Good afternoon gentlemen. As you are all no doubt aware, I have perfected a method of manipulating the various stock exchanges throughout the world. You received proof of this this morning, as relatively worthless Nasdaq stocks such as Maxco, Inc. and J.W. Mays Inc. traded briefly at hundreds of times their real value. I believe my latest caper, which I've puckishly dubbed 'Operation Stocking-Stuffer', is certainly worthy of your attention...
You see, gentleman, when 'Operation Stocking-Stuffer' is deployed in earnest, all stock exchanges will be laid waste...all trade will effectively cease, and global civilization itself will crumble...that is...unless you pay me...
Tunneling other protocols through HTTP is certainly nothing new, and hackers have been using the technology to establish secure communications channels with compromised machines through firewalls as long as the technique has been around.
That being said, I was impressed with the in-depth coverage of this particular type of exploit. A fascinating read...www.uninformed.org is definitely bookmarked.
What you are talking about is one application of steganography, and an image file is only one type of media that can be used. Just about any other file (a Word document, a database, an application excecutable, etc.) can be used as the vector for the hidden message. "Steganography" is actually greek for "hidden writing".
- If you connect from an internet cafe you risk having your SSH
password captured with keyloggers.
- If you connectfrom home, assuming your home system is free from keyloggers
(not an automatic assumption in such a repressive environment),
the streams of encrypted traffic emanating from your home IP
are sure to attract unwanted attention. Sure, the authorities
won't be able to read your data, but they will know that there's something there they can't read, which is just as bad.
What you need is a secure communications channel that hides in plain sight...stego is an ideal candidate.
Zapp: "Do you understand the charges?" Kif: "One beep for yes, two beeps for no." FRY: *beep* Zapp: "Yes, so noted. Do you plead guilty?" Fry: *beep* *beep* Zapp: "Double-yes. Guilty!"
'Virii' is actually the correct plural of 'virus'. 'Viruses' is a word that has become correct through the sheer weight of popular usage, when the computer world brought the concept of the 'virus' from the medical world to the world at large.
OK, I'm seeing a lot of this "lUser stupidity" argument. Unfortunately, that argument is flawed. Let me demonstrate:
- The virus problem is due to either insecure code, user stupidity, or some combination of the two.
- Regarding the issue of insecure code, M$ has a responsibility to produce reasonably virus-proof code. Obviously, there will always be security flaws...no one is perfect, hindsight is 20/20, yadda yadda yadda. No one is expecting M$ to be perfect. What we are expecting is that they don't shamelessly profit off their own security issues.
- Regarding the issue of user stupidity, this problem has been around ever since there have been users. If M$ tries to blame the problem squarely on user stupidity, they first have to demonstrate that they have the capability of fixing this problem (no one so far has been successful). If they can in fact solve this problem, the question then becomes, why wasn't the OS then made more comprehensible in the first place? If they cannot solve this problem, they are selling snake oil...pure and simple.
If the method with which M$ is trying to address this 'Achilles heel' is this reprehensible, then they fully deserve the ridicule and scorn.
When I paid for my OS, I expected a reasonably secure product. If the product suffers from flaws, it is the manufacturer's responsibility to fix them. No further payment from me should be required.
A couple years ago, the Firestone tires on my Explorer were recalled. I got new tires, gratis. I'm sure that if anyone were expected to pay any amount for the tire replacement, everyone would scream like banshees. So why not now? Why is it OK for M$ to charge us money for a dangerously insecure OS, and then charge us a fee to secure it?
It seems to me that a company profiting from its own security holes is a serious conflict of interest.
From TFA:
Microsoft's decision to charge a fee is justifiable, he (Ryan Hamlin, general manager of the Microsoft Technology Care and Safety Group) said, because most consumers do not want to be responsible for the care of their PC's, but just want them to work correctly.
Let's break this down into steps, shall we?
1.) Market virus-prone OS 2.) Market protection from aformentioned viral threat. 3.) Profit^2!
I'm wondering when M$ is going to cut out the unnecessary fluff in their operation and just get a license to print money.
No, actually, I made the above post in all seriousness (although Snow Crashdid rock SO hard, it gave me cancer, and then spontaneously cured me of said cancer, just to prove its awesomeness).;)
Seriously, when are we going to see decent, reasonably priced VR glasses/goggles? I'd pick up a set in a second, if they were available. Anyone out there with any info on this subject?
This recent development underscores the main problem with miniturazation...that while we can continue to make things smaller and smaller, their interfaces (input - keyboard/mouse, output - screen/speakers) must remain large enough to be useful, and the larger, the better. Even if you totally discount other problems like removable data storage, the main problem of user interfaces will continue to stand in the way of true miniaturization.
I'm wondering why we haven't seen a laptop marketed with a roll-up keyboard, fingertip mouse, and VR glasses? Freed of these constraints, the actual laptop could easily be made small enough to be wearable.
Slashdot Mirror
Good afternoon gentlemen. As you are all no doubt aware, I have perfected a method of manipulating the various stock exchanges throughout the world. You received proof of this this morning, as relatively worthless Nasdaq stocks such as Maxco, Inc. and J.W. Mays Inc. traded briefly at hundreds of times their real value. I believe my latest caper, which I've puckishly dubbed 'Operation Stocking-Stuffer', is certainly worthy of your attention...
You see, gentleman, when 'Operation Stocking-Stuffer' is deployed in earnest, all stock exchanges will be laid waste...all trade will effectively cease, and global civilization itself will crumble...that is...unless you pay me...
Gentleman, you have my demands...peace out.
'Troll' is a +1 mod now???
Uh oh...
Tunneling other protocols through HTTP is certainly nothing new, and hackers have been using the technology to establish secure communications channels with compromised machines through firewalls as long as the technique has been around.
That being said, I was impressed with the in-depth coverage of this particular type of exploit. A fascinating read...www.uninformed.org is definitely bookmarked.
What you are talking about is one application of steganography, and an image file is only one type of media that can be used. Just about any other file (a Word document, a database, an application excecutable, etc.) can be used as the vector for the hidden message. "Steganography" is actually greek for "hidden writing".
Won't work...here's why:
What you need is a secure communications channel that hides in plain sight...stego is an ideal candidate.
Here's another exanple of a secure communications channel on the Internet.
SpamMimic
I'm surprised I haven't seen a mention of steganography yet in this discussion.
Properly implemented, stego can be used quite effectively to communicate secretly on the Internet.
You're all wrong.
The best captain, hands down, was Captain Pike .
I think Ford and Chevy should have to fix their cars for free.
They do...ever hear of recalls?
Ummm...no...I was actually trying to say profit squared, not profit times two, as the former is closer to the reality.
Sound like you're the one who missed the point.
Nobody's bashing M$ for not having an AV package. Everyone's bashing M$ for not having reasonably secure code to begin with.
Let's see some proof, Kreskin.
Buy...Windows?
I'm sorry...I've just never seen those words in the same sentence before...
^_^
Um....wrong.
'Virii' is actually the correct plural of 'virus'.
'Viruses' is a word that has become correct through the sheer weight of popular usage, when the computer world brought the concept of the 'virus' from the medical world to the world at large.
Evolution of the language in action.
OK, I'm seeing a lot of this "lUser stupidity" argument. Unfortunately, that argument is flawed. Let me demonstrate:
There's a big difference between bundling antivirus software into your OS, and making your OS more robust against viral threats to begin with.
If the method with which M$ is trying to address this 'Achilles heel' is this reprehensible, then they fully deserve the ridicule and scorn.
When I paid for my OS, I expected a reasonably secure product. If the product suffers from flaws, it is the manufacturer's responsibility to fix them. No further payment from me should be required.
A couple years ago, the Firestone tires on my Explorer were recalled. I got new tires, gratis. I'm sure that if anyone were expected to pay any amount for the tire replacement, everyone would scream like banshees. So why not now? Why is it OK for M$ to charge us money for a dangerously insecure OS, and then charge us a fee to secure it?
Brushes of scorn, indeed.
Yeah...."nice computer you have here...it'd be a shame if anything were to happen to it..."
It seems to me that a company profiting from its own security holes is a serious conflict of interest.
From TFA:
Let's break this down into steps, shall we?
I'm wondering when M$ is going to cut out the unnecessary fluff in their operation and just get a license to print money.
From TFA:
Well, that just rolls off the tongue, doesn't it?
Looks like it's up to us...please post your suggestions for the new moon's name below.
No, actually, I made the above post in all seriousness (although Snow Crash did rock SO hard, it gave me cancer, and then spontaneously cured me of said cancer, just to prove its awesomeness).
Seriously, when are we going to see decent, reasonably priced VR glasses/goggles? I'd pick up a set in a second, if they were available. Anyone out there with any info on this subject?
I thought he would have just called timothy an errand-boy...
This recent development underscores the main problem with miniturazation...that while we can continue to make things smaller and smaller, their interfaces (input - keyboard/mouse, output - screen/speakers) must remain large enough to be useful, and the larger, the better. Even if you totally discount other problems like removable data storage, the main problem of user interfaces will continue to stand in the way of true miniaturization.
I'm wondering why we haven't seen a laptop marketed with a roll-up keyboard, fingertip mouse, and VR glasses? Freed of these constraints, the actual laptop could easily be made small enough to be wearable.
You're right...it's not progress.
It's the opposite of that....what's the opposite of pro again...?
Oh yeah...it's con.
Which would make it congress.
(Sorry...I truly could not resist.)
^_^