Well, I can't access the Phoenix forums, but I suspect that what's happening is that it tries to launch a window, then attempts to perform some kind of action on that window. If it gets a true value back, it's happy. If not, it complains.
Ok, so lets just go ahead and switch Mozilla's Javascript handling to return a handle to a non-existant window when one's requested, and return true values for all JS actions performed on that window.
ASU has a much better idea. They have all the filesharing ports (1214, anyone?) throttled between 7AM and 12AM on school days so you can only get about 0.2kb/s per connection. That way, the students can get their work done with adequate bandwidth during the week, and then the holds are off for full-speed downloading after midnight.
I kinda have to wonder if some brilliant tech came up with this to appease the administration by showing him that he made it too slow for anyone to practically download, while leaving himself a loophole to download to his heart's content when he got back to his dorm:)
Alan Ralsky, when I am king, you shall be first against the wall. Preferably to be force-fed SPAM wrapped in printed spam for the rest of your miserable existance.
Just when I thought humanity couldn't get any lower. Guess that shows me to expect decency from people. Silly me.
I say we just offload all the extremists and morons onto Mars. We'll call it the "Get Off Of Our Planet" (GOOOP) project. That should help the longevity of the human race, although I can't speak for the "Mars colonists".:D
I'm not making a call to arms for someone to do this. I'm pointing out a potential hole in their model.
You must be one of those "security through obscurity" people. Discussing the presence of a hole and actually exploiting it for more black-hatted purposes are two totally different and separate things. If I'm a terrorist for acknowledging the presence of a hole, then so be it. However, I think it more likely that you've just got your head up your butt.
It's Microsoft's fault this hole exists, not mine. If they didn't want people talking about it, they should have coded against it. I have no desire for the Live network to be destroyed, but I do see a way that it could be done. That is -very- sloppy of Microsoft.
I suppose that you're evil if you publish an abstract theoretical exploit of any buggy network or piece of software, too. Damn hackers - they're all alike, always trying to destroy other people's hard work. We should just lock them all up, right?
What's braindead is Microsoft banning a serial number *forever*. That's unnecessary and that's what will possibly deprive someone else down the line with the identical numbers.
Especially in the event that an XBox is sold as used hardware and then is purchased by another end-user, only to find that they can't play online because one of its previous owners modded it at some point in the past.
Why even do a lifetime ban? Why not just deny access to the network if a box is modded, and then allow access once the modchip is switched off?
MS is pissed that their highly-protected hardware has been messed with. I'm not trying to be a MS-basher here, but that's the only logical conclusion I can come up with. They want to stick it to you if you've messed with their hardware. It's not an easily hackable system, and they designed it that way. I can imagine they're not happy about people finding a way around their roadblocks.
Very good point. Still, is it the most effective solution to ban people just because they have the ability to cheat? Whatever happened to banning actual cheaters?
All they're going to do with this is alienate their geekier audience.
I'm no expert, but I'm fairly certain that MACs aren't expected to be unique. On my school's campus, you have to register your MAC with a central DB to get network access, and there has been more than one MAC address collision with just the few hundred machines I've set up.
You'll still cause ripples, and at least for a few hours, you could cause massive network disruption.
Also, since you don't need any reply back (I assume), what's to stop you from forging your IP address?
Even if they were to nullify all bannings in a certain time period, all you have to do is leave it running, initiating a ban every few hours. They'll be so spread out that they can't be effectively isolated.
Heck, if you really wanted to screw MS over, it is probably possible to write a little piece of software that will run on the box, set the MAC and serial to initial values, connect, and then be banned. Increment serial and MAC and repeat. Leave running for a day or two.
Pretty soon, EVERYONE would be banned. There's an ugly situation.
Cheating against others is never moral, but I have a feeling that Microsoft isn't doing this so much to protect their users as they are to try to stick it to those who dared mess with their product. They put a lot of effort into making the XBox fairly hard to hack, and now that it's been done, I don't find it suprising that they're banning them.
Is it immoral to play online with an XBox that you've modded so that you can run homebrew software, or install Linux? I would hope not. Modding does not necessarily equal cheating.
Precisely. One of the biggest things that bugs me about HP is that Potter, in two stories, has YET to show any kind of anything that makes him anywhere near heroic. He just has curiosity and some belief that he is above rules and knows better than everyone else. Along with a nice bit of dumb luck, he manages to stumble through these mysteries without barely a scratch.
Well, that, and the blatant overuse of deus ex machina. I swear, you'd think that Rowling invented that particular plot device from the extent that she uses it.
(Note: I'm not going to claim that LOTR was D.E.M-free, but at least Tolkien didn't have his precious money-making characters saved from certain death by impossible out-of-left-field events every other scene.)
I was impressed with the effects - ILM did a top-notch job on it. I wasn't suprised that ILM was in the credits, although it took me a bit off guard because they didn't do the first movie.
Throughout the books, Legolas and Gimli become the best of friends. You can start to see the respect they're beginning to foster for each other throughout the movie. You have to establish their mutual disdain for each other before the fact that they begin to form a bond becomes powerful.
Don't worry. Just take your Ritalin and go back to watching TV.
LOTR is a book - an involved, deep, full book. It's not going to give you a scene change every 2.5 seconds. I read LOTR as a 5th grader, and I managed to be fascinated by it. The book itself is not boring. However, your attention span may be a sleight bit too short for it. It's not a shrink-wrapped, feed-to-you-in-nice-bitesize-pieces cookie-cutter story.
Go read Les Miserables sometime, and then tell me that LOTR is boring:)
Except for the fact that the wizards in LOTR are, for all intents and purposes, demigods of sorts.
Let's see Potter fall down a bottomless shaft wrestling with an ancient fire demon and emerge with his laundry cleaner.:)
Gandalf is orders of magnitude more powerful than Potter - he is just more judicious about the use of his power.
That said, I enjoyed Chamber, but it's no classic. The story's entertaining, and the film is well-done, but neither is going to be remembered as the classic LOTR is. The plot devices in Chamber were a bit...formulaic. It's a good story, but it's not outstanding. I may rent it once or twice, but I won't be buying it.
It's quite trivial to write a script that will take a remote image, and to the enduser, have it appear to come from a local box (local being the box the page is requested from, not the user's box). The end result is circumvention of any IP'based restrictions. It's laughably easy to do (maybe 10 lines in PHP), and, I imagine, could become quite prevalent if IP restrctions were to be enacted.
What about shared (virtual) account hosts? Say they have a policy of allowing adult material, but they don't exclusively host adult material. In fact, let's assume that for the sake of argument that only 10% of their material is adult material, and the rest is "kid safe" or whatever you want to deem it. If this company has a machine that is hosting 10% adult material and 90% kid safe material, should they be delegated into the adult-only zone (while will undoubtedly be blacklisted by a hoarde of filtering software)?
While that does seem like a good idea, it could get a bit tricky when it comes to multiple sites on a single machine. Also, it might lead to a rise of adult sites putting their material on one of their adult-IP'd boxes, then creating a page that links to images on that box, and putting that page on a non-adult box. The end result would be that they've escaped the "adult IP" blacklist. In the event they're nailed on it, they might conceivably argue that they are hosting no non-adult material on the non-adult server - just linking to it. That could bring about a big whole mess over the legality of links and such. Not pretty.
I live in Scottdale, AZ. There is a city ordinance preventing billboards within city limits. It's nice, actually. However, once you stray into Phoenix or Tempe, they are all over.
I imagine the original poster lives in an area where they've been legislated away.
Both measures are good steps towards repealing the DMCA, or at least nullifying its more damning effects.
Seriously, can you tell me that you'd rather have one law and no rights than two laws and some rights?
I'll take the rights, thanks. Don't make me a criminal for ripping your CD to my computer so I can listen to it without having to swap physical CDs in and out.
Perhaps deep down they know this, but they aren't consciously aware of it like geeks are. The mentality they approach a chatroom with is "I type, and once it scrolls off the screen, it's gone forever" whereas with a webform, they KNOW it's going into some database somewhere. The perceived threat is much lower in a chatroom, although the actual threat may be as high or higher than a webform.
Also, people tend to be a lot more paranoid about protecting their SSN, mailing address, etc than they are about their email. An email is a fairly disposable thing, and there is little threat perceived with it being public knowledge. A SSN or brick-and-mortar address is quite another thing.
Slashdot Mirror
Well, I can't access the Phoenix forums, but I suspect that what's happening is that it tries to launch a window, then attempts to perform some kind of action on that window. If it gets a true value back, it's happy. If not, it complains.
Ok, so lets just go ahead and switch Mozilla's Javascript handling to return a handle to a non-existant window when one's requested, and return true values for all JS actions performed on that window.
Bah. Fools.
ASU has a much better idea. They have all the filesharing ports (1214, anyone?) throttled between 7AM and 12AM on school days so you can only get about 0.2kb/s per connection. That way, the students can get their work done with adequate bandwidth during the week, and then the holds are off for full-speed downloading after midnight.
:)
I kinda have to wonder if some brilliant tech came up with this to appease the administration by showing him that he made it too slow for anyone to practically download, while leaving himself a loophole to download to his heart's content when he got back to his dorm
Indeed.
Alan Ralsky, when I am king, you shall be first against the wall. Preferably to be force-fed SPAM wrapped in printed spam for the rest of your miserable existance.
Just when I thought humanity couldn't get any lower. Guess that shows me to expect decency from people. Silly me.
I say we just offload all the extremists and morons onto Mars. We'll call it the "Get Off Of Our Planet" (GOOOP) project. That should help the longevity of the human race, although I can't speak for the "Mars colonists". :D
I'm not making a call to arms for someone to do this. I'm pointing out a potential hole in their model.
You must be one of those "security through obscurity" people. Discussing the presence of a hole and actually exploiting it for more black-hatted purposes are two totally different and separate things. If I'm a terrorist for acknowledging the presence of a hole, then so be it. However, I think it more likely that you've just got your head up your butt.
It's Microsoft's fault this hole exists, not mine. If they didn't want people talking about it, they should have coded against it. I have no desire for the Live network to be destroyed, but I do see a way that it could be done. That is -very- sloppy of Microsoft.
I suppose that you're evil if you publish an abstract theoretical exploit of any buggy network or piece of software, too. Damn hackers - they're all alike, always trying to destroy other people's hard work. We should just lock them all up, right?
Please.
What's braindead is Microsoft banning a serial number *forever*. That's unnecessary and that's what will possibly deprive someone else down the line with the identical numbers.
Especially in the event that an XBox is sold as used hardware and then is purchased by another end-user, only to find that they can't play online because one of its previous owners modded it at some point in the past.
Why even do a lifetime ban? Why not just deny access to the network if a box is modded, and then allow access once the modchip is switched off?
MS is pissed that their highly-protected hardware has been messed with. I'm not trying to be a MS-basher here, but that's the only logical conclusion I can come up with. They want to stick it to you if you've messed with their hardware. It's not an easily hackable system, and they designed it that way. I can imagine they're not happy about people finding a way around their roadblocks.
Offtopic, but I find it somewhat disturbing that my original comment has been modded "Informative". Like I gave someone an idea or something.
:P
I would have much preferred "Insightful"
Very good point. Still, is it the most effective solution to ban people just because they have the ability to cheat? Whatever happened to banning actual cheaters?
All they're going to do with this is alienate their geekier audience.
I'm no expert, but I'm fairly certain that MACs aren't expected to be unique. On my school's campus, you have to register your MAC with a central DB to get network access, and there has been more than one MAC address collision with just the few hundred machines I've set up.
Anyone have more insight into this?
You'll still cause ripples, and at least for a few hours, you could cause massive network disruption.
Also, since you don't need any reply back (I assume), what's to stop you from forging your IP address?
Even if they were to nullify all bannings in a certain time period, all you have to do is leave it running, initiating a ban every few hours. They'll be so spread out that they can't be effectively isolated.
Heck, if you really wanted to screw MS over, it is probably possible to write a little piece of software that will run on the box, set the MAC and serial to initial values, connect, and then be banned. Increment serial and MAC and repeat. Leave running for a day or two.
Pretty soon, EVERYONE would be banned. There's an ugly situation.
Somehow, I hardly imagine that they're reached MAC address saturation by now. There are more that 4 possible MAC addresses for one to use :)
Cheating against others is never moral, but I have a feeling that Microsoft isn't doing this so much to protect their users as they are to try to stick it to those who dared mess with their product. They put a lot of effort into making the XBox fairly hard to hack, and now that it's been done, I don't find it suprising that they're banning them.
Is it immoral to play online with an XBox that you've modded so that you can run homebrew software, or install Linux? I would hope not. Modding does not necessarily equal cheating.
Yes. Dreamcast, Soul Calibur.
Looks like I may have to buy a Cube. Metroid Prime, from what I've played of it, is pure crack-in-a-box.
Precisely. One of the biggest things that bugs me about HP is that Potter, in two stories, has YET to show any kind of anything that makes him anywhere near heroic. He just has curiosity and some belief that he is above rules and knows better than everyone else. Along with a nice bit of dumb luck, he manages to stumble through these mysteries without barely a scratch.
Well, that, and the blatant overuse of deus ex machina. I swear, you'd think that Rowling invented that particular plot device from the extent that she uses it.
(Note: I'm not going to claim that LOTR was D.E.M-free, but at least Tolkien didn't have his precious money-making characters saved from certain death by impossible out-of-left-field events every other scene.)
I'll agree. Well done, ILM.
Sure they are! They both use initials and their last names as their pen names! :)
(Actually, I agree with your points. Rowling just isn't epic.)
Throughout the books, Legolas and Gimli become the best of friends. You can start to see the respect they're beginning to foster for each other throughout the movie. You have to establish their mutual disdain for each other before the fact that they begin to form a bond becomes powerful.
Don't worry. Just take your Ritalin and go back to watching TV.
:)
LOTR is a book - an involved, deep, full book. It's not going to give you a scene change every 2.5 seconds. I read LOTR as a 5th grader, and I managed to be fascinated by it. The book itself is not boring. However, your attention span may be a sleight bit too short for it. It's not a shrink-wrapped, feed-to-you-in-nice-bitesize-pieces cookie-cutter story.
Go read Les Miserables sometime, and then tell me that LOTR is boring
Except for the fact that the wizards in LOTR are, for all intents and purposes, demigods of sorts.
:)
Let's see Potter fall down a bottomless shaft wrestling with an ancient fire demon and emerge with his laundry cleaner.
Gandalf is orders of magnitude more powerful than Potter - he is just more judicious about the use of his power.
That said, I enjoyed Chamber, but it's no classic. The story's entertaining, and the film is well-done, but neither is going to be remembered as the classic LOTR is. The plot devices in Chamber were a bit...formulaic. It's a good story, but it's not outstanding. I may rent it once or twice, but I won't be buying it.
Sorry, I was thinking ahead of my mouth.
It's quite trivial to write a script that will take a remote image, and to the enduser, have it appear to come from a local box (local being the box the page is requested from, not the user's box). The end result is circumvention of any IP'based restrictions. It's laughably easy to do (maybe 10 lines in PHP), and, I imagine, could become quite prevalent if IP restrctions were to be enacted.
What about shared (virtual) account hosts? Say they have a policy of allowing adult material, but they don't exclusively host adult material. In fact, let's assume that for the sake of argument that only 10% of their material is adult material, and the rest is "kid safe" or whatever you want to deem it. If this company has a machine that is hosting 10% adult material and 90% kid safe material, should they be delegated into the adult-only zone (while will undoubtedly be blacklisted by a hoarde of filtering software)?
While that does seem like a good idea, it could get a bit tricky when it comes to multiple sites on a single machine. Also, it might lead to a rise of adult sites putting their material on one of their adult-IP'd boxes, then creating a page that links to images on that box, and putting that page on a non-adult box. The end result would be that they've escaped the "adult IP" blacklist. In the event they're nailed on it, they might conceivably argue that they are hosting no non-adult material on the non-adult server - just linking to it. That could bring about a big whole mess over the legality of links and such. Not pretty.
It's a city-by-city thing, I'd guess.
I live in Scottdale, AZ. There is a city ordinance preventing billboards within city limits. It's nice, actually. However, once you stray into Phoenix or Tempe, they are all over.
I imagine the original poster lives in an area where they've been legislated away.
Both measures are good steps towards repealing the DMCA, or at least nullifying its more damning effects.
Seriously, can you tell me that you'd rather have one law and no rights than two laws and some rights?
I'll take the rights, thanks. Don't make me a criminal for ripping your CD to my computer so I can listen to it without having to swap physical CDs in and out.
Go Boucher.
Perhaps deep down they know this, but they aren't consciously aware of it like geeks are. The mentality they approach a chatroom with is "I type, and once it scrolls off the screen, it's gone forever" whereas with a webform, they KNOW it's going into some database somewhere. The perceived threat is much lower in a chatroom, although the actual threat may be as high or higher than a webform.
Also, people tend to be a lot more paranoid about protecting their SSN, mailing address, etc than they are about their email. An email is a fairly disposable thing, and there is little threat perceived with it being public knowledge. A SSN or brick-and-mortar address is quite another thing.