I'm not sure I understand what "quasi-statutory" means. I think that the whole point about this debate is that the main players are either clueless or toothless. The ACPO (http://www.acpo.police.uk/about.html) is, as you say, not a governmental organisation. The fact that it has drafted a memo that states, "We encourage Chief Crown Prosecutors and Chief Officers of Police to adopt this Memorandum" surely indicates that things are still not settled properly.
So, imagine you are working in a job that involves viewing child abuse images (if you can). Do you feel immune from prosecution because a private company claiming to represent the police has written a document encouraging the CPS to recognise your role as a useful tool in the fight against kiddie porn?
There is no agreement from the CPS in this matter. There is no license issues to the IWF, as far as anyone can make out. They are not official delegates, as you suggest.
You don't think that policy makers should understand how it works? What nonsense! You'd expect economic departments to understand economics. So why do those involved in child protection and internet security not need to understand their subject?
All this FON sharing is well and good, but it's easy to forget that many (most?) UK ADSL broadband deals that offer 'unlimited' quantities of data throughput actually employ a 'fair use' policy of nGB. While most normal users will rarely, if ever, exceed a few GB/month themselves, they are far more likely to run into problems if they open their connection to others - even if the other users are not using P2P etc.
In addition to that, the idea of allowing other people to connect to the internet through your gateway is bonkers for a number of reasons. Most consumer devices won't hold extensive logs so you don't know what your 'users' are doing or where they have come from. The forensics team won't be able to tell either. So even if you don't get prosecuted, you could be partially (morally) responsible for enabling a crime. And even if a court won't find you guilty for someone else's abuse using your connection, imagine the stress and inconvenience of going through even the initial stages of the legal process.
Imagine also the stigma of being associated with certain online crimes (hacking, child porn, credit card fraud), even if you are not charged or if you are found not guilty. Will your girlfriend/wife/colleagues look at you in the same light again? "No smoke without fire," and other unfair thoughts...
Allowing random people to connect to your network also increases the chances of them knowingly or unknowingly introducing malware to your systems. Worms bouncing around behind your firewall is not a great situation, even if you use a good desktop AV product on your PCs (and Macs to a lesser degree). Yes, you could set up a DMZ - but honestly, why bother with the hassle just to give others free and unfettered access to the connection *you* pay for?
Compare this list of inconveniences to taking the short and basic security steps of enabling WPA, hiding the SSID (I know the latter is a fairly pointless defense against a knowledgable attacker) and not handing out passphrases to your neighbours. It's a no brainer and, in terms of risk/cost, very effective.
I appreciate that sharing can be a wholesome thing, but it does not always make sense.
Sort of... According to a Register report, "Patch Tuesday update triggered Skype outage".
"Skype has blamed last week's prolonged outage on the effects of Microsoft's Patch Tuesday.
The latest security update from Microsoft required a system reboot. The effect of so many machines rebooting and subsequently trying to log onto the Skype VoIP network triggered system instability and a prolonged outage of almost two days starting on Thursday1. Services have now being restored."
That may well be the case but, as far as I can make out from the reports, this student was tasered in a different way from your acquaintance, without the electrodes being shot at him. I believe that the 'drive stun' option, where the taser is used to touch the target/victim, is less traumatic and is "like a punch".
I can't say that I would find being punched by a police man five times would clam me down any, though.
I find it very hard to believe that it is this straight-forward for one individual to potentially bring down the entire internet infrastructure. The Register reported on this story and said, "Anti-spam firm Blue Security is to cease trading after deciding its escalating conflict with a renegade spammer was placing the internet as a whole in jeopardy." It went on to say, "During an ICQ conversation, PharmaMaster told Blue Security that if he can't send spam, there will be no internet."
I suppose the most concerning part of this story is the bit where bribery appears to persuades a top ISP to make some dodgy configs:
"According to Blue Security, a renegade Russian language speaking spammer known as PharmaMaster succeeded in bribing a top-tier ISP's staff member into black holing Blue Security's former IP address (194.90.8.20) at internet backbone routers. This rendered Blue's main website inaccessible outside Israel."
One of the reasons that Windows has such a poor security record is that inexperienced users, who simply want to play games and get their email, are given access (usually at administrator level) to fully-featured operating systems. If the cut-down versions of Windows Vista keep their users away from Administrator then great - a reduction in spyware for a start. And if having smaller, more limited distributions of Windows means less junk on the hard disk and maybe faster performance, maybe even expert users might opt for it for certain uses.
The beta suffix is a brilliant marketing idea. It achieves three things:
1. Technical users are made to feel that they are at the cutting edge, which they like.
2. Technical users understand that beta technology might break, so they are more forgiving when it does.
3. During the beta phase, Google has an army of free technical beta testers.
So Google beta projects can't lose.
I agree that running big graphics jobs over Remote Desktop is unwise. However, BadAnalogyGuy suggested that students get their own copy of PS (Photoshop). They would presumably run this on their laptops, rather than over Remote Desktop. However, it doesn't make much sense to use the server for other processor-intensive tasks seeing as most modern, cheap laptops are very quick anyway. For example, my 1.6GHz Centrino is faster at video rendering than my >2GHz Dell workstation. Students should be able to get their software very cheaply using educational licenses. Or the college could provide them with it, for the duration of their courses.
This is probably the best thing that could happen. The alternative is that Microsoft includes competent anti-virus software for free, which will damage other anti-virus companies, or at least create potential conflicts between the anti-virus software included in Windows and the stuff you will prefer to install.
Of course, the other alternative where Microsoft creates an operating system resistant to the vulnerabilities used by virus writers, belongs to an alternate reality.
You do build the props for a movie before you start filming, but it's different for games. You build the engine (unless you use an already existing one), work out the rough plots etc and spiff up the graphics at any stage you like. So finishing the guns doesn't give any indication as to the level of completion of the project - neither one way not the other.
From Nasa.gov: This is a transcript of the Challenger operational recorder voice tape. It reveals the comments of Commander Francis R.Scobee, Pilot Michael J. Smith, Mission Specialist 1 Ellison S. Onizuka, and Mission Specialist 2 Judith A. Resnik for the period of T-2:05 prior to launch through approximately T+73 seconds when loss of all data occurred.
The last article listed above contains this quote: "For some time, I've been worried about the direction of PHP. As many of you know, I helped write XMB Forum and now help write UltimaBB. XMB in particular is an old code base, and UltimaBB, a descendant from XMB. I've done a lot to protect that code base from attack, and luckily, we've been missed despite some doozy and silly security issues. After writing PHP forum software for three years now, I've come to the conclusion that it is basically impossible for normal programmers to write secure PHP code. It takes far too much effort."
It's a also useful for them to do something that they hate, preferably early on. That way they realise that having an annoying co-worker in a clean and air-conditioned office is annoying but not disastrous.
I used to work in a restaurant belonging to a well-known burger chain. I was in the kitchen, having hot fat spat on my skin from the broiler, constant and shrill noises from the deep fat fryers assaulting my ears, co-workers who were abusive and stupid, and many hours for small wages. My feet hurt, and my lunch was always a meal of burgers. After that, whenever I've worked somewhere a bit annoying, I remember my burger days. Perspective can really cheer you up. (That episode was over 15 years ago, but it's still clear in my mind...)
If you want a Mac mini that will run Windows, try an Evesham Mini series PC. I doubt the company ships outside the UK. This is a PC, not a Mac, but it is as close to a clone in terms of size and appearance as I've seen.
Slashdot Mirror
I had a job keeping my eyes open at all, reading that over-long, poorly structured article with no useful conclusion.
I'm not sure I understand what "quasi-statutory" means. I think that the whole point about this debate is that the main players are either clueless or toothless. The ACPO (http://www.acpo.police.uk/about.html) is, as you say, not a governmental organisation. The fact that it has drafted a memo that states, "We encourage Chief Crown Prosecutors and Chief Officers of Police to adopt this Memorandum" surely indicates that things are still not settled properly.
So, imagine you are working in a job that involves viewing child abuse images (if you can). Do you feel immune from prosecution because a private company claiming to represent the police has written a document encouraging the CPS to recognise your role as a useful tool in the fight against kiddie porn?
There is no agreement from the CPS in this matter. There is no license issues to the IWF, as far as anyone can make out. They are not official delegates, as you suggest.
I don't think they do have an official licence. That memo you mention is just a recommendation by, as you say, a non-governmental org.
I know, I know! Sorry... :(
Because I am stupid. Apologies to all.
Can you clarify why you think this? It's tricky reading between one line replies.
You don't think that policy makers should understand how it works? What nonsense! You'd expect economic departments to understand economics. So why do those involved in child protection and internet security not need to understand their subject?
All this FON sharing is well and good, but it's easy to forget that many (most?) UK ADSL broadband deals that offer 'unlimited' quantities of data throughput actually employ a 'fair use' policy of nGB. While most normal users will rarely, if ever, exceed a few GB/month themselves, they are far more likely to run into problems if they open their connection to others - even if the other users are not using P2P etc.
In addition to that, the idea of allowing other people to connect to the internet through your gateway is bonkers for a number of reasons. Most consumer devices won't hold extensive logs so you don't know what your 'users' are doing or where they have come from. The forensics team won't be able to tell either. So even if you don't get prosecuted, you could be partially (morally) responsible for enabling a crime. And even if a court won't find you guilty for someone else's abuse using your connection, imagine the stress and inconvenience of going through even the initial stages of the legal process.
Imagine also the stigma of being associated with certain online crimes (hacking, child porn, credit card fraud), even if you are not charged or if you are found not guilty. Will your girlfriend/wife/colleagues look at you in the same light again? "No smoke without fire," and other unfair thoughts...
Allowing random people to connect to your network also increases the chances of them knowingly or unknowingly introducing malware to your systems. Worms bouncing around behind your firewall is not a great situation, even if you use a good desktop AV product on your PCs (and Macs to a lesser degree). Yes, you could set up a DMZ - but honestly, why bother with the hassle just to give others free and unfettered access to the connection *you* pay for?
Compare this list of inconveniences to taking the short and basic security steps of enabling WPA, hiding the SSID (I know the latter is a fairly pointless defense against a knowledgable attacker) and not handing out passphrases to your neighbours. It's a no brainer and, in terms of risk/cost, very effective.
I appreciate that sharing can be a wholesome thing, but it does not always make sense.
20 minutes (even two minutes) does seem rather slow when handling a 17KB file. Did you mean 17GB?
Sort of...
a ge_post-mortem/
According to a Register report, "Patch Tuesday update triggered Skype outage".
"Skype has blamed last week's prolonged outage on the effects of Microsoft's Patch Tuesday.
The latest security update from Microsoft required a system reboot. The effect of so many machines rebooting and subsequently trying to log onto the Skype VoIP network triggered system instability and a prolonged outage of almost two days starting on Thursday1. Services have now being restored."
http://www.theregister.co.uk/2007/08/20/skype_out
That may well be the case but, as far as I can make out from the reports, this student was tasered in a different way from your acquaintance, without the electrodes being shot at him. I believe that the 'drive stun' option, where the taser is used to touch the target/victim, is less traumatic and is "like a punch". I can't say that I would find being punched by a police man five times would clam me down any, though.
I find it very hard to believe that it is this straight-forward for one individual to potentially bring down the entire internet infrastructure. The Register reported on this story and said, "Anti-spam firm Blue Security is to cease trading after deciding its escalating conflict with a renegade spammer was placing the internet as a whole in jeopardy." It went on to say, "During an ICQ conversation, PharmaMaster told Blue Security that if he can't send spam, there will be no internet."
I suppose the most concerning part of this story is the bit where bribery appears to persuades a top ISP to make some dodgy configs:
"According to Blue Security, a renegade Russian language speaking spammer known as PharmaMaster succeeded in bribing a top-tier ISP's staff member into black holing Blue Security's former IP address (194.90.8.20) at internet backbone routers. This rendered Blue's main website inaccessible outside Israel."
This story smells a bit.
One of the reasons that Windows has such a poor security record is that inexperienced users, who simply want to play games and get their email, are given access (usually at administrator level) to fully-featured operating systems. If the cut-down versions of Windows Vista keep their users away from Administrator then great - a reduction in spyware for a start. And if having smaller, more limited distributions of Windows means less junk on the hard disk and maybe faster performance, maybe even expert users might opt for it for certain uses.
The beta suffix is a brilliant marketing idea. It achieves three things:
1. Technical users are made to feel that they are at the cutting edge, which they like.
2. Technical users understand that beta technology might break, so they are more forgiving when it does.
3. During the beta phase, Google has an army of free technical beta testers.
So Google beta projects can't lose.
While your working at your desktop, also ensure any pet cats/dogs/rabbits/girlfriends stay clear of your lap as well.
I agree that running big graphics jobs over Remote Desktop is unwise. However, BadAnalogyGuy suggested that students get their own copy of PS (Photoshop). They would presumably run this on their laptops, rather than over Remote Desktop. However, it doesn't make much sense to use the server for other processor-intensive tasks seeing as most modern, cheap laptops are very quick anyway. For example, my 1.6GHz Centrino is faster at video rendering than my >2GHz Dell workstation.
Students should be able to get their software very cheaply using educational licenses. Or the college could provide them with it, for the duration of their courses.
This is probably the best thing that could happen. The alternative is that Microsoft includes competent anti-virus software for free, which will damage other anti-virus companies, or at least create potential conflicts between the anti-virus software included in Windows and the stuff you will prefer to install.
Of course, the other alternative where Microsoft creates an operating system resistant to the vulnerabilities used by virus writers, belongs to an alternate reality.
You do build the props for a movie before you start filming, but it's different for games. You build the engine (unless you use an already existing one), work out the rough plots etc and spiff up the graphics at any stage you like. So finishing the guns doesn't give any indication as to the level of completion of the project - neither one way not the other.
The transcript of the crew's last transmitted words.
From Nasa.gov: This is a transcript of the Challenger operational recorder voice tape. It reveals the comments of Commander Francis R.Scobee, Pilot Michael J. Smith, Mission Specialist 1 Ellison S. Onizuka, and Mission Specialist 2 Judith A. Resnik for the period of T-2:05 prior to launch through approximately T+73 seconds when loss of all data occurred.
Microsoft is a games developer, and it has control over the vast majority of desktop computers.
Do I win £5?
That's right. Brits aren't Europeans. Oh wait...
Sorry to see that you've been rated as a troll (16:11 GMT, 25th Jan 2006) You make a very reasonable point. Those who think they smell bullshit could do worse than read about mysql_real_escape_string() versus Prepared Statements, The addslashes() Versus mysql_real_escape_string() Debate and PHP Insecurity: Failure of Leadership. That said, I like using PHP. That said, I dread to think about the security state of my code...
The last article listed above contains this quote:
"For some time, I've been worried about the direction of PHP. As many of you know, I helped write XMB Forum and now help write UltimaBB. XMB in particular is an old code base, and UltimaBB, a descendant from XMB. I've done a lot to protect that code base from attack, and luckily, we've been missed despite some doozy and silly security issues. After writing PHP forum software for three years now, I've come to the conclusion that it is basically impossible for normal programmers to write secure PHP code. It takes far too much effort."
It's a also useful for them to do something that they hate, preferably early on. That way they realise that having an annoying co-worker in a clean and air-conditioned office is annoying but not disastrous.
I used to work in a restaurant belonging to a well-known burger chain. I was in the kitchen, having hot fat spat on my skin from the broiler, constant and shrill noises from the deep fat fryers assaulting my ears, co-workers who were abusive and stupid, and many hours for small wages. My feet hurt, and my lunch was always a meal of burgers. After that, whenever I've worked somewhere a bit annoying, I remember my burger days. Perspective can really cheer you up. (That episode was over 15 years ago, but it's still clear in my mind...)
If you want a Mac mini that will run Windows, try an Evesham Mini series PC. I doubt the company ships outside the UK. This is a PC, not a Mac, but it is as close to a clone in terms of size and appearance as I've seen.
ASAIK, Echelon is the system and UKUSA is the alliance. I fear to say more :)