The militarization of space or son of starwars. A new armsrace and massive budgets to the military industrial complex.
"Approval by the President or his designee shall be required to launch and use United States Government and non-government spacecraft utilizing nuclear power sources with a potential for criticality or above a minimum threshold of radioactivity"
Well, yea, the method fails the logic test. Another poster mentioned a real keypad that scrambles the numbers. With a shield around the keypad then I would assume that shoulder-surfing wouldn't work.
"As mentioned before, the attack are most likely not from China at all. No decent hacker would leave traces from his own machine", suv4x4
It's not as if they had access to the hackers computers. They would use evidence of portscans being run against their own computers.
"A few minutes ago, we received a complaint from theU.S. Department of Commerceabout them being portscanned"
"Attacks on UK government systems using a then unpatched,Microsoft WindowsMeta File (WMF) exploit last Christmas were traced back to China."
"Last June the UK's.. (NISCC) warned that approximately 300 UK Government departments.. have been the subject of such attacks, many reportedly originating in the Far East.
You don't need any special tactile mouse. The same could be achieved using a clickable image map showing a keypad with the numbers in random locations. You get a different map each time you enter the site. So keyloggers wouldn't be of any use.
Yet another case of an ms apologist getting modded up.
"It's not at all impossible that someone star-strucked.. may have accepted some bogus handwaving.. or simply might have been too intimidated to push."
"Mr. Emerson and I discussed a variety of investment structures wherein Microsoft would 'backstop,' or guarantee in some way, BayStar's investment.... Microsoft assured me that it would in some way guarantee BayStar's investment in SCO."
That's an agreement between Larry Goldfarb, managing general partner at BayStar and Richard Emerson, senior VP of corporate development at Microsoft and not some bogus irresponsible star-strucked handwaverer.
I don't know if we've read the same text. The article clearly quotes at least two named sources in the Commerce department. It never mentions Windows or Linux. Yet we have the above and other commments coming out with: It's a fake news item, it must be Linux that got hacked, it wasn't Windows etc. We also have such posts getting modded up as 'interesting', more mod trolling.
"An August e-mail from acting Undersecretary of Commerce Mark Foulon quoted by the Washington Post said.."
Has Foulon ever denied sending the e-mails. Do you have a citation.
"Through established security procedures, BIS discovered a targeted effort to gain access to BIS user accounts," said Commerce Department spokesman Richard Mills. "We have no evidence that BIS data has been lost or compromised."
Has Mills ever denied saying this. Do you have a citation.
"doesn't mean the hacked server wasn't using Windows, but there's also a good chance it was running Linux", xswl0931
It's not a server but hundreds of workstations. What OS do you think they are running on the desktop.
"Hundreds of computers must be replaced to cleanse the agency of malicious code, including rootkits and spyware."
"had identified several successful attempts to attack unattended BIS workstations during the overnight hours."
"The official also confirmed that BIS has limited Internet access to stand-alone workstations that are not connected to the bureau's internal network."
"Propriety software traditionally undergoes a formalized, designed testing process"
You're kidding right, what about that US university booking that wouldn't accept applications from 'overseas' students with addresses in the UK.
Or the Airline Radio system that borked every 2^32 millisecs seconds when a 32 bit buffer cycled round to zero.
"Open source software must rely on after-the-fact testing in the form of "this broke when I tried to do this"."
"Open Source software relies primarily on a black box testing approach."
You've got that the wrong way round, closed source is the blackbox.
While such comments are totally unacceptable, the establishment does seem to be very selective in who they punish. For instance why are the people who made these statments not being locked up. Does political correctness only apply to white anglo-saxon protestants.
"I believe the whole of Britain has become Dar ul-Harb (land of war)," the Syria-born Mohammed said. Therefore, "the kafir (non-believer) has no sanctity for their own life or property," - Omar Bakri Mohammed
"Our department isn't disguising itself as something it isn't, like a trojan is usually defined"
The story goes that a war was fought by the Achaeans against the city of TROY for ten years. They built a Wooden Horse and hid in it until the trojans brought it into the city. Ergo trojan task refers to any Herculaen task.
"Cute little poem, but what relavance has it to my post?"
It's something similar to a quote from, I think, Grace Hopper regarding braking codes in WW2. Now that was a real trojan task. She discovered the first computer bug, a moth caught in a relay.
.. multi layered defense.. network level protections, PC level protections and desk-side support level protections.. annual IT security awareness training.. reimaged immediately.. a special committee.. encrypted.. recieving process where that image is installed
Apart from this trojan task what else does the IT department contribute to your business.
"We have spent millions of dollars of your tax money in the last five years bringing this system online"
Ah, I see.. there's nothing like spending other peoples money. Do you mind telling us the name of this agency as you do seemed to have covered security better than the rest.
'Last night I had the same dream again.
I was walking along a beach littered in small stones.
I carried a basket filled with similar stones.
Every time I found one exactly the same I could put it down.', ???
"Our startup honestly wanted to use OSS products. We do not want to spend time for any OSS bug fixing so our main requirement was -official support for all OSS products-"
Fud #1: Use OSS and you spend all you time fixing bugs. According to this, the Trolltech Qt Open Source Edition is available under the GPL license. And if you subscribe to one of the support groups you won't have to spend all your time hunting down bugs. Also if your company sells any OSS product, you won't have to pay any upstream 'licenses'. Did you factor in licensing costs in your figures for the C# IDE, WinCE and Vxworks?
From the same page: "Trolltech Qt License Pricing One Platform Console Edition, 1420, Desktop Light Edition, 1590, Desktop Edition, 2630"
You didn't state what business your startup is in, but if you are selling down stream solutions use GPL er,, OSS solutions. You did say you rewrote everything to C# so you must have pretty intelligent developers. If you are an end user get a support contract. You know something as I reread your post I get a strong wiff of trolleri.
I've noticed that you haven't addressed any of the points in the previous post by twitter. What do you have to say in relation to the Barkto incident and dead people signing petitions? Else I would suspect you of distraction trolling.
"astroturfing.. Steve Barkto.. DRDOS.. spammed compuserve.. Hiring a firm to fake letters to Congress.. the Apple Switcher.. trick to game Slashdot's moderation system" wrote twitter
I'm going for the record of most rejects posted to Slashdot..
Software supermarket , Sunday October 01, @01:35PM , Rejected slow rendering and google-analytics.com , Monday September 25, @12:30PM , Rejected IE flaw bypasses fully patched systems , Wednesday September 20, @02:57PM , Rejected MS behind discredit campaign says EU commissioner , Wednesday September 20, @02:43PM , Rejected Open Source firm secures M$7.5 In funding . , Sunday September 17, @03:34PM , Rejected restrictions on testing security , Sunday September 17, @02:24PM , Rejected Samsung website hacked.. , Saturday September 09, @04:14PM , Rejected forbes rehashes old fud , Friday September 08, @12:59PM , Rejected Man jailed for speed camera blast , Wednesday September 06, @04:18PM , Rejected politically correct insanity , Friday September 01, @01:09PM , Rejected competitors mimic functionality , Monday August 28, @02:11PM , Rejected non-final core components , Thursday August 17, @07:45PM , Rejected Oracle and no cost Linux , Tuesday August 01, @01:59PM , Rejected attack of the suicide virus , Monday July 31, @04:25PM , Rejected the darker side of open source , Monday July 17, @03:11PM , Rejected Oracle License Agreement , Tuesday July 11, @10:51AM , Rejected switch to Mac for security advises Sophos , Wednesday July 05, @01:54PM , Rejected part time barman IT manager wanted , Thursday June 29, @05:56PM , Rejected a solution to unauthorized apps , Wednesday June 21, @12:29PM , Rejected saint bill , Saturday June 17, @02:17PM , Rejected Third World fuels malware , Wednesday June 14, @12:40PM , Rejected the Microsoft-Sunbelt-Yankee connection , Saturday June 10, @01:48PM , Rejected the blue bridge of death , Saturday May 27, @06:03PM , Rejected when am I going to get a post ? , Tuesday May 23, @05:49PM , Rejected say goodbye to the real Internet , Saturday May 20, @02:45PM , Rejected Hilf benchmarks Linux , Friday March 24, @06:14PM , Rejected I'm going for the record of the most rejected [pstson Slashdot.. Software supermarket, Sunday October 01, @01:35PM , Rejected slow rendering and google-analytics.com , Monday September 25, @12:30PM , Rejected IE flaw bypasses fully patched systems , Wednesday September 20, @02:57PM , Rejected MS behind discredit campaign says EU commissioner , Wednesday September 20, @02:43PM , Rejected Open Source firm secures M$7.5 In funding . , Sunday September 17, @03:34PM , Rejected restrictions on testing security , Sunday September 17, @02:24PM , Rejected Samsung website hacked.. , Saturday September 09, @04:14PM , Rejected forbes rehashes old fud , Friday September 08, @12:59PM , Rejected Man jailed for speed camera blast , Wednesday September 06, @04:18PM , Rejected politically correct insanity , Friday September 01, @01:09PM , Rejected competitors mimic functionality , Monday August 28, @02:11PM , Rejected non-final core components , Thursday August 17, @07:45PM , Rejected Oracle and no cost Linux , Tuesday August 01, @01:59PM , Rejected attack of the suicide virus , Monday July 31, @04:25PM , Rejected the darker side of open source , Monday July 17, @03:11PM , Rejected Oracle License Agreement , Tuesday July 11, @10:51AM , Rejected switch to Mac for security advises Sophos , Wednesday July 05, @01:54PM , Rejected part time barman IT manager wanted , Thursday June 29, @05:56PM , Rejected a solution to unauthorized apps , Wednesday June 21, @12:29PM , Rejected saint bill , Saturday June 17, @02:17PM , Rejected Third World fuels malware , Wednesday June 14, @12:40PM , Rejected the Microsoft-Sunbelt-Yankee connection , Saturday June 10, @01:48PM , Rejected the blue bridge of death , Saturday May 27, @06:03PM , Rejected when am I going to get a post ? , Tuesday May 23, @05:49PM , Rejected say goodbye to the real Internet , Saturday May 20, @02:
"Mr. Emerson [Microsoft's senior vice president of corporate development and strategy] and I discussed a variety of investment structures wherein Microsoft would `backstop,' or guarantee in some way, BayStar's investment....Microsoft assured me that it would in some way guarantee BayStar's investement in SCO."
"Microsoft stopped returning my phone calls and emails, and to the best of my knowledge, Mr. Emerson was fired from Microsoft"
The real solution is an email system with end to end encryption and digital signatures. Basically an email doesn't pop up in your inbox unless it passes these tests. The same with e-commerce sites. You sign up to a provider who allocates you a PGP key which is then published to a number of online directories. Why we don't have such a solution is that the security services won't be able to monitor our online activities.
"I've never had a case of a WGA false positive, and I've only heard of one through the grapevine"
I bet you've never got a virus either.
"it's not 42% of PC's being dubbed non-genuine, it's 42% of all PCs that WGA thinks aren't genuine"
Since people who don't perform updates don't get false positives your point is totally specious. Most people don't get falsely diagnosed with cancer since most people don't get tested.
The real issue is that out of a sample of reported problems WGA wrongly reported 42% as running pirated software. The point is the WGA is faulty.
specious reasoning ; "the spurious inferences from obsolescent notions of causality"
Slashdot Mirror
Why are you posting total nonsence. The attacks were on machines in the UK and no patch was available at the time.
UK.gov repels zero day WMF attack
"The attacks - initiated before Microsoft's patch against the vulnerability was released on January 5"
The militarization of space or son of starwars. A new armsrace and massive budgets to the military industrial complex.
"Approval by the President or his designee shall be required to launch and use United States Government and non-government spacecraft utilizing nuclear power sources with a potential for criticality or above a minimum threshold of radioactivity"
was freedom of action in space
"This is security through obscurity"
Well, yea, the method fails the logic test. Another poster mentioned a real keypad that scrambles the numbers. With a shield around the keypad then I would assume that shoulder-surfing wouldn't work.
"You present your badge and then enter a PIN on a keypad that scrambles the layout after each user."
..
Another good idea I should have patented
"As mentioned before, the attack are most likely not from China at all. No decent hacker would leave traces from his own machine", suv4x4
,Microsoft Windows Meta File (WMF) exploit last Christmas were traced back to China."
.. (NISCC) warned that approximately 300 UK Government departments .. have been the subject of such attacks, many reportedly originating in the Far East.
It's not as if they had access to the hackers computers. They would use evidence of portscans being run against their own computers.
"A few minutes ago, we received a complaint from the U.S. Department of Commerce about them being portscanned"
"Attacks on UK government systems using a then unpatched
"Last June the UK's
How the heck does this get modded up Insightful?
was Re:Not Chinese, Insightful)
"that pretty dumbass comment doesn't take into account that some people are blind", sxpert
..
Ok, It was just a suggestion, the idea probably needs a little more work. How do the visually impared use the VTPlayer when they have to
"a user moves the mouse over a grid of nine blank squares displayed on a computer screen"
"However it would be clearly visible to anyone looking over your shoulder. Even more so that the tradition keyboard password entry."
..
..
Actual pin is 1234
Standard keypad layout
789
456
123
The screen shows
251
369
847
You click on 8473. The next time round it's a different keypad layout.
You don't need any special tactile mouse. The same could be achieved using a clickable image map showing a keypad with the numbers in random locations. You get a different map each time you enter the site. So keyloggers wouldn't be of any use.
that 'special software' is an automatic testing application, probably developed internally and woefully incomplete.
What platform did they develop this 'special software' and why don't they rewrite Vista in it. What errors would you get if you ran it on itself.
Yet another case of an ms apologist getting modded up.
.. may have accepted some bogus handwaving .. or simply might have been too intimidated to push."
"It's not at all impossible that someone star-strucked
"Mr. Emerson and I discussed a variety of investment structures wherein Microsoft would 'backstop,' or guarantee in some way, BayStar's investment.... Microsoft assured me that it would in some way guarantee BayStar's investment in SCO."
That's an agreement between Larry Goldfarb, managing general partner at BayStar and Richard Emerson, senior VP of corporate development at Microsoft and not some bogus irresponsible star-strucked handwaverer.
Re:Suspicions Confirmed (Score:4, Informative)
"There is no source cited etc", zitintheass
.."
I don't know if we've read the same text. The article clearly quotes at least two named sources in the Commerce department. It never mentions Windows or Linux. Yet we have the above and other commments coming out with: It's a fake news item, it must be Linux that got hacked, it wasn't Windows etc. We also have such posts getting modded up as 'interesting', more mod trolling.
"An August e-mail from acting Undersecretary of Commerce Mark Foulon quoted by the Washington Post said
Has Foulon ever denied sending the e-mails. Do you have a citation.
"Through established security procedures, BIS discovered a targeted effort to gain access to BIS user accounts," said Commerce Department spokesman Richard Mills. "We have no evidence that BIS data has been lost or compromised."
Has Mills ever denied saying this. Do you have a citation.
was Re:Another fake news?
"doesn't mean the hacked server wasn't using Windows, but there's also a good chance it was running Linux", xswl0931
It's not a server but hundreds of workstations. What OS do you think they are running on the desktop.
"Hundreds of computers must be replaced to cleanse the agency of malicious code, including rootkits and spyware."
"had identified several successful attempts to attack unattended BIS workstations during the overnight hours."
"The official also confirmed that BIS has limited Internet access to stand-alone workstations that are not connected to the bureau's internal network."
http://www.bis.doc.gov/ was running Microsoft-IIS on Windows 2000 when last queried at 7-Oct-2006 02:01:33 GMT
was Re:What OS? Looks like Linux
"Propriety software traditionally undergoes a formalized, designed testing process"
You're kidding right, what about that US university booking that wouldn't accept applications from 'overseas' students with addresses in the UK. Or the Airline Radio system that borked every 2^32 millisecs seconds when a 32 bit buffer cycled round to zero.
"Open source software must rely on after-the-fact testing in the form of "this broke when I tried to do this"."
"Open Source software relies primarily on a black box testing approach."
You've got that the wrong way round, closed source is the blackbox.
Re:Why is this surprising?
While such comments are totally unacceptable, the establishment does seem to be very selective in who they punish. For instance why are the people who made these statments not being locked up. Does political correctness only apply to white anglo-saxon protestants.
"I believe the whole of Britain has become Dar ul-Harb (land of war)," the Syria-born Mohammed said. Therefore, "the kafir (non-believer) has no sanctity for their own life or property," - Omar Bakri Mohammed
was Re:Crap, we have laws like that?
"Our department isn't disguising itself as something it isn't, like a trojan is usually defined"
..
The story goes that a war was fought by the Achaeans against the city of TROY for ten years. They built a Wooden Horse and hid in it until the trojans brought it into the city. Ergo trojan task refers to any Herculaen task.
"Cute little poem, but what relavance has it to my post?"
It's something similar to a quote from, I think, Grace Hopper regarding braking codes in WW2. Now that was a real trojan task. She discovered the first computer bug, a moth caught in a relay.
was Re:trojan task
.. multi layered defense .. network level protections, PC level protections and desk-side support level protections .. annual IT security awareness training .. reimaged immediately .. a special committee .. encrypted .. recieving process where that image is installed
.. there's nothing like spending other peoples money. Do you mind telling us the name of this agency as you do seemed to have covered security better than the rest.
Apart from this trojan task what else does the IT department contribute to your business.
"We have spent millions of dollars of your tax money in the last five years bringing this system online"
Ah, I see
'Last night I had the same dream again.
I was walking along a beach littered in small stones.
I carried a basket filled with similar stones.
Every time I found one exactly the same I could put it down.', ???
was Re:this takes $$$ time and energy
"Our startup honestly wanted to use OSS products. We do not want to spend time for any OSS bug fixing so our main requirement was -official support for all OSS products-"
,, OSS solutions. You did say you rewrote everything to C# so you must have pretty intelligent developers. If you are an end user get a support contract. You know something as I reread your post I get a strong wiff of trolleri.
Fud #1: Use OSS and you spend all you time fixing bugs. According to this, the Trolltech Qt Open Source Edition is available under the GPL license. And if you subscribe to one of the support groups you won't have to spend all your time hunting down bugs. Also if your company sells any OSS product, you won't have to pay any upstream 'licenses'. Did you factor in licensing costs in your figures for the C# IDE, WinCE and Vxworks?
From the same page: "Trolltech Qt License Pricing One Platform Console Edition, 1420, Desktop Light Edition, 1590, Desktop Edition, 2630"
You didn't state what business your startup is in, but if you are selling down stream solutions use GPL er
Straight in at number one and modded up Score:4, Insightful)
was Re:FUD
I've noticed that you haven't addressed any of the points in the previous post by twitter. What do you have to say in relation to the Barkto incident and dead people signing petitions? Else I would suspect you of distraction trolling.
.. Steve Barkto .. DRDOS.. spammed compuserve .. Hiring a firm to fake letters to Congress .. the Apple Switcher .. trick to game Slashdot's moderation system" wrote twitter
"astroturfing
was Re:Karma phishing
I'm going for the record of most rejects posted to Slashdot ..
.. , Saturday September 09, @04:14PM , Rejected .. .. , Saturday September 09, @04:14PM , Rejected
Software supermarket , Sunday October 01, @01:35PM , Rejected
slow rendering and google-analytics.com , Monday September 25, @12:30PM , Rejected
IE flaw bypasses fully patched systems , Wednesday September 20, @02:57PM , Rejected
MS behind discredit campaign says EU commissioner , Wednesday September 20, @02:43PM , Rejected
Open Source firm secures M$7.5 In funding . , Sunday September 17, @03:34PM , Rejected
restrictions on testing security , Sunday September 17, @02:24PM , Rejected
Samsung website hacked
forbes rehashes old fud , Friday September 08, @12:59PM , Rejected
Man jailed for speed camera blast , Wednesday September 06, @04:18PM , Rejected
politically correct insanity , Friday September 01, @01:09PM , Rejected
competitors mimic functionality , Monday August 28, @02:11PM , Rejected
non-final core components , Thursday August 17, @07:45PM , Rejected
Oracle and no cost Linux , Tuesday August 01, @01:59PM , Rejected
attack of the suicide virus , Monday July 31, @04:25PM , Rejected
the darker side of open source , Monday July 17, @03:11PM , Rejected
Oracle License Agreement , Tuesday July 11, @10:51AM , Rejected
switch to Mac for security advises Sophos , Wednesday July 05, @01:54PM , Rejected
part time barman IT manager wanted , Thursday June 29, @05:56PM , Rejected
a solution to unauthorized apps , Wednesday June 21, @12:29PM , Rejected
saint bill , Saturday June 17, @02:17PM , Rejected
Third World fuels malware , Wednesday June 14, @12:40PM , Rejected
the Microsoft-Sunbelt-Yankee connection , Saturday June 10, @01:48PM , Rejected
the blue bridge of death , Saturday May 27, @06:03PM , Rejected
when am I going to get a post ? , Tuesday May 23, @05:49PM , Rejected
say goodbye to the real Internet , Saturday May 20, @02:45PM , Rejected
Hilf benchmarks Linux , Friday March 24, @06:14PM , Rejected
I'm going for the record of the most rejected [pstson Slashdot
Software supermarket, Sunday October 01, @01:35PM , Rejected
slow rendering and google-analytics.com , Monday September 25, @12:30PM , Rejected
IE flaw bypasses fully patched systems , Wednesday September 20, @02:57PM , Rejected
MS behind discredit campaign says EU commissioner , Wednesday September 20, @02:43PM , Rejected
Open Source firm secures M$7.5 In funding . , Sunday September 17, @03:34PM , Rejected
restrictions on testing security , Sunday September 17, @02:24PM , Rejected
Samsung website hacked
forbes rehashes old fud , Friday September 08, @12:59PM , Rejected
Man jailed for speed camera blast , Wednesday September 06, @04:18PM , Rejected
politically correct insanity , Friday September 01, @01:09PM , Rejected
competitors mimic functionality , Monday August 28, @02:11PM , Rejected
non-final core components , Thursday August 17, @07:45PM , Rejected
Oracle and no cost Linux , Tuesday August 01, @01:59PM , Rejected
attack of the suicide virus , Monday July 31, @04:25PM , Rejected
the darker side of open source , Monday July 17, @03:11PM , Rejected
Oracle License Agreement , Tuesday July 11, @10:51AM , Rejected
switch to Mac for security advises Sophos , Wednesday July 05, @01:54PM , Rejected
part time barman IT manager wanted , Thursday June 29, @05:56PM , Rejected
a solution to unauthorized apps , Wednesday June 21, @12:29PM , Rejected
saint bill , Saturday June 17, @02:17PM , Rejected
Third World fuels malware , Wednesday June 14, @12:40PM , Rejected
the Microsoft-Sunbelt-Yankee connection , Saturday June 10, @01:48PM , Rejected
the blue bridge of death , Saturday May 27, @06:03PM , Rejected
when am I going to get a post ? , Tuesday May 23, @05:49PM , Rejected
say goodbye to the real Internet , Saturday May 20, @02:
rs232's Recent Submissions
..
Software supermarket, Sunday October 01, @01:35PM, Rejected
Posting two day old news again I see
Is it the gambling casinos in the states. How much money is beig channeled through the lobby system in Washington.
"Mr. Emerson [Microsoft's senior vice president of corporate development and strategy] and I discussed a variety of investment structures wherein Microsoft would `backstop,' or guarantee in some way, BayStar's investment....Microsoft assured me that it would in some way guarantee BayStar's investement in SCO."
2 12013816
"Microsoft stopped returning my phone calls and emails, and to the best of my knowledge, Mr. Emerson was fired from Microsoft"
http://www.groklaw.net/article.php?story=20060929
The real solution is an email system with end to end encryption and digital signatures. Basically an email doesn't pop up in your inbox unless it passes these tests. The same with e-commerce sites. You sign up to a provider who allocates you a PGP key which is then published to a number of online directories. Why we don't have such a solution is that the security services won't be able to monitor our online activities.
"I've never had a case of a WGA false positive, and I've only heard of one through the grapevine"
I bet you've never got a virus either.
"it's not 42% of PC's being dubbed non-genuine, it's 42% of all PCs that WGA thinks aren't genuine"
Since people who don't perform updates don't get false positives your point is totally specious. Most people don't get falsely diagnosed with cancer since most people don't get tested.
The real issue is that out of a sample of reported problems WGA wrongly reported 42% as running pirated software. The point is the WGA is faulty.
specious reasoning ; "the spurious inferences from obsolescent notions of causality"
was Re:That's 42% of a small selection