First, the most likely sources of this sort of catastrophe are created by humans or preventable by our actions. If we spend our effort trying to allow the elite to escape the planet instead of trying to save the rest of humanity, what does that say about the people we are?
First, if it was about "allowing the elite to escape" then I'd agree with you.
However, for me anyway, it is more a case of ensuring that at least someone will survive somewhere, rather than helping anyone escape to a nicer place because we have made a mess here.
Colonizing a new planet is unlikely to be a picnic. It will probably be a very hard life for several generations.
Second, if we assume that we can and do figure out solutions for all the things that could wipe us out, or at least put us back in the stone age, like global warming, influenza epidemics, meteorite strikes, 3rd world war etc...
I still don't see it is an either or choice. Yes, we should work on reducing our effect on the climate, learn how to control the spread of disease, track and divert near earth asteroids and reduce the level of tension and aggression between our countries.
But to to survive, we would have to solve all of them, every time. Miss one, and we loose.. game over.
So doesn't it make sense to spend just a little of that money and resources on making sure that there would be at least one small colony of humans who could start the process of rebuilding things if it all went pear shaped.
Are we so vain as to think that our first purpose is to keep some slim vestige of humanity in existance?
I run an encrypted Wi-Fi network, connected to my local network and ADSL connection.
However, someone else in the neighborhood runs an unencrypted Wi-Fi network, and whenever I start my laptop it tries to connect to the unencrypted networks first. I have to remember to check what network it is connected to before I use anything.
The unencrypted network is probably benign, setup by someone who hasn't read the manual and is blissfully unaware of the implications of having an open unencrypted network broadcasting itself to everyone in the area.
However, tin foil hat says that they just might be a clever geek who is happily logging DHCP requests, IP addresses and any other information they can every time someone in the area switches on a wireless capable laptop.
I don't want to lock down my laptop completely, because when I travel to conferences etc. I do want it to connect to other unencrypted networks. Does anyone know how to set up a Fedora FC4 system to ignore specific networks ? Or, just make it prefer to use the encrypted one if the appropriate pass key is in the local key chain (manual pass phrase required to unlock the key chain).
It is on the Ubuntu box I'm sitting in front of at the moment.
Glad someone made an easy install for Ubuntu:-)
Not seen one for Fedora yet:-(
.... I also know what the highest position I stood in the world is (if only that was my slashdot UID), where relative to my team, where relative to my country, how much credit I got from each work unit, how much credit I got on a day to day basis...
Yep, I know that I can see the stats, or 'credits', for my account :
SETI@home member since 8 Jul 1999
Total credit 95,887
Recent average credit 198.56
and the stats for the 'top participants', 'top computers' and 'top teams', but for me the emphasis on earning 'credits' is making it into a toy competition for overclockers (no offense meant). What is a 'credit' anyway, in real terms like cpu hours or floating point operations ?
What have gone are the stats for the project as a whole.
Total cpu time (in years) for the project
Total cpu time (in years) for the last 24 hrs
Current processing capability (TFlop/s average for the last 24hrs)
These figures were what gave it the wow factor for me. A project that logged several years cpu time per day was quite impressive in 1999 (I though it was anyway).
I know there is no way I can compete with any of the top participants, but that is my point. I didn't join to compete for 'credits', I enjoyed contributing to the project as a whole.
As of 23 October 2000, 2,438,045 volunteers had run the SETI@home program. Of those, 519,725 were actively running the program and had returned a result in the previous two weeks.
These volunteers had donated a total of 437,000 years of CPU time for a total 4.3 x 1020 flop.
Currently, the average processing rate of computers running SETI@home is 15.7 Tflops - averaged since the start of the project, the processing rate is 9.5 Tflops.
To our knowledge, SETI@home is the largest distributed computation project in existence.
It could also be considered to be the largest supercomputer in existence and the largest computation ever performed.
That was in October 2000, so what are the figures now ?
I know there are several different sites that produce stats, so these might be available somewhere, but they aren't on the main site any more.
Me too.
Last time I used it the Linux install involved way too many steps.
It is packaged as a 'generic' Linux binary, and left up to the individual to tweak it to fit their particular system.
I am quite happy to contribute spare cpu cycles to the project, but at the moment I don't have the spare sys-admin cycles required to setup, configure and babysit the software.
If they want more people to install it, they need to do something like create a RPM installer and setup a yum repository.
If the installation was as simple as 'yum install bonic' plus a simple Python configure script to set the project URL,
then ReadHat could/would probably add it to Fedora. Which would mean that 1000's of people would see it listed in the install options, and some of them would probably give it a go.
The other reason I left was the change in the way that stat were reported.
When I started, their website showed a headline figure of number of CPU years in the last 24hrs.
To me, seeing that figure increase as the project gained more users was a real incentive to add machines and contribute more to the project.
It gave you the warm fuzzy feeling that we were all contributing to what was at the time one of the largest computing projects in the world.
Now everything is listed as teams competing for 'credits', whatever they are.
I didn't join to earn 'credits', I joined to participate in one of the largest collaborative computing projects in the world.
Yep, I think I agree. 10-15 years would probably be reasonable.
Just adding a note of caution. As you say 'copyright is a two-edged sword', and we should be aware that the FOSS movement and the GPL rely on it too.
Do you think there should be a similar 10-15 year limit on patents too ?
Enough time to get to market with the first implementation, but it does not prevent others building on what you created later on.
Personal emails and other private communications would be excluded from the new laws and so would news or current affairs services.
So does this mean if someone setup a web site called "SlashSlash - News for pervs", with articles and pictures about all the latest news and events in the world of 'X18-plus content'... then it would be exempt from regulation ?
If the dominant desktop OS requires that amount of cpu power to run all the antivirus stuff and still get things done, then it will push down the price of multicore mega compute platforms. Those of us who choose to run an alternative OS that doesn't need all the extra antivirus stuff would still benefit from lower prices of multicore mega compute platforms and would be able to do more real work with them*.
Same sort of thing is happening with games. I don't play 3D games, but my desktop Linux desktop machine looks real nice with Compiz/Beryl and OpenGL running on a high powered graphics processor that would have been way out of my budget a few years ago. The push to get better and better 3D graphics in games has lowered the cost of the high powered graphics processors to the point where they become standard kit for our desktop machines.
* Ok, when I say 'real work', on most systems a lot of the extra compute power will be used to draw prettier 3D folding sliding bouncing windows in the UI. But having that amount of cheap compute power on servers will mean the boring nerds amongst us will be able to handle larger data sets and do more processing.
So it's just a replacement for walking over to the next cubicle to BS?
I work for an international science project involving people from all around the world.
We don't have cubicles, many of us don't even have offices.
In fact most of the UK team work from home most of the time.
We use a whole range of tools to communicate, Jabber chat, email, plus several wikis, forums and mailing lists.
Is the history of your IM discussions archived?
Yes, the client writes a full log to disk on the local machine.
Can you forward them?
Copy/paste from local history into current chat window.
Broadcast to multiple people? BCC?
We run our own Jabber server, so we can create as many meeting rooms as we want an invite people to join the meeting.
Unless you have a very sophisticated IM system, it's really no replacement for email, but a supplement.
Yes.. and no.
The two systems compliment each other, but I have to say that the main channel of communication is Jabber rather than email.
So, email supplements Jabber rather than the other way round.
I'm curious, do you actually have _important_, work related discussions over IM?
Yes, absolutely.
We use a whole range of tools, depending on what we are discussing, but almost every conversation starts with a Jabber chat.
As an example, I might start by contacting someone using Jabber to discuss a document we are working on.
If they don't have a copy of the document I might email a copy to them during the chat session.
If we decided we needed advice from someone else, we could setup a Jabber meeting room and invite them in.
People can join and leave the meeting room over the course of the discussion.
A quick chat to check something simple might be last 20 seconds, but sometimes a discussion can involve 20 people and last for two days or more.
e.g. Getting the latest version ready for release may involve pulling lots of different people into the discussion to check each part of the system or documentation is ready to go.
If I wanted to share the document with a wider group, I could upload the document to our wiki and email the URL to them.
Longer term discussions about specifications etc. that involve a wider group are conducted by email mailing lists.
On the other hand... Someone has already mentioned PhotoTours and
GroupShot in an earlier post, and they really are quite cool.
Do these qualify as proactive ?
My first thought was "Wow, can't wait until someone does an open source version of these that runs on Linux".
But if someone did release an open source version of these, would that be reactive ?
I think we are all playing catch up with each other.
I often wondered about this.
Lets assume they did store all their emails.
A few years later, when the data becomes part of the public record and a historian looks through them to try and reconstruct
the discussion relating to an important decision... the email archive appears not to contain one or two key emails.
Unless another email in the record specifically mentions one of the missing ones "re your email of the 27th"
- how would we know that the key emails are actually missing ?
If the records don't become public until years after the event, then there would be ample time for someone to go through and
remove all references to one or two specific emails before the archives are published.
They might not even need to delete an email, something a simple as removing an address from the cc list could allow someone to claim that they hadn't seen a particular email.
One solution I though of would be for the email server to create a secure hash (a one way hash, like SHA-512 or similar) of every email that went through the system.
The system would be setup to publish the list of hashes on a live web server that anyone can download (a gzip file of hashes for each day perhaps).
Any external group like the Library of Congress or Ibiblio, could download and archive
their own copy of the hashes for each day.
Them when a historian looks at the email archive a few years later, they can compare the contents of the archive with the
lists of hashes stored by the external archives.
It wouldn't prevent someone from altering the data in the email archive, but it would make it
much more difficult to hide the fact that the archive had been tampered with.
To completely erase all traces of a change would require intercepting the email before it reached the mail server, or
modifying the lists of hashes stored by all the external groups afterwards.
Not impossible, but much much harder to do.
I can't quote specific articles, but I seem to remember reading
about some research that showed that the decision making process
in the mind changes as a child grows up.
In early childhood, the mind is pre-programmed to
accept almost anything an adult says as true, without questioning it.
As we grow up we learn to question more and begin to make
choices based on their own judgment.
The research suggested this was to enable a child to quickly learn
the basic social and safety rules from their parents.
If we learn everything by experimentation, then every child would
have to do the equivalent of putting their finger in the wall socket at least once,
just to find out if it was a bad idea.
As a new born, we start with no real information about the world and its dangers.
In order to make a rational choice, you need sufficient information about
your environment to be able to predict the consequences of your actions.
Even if you start with a 100% rational mind, if you do not have enough information about
the world, you have nothing to base your judgment on.
As a child grows into an adult, the hope is that they accumulate enough
information about the world and its dangers to be able to make rational
judgments about their actions.
At some point we, as a society, place an arbitrary limit based on age.
After which we assume that the person has had time
to collect enough information to be able to make
rational choices about their own safety.
It could be argued that we should replace the age limit with an
intelligence test. However, we would have to come up with a test
for intelligence that everyone accepted - not an easy task.
"I'm sorry sir, but if you can't spell 'Cholesterol' you are too dumb to be allowed to eat pitza"
Err......
Hey, I just realized. We should be getting paid for this !
Brilliant. Post an article on/. about the merits of paying people to discuss
an ethical problem, and just happen to include a full description of an
example problem you want to look at.
Then sit back and watch everyone discuss it anyway.... without being paid.
According to the article, one of the parties they are suing are D-Link.
Wi-LANs litigation page refers to the case as "Wi-LAN Inc. v. D-LINK et al action".
I may be wrong here, but the the image on Wi-LANs patents page looks to me like a D-Link ADSL unit.
Isn't that kind of rubbing it in...
Among ODF's weaknesses is its provenance from a specific application and the unwillingness of its originators to release it into the Bazaar.
- Sam Hiser
From the article:
"All Sun cares about is its application," Hiser claimed. "Sun never thought of the format as being more important than the application.
- Sam Hiser
... and from the same article
In a blog posting, Jason Matusow, director of corporate standards at Microsoft, said the new controversy over ODF proves that what really matters are the desktop applications, not the file formats.
- Jason Matusow
... and from the other blog
All of this seems to make the point stronger than ever that when you are speaking about document formats, you are really speaking about an adjunct technology to the applications which are the real "solutions" in this discussion.
Yep, mea cupla:-(
Not keeping up with my sys-admin duties.
I've seen this kind of thing in the logs for quite a while, but not at this level (1000's of attempts in a day).
I hadn't noticed the increasing rate.
A case of familiarity breeds contempt, "yep, seen those before.. not much can do about them" without really checking how often they happen.
I remember when I first saw them appearing I contacted my ISP, and their reaction was much the same "yep, thats what happens when you connect a box to the net". I offered to pass on the IP addresses but they weren't interested. I got the impression they see thing kind of thing all the time.
What do people suggest I do with the IP addresses of hosts doing the scanning ?
Is it worth checking the whois information and contacting the sys admin or abuse email address if there is one ?
Cool,thanks for the info.
fail2ban installed and running:-)
As part of the setup process it provides a tool to scan existing log files for matches.
It found over 3000 attempts in the last three days from three source IP addresses, two in China and one in Sweden.
... the OpenSSH log showed hundreds of attempted logins under the names of I think Doug and Samantha or something like that, so it seems likely they put a back door into OpenSSH as neither of those accounts were in the old passwd file...
I see a lot of these all the time, they seem to be cycling through a list of names. At the moment they are trying account names like 'root', 'linux', 'admin', 'test', 'testftp', 'webmaster' etc. and user names like 'melissa', 'danny', 'nicholson' etc.
I don't think this means that they added a SSH back door, just that they have enough compute resources to try hundreds of combinations of likely names and passwords in the hope they get lucky.
Once that happens, the transition to secure computing will be possible.
Standards are good idea, in general. But I'm not so sure about this part.
Possibly (one) of the reasons Windows has such a problem with viruses etc. is that the platforms are standard.
Once a virus, trojan or malware writer discovers a vulnerability on a Windows system, they can be fairly sure they can exploit it on all unpatched Windows systems.
I'm not suggesting that this is the main reason that Windows is so insecure. Nor am I suggesting that it isn't their (Microsoft) fault for releasing an inherently insecure system in the first place.
But if we look at it in terms of biology, what we have at the moment is a large mono culture of Windows machines, compared with a large number of miscellaneous Linux/Unix machines all setup and configured slightly differently.
The mono culture of Windows machines are all vulnerable to the same attack exploits. Once one machine in a network gets infected, the rest become infected fairly quickly, because they have the same vulnerabilities.
The Linux/Unix community may be less vulnerable, because a virus, worm or trojan may be able to spread across machines based on one particular Linux distribution, but at the moment it would be more difficult to create a malware program that infected all Linux/Unix variants.
Simple things like the default install of different distributions may use different email clients, firewall programs etc.
If we had a true mono culture, with all machines everywhere setup in the same way, we (the whole world) would be vulnerable to a zero day exploit that could infect all machines in one go.
In biology, genetic diversity makes the species as a whole more resilient to attack, even if some of the individual variants are in themselves less 'fit' than their 'normal' siblings.
I agree, but there is one place where the 'standard convention' no longer works, users home directories.
At the moment, desktop applications store the users data in an ungodly mess of randomly named application specific directories in a subdirectory of their home directory. which include vitally important settings mixed with useless cache data.
If I take a look at my own home directory, the biggest users of space are hidden directories for Nautilus (desktop thumbnails), GoogleEarth (cache), Beagle (indexes), FireFox (cache and passwords) and Thunderbird (cache, emails and passwords). All of these have large directories of cached data mixed in with the application settings (including website passwords, email addresses etc).
To create a backup of the users home directories, I can either backup the whole lot, and waste backup space on storing the cache data, or I need to spend time writing a custom backup script that will distinguish between important and transient data. Yes, I know it is fairly easy to do with something like rsync, but I have to guess which directories to include and which to ignore.
We need some way to distinguish between 'vital and private' configuration and security settings, and 'private but not critical' cache data.
The ideal would be two separate directories for each user,/home/fred and/tmp/fred, both are private to the user, but the temp directory would mean that applications could store transient cache data in somewhere other than the users home directory.
But to start with, just a standard config file that the application supplies listing which subdirectories need to be backed up and which don't... unless of course, this already exists and I just haven't heard about it.
However, I agree that Pirate Bay itself does raise issues that we collectively we have yet to come to terms with.
A lot of us seem to want copyright law to only apply when we want it to, and not apply to us when we don't want it to.
The open source software community relies on copyright law to control how the contributions are used, and to prevent commercial entities from (ab)using the contributions without regard to the (copyright) owners wishes.
http://yro.slashdot.org/article.pl?sid=07/09/20/2229252/
Slashdot Mirror
First, if it was about "allowing the elite to escape" then I'd agree with you. However, for me anyway, it is more a case of ensuring that at least someone will survive somewhere, rather than helping anyone escape to a nicer place because we have made a mess here. Colonizing a new planet is unlikely to be a picnic. It will probably be a very hard life for several generations.
Second, if we assume that we can and do figure out solutions for all the things that could wipe us out, or at least put us back in the stone age, like global warming, influenza epidemics, meteorite strikes, 3rd world war etc ...
I still don't see it is an either or choice. Yes, we should work on reducing our effect on the climate, learn how to control the spread of disease, track and divert near earth asteroids and reduce the level of tension and aggression between our countries.
But to to survive, we would have to solve all of them, every time. Miss one, and we loose .. game over.
So doesn't it make sense to spend just a little of that money and resources on making sure that there would be at least one small colony of humans who could start the process of rebuilding things if it all went pear shaped.
Yes. It's kind of built in to our genes. Have you read The selfish gene by Richard Dawkins ?
I have the reverse problem at home.
I run an encrypted Wi-Fi network, connected to my local network and ADSL connection. However, someone else in the neighborhood runs an unencrypted Wi-Fi network, and whenever I start my laptop it tries to connect to the unencrypted networks first. I have to remember to check what network it is connected to before I use anything.
The unencrypted network is probably benign, setup by someone who hasn't read the manual and is blissfully unaware of the implications of having an open unencrypted network broadcasting itself to everyone in the area. However, tin foil hat says that they just might be a clever geek who is happily logging DHCP requests, IP addresses and any other information they can every time someone in the area switches on a wireless capable laptop.
I don't want to lock down my laptop completely, because when I travel to conferences etc. I do want it to connect to other unencrypted networks. Does anyone know how to set up a Fedora FC4 system to ignore specific networks ? Or, just make it prefer to use the encrypted one if the appropriate pass key is in the local key chain (manual pass phrase required to unlock the key chain).
Glad someone made an easy install for Ubuntu :-)
:-(
Not seen one for Fedora yet
Yep, I know that I can see the stats, or 'credits', for my account :
- SETI@home member since 8 Jul 1999
- Total credit 95,887
- Recent average credit 198.56
and the stats for the 'top participants', 'top computers' and 'top teams', but for me the emphasis on earning 'credits' is making it into a toy competition for overclockers (no offense meant). What is a 'credit' anyway, in real terms like cpu hours or floating point operations ?What have gone are the stats for the project as a whole.
- Total cpu time (in years) for the project
- Total cpu time (in years) for the last 24 hrs
- Current processing capability (TFlop/s average for the last 24hrs)
These figures were what gave it the wow factor for me. A project that logged several years cpu time per day was quite impressive in 1999 (I though it was anyway).I know there is no way I can compete with any of the top participants, but that is my point. I didn't join to compete for 'credits', I enjoyed contributing to the project as a whole.
From a (pdf) paper written in 2001 and published on their about page.
That was in October 2000, so what are the figures now ?
I know there are several different sites that produce stats, so these might be available somewhere, but they aren't on the main site any more.
Me too. Last time I used it the Linux install involved way too many steps. It is packaged as a 'generic' Linux binary, and left up to the individual to tweak it to fit their particular system. I am quite happy to contribute spare cpu cycles to the project, but at the moment I don't have the spare sys-admin cycles required to setup, configure and babysit the software.
If they want more people to install it, they need to do something like create a RPM installer and setup a yum repository. If the installation was as simple as 'yum install bonic' plus a simple Python configure script to set the project URL, then ReadHat could/would probably add it to Fedora. Which would mean that 1000's of people would see it listed in the install options, and some of them would probably give it a go.
The other reason I left was the change in the way that stat were reported. When I started, their website showed a headline figure of number of CPU years in the last 24hrs. To me, seeing that figure increase as the project gained more users was a real incentive to add machines and contribute more to the project. It gave you the warm fuzzy feeling that we were all contributing to what was at the time one of the largest computing projects in the world.
Now everything is listed as teams competing for 'credits', whatever they are. I didn't join to earn 'credits', I joined to participate in one of the largest collaborative computing projects in the world.
Yep, I think I agree. 10-15 years would probably be reasonable.
Just adding a note of caution. As you say 'copyright is a two-edged sword', and we should be aware that the FOSS movement and the GPL rely on it too.
Do you think there should be a similar 10-15 year limit on patents too ? Enough time to get to market with the first implementation, but it does not prevent others building on what you created later on.
Before you get too keen ... what would this mean for open source software and the GPL ?
How much really great open source software was written in the 80's and 90's ?
Would this mean that [insert name of large software company] could take any GPL licensed software written before 2003 and use it however they wanted ?
So does this mean if someone setup a web site called "SlashSlash - News for pervs", with articles and pictures about all the latest news and events in the world of 'X18-plus content' ... then it would be exempt from regulation ?
I think that is what MrMr was getting at.
If the dominant desktop OS requires that amount of cpu power to run all the antivirus stuff and still get things done, then it will push down the price of multicore mega compute platforms. Those of us who choose to run an alternative OS that doesn't need all the extra antivirus stuff would still benefit from lower prices of multicore mega compute platforms and would be able to do more real work with them*.
Same sort of thing is happening with games. I don't play 3D games, but my desktop Linux desktop machine looks real nice with Compiz/Beryl and OpenGL running on a high powered graphics processor that would have been way out of my budget a few years ago. The push to get better and better 3D graphics in games has lowered the cost of the high powered graphics processors to the point where they become standard kit for our desktop machines.
* Ok, when I say 'real work', on most systems a lot of the extra compute power will be used to draw prettier 3D folding sliding bouncing windows in the UI. But having that amount of cheap compute power on servers will mean the boring nerds amongst us will be able to handle larger data sets and do more processing.
Sounds a bit like OCCAM.
I work for an international science project involving people from all around the world.
We don't have cubicles, many of us don't even have offices. In fact most of the UK team work from home most of the time.
We use a whole range of tools to communicate, Jabber chat, email, plus several wikis, forums and mailing lists.
Yes, the client writes a full log to disk on the local machine.
Copy/paste from local history into current chat window.
We run our own Jabber server, so we can create as many meeting rooms as we want an invite people to join the meeting.
Yes .. and no.
The two systems compliment each other, but I have to say that the main channel of communication is Jabber rather than email.
So, email supplements Jabber rather than the other way round.
Yes, absolutely. We use a whole range of tools, depending on what we are discussing, but almost every conversation starts with a Jabber chat.
As an example, I might start by contacting someone using Jabber to discuss a document we are working on. If they don't have a copy of the document I might email a copy to them during the chat session.
If we decided we needed advice from someone else, we could setup a Jabber meeting room and invite them in. People can join and leave the meeting room over the course of the discussion. A quick chat to check something simple might be last 20 seconds, but sometimes a discussion can involve 20 people and last for two days or more. e.g. Getting the latest version ready for release may involve pulling lots of different people into the discussion to check each part of the system or documentation is ready to go.
If I wanted to share the document with a wider group, I could upload the document to our wiki and email the URL to them.
Longer term discussions about specifications etc. that involve a wider group are conducted by email mailing lists.
On the other hand ... Someone has already mentioned PhotoTours and
GroupShot in an earlier post, and they really are quite cool.
Do these qualify as proactive ?
My first thought was "Wow, can't wait until someone does an open source version of these that runs on Linux". But if someone did release an open source version of these, would that be reactive ?
I think we are all playing catch up with each other.
I often wondered about this. Lets assume they did store all their emails.
A few years later, when the data becomes part of the public record and a historian looks through them to try and reconstruct the discussion relating to an important decision ... the email archive appears not to contain one or two key emails.
Unless another email in the record specifically mentions one of the missing ones "re your email of the 27th"
- how would we know that the key emails are actually missing ?
If the records don't become public until years after the event, then there would be ample time for someone to go through and remove all references to one or two specific emails before the archives are published. They might not even need to delete an email, something a simple as removing an address from the cc list could allow someone to claim that they hadn't seen a particular email.
One solution I though of would be for the email server to create a secure hash (a one way hash, like SHA-512 or similar) of every email that went through the system. The system would be setup to publish the list of hashes on a live web server that anyone can download (a gzip file of hashes for each day perhaps).
Any external group like the Library of Congress or Ibiblio, could download and archive their own copy of the hashes for each day.
Them when a historian looks at the email archive a few years later, they can compare the contents of the archive with the lists of hashes stored by the external archives. It wouldn't prevent someone from altering the data in the email archive, but it would make it much more difficult to hide the fact that the archive had been tampered with.
To completely erase all traces of a change would require intercepting the email before it reached the mail server, or modifying the lists of hashes stored by all the external groups afterwards. Not impossible, but much much harder to do.
Oops, how embarrassing. No unhealthy foods for me then.
The technique I used was to write the whole thing quickly in a text editor, and then specifically check the long complicated words on Wikipedia.
I can't quote specific articles, but I seem to remember reading about some research that showed that the decision making process in the mind changes as a child grows up.
In early childhood, the mind is pre-programmed to accept almost anything an adult says as true, without questioning it. As we grow up we learn to question more and begin to make choices based on their own judgment.
The research suggested this was to enable a child to quickly learn the basic social and safety rules from their parents. If we learn everything by experimentation, then every child would have to do the equivalent of putting their finger in the wall socket at least once, just to find out if it was a bad idea.
As a new born, we start with no real information about the world and its dangers. In order to make a rational choice, you need sufficient information about your environment to be able to predict the consequences of your actions. Even if you start with a 100% rational mind, if you do not have enough information about the world, you have nothing to base your judgment on.
As a child grows into an adult, the hope is that they accumulate enough information about the world and its dangers to be able to make rational judgments about their actions. At some point we, as a society, place an arbitrary limit based on age. After which we assume that the person has had time to collect enough information to be able to make rational choices about their own safety. It could be argued that we should replace the age limit with an intelligence test. However, we would have to come up with a test for intelligence that everyone accepted - not an easy task. "I'm sorry sir, but if you can't spell 'Cholesterol' you are too dumb to be allowed to eat pitza"
Err ......
Hey, I just realized. We should be getting paid for this !
Brilliant. Post an article on /. about the merits of paying people to discuss
an ethical problem, and just happen to include a full description of an
example problem you want to look at.
Then sit back and watch everyone discuss it anyway .... without being paid.
According to the article, one of the parties they are suing are D-Link. Wi-LANs litigation page refers to the case as "Wi-LAN Inc. v. D-LINK et al action".
I may be wrong here, but the the image on Wi-LANs patents page looks to me like a D-Link ADSL unit. ...
Isn't that kind of rubbing it in
From the article
Yep, mea cupla :-(
Not keeping up with my sys-admin duties.
I've seen this kind of thing in the logs for quite a while, but not at this level (1000's of attempts in a day). I hadn't noticed the increasing rate. A case of familiarity breeds contempt, "yep, seen those before .. not much can do about them" without really checking how often they happen.
I remember when I first saw them appearing I contacted my ISP, and their reaction was much the same "yep, thats what happens when you connect a box to the net". I offered to pass on the IP addresses but they weren't interested. I got the impression they see thing kind of thing all the time.
What do people suggest I do with the IP addresses of hosts doing the scanning ? Is it worth checking the whois information and contacting the sys admin or abuse email address if there is one ?
Cool,thanks for the info. fail2ban installed and running :-)
As part of the setup process it provides a tool to scan existing log files for matches. It found over 3000 attempts in the last three days from three source IP addresses, two in China and one in Sweden.
I see a lot of these all the time, they seem to be cycling through a list of names. At the moment they are trying account names like 'root', 'linux', 'admin', 'test', 'testftp', 'webmaster' etc. and user names like 'melissa', 'danny', 'nicholson' etc.
I don't think this means that they added a SSH back door, just that they have enough compute resources to try hundreds of combinations of likely names and passwords in the hope they get lucky.
Standards are good idea, in general. But I'm not so sure about this part.
Possibly (one) of the reasons Windows has such a problem with viruses etc. is that the platforms are standard. Once a virus, trojan or malware writer discovers a vulnerability on a Windows system, they can be fairly sure they can exploit it on all unpatched Windows systems.
I'm not suggesting that this is the main reason that Windows is so insecure. Nor am I suggesting that it isn't their (Microsoft) fault for releasing an inherently insecure system in the first place.
But if we look at it in terms of biology, what we have at the moment is a large mono culture of Windows machines, compared with a large number of miscellaneous Linux/Unix machines all setup and configured slightly differently.
The mono culture of Windows machines are all vulnerable to the same attack exploits. Once one machine in a network gets infected, the rest become infected fairly quickly, because they have the same vulnerabilities.
The Linux/Unix community may be less vulnerable, because a virus, worm or trojan may be able to spread across machines based on one particular Linux distribution, but at the moment it would be more difficult to create a malware program that infected all Linux/Unix variants. Simple things like the default install of different distributions may use different email clients, firewall programs etc.
If we had a true mono culture, with all machines everywhere setup in the same way, we (the whole world) would be vulnerable to a zero day exploit that could infect all machines in one go. In biology, genetic diversity makes the species as a whole more resilient to attack, even if some of the individual variants are in themselves less 'fit' than their 'normal' siblings.
With this crowd, I expect that in a few hours time your inbox will be full of emails with subject 'WTF?'
I agree, but there is one place where the 'standard convention' no longer works, users home directories. At the moment, desktop applications store the users data in an ungodly mess of randomly named application specific directories in a subdirectory of their home directory. which include vitally important settings mixed with useless cache data.
If I take a look at my own home directory, the biggest users of space are hidden directories for Nautilus (desktop thumbnails), GoogleEarth (cache), Beagle (indexes), FireFox (cache and passwords) and Thunderbird (cache, emails and passwords). All of these have large directories of cached data mixed in with the application settings (including website passwords, email addresses etc).
To create a backup of the users home directories, I can either backup the whole lot, and waste backup space on storing the cache data, or I need to spend time writing a custom backup script that will distinguish between important and transient data. Yes, I know it is fairly easy to do with something like rsync, but I have to guess which directories to include and which to ignore. We need some way to distinguish between 'vital and private' configuration and security settings, and 'private but not critical' cache data.
The ideal would be two separate directories for each user, /home/fred and /tmp/fred, both are private to the user, but the temp directory would mean that applications could store transient cache data in somewhere other than the users home directory.
But to start with, just a standard config file that the application supplies listing which subdirectories need to be backed up and which don't ... unless of course, this already exists and I just haven't heard about it.
I second that, the situation is indeed amusing.
However, I agree that Pirate Bay itself does raise issues that we collectively we have yet to come to terms with. A lot of us seem to want copyright law to only apply when we want it to, and not apply to us when we don't want it to.
The open source software community relies on copyright law to control how the contributions are used, and to prevent commercial entities from (ab)using the contributions without regard to the (copyright) owners wishes. http://yro.slashdot.org/article.pl?sid=07/09/20/2229252/