand, who can argue with the idea that the government should be able to thwart terrorist attacks? One the other, where does the freedom-for-safety exchange end?
I'm sort of imagining seeing video of Britney Spears saying, "I think we should just have faith in Diebold." (Sort of like the footage we saw in Fahrenheit 9/11 supporting Bush.) Now that would inspire some confidence.
Yeah, we should put Katherine Harris (Florida's Secretary of State during the 2000 election) in charge of online voting too! Problem solved.
Thanks, I took a look at this, but it mostly seems to be just listings from public phonebooks. I'm suspecting that DMV/Census data has quite a bit more information, e.g. the information on people with unlisted numbers.
I'm curious about the implications of bloggers being considered journalists. They're getting some press passes, e.g., to the Democratic National Convention, and the better ones have some readership. However, are they then subject to the same legal issues that more traditional media have to deal with? If a blogger gets something wrong, could they be slapped with a libel suit? What about invasion of privacy for writing about people they know who are not public figures?
You must not be as inherently honest as I am.
:) Also, I remember zip and area codes from places I used to live or have visited.
Probably not.
I didn't know any valid zip codes other than my own.
I think 90210 is popular for that reason.
It's real easy to run the data against a universal name and address database to get the people who put in real info. Heck, I think the government even sells it as census data. If not, It's the state DMV.
That's a little disturbing - sounds like it would be as helpful to stalkers as it would be to marketing companies.
I'd love to talk with a sysadmin to find the amount of fakes though. I bet it's less than 25% real info.
I'd also be curious about the proportion of fake data.
It's also easier to just type in stuff at random than it is to answer the questions accurately. I'm curious whether the data the companies collect this way is as valuable as they assume it is.
But, buyers are seldom "perfectly rational." Once someone bids on an item, the bidder forms an attachment to it -- when outbid, there's a competition with the other bidders. Bidders rationalize raising their previous "maximum price", because they really want the item, and "maybe it's worth more than I thought."
0 8/11/1029512.xml
I think you're right. On a side note, it's fascinated me to watch the drama surrounding some of the Greek pins on Ebay. Some members got very concerned about "rescuing" their organization's pins from outsiders, and as a result, the prices have jumped. http://college3.nytimes.com/guests/articles/2002/
The article says
There also are risks to opening the technology vault. EBay has to contend with a legion of "auction snipers," Web sites that automatically enter preset bids during the waning seconds of auctions.
Is this really much of a problem? Ebay itself has functionality that allows users to enter the maximum that they're willing to pay, and it auto-increments their bid based on this. Also, even if bid-sniping was a major issue, there have been scripts around for a long time that do this.
Here's an article about using a surplus Primestar Dish to make an IEEE 802.11 wireless antenna http://www.wwc.edu/~frohro/Airport/Primestar/Prime star.html
e star/
Here's another one. http://www5.cs.cornell.edu/~eckstrom/802.11a/prim
As the first article notes, there are some FCC rules about antenna use within the US. Would the Defcon product be within these limits? The Wired article didn't seem to say.
Well, realistically, I think the US would be quite interested in defending Australia because it 1) has some military bases there, and 2) has crucial technology (e.g., satellite listening posts) that allow it to "observe" what's going on in other parts of the world.
So if the company claims ownership of anything you come up with, even if it's not related to your work, does that mean that they're also liable for it? Imagine John Q Public worked for FacelessCorp, and they had such an agreement. What if John's after-hours hobby included virus creation and one of them caused a big problem? Is FacelessCorp liable since they claim to "own" it?
Can you tell me where you live? I'd like to never move there.
Oh, I wasn't denying that Vegas (at least at one time) had a mob presence. :) I just meant that the Gaming Commission apparently excluded the two-bit operators who'd been caught cheating (which I thought might correspond to the script kiddies).
It's hard to swallow the idea that blackhats are only concerned about encouraging admins to patch their systems. It's like vandalizing someone's property and then claming that you were only trying to motivate them to improve their security. I mean, how heartwarming.
As far as the message board exploit, sure, most people would prefer the path of least resistance. However, not everyone has the skill to write customized exploits - it sounds like most script kiddies don't. The prepackaged scripts and blackhat tools make it possible for those with limited technical knowledge to still do damage. And there are a *lot* of clueless people out there.
I'm doubting that it would be the folks who've been caught cheating, but I've been wrong before. It sounds like the Nevada Gaming Commission regulates gaming employees. http://gaming.nv.gov/
One real security problem is that the complexity of attacks is increased, but the difficulty of launching them has decreased. The more skilled hackers create scripts or point-and-click tools, and the script kiddies can use them without having to know much about what they're doing. One book had a transcript of a conversation from an irc hacking channel, and some of the "hackers" seemed to be lacking in basic knowledge. For example, one of them wasn't too sure how to mount a second hard drive in Linux.
I'm not sure what motivates the more talented black hats to create easy-to-use programs for script kiddies. Someone suggested that they didn't want to bother deploying them. It also occurred to me that the script kiddies would be more likely to get caught and prosecuted if anything went wrong.
I've heard of "hactivists" targeting child pornography sites. This makes a little more sense. But vandalizing a legal website, even one you disagree with, seems childish and malicious.
To paraphase Gene Spafford when he talked about the idea of hiring hackers as security experts, an arsonist isn't necessarily well-qualified to be on a fire department.
Just as a side note, the US and Australia have been allies for years. Australia hosts US military and surveillance operations. This was mentioned in The Falcon and the Snowman, where the US intelligence was using a station in Alice Springs (Australia) to gather signals from Rhyolite intelligence satellites. According to the book, the US had promised to share everything with the Australians but apparently didn't do this. However, Australia seems to be quite tolerant, and is still cooperating with US military and intelligence.
Now that could be lucrative. They could have popup ads selling a product to make "SideSearch" go away, and that's where the real money could be made.
I just took a look at the Lycos website. Loud ads AND search functionality for a mere $105 million? What a steal!
Oh great, so will the operator be required to drive very aggressively? What kind of money will they make in tips?
If we don't have the biggest TV screens for p0rn, the terrorists have already won!