i've seen my slashdot posts show up when i search for my website's name on google... so it obviously indexes the signature along with the message content (why wouldn't it? it's part of the HTML page)...
Yeah, I agree, actually. I posted that original post in a joking manner, I have no clue why it was modded interesting/informative and not "funny" at all.. I mean hell, I *did* put the ";)" smiley face and everything to indicate the humour-relatedness...
But yeah I'm actually glad those things were aired. Other related products like AirSnort and Ethereal have been featured on there too, which is awesome. Network security awareness is extremely low among the average PC user. My cousin who's had a computer for a year didn't understand that you can prevent internet-spreading viruses from infecting your comp by simply putting a firewall between you and the net. It's a pretty basic concept and he hadn't heard a thing about it after a year of having his own computer...
Nah, that's what Windows is for! Or any game written in the past 4 years... wanna burn those CPU cycles? Just bust out a copy of Halo: Combat Evolved and watch your CPU struggle to reach 20fps
However, I did manage to find an OEM Win XP Pro (SP1) full for $133 US here... but it's OEM and you can only buy it with the purchase of hardware... plus it's only that low due to a sale that ends today.
But yeah, either way, you're right: Win XP Pro upgrade doesn't cost $199. It costs around $220.
Sweet, people actually play that? A band I like (Funker Vogt), which I saw a live concert of last year, made music for it... probably a theme song. It's called Subspace if you want to search for it online or whatever.:)
How long is it going to take before people realize that corporations creating "standards" is just their way of ensuring that people continue to buy their proprietary non-"open" products?
Sorry, I'll stick with my impossible-to-control-or-limit mp3 technology, thanks. I don't care if it has to be "licensed", mp3 codecs are downloadable and usable very easily with no technical limitations at all, and that's exactly what I've been doing for quite some time now.
If legal issues arise with the mp3 format I'll just use Ogg Vorbis.
Why waste my time dealing with DRM bullshit like corporate-controlled statistics and tracking, and even worse, waste CPU time encoding the extra data used to for all of that when ripping my CDs to disk?
Also, not being able to play a WMA file on my Mac because they don't make the newer Windows Media Player for older Mac OSes is just stupid. Microsoft's "standards" cut off previous systems and formats, and we all know it. Personally, if they're going to go so far as to use DRM-enabled BIOSes, I'll stick with my 1.5ghz system, regardless of how "fast" computers get. If I'm required to use a DRM-enabled system to get online, well, guess I'll have to resort to these.
Also, my household has numerous computers of varying platforms and OSes. I'm not going to segregate my network by eliminating the current interoperability I experience by using software that isn't crippled or even better, is designed to work with other software by default.
In the end, it's just marketing. MS doesn't care about our "security". It's to protect their profits and their stranglehold upon the IT scene... this is just blatantly obvious, and I'm disappointed that people don't see this.
A few final things to consider: in the end, who does this benefit? Do we really need DRM? Are you willing to make the privacy-related sacrifices neccesary to attain the benefits supposedly only attained through DRM?
Yeah, back in 1999 until recently that was pretty much standard on Hotline servers... it got to the point though where server admins were making it like "go to [this page] and [whatever word] is the first half of the login, [whatever word] on [this page] is the second half, [some other word] on [this page] is the first half of the password".... etc. etc. to the point where you'd be clicking 4 or more of this guy's banners to get in. Then they'd change the fuckin words weekly or daily to force users to keep clicking the banners all the time.
Luckily someone found a bug in the Windows HL server which allowed malicious users to gain full and essentially unrestricted access to the server's drives (as long as you had an account with upload/download). You could upload a shortcut (.lnk) file to their C drive or whatever drive you wanted (had to be uploaded with a non-Windows OS/client), download the admin's userdata from the server folder, decrypt the password, and yeah, there you go.
So some friends and I used to go around and fuck up these servers by renaming folders, making hundreds of bogus folders, renaming the server directory so no one could connect, etc. and depending on the severity of the admin's asshole-ness, erase all the user accounts and news and so on.
Nowadays I wouldn't do that, but I was a pissed off teenager and I was glad to destroy something that I felt was morally wrong or at least somewhat on the shady/dishonest side of things...
I remember on a Hotline server I used to hang out on, some guys wrote their own HTTP client programs to visit these click-through pages and they'd just leave the apps running while they went to work/school etc.
They actually had hand-coded apps for a few different pay-per-click companies and the programs actually worked.
I'm guessing they probably used proxies (Wingates most likely, back in the good ol' days when the broad existence of completely open proxies was newly discovered knowledge) so as to generate unique hits and whatnot.
I think they were written in RealBasic though, not perl.
I doubt it's a matter of the system not being broken. I'd say it's just more likely that Kevin is a decent guy at heart, and that's what allows/allowed him to learn from his unwise choices.
One other thing - breaking the law doesn't exactly make a person a "criminal"; they aren't suddenly some evil hateful person who only does bad things and so on. Defining a person by their actions is easy to do and is considered "reasonable" but usually results in inaccurately classifying someone's whole personality and overlooking other aspects of his or her personality and behaviour.
Indeed, I just recently installed and ran Rhapsody on an x86 system of mine. The networking didn't work properly (due to lack of a proper driver), but it was kind of cool, and I suppose in some way ironic, to have an Apple OS running on an Intel processor...:)
It was interesting, but it felt kind of awkward with the NeXT influence just kind of thrown in there, because it didn't really fit in with the Mac OS interface.
You can definitely see how Rhapsody became Mac OS X, as Rhapsody was based upon the Mach kernel just like Rhapsody, and NeXT before it. I think one place where Apple made a large change is when they decided to have the UNIX side further integrated into the Mac OS itself, creating a closer-knit combination of the two, rather than having them so seperate and awkward-feeling as it was with Rhapsody.
Of course, you can see that many NeXT and Rhapsody elements survived, like the layout of the File Manager which is almost identical in OS X to what was in Rhapsody and NeXT.
Also, here's something pretty interesting: screenshots of Mac OS X server before the Aqua GUI was added, still existant on the Apple website!
Re:WEP (in)security assumptions
on
Wi-Fi in the Sky
·
· Score: 3, Informative
One thing is, though, that you can actually try dictionary or brute-force password cracking on individual packets, so you could just capture a few packets and do a dictionary or brute-force crack in the comfort of your own home, or even just leave it to your 2ghz home desktop to do the cracking while you're at work or whatever.
You can see an explanation of this here, with a detailed explanation of how you could potentially crack a WEP key in half a minute...
Of course, brute-forcing a 104-bit key is going to take a long time, but the point is that you can do it without sitting outside some business' office overnight.;)
Re:WEP (in)security assumptions
on
Wi-Fi in the Sky
·
· Score: 4, Interesting
I was waiting for someone to mention this...
The ONLY security WEP provides is merely delaying any would-be 'hacker'.
Simply sit within the range of a wireless network with your laptop, collect enough packets with Ethereal or a similar tool, and you'll have the AP's WEP key.
Proof of concept: WEPCrack, open source program for cracking WEP keys from tcpdump, prismdump or ethereal captures.
For detailed info on why WEP is insecure, go here. Plenty of info on various types of Wifi attacks and vulnerabilities.
Re:Kismet Superiority
on
Wi-Fi in the Sky
·
· Score: 5, Informative
Netstumbler won't report APs which aren't broadcasting their SSID in the beacon frame, whereas Kismet will. This makes a huge difference as many users are going to choose the option to make their AP "stealth" since they think it'll keep their AP hidden from "hackers" and war-drivers and the likes.
Re:How much info? - Plenty
on
Wi-Fi in the Sky
·
· Score: 5, Informative
To quote the book "Maximum Wireless Security" from Sams Publishing:
Many Access Points have the ability to be configured in a stealth mode, thus "disabling the beacon" as one of their options. In reality, the beacon frame is still sent every 100 milliseconds--only the SSID has been removed.
Information made available by a single beacon frame, one of which is sent 10 times a second:
A couple seconds is all you need.. hell, even a split second is long enough to capture many packets of data.
I've heard many times of people wardriving on the freeway, so speed isn't really the issue...
I'd consider the altitude a significant issue, although the radio waves would travel pretty far with almost no interference whatsoever through completely open air...
Well, regardless of this whole "quicker & cheaper" attitude, you get out of something what you put into it, 90% of the time.
Sure, you can have your $3/hr programmers, but when you create a brand new game that doesn't even outperform Quake 1, no one's going to buy it anyways. The initial investment was indeed less, but the return will be next to nothing.
If companies would just take a risk and get decent experienced programmers, they'd sell way more, and make more money. That's just how business works, you get skilled employees, and you get a quality product!
I don't understand from a practical perspective why companies would even consider producing a crappy product for a moment, when we all know it'll get bad reviews, it will be called "crap" through word of mouth, and people will just generally be disappointed with the product. It defeats the whole purpose of even having a software company if all you're going to create is half-assed garbage (unless you're a shareware developer)...
I mean, compare quality software like WarCraft 2 to all the WC2 ripoffs that no one really cares about or remembers the names of (I know I can't remember any of them at all)... WC2 was a super bestseller and will probably be remembered by gamers for years. Those "other" games? They were crap and everyone knew it. Their sales were nothing compared to WarCraft 2.
The best way to combat piracy is make quality products. If they're good, people will buy them, and so-called "losses" due to "piracy" will be negligible.
I've always found from personal experience that software (and music) piracy tends to be a form of advertisement for software. The last three games I bought only because I played pirated versions first, and realized they were worth my spending $50 (or more) on for the online play (or otherwise increased functionality).
In some way, though, I guess piracy can hinder the profits of some games' sales, due to the games just being crappy overall. If people play pirated versions of these crappy games and end up hating them when they might have otherwise just gone out and bought the game before playing it, there are some lost sales.
All this really makes me realize though, is that piracy almost 'weeds out' the crappy software and promotes the sale of quality software, or at least software that most people like (doesn't always mean quality though).
I think the reason lots of companies complain is that their software sucks and no one likes it. Because everyone gets to "preview" it through piracy, they all realize the game (or whatever software product) is totally not worth the cost of a few visits to a favorite restaurant, or whatever preferred method of expenditure of $50... They'd rather keep their money for a better game or just something more worth spending the money on, after having actually played the game.
So, essentially because everyone can play the full version software without paying for it, whether they actually buy it or not pretty much depends on whether they like the game or not. If companies are losing sales to piracy, it's because people don't like their game (regardless of what the "reviews" said).
Well, if the name should be as intuitive as the software itself, the name is perfect (as I already cracked a joke about in the previous comment).
However, I agree.. many F/OSS apps have pretty silly or non-professional names (for instance a VNC client called "Chicken of the VNC", we had a good laugh about that here at work) which I'm sure most businesses would feel nearly embarrassed to use.
"So, what do you guys use to get this great look?" "Um.. the gimp." "What?" "Uhhh.. Photoshop!"
Anyway, many linux apps' names are a play on words, so I don't see why GIMP ought to have a different name. Plus the GUI is all GIMPed up anyways. Oooo.. *slaps knee*
Slashdot Mirror
i've seen my slashdot posts show up when i search for my website's name on google... so it obviously indexes the signature along with the message content (why wouldn't it? it's part of the HTML page)...
Yeah, I agree, actually. I posted that original post in a joking manner, I have no clue why it was modded interesting/informative and not "funny" at all.. I mean hell, I *did* put the ";)" smiley face and everything to indicate the humour-relatedness...
But yeah I'm actually glad those things were aired. Other related products like AirSnort and Ethereal have been featured on there too, which is awesome. Network security awareness is extremely low among the average PC user. My cousin who's had a computer for a year didn't understand that you can prevent internet-spreading viruses from infecting your comp by simply putting a firewall between you and the net. It's a pretty basic concept and he hadn't heard a thing about it after a year of having his own computer...
Hmm, I think we can see why at least one employee would be "let go"... Reading your coworkers' AIM conversations and talking about it on TV would probably do it (watch the video clip). Stumbling their Wifi access points might have something to do with it, too...
Nah, that's what Windows is for! Or any game written in the past 4 years... wanna burn those CPU cycles? Just bust out a copy of Halo: Combat Evolved and watch your CPU struggle to reach 20fps
What are you talking about? What "store" are you talking about?
This looks like more than [the CAN equivalent of] $99.99 US to me ($449 CAN for Win XP Pro full)...
XP Pro Upgrade... $299.99 canadian.
However, I did manage to find an OEM Win XP Pro (SP1) full for $133 US here... but it's OEM and you can only buy it with the purchase of hardware... plus it's only that low due to a sale that ends today.
But yeah, either way, you're right: Win XP Pro upgrade doesn't cost $199. It costs around $220.
Sweet, people actually play that? A band I like (Funker Vogt), which I saw a live concert of last year, made music for it... probably a theme song. It's called Subspace if you want to search for it online or whatever. :)
How long is it going to take before people realize that corporations creating "standards" is just their way of ensuring that people continue to buy their proprietary non-"open" products?
Sorry, I'll stick with my impossible-to-control-or-limit mp3 technology, thanks. I don't care if it has to be "licensed", mp3 codecs are downloadable and usable very easily with no technical limitations at all, and that's exactly what I've been doing for quite some time now.
If legal issues arise with the mp3 format I'll just use Ogg Vorbis.
Why waste my time dealing with DRM bullshit like corporate-controlled statistics and tracking, and even worse, waste CPU time encoding the extra data used to for all of that when ripping my CDs to disk?
Also, not being able to play a WMA file on my Mac because they don't make the newer Windows Media Player for older Mac OSes is just stupid. Microsoft's "standards" cut off previous systems and formats, and we all know it. Personally, if they're going to go so far as to use DRM-enabled BIOSes, I'll stick with my 1.5ghz system, regardless of how "fast" computers get. If I'm required to use a DRM-enabled system to get online, well, guess I'll have to resort to these.
Also, my household has numerous computers of varying platforms and OSes. I'm not going to segregate my network by eliminating the current interoperability I experience by using software that isn't crippled or even better, is designed to work with other software by default.
In the end, it's just marketing. MS doesn't care about our "security". It's to protect their profits and their stranglehold upon the IT scene... this is just blatantly obvious, and I'm disappointed that people don't see this.
A few final things to consider: in the end, who does this benefit? Do we really need DRM? Are you willing to make the privacy-related sacrifices neccesary to attain the benefits supposedly only attained through DRM?
Yeah, back in 1999 until recently that was pretty much standard on Hotline servers... it got to the point though where server admins were making it like "go to [this page] and [whatever word] is the first half of the login, [whatever word] on [this page] is the second half, [some other word] on [this page] is the first half of the password".... etc. etc. to the point where you'd be clicking 4 or more of this guy's banners to get in. Then they'd change the fuckin words weekly or daily to force users to keep clicking the banners all the time.
Luckily someone found a bug in the Windows HL server which allowed malicious users to gain full and essentially unrestricted access to the server's drives (as long as you had an account with upload/download). You could upload a shortcut (.lnk) file to their C drive or whatever drive you wanted (had to be uploaded with a non-Windows OS/client), download the admin's userdata from the server folder, decrypt the password, and yeah, there you go.
So some friends and I used to go around and fuck up these servers by renaming folders, making hundreds of bogus folders, renaming the server directory so no one could connect, etc. and depending on the severity of the admin's asshole-ness, erase all the user accounts and news and so on.
Nowadays I wouldn't do that, but I was a pissed off teenager and I was glad to destroy something that I felt was morally wrong or at least somewhat on the shady/dishonest side of things...
I remember on a Hotline server I used to hang out on, some guys wrote their own HTTP client programs to visit these click-through pages and they'd just leave the apps running while they went to work/school etc.
They actually had hand-coded apps for a few different pay-per-click companies and the programs actually worked.
I'm guessing they probably used proxies (Wingates most likely, back in the good ol' days when the broad existence of completely open proxies was newly discovered knowledge) so as to generate unique hits and whatnot.
I think they were written in RealBasic though, not perl.
I'm almost starting to feel bad for the guy...
Ahh, nevermind.
I doubt it's a matter of the system not being broken. I'd say it's just more likely that Kevin is a decent guy at heart, and that's what allows/allowed him to learn from his unwise choices.
One other thing - breaking the law doesn't exactly make a person a "criminal"; they aren't suddenly some evil hateful person who only does bad things and so on. Defining a person by their actions is easy to do and is considered "reasonable" but usually results in inaccurately classifying someone's whole personality and overlooking other aspects of his or her personality and behaviour.
You can definitely see how Rhapsody became Mac OS X, as Rhapsody was based upon the Mach kernel just like Rhapsody, and NeXT before it.
;)
I meant "as Mac OS X is based upon the Mach kernel just like Rhapsody and NeXT before it."
Woops.
Indeed, I just recently installed and ran Rhapsody on an x86 system of mine. The networking didn't work properly (due to lack of a proper driver), but it was kind of cool, and I suppose in some way ironic, to have an Apple OS running on an Intel processor... :)
It was interesting, but it felt kind of awkward with the NeXT influence just kind of thrown in there, because it didn't really fit in with the Mac OS interface.
You can definitely see how Rhapsody became Mac OS X, as Rhapsody was based upon the Mach kernel just like Rhapsody, and NeXT before it. I think one place where Apple made a large change is when they decided to have the UNIX side further integrated into the Mac OS itself, creating a closer-knit combination of the two, rather than having them so seperate and awkward-feeling as it was with Rhapsody.
Of course, you can see that many NeXT and Rhapsody elements survived, like the layout of the File Manager which is almost identical in OS X to what was in Rhapsody and NeXT.
For some screenshots go here or here.
Also, here's something pretty interesting: screenshots of Mac OS X server before the Aqua GUI was added, still existant on the Apple website!
One thing is, though, that you can actually try dictionary or brute-force password cracking on individual packets, so you could just capture a few packets and do a dictionary or brute-force crack in the comfort of your own home, or even just leave it to your 2ghz home desktop to do the cracking while you're at work or whatever.
;)
You can see an explanation of this here, with a detailed explanation of how you could potentially crack a WEP key in half a minute...
Of course, brute-forcing a 104-bit key is going to take a long time, but the point is that you can do it without sitting outside some business' office overnight.
I was waiting for someone to mention this...
The ONLY security WEP provides is merely delaying any would-be 'hacker'.
Simply sit within the range of a wireless network with your laptop, collect enough packets with Ethereal or a similar tool, and you'll have the AP's WEP key.
Proof of concept: WEPCrack, open source program for cracking WEP keys from tcpdump, prismdump or ethereal captures.
For detailed info on why WEP is insecure, go here. Plenty of info on various types of Wifi attacks and vulnerabilities.
Netstumbler won't report APs which aren't broadcasting their SSID in the beacon frame, whereas Kismet will. This makes a huge difference as many users are going to choose the option to make their AP "stealth" since they think it'll keep their AP hidden from "hackers" and war-drivers and the likes.
Many Access Points have the ability to be configured in a stealth mode, thus "disabling the beacon" as one of their options. In reality, the beacon frame is still sent every 100 milliseconds--only the SSID has been removed.
Information made available by a single beacon frame, one of which is sent 10 times a second:
A couple seconds is all you need.. hell, even a split second is long enough to capture many packets of data.
I've heard many times of people wardriving on the freeway, so speed isn't really the issue...
I'd consider the altitude a significant issue, although the radio waves would travel pretty far with almost no interference whatsoever through completely open air...
Well, regardless of this whole "quicker & cheaper" attitude, you get out of something what you put into it, 90% of the time.
Sure, you can have your $3/hr programmers, but when you create a brand new game that doesn't even outperform Quake 1, no one's going to buy it anyways. The initial investment was indeed less, but the return will be next to nothing.
If companies would just take a risk and get decent experienced programmers, they'd sell way more, and make more money. That's just how business works, you get skilled employees, and you get a quality product!
I don't understand from a practical perspective why companies would even consider producing a crappy product for a moment, when we all know it'll get bad reviews, it will be called "crap" through word of mouth, and people will just generally be disappointed with the product. It defeats the whole purpose of even having a software company if all you're going to create is half-assed garbage (unless you're a shareware developer)...
I mean, compare quality software like WarCraft 2 to all the WC2 ripoffs that no one really cares about or remembers the names of (I know I can't remember any of them at all)... WC2 was a super bestseller and will probably be remembered by gamers for years. Those "other" games? They were crap and everyone knew it. Their sales were nothing compared to WarCraft 2.
The best way to combat piracy is make quality products. If they're good, people will buy them, and so-called "losses" due to "piracy" will be negligible.
I've always found from personal experience that software (and music) piracy tends to be a form of advertisement for software. The last three games I bought only because I played pirated versions first, and realized they were worth my spending $50 (or more) on for the online play (or otherwise increased functionality).
In some way, though, I guess piracy can hinder the profits of some games' sales, due to the games just being crappy overall. If people play pirated versions of these crappy games and end up hating them when they might have otherwise just gone out and bought the game before playing it, there are some lost sales.
All this really makes me realize though, is that piracy almost 'weeds out' the crappy software and promotes the sale of quality software, or at least software that most people like (doesn't always mean quality though).
I think the reason lots of companies complain is that their software sucks and no one likes it. Because everyone gets to "preview" it through piracy, they all realize the game (or whatever software product) is totally not worth the cost of a few visits to a favorite restaurant, or whatever preferred method of expenditure of $50... They'd rather keep their money for a better game or just something more worth spending the money on, after having actually played the game.
So, essentially because everyone can play the full version software without paying for it, whether they actually buy it or not pretty much depends on whether they like the game or not. If companies are losing sales to piracy, it's because people don't like their game (regardless of what the "reviews" said).
Well, if the name should be as intuitive as the software itself, the name is perfect (as I already cracked a joke about in the previous comment).
However, I agree.. many F/OSS apps have pretty silly or non-professional names (for instance a VNC client called "Chicken of the VNC", we had a good laugh about that here at work) which I'm sure most businesses would feel nearly embarrassed to use.
"So, what do you guys use to get this great look?"
"Um.. the gimp."
"What?"
"Uhhh.. Photoshop!"
If your app's UI is retarded and confusing, and counter-productive, no one's going to use it unless they have to... that's all there is to it.
Yeah, but the MacOS GUI is logical...
Take some people who've never used computers before, and let *them* decide which is more usable between MacOS' GUI and GIMP's...
GIMP = GNU Image Manipulation Program
Anyway, many linux apps' names are a play on words, so I don't see why GIMP ought to have a different name. Plus the GUI is all GIMPed up anyways. Oooo.. *slaps knee*