So the "researcher" sends an email pretending to be B. Gates and the message got through? OMG! Seriously, where's the "phishing" part? Did he have them click on a link? What was the success rate of that? Linkedin is fairly safe - there's not a whole lot of sensitive information there (unless past work history is "sensitive) - it doesn't ask you for your SSN, address, credit card no, etc. Asking a victim to supply that info to join someones linkedin group would surely raise suspicion and alert people that it's a fake. There's no real meat to the article here. Either the reporter reporting on this story has missed an important part of the story (likely) or the researcher has just discovered that you can email anyone and pretend to be anyone.
All of the tools listed don't work by verifying the identity of the sender. If you fail to look/behave like a spammer/cracker/phisher, your email will get through unless you use a white list at which point 99% of people outside your list won't know how to get an email to you even though the rejection letter spells out the correct procedure. I wonder how many people actually tried to join Bill's linkedin account and of those what percentage thought it may actually *be* Bill. I'm gonna guess it's somewhere around zero.
Now excuse me, I have to get back to forwarding Bill's email I got to 20 people so have I have a chance at the million dollar prize.
Why does it strike me as more of a ploy to make sure you can't remove the label even if you wanted to?
I'll bet right now marketing is sitting around a conference table: "This looks pretty good for a start, but we've done some market research that shows that consumers want the labeling on the inside as well. We need some type of penetrating laser that will label the edible parts inside. We need to be able to etch the outside of the banana skin as well as etch at least a logo on the edible part inside. Also, if we're doing citirus, we need to be able to etch each segment. We need to make sure our logo is seen from the moment you go into the store to the moment you put it in your mouth... Hmmm, I wonder if we can extend that to the moment we flush it down...
From what I know of cable co's, they periodically check the settings on their modems (we know they can change them when you upgrade/downgrade service, it follows they can also check the current settings). I know that's how they used to catch uncappers in the past. Kind of a "trust but verify" approach.
You can attach a DOCSIS device of your own, but unless their equipment allows it onto their tubes (provisions it), you're not going to get any service. You could of course try to clone someone's MAC address, but then you've crossed over into illegal/stealing service territory. A cable company is not going to allow end user equipment onto their network that they have no control over since their whole ISP business model is based on charging for bandwidth.
I did RTFA. His biggest misstep that brought attention to his actions was running a company that sold uncapped and hardware modded modems. He sold a couple to undercover feds. That was a Bad Idea. Selling hacked equipment that is designed to overcome preset bandwidth limits or provide unauthorized (free) service by cloning mac addresses of other authorized modems seems like "aiding and abetting". Running uncapped modems on Comcast's network would also seem like wire fraud (fraudulent activity involving electronic equipemnt) to me.
Comcast owns their network and sells you access based on bandwidth. More bandwidth costs more. If you find a way to circumvent their bandwidth limits, you are breaking your agreement with them (as well as violating the DMCA). Modding your own cable modem and running it on your own cable network is ok. Running it on someone elses is not.
Hacking to gain knowledge/enlightenment is one thing. Using that knowledge to steal service is uncool.
There is one more point that I seem to remember - AOL owning a cable lines. For a while, they owned some small cable co in Virginia (or at least partly owned it). At the time I thought that they were going to build that out since it was The Future. However, after the merger they decided it didn't fit their business model and they sold it all off to concentrate on dialup. I'm sure they genius who did that got a great bonus after that completed (From resume "Generated XX millions for company by finding and selling off negative-profit assets").
Now their plan is to sell advertising on their content. But they're very late to the game. Will be interesting to see what value is left.
At their peak they had tens of millions of subscribers - I remember a "20 million members" sign in one of their hallways. I wonder how many are left today.
What amazes me is that some ISP's according to ESPN have drank the cool-aid and are paying the extortion fee. I suppose it's good to try new revenue models, but I sure hope this doesn't catch on.
Reminds me a project I was working on years ago where we had a device that processed video signals thought a pc. Someone engineer brought up the issue of macrovision (or product stripped out macrovision as a side-effect). So someone (engineer) checked it out and found out that we would have to pay the macro-folks many $ to *not* strip the encoding. "Well that's a no-brainer, we're done!" all the engineers thought... until the lawyers got wind of it, paid the extortion fee, we made sure to implement macro-vision on the video out, and the product quickly flopped. I wonder if the ISP's lawyers are also somehow involved in this...
To me it would appear that someone submitted entries with an bogus title and accompanying description. Hacked? Hardly. What surprises me is that no one submitted Viagra programs with accompanying links in the description.
These aren't the droids you're looking for. Move along.
The Antarctic has a pie shaped portion of land without any recognized owner (between 90 degrees w and 150 degrees west - about a 1/8 slice of the antarctic "pie"). All the other land is claimed by one country or another -- sometimes the same land is claimed by more than one country and depends on who you have a treaty with determines who you believe.
The devil is in the details when it comes to solar. Several people have mentioned sites such as homepower. These sites cater to people who are interested in building/getting solar power for a variety of situations. The sites teach you a lot about how to determine how much power you need and how to assemble complete systems. After subscribing to the magazine for a couple of years, I thought "Wow - this looks great and simple!". I decided to put together a small system that I could expand. After buying some equipment and assembling it, I started to learn while not difficult, it's not simple either. There's a lot of detail work - voltage to use in your system (12V, 24V or 36V), what do you mount panels to, how do you mount them, mounting hardware, what kind of wiring do you need, what do you need to conform to building/electrical codes, venting off-gassing from batteries, spill protection from battery acid accidents, backup power when the sun doesn't make an appearance for several days, fuses etc. The list goes on and on.
The last thing I would recommend is putting together a system yourself from what you've learned from these sites. Solar systems tend to be bulky (deep cycle batteries are incredibly heavy as are the large guage cables needed for the low voltage/high current), fragile (think about carting around window panes), and can be difficult for others to undestand their operation/maintenance/safety precautions (think about "helpful" people topping off your batteries with tap water instead of de-ionized water, or smoking while opening up your battery box which has accumulated hydrogen).
Finally after all that there are companies that make ruggedized "pods" for just the situation you describe. Check out http://www.powerpod.com/ They make various sized "pods" that are "ruggedized" compact, turn-key solar systems. However, you do still have those fragile solar panels you need to protect during transportation/use.
A while ago I was working at a University that will remain nameless... A building located away from the main campus had an old cable modem setup that serviced perhaps 1 or 2 dumb terminals (or more likely, PC's running some terminal emulation program). It was originally wired by cable tv lines along telephone poles then across a street to the building. At some point, a too tall truck hit the too low cable line snapping it off the poles.
Fixing it would have cost time and money to have it done the correct way only to serve 1 or 2 machines that would probably be replaced in a couple of weeks anyway (everyone else in the building had upgraded to the "new" ethernet connections except for the holdouts). One of our network guys climbed a nearby tree, took some rope and tied it to a convenient tree branch then went across the street and was again roped to a convenient light pole, angled down to the top of a fence, along the fence on the ground and finally into the building. Some years later I noticed that someone had moved the now long defunct cable to run along the top of the fence via zip-ties (groundskeepers?). The rope (amazingly) was still holding the line to the tree branch.
Viruses, these days, are not what you need to worry about.
The main attack vectors these days seem to center on "drive by downloads" or pop ups that trick you into downloading executables ("WARNING! Your PC is infested with SPYWARE - CLICK HERE to remove"). Most Antivirus software is unbelievably pathetic when it comes to identifying/dealing with spyware. I've seen dozens of clients who have so much spyware, it can take 30 minutes or more to boot up and then spend more time closing all the popped-up windows. FF and it appears IE7 as well will hopefully go a long way to closing this attack. Now we just need to wait for everyone with win95,98,ME, NT, etc. to upgrade.
I worked for a Dot-Com flame out - (although it still exists, it's just a shadow of it's former self). They had a patent reward program where they would reward employees for patentable ideas/code in their products.
The main reason for doing this was not to sue other companies who infringed on their ideas, rather, it was to have a bargaining chip when some company would inevitably sue them for infringing.
"Oh yeah, so I'm using your patented "method to display images and text on the same web page"? Well, you're infringing on my patented "method to use only 1 click to send email".
In the end, all the lawsuits, counter-suit silliness exists for one purpose - to make lawyers money. That's why no suit is settled quickly - after all judges all started as lawyers.
I learned how to touch type in high school - before that, I was the hunt and peck typist, but that didn't stop me from knocking out programs (in basic back then). One thing I could never quite get the hang of (and I think I wasn't alone) was learning to touch type numbers. Consequently, when writing code today, I have to still glance at the keyboard quite a lot.
One thing that touch typing has alowed me to do, though, is quickly and easily type in large amounts of text - like replying to emails or posting to discusions like quite quickly and easily. I know in me current work, I'm not creating code as much as replying to emails and *writing* about stuff.
Should it be taught - I think it should be an option. I'd guess you'd get a fair amount of takers. Mavis probably helps, but I don't think it's a replacement for some face time from a real human.
Slashdot Mirror
So the "researcher" sends an email pretending to be B. Gates and the message got through? OMG! Seriously, where's the "phishing" part? Did he have them click on a link? What was the success rate of that? Linkedin is fairly safe - there's not a whole lot of sensitive information there (unless past work history is "sensitive) - it doesn't ask you for your SSN, address, credit card no, etc. Asking a victim to supply that info to join someones linkedin group would surely raise suspicion and alert people that it's a fake. There's no real meat to the article here. Either the reporter reporting on this story has missed an important part of the story (likely) or the researcher has just discovered that you can email anyone and pretend to be anyone.
All of the tools listed don't work by verifying the identity of the sender. If you fail to look/behave like a spammer/cracker/phisher, your email will get through unless you use a white list at which point 99% of people outside your list won't know how to get an email to you even though the rejection letter spells out the correct procedure. I wonder how many people actually tried to join Bill's linkedin account and of those what percentage thought it may actually *be* Bill. I'm gonna guess it's somewhere around zero.
Now excuse me, I have to get back to forwarding Bill's email I got to 20 people so have I have a chance at the million dollar prize.
Why does it strike me as more of a ploy to make sure you can't remove the label even if you wanted to?
I'll bet right now marketing is sitting around a conference table:
"This looks pretty good for a start, but we've done some market research that shows that consumers want the labeling on the inside as well. We need some type of penetrating laser that will label the edible parts inside. We need to be able to etch the outside of the banana skin as well as etch at least a logo on the edible part inside. Also, if we're doing citirus, we need to be able to etch each segment. We need to make sure our logo is seen from the moment you go into the store to the moment you put it in your mouth... Hmmm, I wonder if we can extend that to the moment we flush it down...
From what I know of cable co's, they periodically check the settings on their modems (we know they can change them when you upgrade/downgrade service, it follows they can also check the current settings). I know that's how they used to catch uncappers in the past. Kind of a "trust but verify" approach.
You can attach a DOCSIS device of your own, but unless their equipment allows it onto their tubes (provisions it), you're not going to get any service. You could of course try to clone someone's MAC address, but then you've crossed over into illegal/stealing service territory. A cable company is not going to allow end user equipment onto their network that they have no control over since their whole ISP business model is based on charging for bandwidth.
I did RTFA. His biggest misstep that brought attention to his actions was running a company that sold uncapped and hardware modded modems. He sold a couple to undercover feds. That was a Bad Idea. Selling hacked equipment that is designed to overcome preset bandwidth limits or provide unauthorized (free) service by cloning mac addresses of other authorized modems seems like "aiding and abetting". Running uncapped modems on Comcast's network would also seem like wire fraud (fraudulent activity involving electronic equipemnt) to me.
Comcast owns their network and sells you access based on bandwidth. More bandwidth costs more. If you find a way to circumvent their bandwidth limits, you are breaking your agreement with them (as well as violating the DMCA). Modding your own cable modem and running it on your own cable network is ok. Running it on someone elses is not.
Hacking to gain knowledge/enlightenment is one thing. Using that knowledge to steal service is uncool.
There is one more point that I seem to remember - AOL owning a cable lines. For a while, they owned some small cable co in Virginia (or at least partly owned it). At the time I thought that they were going to build that out since it was The Future. However, after the merger they decided it didn't fit their business model and they sold it all off to concentrate on dialup. I'm sure they genius who did that got a great bonus after that completed (From resume "Generated XX millions for company by finding and selling off negative-profit assets").
Now their plan is to sell advertising on their content. But they're very late to the game. Will be interesting to see what value is left.
At their peak they had tens of millions of subscribers - I remember a "20 million members" sign in one of their hallways. I wonder how many are left today.
What amazes me is that some ISP's according to ESPN have drank the cool-aid and are paying the extortion fee. I suppose it's good to try new revenue models, but I sure hope this doesn't catch on.
Reminds me a project I was working on years ago where we had a device that processed video signals thought a pc. Someone engineer brought up the issue of macrovision (or product stripped out macrovision as a side-effect). So someone (engineer) checked it out and found out that we would have to pay the macro-folks many $ to *not* strip the encoding. "Well that's a no-brainer, we're done!" all the engineers thought... until the lawyers got wind of it, paid the extortion fee, we made sure to implement macro-vision on the video out, and the product quickly flopped. I wonder if the ISP's lawyers are also somehow involved in this...
To me it would appear that someone submitted entries with an bogus title and accompanying description. Hacked? Hardly. What surprises me is that no one submitted Viagra programs with accompanying links in the description.
These aren't the droids you're looking for. Move along.
The Antarctic has a pie shaped portion of land without any recognized owner (between 90 degrees w and 150 degrees west - about a 1/8 slice of the antarctic "pie"). All the other land is claimed by one country or another -- sometimes the same land is claimed by more than one country and depends on who you have a treaty with determines who you believe.
The last thing I would recommend is putting together a system yourself from what you've learned from these sites. Solar systems tend to be bulky (deep cycle batteries are incredibly heavy as are the large guage cables needed for the low voltage/high current), fragile (think about carting around window panes), and can be difficult for others to undestand their operation/maintenance/safety precautions (think about "helpful" people topping off your batteries with tap water instead of de-ionized water, or smoking while opening up your battery box which has accumulated hydrogen).
Finally after all that there are companies that make ruggedized "pods" for just the situation you describe. Check out http://www.powerpod.com/ They make various sized "pods" that are "ruggedized" compact, turn-key solar systems. However, you do still have those fragile solar panels you need to protect during transportation/use.
Fixing it would have cost time and money to have it done the correct way only to serve 1 or 2 machines that would probably be replaced in a couple of weeks anyway (everyone else in the building had upgraded to the "new" ethernet connections except for the holdouts). One of our network guys climbed a nearby tree, took some rope and tied it to a convenient tree branch then went across the street and was again roped to a convenient light pole, angled down to the top of a fence, along the fence on the ground and finally into the building. Some years later I noticed that someone had moved the now long defunct cable to run along the top of the fence via zip-ties (groundskeepers?). The rope (amazingly) was still holding the line to the tree branch.
The main attack vectors these days seem to center on "drive by downloads" or pop ups that trick you into downloading executables ("WARNING! Your PC is infested with SPYWARE - CLICK HERE to remove"). Most Antivirus software is unbelievably pathetic when it comes to identifying/dealing with spyware. I've seen dozens of clients who have so much spyware, it can take 30 minutes or more to boot up and then spend more time closing all the popped-up windows. FF and it appears IE7 as well will hopefully go a long way to closing this attack. Now we just need to wait for everyone with win95,98,ME, NT, etc. to upgrade.
haha, the fools, posting on Slashdot when they could be playing WoW. oh wait...
The main reason for doing this was not to sue other companies who infringed on their ideas, rather, it was to have a bargaining chip when some company would inevitably sue them for infringing.
"Oh yeah, so I'm using your patented "method to display images and text on the same web page"? Well, you're infringing on my patented "method to use only 1 click to send email".
In the end, all the lawsuits, counter-suit silliness exists for one purpose - to make lawyers money. That's why no suit is settled quickly - after all judges all started as lawyers.
One thing that touch typing has alowed me to do, though, is quickly and easily type in large amounts of text - like replying to emails or posting to discusions like quite quickly and easily. I know in me current work, I'm not creating code as much as replying to emails and *writing* about stuff. Should it be taught - I think it should be an option. I'd guess you'd get a fair amount of takers. Mavis probably helps, but I don't think it's a replacement for some face time from a real human.