Exactly -- a split DNS setup is quite easy to implement, and is an elegant solution
There are lots of articles on-line which show how to set this up.
You might want to check http://www.castalie.org/Linux/DNS.html for an example implying BIND as an internal resolver and NSD as an authoritative-only advertiser,
is software to remove DRM from media currently illegal in France?
Actually, the whole purpose of this is to transpose a european directive about what we call "Droits d'auteur et droits voisins" (copyright and associated rights, to make it very short) and the repercussion of IT on those. The original draft was actually about legally prohibiting anybody to mess with code handling DRM (that is, do exactly the same as the US). What is interesting, as the GP noted, is that the whole global licence ("legal P2P") debate, although it is now close (there will be *no* global licence in France) will probably influence the parliament in favour of less restricting DRM-enforcement. I do share the hopes on the GP on this topic -- we'll see in a few weeks
So no, software to remove DRM is not (as far as I know) currently illegal in France. It could be very soon, though
At least if the P2P laws that's up in France goes through (flat rate per month to be allowed to use P2P legally for all material). So, suddenly all of France is one big loophole. This will be interesting, indeed.
That's not going to happen -- the whole "global license" thing has been rejected last week -- the French government made quite a fool of itself at this occasion (removed this particular part of the proposal although it had been voted in parliament, then introducing it again), but let's say that it won't be the first time, and that they're currently having other problems to solve
> And a "self-signed" cert is useless because a man-in-the-middle could issue his own "self-signed" cert and just replay traffic between the client and your server.
A self-signed cert is not in any way more vulnerable than a commercial cert if you manage your own PKI and give the clients a copy of the root CA's pubkey. Granted, assuming you know *every* potential client out there who might connect to your site is a strong hypotethis, and is not the common case. But there are situations in which a self-signed certificate or a privately-run root CA make perfect sense.
Of course there's more to security than buffer overflows : OS and arch diversity is a very important part of it -- for example wait until we see some universalf "FAT binary" style virii than runs under Linux, Windows, or OSX, all running on IA32 or the 64 bit prevalent equivalent -- now *that* will be fun : no more discussions on slashdot about the best OS out there anymore;-)
> Um.. have you been following the news lately? As we speak (or read), there are anti-french riots in the Ivory Coast because France is still acting like an Imperial power in Africa. The French are actually engaged in a shooting war with Ivory Coast nationalists who want the French to stop interfering in their country's internal affairs. Throughout its "former" colonies in Africa, France does not hesitate to intervene and play kingmaker.
French leaders always have had *very* good friends leading former french colonial countries... this is called Francafrique, and is widely known and denounced, even in France.
> How about Corsica and the resistance to French colonialism there? The Corsican resistance periodically explodes bombs to try to drive the French out. (I don't condone bombing, but it makes the point that the French are not universally loved). There also has been scattered anti-french violence in other French colonies like New Caldonia. And Algerian islamists (also victims of French imperialism) such as GIA try to strike french targets when they get the chance.
funny how sometimes "terrorists" suddenly become "resistants"... Let's make a little test :
Actually, Europeans already have some spy satellites : Russia for sure, with Hires and Medres, and the bad French also, with Helios.
That was even a reason for some of them not to believe Powell's statements at the time -- they also had satellite pictures of the region, but those didn't show the same thing...
Insightful ????
> take their American flag off of the politics topic > banner and replace it with a flower or something
Why take the American flag off ? Are americans unable to behave peacefully ? Do you want to imply that non-"pro-war" citizens are not Americans, or don't deserve the US flag ? Because war is sooo cool and flower-power is soooo lame ?
I don't know any of your soldiers, but what are *they* saying ? You know, the people that *actually* fight... what are they thinking about this ?
Thursday, October 28, 2004 Nintendo apologizes to Suicide Girls! Nintendo sent the email below to the good people at Suicide Girls. Background here and here.
Hello,
We would like to apologize to you and to those who frequent the suicidegirls.com website for inadvertently contacting you about a fan posting on the website.
We know that many of our fans are old enough to make their own choice about what they want to view on the Internet. We value the support of our fans and we respect their decisions. The letter was sent as part of an ongoing Nintendo program to aggressively protect our younger consumers from the hundreds of sexually-explicit sites each year that use Nintendo properties to attract children. We are proud of our efforts in this area. Unfortunately, the site posting identified in our letter was targeted by mistake.
As a gesture of goodwill, we would like to offer you (and RuneLateralus) a free Nintendo video game system and game of your choice. (...)
In addition, we would appreciate it if you could provide us with contact information for RuneLateralus, or have him contact us directly, so that we may apologize to him. We would be glad to send him a game and system of his choice through you as well, since we do not have his contact information.
Sincerely,
Christie Hamilton
Nintendo of America Inc.
Consumer Service Department
I find the repartition of the votes very interesting -- grossly, the difference between pro-Bush vs pro-Kerry votes shrinks as the voters get older...
You can see in Kindergarten a clear majority for Bush, 70%/30%, and it goes down to 50/40 in 11th grade.
I would tend to think that the more people become aware of life as it is, as they grow up to become adults, the more they are capable to *think* the world they're living in, the less they are inclined to vote for Bush...
You may be right ; after all, I haven't even *touched* a Windows machine for a couple of years, and it was running Windows 95 -- I know Windows has a different (NT) arch since 2000 Pro, but knowing and understanding are different things...
Of course, this all thing has *nothing* to do with the recent advices to switch to a different browser for security reasons published on CERT http://www.kb.cert.org/vuls/id/713878.
Couldn't this be Microsoft's answer ? "Just find anything we can communicate about -- and if our product is bad, our concurrents are even worse"... to me, it seems like yes, The Browser Wars are back
I agree that this is not a correct behaviour for any app to crash due to bad input, but at least Mozilla et al. are *apps*, not part of the system ! If Mozilla crashes, I just relaunch it, while IE crashing might bring the entire system down.
I think we should keep this in mind ; an app not properly handling error condition is not the only serious security problem around.
Slashdot Mirror
Exactly -- a split DNS setup is quite easy to implement, and is an elegant solution
There are lots of articles on-line which show how to set this up.You might want to check http://www.castalie.org/Linux/DNS.html for an example implying BIND as an internal resolver and NSD as an authoritative-only advertiser,
Actually, the whole purpose of this is to transpose a european directive about what we call "Droits d'auteur et droits voisins" (copyright and associated rights, to make it very short) and the repercussion of IT on those. The original draft was actually about legally prohibiting anybody to mess with code handling DRM (that is, do exactly the same as the US). What is interesting, as the GP noted, is that the whole global licence ("legal P2P") debate, although it is now close (there will be *no* global licence in France) will probably influence the parliament in favour of less restricting DRM-enforcement. I do share the hopes on the GP on this topic -- we'll see in a few weeks
So no, software to remove DRM is not (as far as I know) currently illegal in France. It could be very soon, though
That's not going to happen -- the whole "global license" thing has been rejected last week -- the French government made quite a fool of itself at this occasion (removed this particular part of the proposal although it had been voted in parliament, then introducing it again), but let's say that it won't be the first time, and that they're currently having other problems to solve
> And a "self-signed" cert is useless because a man-in-the-middle could issue his own "self-signed" cert and just replay traffic between the client and your server.
A self-signed cert is not in any way more vulnerable than a commercial cert if you manage your own PKI and give the clients a copy of the root CA's pubkey. Granted, assuming you know *every* potential client out there who might connect to your site is a strong hypotethis, and is not the common case. But there are situations in which a self-signed certificate or a privately-run root CA make perfect sense.
You might want to check http://www.castalie.org/security/PKI.html for a quick primer on certificates and PKIs
SimonOf course it should. You might want to check this URL for a quick primer on an Internet PKIs and certificates: http://www.castalie.org/security/PKI.html
Of course there's more to security than buffer overflows : OS and arch diversity is a very important part of it -- for example wait until we see some universalf "FAT binary" style virii than runs under Linux, Windows, or OSX, all running on IA32 or the 64 bit prevalent equivalent -- now *that* will be fun : no more discussions on slashdot about the best OS out there anymore ;-)
> Um.. have you been following the news lately? As we speak (or read), there are anti-french riots in the Ivory Coast because France is still acting like an Imperial power in Africa. The French are actually engaged in a shooting war with Ivory Coast nationalists who want the French to stop interfering in their country's internal affairs. Throughout its "former" colonies in Africa, France does not hesitate to intervene and play kingmaker.
French leaders always have had *very* good friends leading former french colonial countries... this is called Francafrique, and is widely known and denounced, even in France.
> How about Corsica and the resistance to French colonialism there? The Corsican resistance periodically explodes bombs to try to drive the French out. (I don't condone bombing, but it makes the point that the French are not universally loved). There also has been scattered anti-french violence in other French colonies like New Caldonia. And Algerian islamists (also victims of French imperialism) such as GIA try to strike french targets when they get the chance.
funny how sometimes "terrorists" suddenly become "resistants"... Let's make a little test :
- Ossama Bin Laden ?
- Palestinians ?
- Tchetchenians ?
- <insert other >
what was this word again... Objectivity ?Actually, Europeans already have some spy satellites : Russia for sure, with Hires and Medres, and the bad French also, with Helios.
That was even a reason for some of them not to believe Powell's statements at the time -- they also had satellite pictures of the region, but those didn't show the same thing...
Insightful ???? > take their American flag off of the politics topic > banner and replace it with a flower or something Why take the American flag off ? Are americans unable to behave peacefully ? Do you want to imply that non-"pro-war" citizens are not Americans, or don't deserve the US flag ? Because war is sooo cool and flower-power is soooo lame ? I don't know any of your soldiers, but what are *they* saying ? You know, the people that *actually* fight... what are they thinking about this ?
Thursday, October 28, 2004
Nintendo apologizes to Suicide Girls!
Nintendo sent the email below to the good people at Suicide Girls. Background here and here.
Hello,
We would like to apologize to you and to those who frequent the suicidegirls.com website for inadvertently contacting you about a fan posting on the website.
We know that many of our fans are old enough to make their own choice about what they want to view on the Internet. We value the support of our fans and we respect their decisions. The letter was sent as part of an ongoing Nintendo program to aggressively protect our younger consumers from the hundreds of sexually-explicit sites each year that use Nintendo properties to attract children. We are proud of our efforts in this area. Unfortunately, the site posting identified in our letter was targeted by mistake.
As a gesture of goodwill, we would like to offer you (and RuneLateralus) a free Nintendo video game system and game of your choice. (...)
In addition, we would appreciate it if you could provide us with contact information for RuneLateralus, or have him contact us directly, so that we may apologize to him. We would be glad to send him a game and system of his choice through you as well, since we do not have his contact information.
Sincerely,
Christie Hamilton
Nintendo of America Inc.
Consumer Service Department
I find the repartition of the votes very interesting -- grossly, the difference between pro-Bush vs pro-Kerry votes shrinks as the voters get older... You can see in Kindergarten a clear majority for Bush, 70%/30%, and it goes down to 50/40 in 11th grade.
I would tend to think that the more people become aware of life as it is, as they grow up to become adults, the more they are capable to *think* the world they're living in, the less they are inclined to vote for Bush...
You may be right ; after all, I haven't even *touched* a Windows machine for a couple of years, and it was running Windows 95 -- I know Windows has a different (NT) arch since 2000 Pro, but knowing and understanding are different things...
I guess I'll be wiser tonight ;-)
Of course, this all thing has *nothing* to do with the recent advices to switch to a different browser for security reasons published on CERT http://www.kb.cert.org/vuls/id/713878.
Couldn't this be Microsoft's answer ? "Just find anything we can communicate about -- and if our product is bad, our concurrents are even worse"... to me, it seems like yes, The Browser Wars are back
I agree that this is not a correct behaviour for any app to crash due to bad input, but at least Mozilla et al. are *apps*, not part of the system ! If Mozilla crashes, I just relaunch it, while IE crashing might bring the entire system down.
I think we should keep this in mind ; an app not properly handling error condition is not the only serious security problem around.