well exactly. If a non-expert can bring down your helicopter using nothing more than information gleaned from a wiring-diagam of it, then you've got more serious issues to worry about.
Like for example, the blueprints of the base-model helicopter being public anyway (covering all the systems which keep it in the air, as opposed to the assorted crap installed as special-equipment that tends to have no effect on flyability other than being heavy and consuming power)
I certainly wrote more Free Software while looking for a job than at any time previously. [Tech] jobs appear on the various websites at only a certain rate, and it doesn't take many minutes to have read them all.
When you're working there's just not so much free time to write OSS (and you're more tired in the evenings, hence more likely to use some read-only time-killer like TV or film)
Agreed--but the methodology could well be iffy. From Adobe's methodology page, "Panelists are recruited from multiple sources such as RDD, in-person interviews, Web partners, as well as banner ads." The "Web partners" and banner ad commponents seem particularly troubling to me.
That's not a simple solution. It's faster and easier to laboriously go through directories, removing addins, fixing problems that might result... much easier to do that than to read in full every EULA you are presented with.
Agreed, it's not practical to read every EULA if you use non-free software (although it's very easy if you use mostly GPL/BSD, or if you install from debian repositories where the licenses have already been checked for you)
However, even a quick scan of an EULA will tell you a lot.
For example, if it has an extra section tacked-on the end describing some 3rd-party license (e.g. iTunes EULA has this) then you know it's bundling some hidden extra software.
Similarly, blank-check licenses tend to stand-out -- if there's a section like "we will publish new copies of this license and you hereby agree to the new version" then run far far away. (in the physical world, banks tend to use this type of clause a lot)
Automated software updates tend to be described in their own section, so a quick scan of the EULA tells you whether to expect programs running constantly in the background (e.g. Google software)
You can also look for text which gives the vendor root-access to your computer (or to your company network, or to your buildings via audits), typically described in its own section. I haven't seen many of those recently though; having not installed much "enterprisey" software.
If you want to practice by reading an EULA which is pure evil and contains every malicious trick in the book, go and have a read of paypal.
EULAs can be quite insightful into the vendor's history and desires. Like the free downloads whose licenses still mention that you can't install *both* the 3.5" disks and the 5.25" disks to different computers. Or the software that prevents you benchmarking it (databases). You may not use the Solitaire game to control a nuclear power station. You may not export WinAmp to syria. Your database app is known to the state of california to contain chemicals that will cause infertility.
The key is to sneak the tax in early, when it doesn't make much money, so the early adopters get used to it. Then, as its use increases exponentially, the tax is just accepted as the way it is...
Bonus points for doing so on a tech-related law, because if you mention it, then like 100 slashdotters will jump into the comments saying "this is nothing new"... "news at 11" for any discussion of the new tax.
*an extra 25 cents per gallon -- haven't had my coffee yet.
glad you clarified - was going to add that gas is currently $1.20 in UK ($1.44 equiv. for a US-sized gallon) though that probably doesn't sound so bad now given the recent changes in exchange rate.
Simple solution: read the EULAs in full. And when you don't like them (e.g. Google Earth EULA which gives them root access to your PC) then don't install.
And anyone whose product or business depends on you having Java installled... well this is a good discussion to point them to when you call their support line saying "it just doesn't work"
Hit someone while drunk driving? well since you're rich you're obviously more valuable to society, lets stack the odds in your favor so you don't go to jail!
This (scroll down to July 25) is a story about a famous footballer in the UK receiving a caution for something which would result in a normal person going to jail.
The case never even appeared before a judge, because the UK police are now trusted to do what used to be judiciary work themselves.
There is NO expectation of privacy when you are in public. Security cameras, when placed in common public areas are no problem. Heck, I can video tape you all I want on a street corner, as long as it is for my own private amusement.
You ever tried following a policeman around videotaping them?
Watch this guy trying, and tell me if you'd feel confident squaring-up to those two police officers who don't like being filmed?
I agree. Another point which is of paramount importance: who's in control? Why not take the camera's and make them viewable by all, with a backlog of several days?
That was tried - the plan got nixed due to data-protection laws.
I mean, turn it off if you're trying to sneak around?
The article mentioned one 'threat': that the SS driving around a limo pretending to contain the president while he arrives quietly in a different car, saying that the GSM chip would give away the 'right' car.
Except that the ruse would work even better by putting the real phone in the fake car and driving that around. Do we believe the SS didn't already think of this?
Why in the world would an e-mail delivery system ever consider executing external code?
Ignoring for a moment that's probably not what happened, remember this is from the same company which wrote Internet Explorer and Outlook (Express), both of which go to some lengths to search for untrustworthy code to run. If they can't find any malware in the web page or email, they'll go looking in CSS files, XSLT files, images, stylesheets of images...
Thank goodness my Exchange server is behind a firewall *and* a Postfix SMTP proxy running on a Linux box. There's no direct exposure of Exchange to the outside world.
yeah, thank goodness it doesn't get any emails, otherwise you might be vulnerable...
"It can't happen. Actually it can happen"? There's no need to press submit after you've realised the initial sentence was wrong.
If people want to use IE as you claim then they can install it.
If some app they use depends on IE then they can install it, same as they would need to install firefox to run chatzilla.
The possibility that some people might want to install IE doesn't require you to force it on everyone though. Not least because it's a security vulnerability, even if you don't intentionally use it (e.g. see the apps which run "iexplore whatever" instead of "urlopen whatever")
A mainstream media property actually "gets" something technical related to the Internet. Assuming the summary is right, they've got it dead-on.
The stimulus money should only be permitted to go to non-incumbent providers.
Yep. I couldn't believe that article complained about web-filtering abusive-DPI-using people not being able to get at the trough of new money, like that was some sort of a bad thing...
FTA: "net neutrality, which in its most radical version would bar providers from charging different amounts for different kinds of broadband content"
Radical? Surely that's just standard. Do you pay more for electricity if you want to run a Mac with it instead of a PC?
Slashdot Mirror
well exactly. If a non-expert can bring down your helicopter using nothing more than information gleaned from a wiring-diagam of it, then you've got more serious issues to worry about.
Like for example, the blueprints of the base-model helicopter being public anyway (covering all the systems which keep it in the air, as opposed to the assorted crap installed as special-equipment that tends to have no effect on flyability other than being heavy and consuming power)
People need something to live off
This is utterly ridiculous
I certainly wrote more Free Software while looking for a job than at any time previously. [Tech] jobs appear on the various websites at only a certain rate, and it doesn't take many minutes to have read them all.
When you're working there's just not so much free time to write OSS (and you're more tired in the evenings, hence more likely to use some read-only time-killer like TV or film)
"My tax dollars at work"
Indeed
Or youtube for that matter?, there are many times where I go on Youtube /just purely/ to listen to music.
Will that be blocked aswell? :-)
wait till they hear secondlife can stream music and block that...
Agreed--but the methodology could well be iffy. From Adobe's methodology page, "Panelists are recruited from multiple sources such as RDD, in-person interviews, Web partners, as well as banner ads." The "Web partners" and banner ad commponents seem particularly troubling to me.
Obligatory link
That's not a simple solution. It's faster and easier to laboriously go through directories, removing addins, fixing problems that might result... much easier to do that than to read in full every EULA you are presented with.
Agreed, it's not practical to read every EULA if you use non-free software (although it's very easy if you use mostly GPL/BSD, or if you install from debian repositories where the licenses have already been checked for you)
However, even a quick scan of an EULA will tell you a lot.
For example, if it has an extra section tacked-on the end describing some 3rd-party license (e.g. iTunes EULA has this) then you know it's bundling some hidden extra software.
Similarly, blank-check licenses tend to stand-out -- if there's a section like "we will publish new copies of this license and you hereby agree to the new version" then run far far away. (in the physical world, banks tend to use this type of clause a lot)
Automated software updates tend to be described in their own section, so a quick scan of the EULA tells you whether to expect programs running constantly in the background (e.g. Google software)
You can also look for text which gives the vendor root-access to your computer (or to your company network, or to your buildings via audits), typically described in its own section. I haven't seen many of those recently though; having not installed much "enterprisey" software.
If you want to practice by reading an EULA which is pure evil and contains every malicious trick in the book, go and have a read of paypal.
EULAs can be quite insightful into the vendor's history and desires. Like the free downloads whose licenses still mention that you can't install *both* the 3.5" disks and the 5.25" disks to different computers. Or the software that prevents you benchmarking it (databases). You may not use the Solitaire game to control a nuclear power station. You may not export WinAmp to syria. Your database app is known to the state of california to contain chemicals that will cause infertility.
Sorry, your math is correct mine wasn't.
You're at the crux of the matter. The surveillance is very one sided, if these people want to make a surveillance society it needs to be both ways.
Yet sousveillance just took another hit as they're proposing to make a crime of photographing the police
One privacy rule for us, one for them.
The key is to sneak the tax in early, when it doesn't make much money, so the early adopters get used to it. Then, as its use increases exponentially, the tax is just accepted as the way it is...
Bonus points for doing so on a tech-related law, because if you mention it, then like 100 slashdotters will jump into the comments saying "this is nothing new"... "news at 11" for any discussion of the new tax.
*an extra 25 cents per gallon -- haven't had my coffee yet.
glad you clarified - was going to add that gas is currently $1.20 in UK ($1.44 equiv. for a US-sized gallon) though that probably doesn't sound so bad now given the recent changes in exchange rate.
click dis-the fuck-able
Simple solution: read the EULAs in full. And when you don't like them (e.g. Google Earth EULA which gives them root access to your PC) then don't install.
And anyone whose product or business depends on you having Java installled... well this is a good discussion to point them to when you call their support line saying "it just doesn't work"
True, Google Maps is a very high traffic site, but how much traffic does the particular street view location in question get?
Less than the amount of real traffic visiting the real street...
Hit someone while drunk driving? well since you're rich you're obviously more valuable to society, lets stack the odds in your favor so you don't go to jail!
This (scroll down to July 25) is a story about a famous footballer in the UK receiving a caution for something which would result in a normal person going to jail.
The case never even appeared before a judge, because the UK police are now trusted to do what used to be judiciary work themselves.
what about setting up 3-4 clone phones?
How would the cellphone tower know which one to send calls to?
There is NO expectation of privacy when you are in public. Security cameras, when placed in common public areas are no problem. Heck, I can video tape you all I want on a street corner, as long as it is for my own private amusement.
You ever tried following a policeman around videotaping them?
Watch this guy trying, and tell me if you'd feel confident squaring-up to those two police officers who don't like being filmed?
I agree. Another point which is of paramount importance: who's in control? Why not take the camera's and make them viewable by all, with a backlog of several days?
That was tried - the plan got nixed due to data-protection laws.
Our [UK] civil liberties are doing just fine thanks
Uhh, WTF?!?
This is in a country where the council are using surveillance to check if you've put the right things in your recycling bin?
From the country proposing to issue ID cards to citizens?
Where it's illegal to express a political opinion within 1 mile of parliament?
Where the internet connections are all filtered on the orders of an unelected quango?
Where government routinely orders newspapers not to publish stories, and they all comply?
Where it's illegal for more than 4 people to meet together?
Where you can be searched just for walking around?
Where people are regularly arrested for taking photos in public?
Where you as an innocent person can be imprisoned for 14 days or 42 days or 90 days?
Oh, and you also have to abide by all US laws, since the US has permission to kidnap anyone in the UK, plus there's a one-way extradition agreement.
Which UK are you living in, in which civil liberties are anything other than a historical memory?
I mean, turn it off if you're trying to sneak around?
The article mentioned one 'threat': that the SS driving around a limo pretending to contain the president while he arrives quietly in a different car, saying that the GSM chip would give away the 'right' car.
Except that the ruse would work even better by putting the real phone in the fake car and driving that around. Do we believe the SS didn't already think of this?
....What "carefully crafted message" would I need to send to take over an Exchange Server?
To: ExchangeServer@company.com
Subject: H3ll0
I 0wn you Now. Please reply back with passwords.
Regards,
Hax0r
To: ExchangeServer@company.com
Subject: H3ll0
sudo reply back with passwords, plz
Why in the world would an e-mail delivery system ever consider executing external code?
Ignoring for a moment that's probably not what happened, remember this is from the same company which wrote Internet Explorer and Outlook (Express), both of which go to some lengths to search for untrustworthy code to run. If they can't find any malware in the web page or email, they'll go looking in CSS files, XSLT files, images, stylesheets of images...
Thank goodness my Exchange server is behind a firewall *and* a Postfix SMTP proxy running on a Linux box. There's no direct exposure of Exchange to the outside world.
yeah, thank goodness it doesn't get any emails, otherwise you might be vulnerable...
This is on the same day Microsoft announced you could take control of an Exchange server by sending an email to it?
Total removal of IE can't happen. Well, it can.
Ehh, what?!?
"It can't happen. Actually it can happen"? There's no need to press submit after you've realised the initial sentence was wrong.
If people want to use IE as you claim then they can install it.
If some app they use depends on IE then they can install it, same as they would need to install firefox to run chatzilla.
The possibility that some people might want to install IE doesn't require you to force it on everyone though. Not least because it's a security vulnerability, even if you don't intentionally use it (e.g. see the apps which run "iexplore whatever" instead of "urlopen whatever")
A mainstream media property actually "gets" something technical related to the Internet. Assuming the summary is right, they've got it dead-on.
The stimulus money should only be permitted to go to non-incumbent providers.
Yep. I couldn't believe that article complained about web-filtering abusive-DPI-using people not being able to get at the trough of new money, like that was some sort of a bad thing...
Radical? Surely that's just standard. Do you pay more for electricity if you want to run a Mac with it instead of a PC?
The problem is that local governments (municipalities, primarily) have signed exclusive agreements with these companies.
BT used to be a monopoly like that -- just change the law and make it a competition, like they did with Openreach