I know a company that had this happen back in the 1990s. It went like this: the BSA asked for a meeting and said company directors needed to be present in case they needed to issue legal documents. Before the meeting, everyone runs around like headless chicken auditing systems, finding license documents, wiping unlicensed software Etc. On the day of the meeting, directors are crapping themselves, but the BSA are all smiles. They say something like "I'm sure you've got some unlicensed software, everyone does, it's normal. But what we want to do is to help people become compliant; not prosecute. So we'd recommend you sign up to this plan for £xxxx per year...". The directors bite their hand off, and BSA go away with some cash in their pocket. It's only later that everyone realises they've been shaken down.
Freenet 0.7 supports both Opennet and Darknet. By contrast, 0.5 only supports opennet.
I think some of the confusion about 0.7 being darknet only may be because early beta version only supported darknet, but Opennet support has been in 0.7 for about a year now, and is certainly in the release version.
Freenet 0.5 apparently has some known issues, which won't ever be fixed.
The Freenet 0.5 community is pretty small now. With freenet you need a large community to give good anonymity. Once the group of users is sufficiently small all sorts of anonymity attacks become possible.
Botnets are the biggest source of spam, so why do ISPs still allow direct outbound SMTP from home connections by default? It wouldn't be too difficult to force all outbound SMTP through the ISP's mailserver by default, but allow direct SMTP connections for those who ask for them. If the mail goes through the ISP's mailserver, it can easily be tagged and the ISP can monitor for suspicious activity.
Is there some reason why this can't be done, or is it just that there's noone to enforce it on the ISPs? If it's a question of enforcement, wouldn't an agreement by some of the big ISPs not to peer with ISPs that are spam sources help matters along?
I'm just waiting for that "your idea won't work because" template now...
As far as network security is concerned, we've been running IPv4 for ages. Many network admins think only in IPv4, and it's the primary protocol that's handled by Firewalls and access lists.
Now along comes this new network protocol, which auto-configures link-level addresses, and is enabled by default on many modern OSes, and you have the potential for a protocol that people end up running on their network without even knowing about it.
To add to this potential problem, the fact that the TCP and UDP transports can run over both v4 and v6 means that network services can (and will) end up running on both. The end result is a potential security problem.
I can remember the time when most networks ran multi-protocol (and IPv4 was generally one of the smaller volume protocols in the mix), but many people can't, and very few people think multi-protocol when it comes to security.
We're often blamed for over-hyping things, and sometimes with justification. However, there is under-hype as well: there are issues out there which are much less secure than people think.
One example is VPNs. Seen by most as improving security, and uncrackable due to strong encryption, but poor config and vendor flaws often make them the easiest way in.
In most juristications, you can be FORCED to hand out the key to your encrypted partitions, but only if the judge sees a reasonable reason suspicition.
Doesn't the rule that you can't be forced to incriminate yourself prevent this? I think that this is part of UK law, and maybe other jurisdictions too.
Having fixed point numbers default to unsigned is not a good idea because, at least with C's unsigned rules, it's easy to end up with a huge number if a negative number is ever generated.
This has bitten me enough times in C that I avoid unsigned unless I'm damn sure that it can never go negative (and even then I check all subtractions real carefully).
Slashdot Mirror
I know a company that had this happen back in the 1990s. It went like this: the BSA asked for a meeting and said company directors needed to be present in case they needed to issue legal documents. Before the meeting, everyone runs around like headless chicken auditing systems, finding license documents, wiping unlicensed software Etc. On the day of the meeting, directors are crapping themselves, but the BSA are all smiles. They say something like "I'm sure you've got some unlicensed software, everyone does, it's normal. But what we want to do is to help people become compliant; not prosecute. So we'd recommend you sign up to this plan for £xxxx per year...". The directors bite their hand off, and BSA go away with some cash in their pocket. It's only later that everyone realises they've been shaken down.
Freenet 0.7 supports both Opennet and Darknet. By contrast, 0.5 only supports opennet. I think some of the confusion about 0.7 being darknet only may be because early beta version only supported darknet, but Opennet support has been in 0.7 for about a year now, and is certainly in the release version. Freenet 0.5 apparently has some known issues, which won't ever be fixed. The Freenet 0.5 community is pretty small now. With freenet you need a large community to give good anonymity. Once the group of users is sufficiently small all sorts of anonymity attacks become possible.
Smashing radios as a protest? Isn't that like slashing the seats at a drive-in movie?
Botnets are the biggest source of spam, so why do ISPs still allow direct outbound SMTP from home connections by default? It wouldn't be too difficult to force all outbound SMTP through the ISP's mailserver by default, but allow direct SMTP connections for those who ask for them. If the mail goes through the ISP's mailserver, it can easily be tagged and the ISP can monitor for suspicious activity.
Is there some reason why this can't be done, or is it just that there's noone to enforce it on the ISPs? If it's a question of enforcement, wouldn't an agreement by some of the big ISPs not to peer with ISPs that are spam sources help matters along?
I'm just waiting for that "your idea won't work because" template now...
Now along comes this new network protocol, which auto-configures link-level addresses, and is enabled by default on many modern OSes, and you have the potential for a protocol that people end up running on their network without even knowing about it.
To add to this potential problem, the fact that the TCP and UDP transports can run over both v4 and v6 means that network services can (and will) end up running on both. The end result is a potential security problem.
I can remember the time when most networks ran multi-protocol (and IPv4 was generally one of the smaller volume protocols in the mix), but many people can't, and very few people think multi-protocol when it comes to security.
Make each finger a drive in a RAID-5 array. Still not enough for you? add in your toes as well.
One example is VPNs. Seen by most as improving security, and uncrackable due to strong encryption, but poor config and vendor flaws often make them the easiest way in.
Some of the things I've seen, even with large financials, are downright scary. This link gives some examples of the problems: http://www.nta-monitor.com/news/vpn-flaws/VPN-Flaw s-Whitepaper.pdf
Doesn't the rule that you can't be forced to incriminate yourself prevent this? I think that this is part of UK law, and maybe other jurisdictions too.
I guess that's the extream end of lossy compression.
You're new here, aren't you?
Having fixed point numbers default to unsigned is not a good idea because, at least with C's unsigned rules, it's easy to end up with a huge number if a negative number is ever generated. This has bitten me enough times in C that I avoid unsigned unless I'm damn sure that it can never go negative (and even then I check all subtractions real carefully).