Slashdot Mirror


User: Em+Adespoton

Em+Adespoton's activity in the archive.

Stories
0
Comments
4,889
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,889

  1. Re:Halting Problem on AntiVirus Products Fail to Find Simple IE Malware · · Score: 1

    Surely it makes more sense to design systems based on accepted security principles which reduce the opportunity for infection and contain its effects.


    You mean remove the human element? You're right... computers would work much better without end users.
  2. Re:The real story... on Forbes' Dan Lyons Hates Groklaw, Wants to Be BFF with Linux · · Score: 1

    I don't care for the OS X UI. I find KDE and GNOME to be more productive.

    There are various other things I don't like about OS X. Mostly I find it too closed, too proprietary, too... out of my control. It's a great OS for my wife -- and it's great for me that she has it because it requires less support from me than any other OS she's tried -- but I wouldn't want to use it all day.


    If you don't like Aqua, use KDE or GNOME instead. You can install them via FINK or MacPorts.

    I find OS X great because while it has the veneer of a closed, proprietary OS, I have access to tweak and modify pretty much everything on it that I would desire to tweak/modify on any GNU platform. As a matter of fact, I could probably set up OS X so that the average Linux user would think they were running either Linux or some variant of BSD, and not OS X at all.

    You can even set up OS X so that logging in as one user will give you GNOME, logging in as another user will give you KDE, and logging in as a third user will give you Aqua.

    Of course, if you prefer more open hardware, there's probably no reason for you to lay out the money for OS X for your own use.
  3. Re:in no way extends on Microsoft EU Decision Protects OSS Projects From Suits · · Score: 1

    If they give away their software they are non-profit. If they have a different branch that sells support not software they should be safe. I can see no real way for MS to go after a company that only sells support.


    This is the sane definition, yes. However, look at the people being sued for commercial copyright infringement because they make free software and distribute it that happens to be able to be used to infringe on other people's copyrights -- often, they are hit with "commercial" damages because their website has banner ads which bring in revenue.

    MS doesn't actually have to WIN any court cases to do with this issue of "non-profit" vs. "for-profit" -- all they have to do is embrace and extend the definition of "non-profit" so that anyone thinking of going this route has to take into consideration the cost of dealing with an MS lawsuit.

    The EU could slap them down for this, but MS could easily say "hey, we thought we had a valid point, as these people were in it for the money. If you say otherwise, we'll stop our lawsuit against that individual company." Then they can carry on with the FUD and the suing other companies until the EU explicitly bans them from doing so -- which, at the rate the EU moves, will take 3-5 years by which point the issue will be academic.
  4. Re:in no way extends on Microsoft EU Decision Protects OSS Projects From Suits · · Score: 1

    This, of course, insures profitable OSS projects will not be based in the US. Damn shame. Some of us like Tech jobs.


    Actually, it ensures nothing of the sort... "profitable" (read, for-profit) OSS projects aren't protected; only non-profit ones. I'm sure MS will have a heyday with the definition of "non-profit".
  5. Re:oh yeah, so scared on Storm Worm Strikes Back at Security Pros · · Score: 1

    The data is encrypted, but the traffic patterns most likely aren't obfuscated. After watching it for a while, it should become obvious which traffic (encrypted, but from a source IP) is coming from the C&C group.

    As far as dropping an infected box on a high-capacity network, that could be a really bad idea -- unless you put an oBSD box set to transparent mode in the pipeline to log all the data that passes through and also throttles the network connection down to dialup levels so the windows box doesn't become part of the problem.

  6. Re:oh yeah, so scared on Storm Worm Strikes Back at Security Pros · · Score: 1

    The issue here is one of trust -- it's easy to infect a computer with Storm, and then use that computer to poke around -- if you're right and the IP is in an exception database, then the investigator is invulnrable. If you're wrong, then they can spoof and tie up the botnet.

    The concept is to have the net attack a single hardened target, and log all the IPs. Then spoof the IPs using the trigger query used to initiate the original attack.

    It doesn't really matter if the DDoSes are automatic or not, they either trust your packets or they don't.

    I remember the 80's... I lived very close to one of the loops that was an international social centre for phreakers.

    Ignoring that many IPs would do you no good... your system would still grind to a halt handling the traffic. One solution I *can* see is for ISPs to get the fingerprint this DDoS puts out, and disconnect any client IP whose packets match the fingerprint. Then, trigger the DDoS once, and all the cloud members start dropping off the internet.

  7. Re:oh yeah, so scared on Storm Worm Strikes Back at Security Pros · · Score: 1

    Which ISP are you with that will give you a second connection "for like crazy cheap"?
    You can still get dialup accounts for around $9.95 in most places. Also, most DSL/Cable accounts have dialup "roaming access" accounts provided for free (people just never use them). Not that such an account would solve anything (see my previous post).
  8. Re:oh yeah, so scared on Storm Worm Strikes Back at Security Pros · · Score: 4, Insightful

    If you start getting DOSed you unplug the modem and try again. Some corporate customer carrying ISPs will even let you just change your IP. You could get on a new IP and keep poking like 50 times in a day at least. It's really not that hard and not that sneaky.


    Something tells me that your method won't work against Storm. This is due to the fact that if you tried such a stunt, it wouldn't be your PC that would be DoS'd, it would be the ISP's local NOC you were using to connect to the internet. If you forced a new DHCP reservation (all that an unplug/plugin does), you'd end up with another IP address (if the DHCP server ever responded to your request) sitting on the same hardware that is being DoS'd by Storm.

    What is needed to fight a botnet of this size is a distributed probe net, where if one node is taken out by the botnet, the rest of the cloud keeps on probing it. After all, even a large botnet can only DoS so many locations at a time.

    A better solution might be to spoof the IP addresses of other members of the botnet, thereby making it DoS itself into submission.
  9. Re:Secret Service on Note To Criminals — Don't Call Tech Support · · Score: 1

    I'll rephrase it for you: "Guy calls customer service for a company that makes printers designed to print government-issued IDs, and customer service has been alerted that one of their printers has been reported stolen. Customer service forwards call log to government agency by request and they provide it to FBI and SS." This isn't like someone stealing an HP LaserJet -- there are a limited number of these printers in service, and the government tends to keep very good track of them.

  10. Re:Lead on Crime Reduction Linked To Lead-Free Gasoline · · Score: 1

    I seriously doubt that a significant number of kids got those toys and even if they did they'd have to practically eat the things to get a significant lead dose out of them.

    You don't have kids, do you?

  11. Re:Took long enough... on Microsoft Finally Bows to EU Antitrust Measures · · Score: 1

    Let me repeat my last sentence with emphasis:

    There are some prisons that I would consider torturous, and others that aren't. The key is the intent to cause suffering.

    Yes, I know, proving intent is difficult. But who said life was easy? There are many areas where intent to cause suffering can easily be proven. Other areas are more vague, and require a legislative body or group of peers to clarify. Sometimes, this system is abused.

  12. Re:Government is under British Rule on Canada May Tax Legal Music Downloads · · Score: 1

    One thing I forgot to mention: the rail line on VI was never completed -- in the late *19*80's, the island agreed to amend the agreement so that a highway would be built instead -- the highway was completed as far north as Campbell River in 2000.

  13. Re:Government is under British Rule on Canada May Tax Legal Music Downloads · · Score: 1

    A few more nits to pick:

    1: While still a member of the commonwealth, Canada re-did its constitution under Prime Minster Trudeau, so that the Governor General (the Queen's rep in Canada) is no longer answerable to the Queen in the same manner. Therefore, Canada is no longer under British rule.

    2: the original settlers of Canada were from Asia, followed by the ones from northern Europe. The French showed up and settled on the east coast much later, around the same time that the Spanish set up settlements on the west coast. Luckily for the French, the Asian settlers on the east coast were by and large peaceful, so they were able to take their land without too much resistance. Unfortunately for the Spanish, the tribes on the west coast were warrior tribes, and wiped out almost all the settlements. Eventually the French co-mingled with the native peoples, and migrated west to Manitoba. At this point, the French sent another colonizing group, as did the British. The two fought soon after, and both sides claimed victory -- but the British gained most of the land.

    The main part of what is now Canada was actually owned by the Hudson's Bay Company and the Northwest Trading Company, not by a country. The Hudson's Bay Company bankrupted Northwest and bought their land for a song, after which they sold it all to the British government to consolidate their assets. The British government then abandoned it as being too costly to maintain, so when MacDonald & Co. were looking to expand Canada to the west of Manitoba, they were able to annex it for virtually free.

    Meanwhile, the British had colonized Vancouver Island and Cascadia. Vancouver Island arranged to be bought out by Cascadia for the price of a rail line to run right from the south end of the island to the North. After agreeing to this venture, Cascadia, which the Queen had renamed British Columbia (after losing some of the colony to the US in the form of Washington State) discovered that Vancouver Island had been on the brink of bankruptcy and carried a huge debt. Canada wanted to control all land north of the 49th parallel, so came to an agreement with British Columbia to connect it to Ontario by rail -- what they didn't know is that British Columbia was about to declare bankruptcy itself due to the combined debts of VI and BC.

    Much Much later, the last of the colonies, Newfoundland, joined Canada in 1949 after its government fell apart and Canada took over the role of defence during WWII.

    3: There are still large French speaking communities all across modern-day Canada, with the largest being in Quebec and Nova Scotia, followed by Manitoba and Ontario. Quebec has French Cultural protection built into its provincial constitution.

    Of course, I read the GP's post as being one part flamebait and one part humour. But as you've pointed out, so much was SO wrong that a bit of education was needed :)

  14. Re:Took long enough... on Microsoft Finally Bows to EU Antitrust Measures · · Score: 2, Insightful

    Torture, according to international law, is "any act by which severe pain or suffering, whether physical or mental, is intentionally inflicted on a person for such purposes as obtaining from him or a third person information or a confession, punishing him for an act he or a third person has committed or is suspected of having committed, or intimidating or coercing him or a third person, or for any reason based on discrimination of any kind, when such pain or suffering is inflicted by or at the instigation of or with the consent or acquiescence of a public official or other person acting in an official capacity."

    I hope that clears it up. There are some prisons that I would consider torturous, and others that aren't. The key is the intent to cause suffering.

  15. Re:Agree 100% on Bill Introduced to Congress Would Allow ID Theft Restitution · · Score: 1

    a) No storage of credit card numbers by *anybody* other than the card issuer (ie. online merchants like must not store your card numbers anywhere, you need to type it in for each transaction).

    This wouldn't work. If only you have the card number, there's no audit trail.

    However, having actually designed an automated online credit card payment system, I can tell you what DOES work:

    Only keep the first and last 4 digits of the credit card number, and blank out the rest. Also keep the transaction ID.
    The authorization gateway, merchant bank and merchant service provider all keep track of the card number; there is no need for the merchant themselves to hold onto it.

    However, the three companies listed above are also larger targets for personal information harvesting as they are concentrated locations of such data.

    If the merchant is doubling as the authorization gateway, then they are required by law to hold on to the card information they receive. This isn't going to change any time soon, as there needs to be a complete record of activities just in case someone *does* steal card info and go to town.
  16. Re:Good grief on Man Hacks 911 System, Sends SWAT on Bogus Raid · · Score: 1

    Dominos can find the right house, you'd think the cops could. Then again, when it's not right the pizza guy isn't going to be kicking in the door holding a gun.

    Interestingly, Dominos appears to have a better verification system than 911 too... try calling up Dominos and giving a bogus address and credit card info.

    Then again, Dominos runs SCO Unix, so maybe their system could be hacked this way too.
  17. Re:Don't crucify them on Porn Spammers Get Five Years Each · · Score: 1

    You make it sound like there's some organization of religious leaders who will get together to do this. Something tells me that we aren't going to see spaghetti monsterists, Christians (any denomination), Jews, Muslims (any denomination), Taoists, Buddhists, Jedis, Hindis, and whatever else you want to throw in there getting together to organize a spam campaign.

    If you're talking about Catholics or Southern Baptists, they definitely have the money and political power, and there's probably at least one nutjob in a position of power in each of these sects who would consider this idea a good one.

    Anthropomorphizing "religion" isn't going to do much except wave a "flamebait" flag, however.

  18. Re:Spammers suck! on Porn Spammers Get Five Years Each · · Score: 4, Insightful

    Guaranteed this won't make even the most minor dent. 2 guys out of how many? Gee, with odds of about what, a million to one, of being thrown in jail, its actually rational to spam.
    IIRC, the current theory is that the majority of spam you get actually comes from around 20 individuals and their botnets. Unfortunately, these guys weren't playing at that level, so shutting them down/imprisoning them probably won't do much to affect the guys outsourcing their stuff to someone controlling US/Korean botnets from a Russian control server.
  19. Re:Sweet RIAA Defense on The Pirate Bay Takes Over Anti-Piracy Domain · · Score: 1

    You... actually dont. Neither of the two. Its perfectly legit to make copies of a copyrighted work and give them to your gf, friends, relatives, co-workers and so on. Until you start spreading them in high numbers to random starangers, its considered for personal use, and thus falls under "fair use" and not distibution.
    In which country? Not in any WIPO country. "Fair use" has a MUCH narrower scope in WIPO-ratified countries (except Canada).
  20. Re:Nononono on The Pirate Bay Takes Over Anti-Piracy Domain · · Score: 1

    So if someone lets a domain expire, and then you buy it (or register it, you never really buy a domain), and then try to sell it back to them, then you are a domain hijacker?
    This raises an interesting question: What's the difference between a hijacker and a pirate?
  21. Re:I've been away on Profile of the Russian Business Network · · Score: 4, Insightful

    I'm sorry, but civil disobedience usually involves getting intentionally caught and punished for doing something that should not be wrong, thereby bringing public attention to the issue. Anonymity is useful for practising freedoms denied by your government, but it doesn't enable true civil disobedience.

  22. Re:Still on Mom Blasts Ballmer Over Kid's Vista Experience · · Score: 1

    I'd suggest you try OOo 2.3 -- it has come a long way since OOo 2.0. Or, try IBM Lotus Symphony if you prefer that; same software, slightly different interface & bells/whistles.

  23. Re:Nothing to see on Dragonfly-Sized Insect Spies Spotted, Denied · · Score: 1

    That was my thought too, but the article about it was posted here on /. about a year ago. Nobody could explain WHY they had this skill. My mistake in writing prey, as all their prey does indeed have fixed eyes.

  24. Re:buy more chairs, Uncle Steve's coming over! on Mom Blasts Ballmer Over Kid's Vista Experience · · Score: 1

    I think you mean "Cancel or Allow?"
    Not "Cancel or Deny?"
  25. Re:Still on Mom Blasts Ballmer Over Kid's Vista Experience · · Score: 5, Insightful

    I installed Ubuntu on my wife's machine this last week, removing XP...

    Wrong move indeed. First off, you shouldn't have removed XP until you knew Ubuntu did what she needed. Second, you should have started her off on Kubuntu, which will at least have a familiar interface.

    As for your mysterious file format and your "forgetaboutit" OOo install, we'll need more info to refute/help you on those ones. I find that anyone who has used Office XP or earlier tends to enjoy using the latest OOo, unless they have a bunch of VB macros that don't work quite right, or some badly-created templates that don't display correctly.

    Really, the only problem I've found so far for normal users is that Word documents don't always convert indices and other complex objects correctly, and need to be re-formatted once imported into ODF.