Slashdot Mirror


User: 99BottlesOfBeerInMyF

99BottlesOfBeerInMyF's activity in the archive.

Stories
0
Comments
10,115
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,115

  1. Re:800,000 years of data insufficient on Another 150,000 Years of CO2 Data · · Score: 0

    Typically, environmentalists tend to be urban atheists, and have this rediculous[sic] romantic notion of what nature is. Nature is brutal and unpredictable.

    I think it is ironic that you refer to environmentalism as a religion and unscientific, while making the absurd and unsupportable assertion that nature is unpredictable. In truth, nature is very predictable, from gravity to weather to growth patterns. It is complex, which means it takes a lot of effort to predict, increasingly so as you try to make more and more specific predictions, but such is the nature of applying the scientific method to increasingly complex systems.

    I'll not argue that there aren't irrational environmentalist who don't have a good understanding of science, but instead adhere to a pseudo scientific culture of here-say. Nor will I argue that a lot of Americans don't view nature as some sort of Disney cartoon full of cute little animals and idyllic, peace between all species. Nonetheless, most people who understand and have a lot of experience with nature, tend to be conservationists, which is one flavor of environmentalism. Generalizing people is just another term for prejudice.

    P.S. for the love of Allah, learn to spell "ridiculous." I see it misspelled on Slashdot every single day. What's up with that?

  2. Re:So..? on Johnny Cache Breaks Silence On Wi-Fi Exploit · · Score: 1

    If you're under a gag order, there's a decent possibility that the gag order forbids you to talk about the gag order.

    This is possible but unlikely. Also, since he stated he was working with Apple to fix the vulnerability and Apple said they had never heard from him, one of them is mistaken or lying. A gag order doesn't protect Apple from losing a slander/libel case for lying to discredit him. Since he hasn't brought such a lawsuit perhaps he was stretching the truth in the first place?

  3. Re:Of course they're not "random" on You Have Been 'Randomly' Selected? · · Score: 1

    Travelling on business to Ireland for the third time in a year and half.

    The last time I flew out of Ireland I was very amused and happy about their complete lack of security. Flying out late, they had no one working security at all and no one was searched in any way. I could have had a rocket launcher with me. Countries with such a laid back atmosphere really demonstrate the stupidity of the US these days.

  4. Re:Profiling is worse than random searches. on You Have Been 'Randomly' Selected? · · Score: 1

    If 'enough' random searches are done then I expect they would be effective.

    I think you're missing the human component to searches. If 100 searches provide X security then 200 searches will provide 2X security, right? Not usually. The more searches are done, the less attention searchers will pay for each given search. The more searches that are done, the more false positives will be detected, thus conditioning searchers to believe any given detection is a false positive.

    Wide scale searching will never really work. There is just too much noise. Experts who have tested the system succeed nearly every time sneaking aboard firearms, explosives, etc. In order to prevent this the airlines will have to ban so many items that flying will hardly be worthwhile. Luckily, terrorist threats to planes are mostly a phantasm. The chances that they will blow up the plane you are on are tiny. They just don't have enough manpower fanatical enough and organized enough.

    Profiling by race and religion flies in the face of everything we've struggled to achieve in the last century.

    I'd go further and say profiling by race and religion contributes to the problem and creates terrorists. I know people who have been singled out for "special" treatment because of their country of origin or religion. It makes them angry. Discriminating against people justifiably makes them angry and fosters an "us versus them" mentality. The way to mitigate terrorism is to stop doing things to make others so angry that they are willing to die just for some payback. Stop bombing their villages and giving bombs to Israel which they then drop on some person's child.

    I agree with most of your points. I think, however, that it is a poor bet to wager on the American public looking at real solutions and facing hard truths rather than hysterical, sensationalist news articles that allow those in power to frighten people into giving up their freedoms and betraying their principals. American society is weak and fearful. The empire is crumbling. It will get worse before it gets better.

  5. Re:"Implies" my fanny. He says it right out. on Johnny Cache Breaks Silence On Wi-Fi Exploit · · Score: 1

    It's pretty obvious that his going silent is the result of Apple putting the thumbscrews to him.

    He said he was working with Apple to solve the problem before releasing the exploit. Apple said, they had never heard from him. Maybe Apple was lying or mistaken, but if they had taken legal action to get a gag order, then that statement to the press was libel and Apple will lose when he takes them to court. The alternative is that he was lying or overstating his case and that he had not contacted Apple and he was just trying to get attention. In which case he is a liar and his credibility is shot.

  6. Re:It took all of 2 paragraphs to go ad hominem... on Johnny Cache Breaks Silence On Wi-Fi Exploit · · Score: 2, Informative

    I work in the IT security industry and I'm perfectly willing to accept that this exploit is for real. The pattern of events is not abnormal: the exploit will be demonstrated at a conference but because of NDA the details remain under wraps until the manufacturer releases a patch.

    I am a mac user and work in security as well. Let me show the ways in which this "exploit" is unusual and dubious:

    • They did not demo the exploit, but instead showed a mockup of what the exploit would do were they to run it.
    • They claimed to be working with Apple to fix it, but Apple publicly stated they'd never heard of these guys or seen the supposed exploit.
    • They have not submitted their exploit to review by any credible third party that anyone knows of.
    • They have hinted that they are under legal pressure, but have not actually said so, or shown any evidence that is the case.

    I used to work with this guy who was brilliant at finding and exploiting security holes. He took a G3 Mac running stock standard OSX and proceeded to demonstrate exploit after exploit; not based on his OSX skill but purely on his knowledge of the underlying free software.

    There are a number of people who can easily find local escalations on OS X, using knowledge of the BSDs. There are some people who can remotely hack OS X boxes using unpublished exploits. OS X is not some super-secure solution. It is in the same boat as your average Linux distro. It is fairly secure against automated attacks which is what the average user is worried about.

    I was at a blackhat conference where they demonstrated a local privilege escalation exploit that existed all the way up to Tiger - they had told Apple about it years previously but it wasn't until they broke their NDA and went public that Apple fixed the fault. The same presentation at that conference demonstrated an OSX kernel exploit that still exists today.

    Citations please.

    Mac users are in for a rude shock. They've told each other their platform is secure.

    Secure means different things to different people. By comparison to Windows, which is all the average user knows, OS X is a fortress. The message that "OS X is secure" is a drastic oversimplification, but it is a clear message and a beneficial one. The more users that switch away from the security nightmare that is Windows, the better for the security of the general population. Now you could try to tell the average person that OS X is sorta secure, but not perfect and it is better than Windows but worse than this OpenBSD thing that can't run any mainstream software they need. In doing so you'd be more accurate. You'd also probably convince a lot of people that it doesn't matter if they are running OS X or Windows and thus contribute to making the general population less secure.

    As for this particular exploit, the verdict is still out. Maybe it is the real deal that has a reasonable chance of being a usable remote exploit. To characterize this as a normal vulnerability, is very misleading. There is a reasonable concern in the security industry that these people either were wrong, overstated their case, or were outright trying to be deceptive. There is also the possibility that Apple is completely lying, but that is rather unlikely. They have a pretty good track record of fixing exploitable vulnerabilities the community brings to them and of working well with the security community. They are one of the few companies that provides credit for discovery in their security patches. As time goes on and we learn more and more about this, I have more and more doubts that this particular exploit is on the level.

  7. Re:Too late on Windows Vista RC1 Complete · · Score: 1

    Who wants to develop games for the Mac?

    Pretty much every major publishing house develops for the mac, if only for the titles that become popular.

    And who wants to develop games for Linux, knowing that all Linux users just don't want to spend money?

    Troll?

    I know I'd prefer to develop for Vista + Xbox 360.

    Either way your game will run on Vista. The choice is, in addition, does it work without a lot of effort on the 360, or on Windows XP, Win2k, Win ME, Win 98, PS2, PS3, Mac, Linux, and Wii.

    Take a look at the successful PC game companies. Notice how almost all of them that develop games they know will be successful build them on OpenGL (with the exception of most of the companies MS owns)? Notice how a lot of the new developers taking a shot in the dark are using DirectX, because it is slightly cheaper up front, even thought it costs more in the long run? That is because they don't know if their game is going to sell at all, and if it flops, they are out less money and if it is successful they can pay to get it ported with the proceeds.

  8. Re:well, it only makes sense on ISPs Fight Against Encrypted BitTorrent Downloads · · Score: 1

    So what you're saying is "Things would be cheaper if they weren't more expensive".

    No, I'm saying things would be cheaper if the US did not take bribes restrict free trade and if we vote all these assholes out of office we can fix it.

    Take your learned helplessness elsewhere.

  9. Wrong Perspective on Why All The Hype About 0day? · · Score: 4, Insightful

    Michael Sutton has up an interesting post on the security vulnerabilities that we really need to be concerned about. According to Sutton, it's not the new ones that are scary, it's the old ones that have long since been forgotten.

    The old ones may be the most worrying to people tracking security in general. They are not, however, the most worrying to those of us looking to secure our own networks, since we know how to stop them. It is a matter of control. I can patch and Firewall, and ACL away any old worms and detect them if they get through. I might be helpless, however, if a new, zero day worm hits.

  10. Re:Too late on Windows Vista RC1 Complete · · Score: 4, Insightful

    Considering that it's mandatory to have Vista to take advantage of DX10, and considering that DX has become a de facto standard in the gaming industry, lots of people are going to eventually be forced to port over to Vista.

    I suspect there will be a lot of developers targeting DirectX 9 for many years to come, since the number of Vista machines will be so much lower than the number of Vista+XP+Me+2K machines. In any case, hopefully some of the developers wise up and move to OpenGL where they don't have to worry about MS refusing to support their graphics API improvements. OpenGL 2.0 will work on all of the above plus the PS2 and PS3 and OS X and Linux.

  11. Re:Freeware? on Windows Vista RC1 Complete · · Score: 5, Informative

    Beta 2 is available to everyone...

    From microsoft.com: "Thank you for your interest in Windows Vista. The Customer Preview Program is now closed. We have reached our program capacity and no new orders are being accepted. We apologize for any inconvenience."

    It looks like a limited number of beta testers for the beta and for the RC, not "everyone."

  12. Freeware? on Windows Vista RC1 Complete · · Score: 2, Insightful

    This 'nearly complete' version of the operating system is already available to beta testers, and will be available to everyone else soon.

    They're making a release candidate available to everyone, or was this just the submitter being imprecise?

  13. Re:compare to land on ISPs Fight Against Encrypted BitTorrent Downloads · · Score: 2, Insightful

    They sell 50 people the right to use a lawnmower for $25 each (pocketing a nice $250 profit)... The business model that was going to work doesn't work any more. Because every day people are using 7 lawnmowers all day. The ISP is now paying $60 per day over what they thought they would pay. The rules have changed.

    You're forgetting one thing. The government bought the company the lawnmowers in the first place with people's tax dollars, after the company promised to supply enough lawn mowers for everyone, which they failed to do and pocketed the cash. The US government paid hundreds of billions of dollars in subsidies to ISPs who promised reliable, cheap, high-speed access to the home, just like they have in Europe and Asia.

  14. Re:well, it only makes sense on ISPs Fight Against Encrypted BitTorrent Downloads · · Score: 1

    To put this another way, if everyone saturated their pipe, they would have to charge upwards of 10x for your cable or DSL connection as they currently do.

    In a classic "supply and demand" economy this would be true. Internet access in the US, however, is nowhere near that model. Most providers have a local monopoly are one of only two companies offering service in that locality, both of whom are bundling their service with another service (phone or cable TV). Because of this, internet access is not sold based upon how much it costs the ISP + a small margin, but based upon how much a customer is willing to pay. This is demonstrated by comparing the relatively huge margins on internet access charged by US ISPs relative to the margins charged in Europe and Asia.

    Most of the major companies own a lot of dark fiber that would cost them very little to activate. Most of them bought this fiber from the US government who paid hundreds of billions of dollars to put it in and then charged the telecom companies pennies on the dollar.

    So here's the deal. we need to either equally subsidize other telecom companies to lay the same fiber including allowing access to the last mile that the law generally restricts right now, so we can have competition and the classic supply and demand, or we need to regulate the prices and other behaviors of the existing telecoms we've given so much in tax dollars in exchange for their gouging us.

    Other countries with the same population densities have paid a tiny fraction per citizen to subsidize high speed internet and they now have faster, cheaper, more reliable access than we do and their ISPs are prevented by law from shirking their duty as common carriers to carry all data equally. We've been screwed yet again by corporate interests and our "oh so bribable" government officials. Please wake up and take notice before the US slides any further behind the rest of the world.

  15. Re:Illegal? on ISPs Fight Against Encrypted BitTorrent Downloads · · Score: 1

    Data plotting (i think thats the right term) would be a legal process, I can see that, but it doesnt seem too reliable, with a few exceptions. How many people use the suggested settings of using alternative ports?

    I'm looking at a class A block right now, administered by a major ISP. The 5th largest chunk of network traffic is over port 6881 (bittorrent). Some ISPs can see that throttling that traffic will save them money, while most users won't be aware that it is running slower for that reason.

    Quite a few of the clients also have "random port", while difficult to setup properly through NAT/Firewalls, still feasible with a public IP.

    For those using alternative ports, you can still scan for the ephemeral port mapping from the control channel to the transfer channel between hosts. All of this works without doing any inspection within the packet, just by grabbing administrative information auto-generated by most routers.

    Either way, it sounds like a violation of privacy acts/laws/rights as it could potentially gain access to parts of the file which determine if its a BT packet or not. Isnt that illegal?

    If it's illegal that law is being violated by every tier 1 ISP on the planet.

    The product in question goes a step further and does layer 7, "deep packet inspection" a function that is hard to deploy on a large scale right now, simply because of the amount of processing involved and that it has to be deployed inline, adding a point of failure to a connection. It does not decrypt encrypted packets and look at the contents (it will unencrypted traffic), but it does look at packet characteristics and header info. Some products like this can save an entire encrypted session of packets, for later decryption and analysis. This last behavior is the only one I know of that requires a warrant, or is protected in any way.

  16. Re:Illegal? on ISPs Fight Against Encrypted BitTorrent Downloads · · Score: 4, Insightful

    Isnt it illegal to read any part of encrypted data accross the internet?

    Probably not, but they aren't "reading" data in any case. They're just looking at the encrypted streams and figuring out, based upon the way the traffic flows, the ports, etc. that it is bittorrent traffic. Of course engineers can just make bittorrent traffic mimic other, legitimate traffic more closely to make it impossible to distinguish between them.

    Ever notice that whole lot of crap runs on port 80 these days? The reason is that ISPs and maintainers of firewalls have turned off the rest of the internet under the assumption that it will stop the traffic they don't like. Really it just squished everything into one place and made it harder to properly administer.

  17. Re:Question from a Mac user on Redmond Yawning at Apple-Google Alliance? · · Score: 1

    If Apple and Google are so tight, where the hell is that Mac-compatible Google Talk voice chat client we were promised a year ago?

    Apple and Google could work together more closely, but what is their major strength is that both work with open standards quite a bit (although not quite enough to satisfy me). For example, OS X ships with ichat that supports Jabber and several open standard voice and video protocols. OS X server ships with a Jabber server. Google uses Jabber for their talk protocol. I use iChat to chat via my GTalk account.

    Is this collaboration, or simply incidental because they both went with open standards? I suspect mostly the latter. I'd like them to work more closely, but more than that, I'd like them to both be fanatical about adhering to open standards so they don't have to collaborate.

  18. Re:why use isp's email? on Comcast Blocks Yet Another ISPs E-Mail · · Score: 1

    Filtering is one reason I like using my isp's email...

    All the advantages you list are pretty easy to do with free tools if you're running your own server, and even if you're not a client-side bayesian filter, such as is built into many modern mail clients, provides the same functionality. I get maybe one spam every two weeks that is not filtered, and I just click the "junk" button and it goes away. I've never had a false positive.

  19. Re:I think I may have identified your problem... on Comcast Blocks Yet Another ISPs E-Mail · · Score: 2, Insightful

    I generally use my ISP provided email as my "junk" address when I need to give an email but don't want to or don't trust who I am giving it to to keep it secret. Best of both world...

    ...better, but not the best. I create a series of temporary e-mail addresses I hand out to untrusted parties. something like "spam343forusername@domain.net" and send all messages with that format to a bulk mail folder. Then, if I start to receive spam from any given one of them, I can not only delete that alias and stop the spam entirely, but know which company handed out my e-mail address to spammers (by referencing the number with the confirmation e-mail, usually the first mail that account gets). It is simple and works like a charm. Even if you don't have a domain a number of providers have started offering this feature as well.

  20. Re:I think I may have identified your problem... on Comcast Blocks Yet Another ISPs E-Mail · · Score: 4, Informative

    "I've NEVER used an email address I've had with an ISP, and would not reccomend it to anyone." And your reasoning behind this is??

    I can't speak for the previous poster, but I can provide you with my reason for doing the same. An ISP provides internet access. If they bundle a mail service and I become dependent upon it, I have just given myself a vendor lock-in that makes it harder for me to move to a better internet provider should one come along. Since e-mail services are dirt cheap and/or free, it makes sense to decouple the two. I've had the same e-mail address for a good 7 years now, ever since I bought a domain. I've redirected it, forwarded it, and hosted my own mail server at various times. Because I'm able to keep the same address, moving to different ISPs in different parts of the country, or even in different countries is a lot easier and I still have all my mail going back 7 years when I need to look something up. It also means, if the ISP is being dumb and uses excessive filtering or places crazy restrictions on it, I don't have to worry, even if they are the only ISP I can access in a given geographic location.

  21. Re:I think I may have identified your problem... on Comcast Blocks Yet Another ISPs E-Mail · · Score: 1

    'WOW=WideOpenWest' should have been apparent from context.

    Okay, I had to go to google for this one. They only serve metropolitan areas of 5 of the 50 states of the USA. I live in a metro area of one of those five states, for a company that sells to almost every tier 1 and tier 2 ISP in the world, and I'd never heard of them either.

  22. Re:Boo on Indian State Encourages Microsoft Removal · · Score: 1

    And exactly why is being a communist bad?

    Communism isn't "bad." Communism fails when the communist cell size becomes too large because the centralized decision making is subject to the decay of information as it moves upward through layers of authority and because it is more and more subject to abuse by authoritarian elements. These people may have communist leanings, but they are operating in a capitalist economy with socialist elements, with respect to this decision.

    Aside from that it is not a good idea to ban any product. This will just lead faster to more idiots.

    For the coke and Pepsi examples cited here, they were banned automatically, like any other food that does not meet the government standards for not being poison. It is really just a matter of labeling. As for MS products, they were not banned. It was suggested that the socialized education system stop using them, because they are defective as a long term solution.

    About being anti-western, in my point of view being anti-western is actually a good thing...

    Being prejudiced about anything is not a good idea. Products should be evaluated to see what brings the most benefit for the cost. In this instance, the government was simply pointing out certain costs associated with breaking the capitalist model with a monopoly and suggesting to the schools that they avoid those products to avoid the hidden cost to Indian society.

  23. Re:Merely deleting is not enough... on New Web Browser Leaves No Footprints · · Score: 1

    References? And with dates, please.

    I read something by John Cross in 2003 or 2004 I think, but Google did not turn it up right away.

    It almost certainly takes more work than obtaining the information by alternative means...

    In most cases this is true, but I'm not ready to discount MFM or whatever as being a possible threat. I don't have any proof that it has been productized or even that it works if it has, but I doubt many people outside the community would know if it had been.

    That's pure psyops, designed to make an enemy think that the USA has better abilities for recovering overwritten data than is really the case.

    Or your comments are psyops trying to make people believe the USA has lesser capabilities :)

    Since we're dealing with hysteresis loops, three passes such as 1 - 0 - 1 will ensure that every bit has done both changes. But we're also going so far into saturation that there's no way of knowing which side of the loop we arrived from. And it's definitely more expedient to do a single overwrite over the whole disk, then another and another than to do multiple overwrites on each bit in turn -- the first way is more secure against interruptions.

    Truthfully, I don't have any problem doing multiple, random overwrites. Why not take a cautious approach when the solution is so easy?

    Nice, subtle Mac advert :)

    Thanks, but several Linux distros and OpenBSD do this as well. It was really more of a Windows anti-advert.

  24. Faulty Analysis on Can Anyone Beat WoW? · · Score: 2, Interesting

    All of these factors point towards one conclusion: World of Warcraft's success, admirable as it may be, will be extremely difficult to duplicate.

    In five years does anyone doubt that most people will be playing a game with better graphics than WoW, even if it is WoW II? The social component of MMORPGs makes it more likely, not less that gamers will flock to one particular game among the offerings they have. The question then becomes, how do I make my offering the next king kong of MMORPGs?

    Gameplay is one key. It has to be fun and it has to be addictive in order to build and maintain sufficient body count. Accessibility is another key. It needs to run on Macs and PCs and ideally on Linux. You can't afford to exclude 5% of the market, because that 5% will contain some of the hub people that will draw in others. If 1 person can't play a game, 20 might stay on a game their friend can play too. Those 20, make up some of the mass needed to be a blockbuster. The barrier to entry cannot be too high. Initial cost cannot lockout the bottom half of the market, and it has to run on the average machine, not just top of the line. A free trial is a big plus as it gives people a free way to get hooked, just like crack.

    Aside from graphics, and more refined gameplay, there are a lot of things a new MMORPG can bring to the table. One is more diversity and another is standardization. This may seem contradictory, but hear me out. If a company puts out a game that works with open standard modules, then multiple companies can create and sell those modules for it. Buy access to different fantasy settings, cyberpunk, world war 2, etc. This allows for the maximum diversity of gameplay with the minimum barrier to entry. Since it would almost certainly rely upon one or more standard gaming engines, it would also remove a lot of the work that goes into building one from scratch.

    I've advocated this as an open source project, but have not heard many people enthusiastic about it. It is, however, a perfect fit for the OSS business model since content and the service are not tied to the code and are what people are willing to pay for. I think if someone creates the Apache of MMORPG engines, they will be a rich person with a huge reputation that will allow them to cherry pick work from then on.

    Open Source or not, however, a single, service or game is almost certain to be a magnet to gamers, like WoW is today. It is part of the nature of the social network, which is a huge component of MMORPGs today.

  25. Re:Merely deleting is not enough... on New Web Browser Leaves No Footprints · · Score: 1

    One overwrite is plenty. If there was any way to recover reliably what used to have been written on magnetic media, then it would have been done by now...

    Computer forensics experts have been able to recreate some data from overwritten files. It is not a big concern, since it takes a lot of work, unless the NSA is coming after you. The DoD standard calls for a number of random overwrites of each bit.

    Quick method for removing sensitive data from an old PC...

    I just select Finder->Secure Empty Trash. Hopefully Vista will have this and pull Windows to the level of functionality the rest of the computing world has had for years.