I've heard that PDFs were used, and that's the one that sounds the most logical. Whenever I've seen attacks against my network from the Chinese, it's always been in the form of malicious spear-phished PDFs.
Whatever they actually used against Google, there's not one easy solution. You can't just say that they should have used Firefox, because then the attackers would have exploited some random Firefox add-on that some people were using. I'm sure Google employees use every browser out there throughout the company. Keeping Acrobat Reader fully patched and keeping your users alert and well-trained would probably stop a lot of it, but not all.
Anyone who sees a encryption device/service that offers the option of recovering your data without the passphrase should already know to run away, quickly. That's admitting right in the open that they have serious weaknesses.
My reading is that the hardware decrypts and gives up the data when the right key is sent. However, the right key is unrelated to your passphrase, it's a standard key for either that device or all devices (the article is unclear on this.)
Unfortunately, if you work in the federal government, you need that FIPS 140-2 compliance. While I'd love to use Truecrypt all over the place instead of commercial software that I don't really trust, it's not really an option.
Now, for personal use, absolutely. But I'd have to assume that people already just use Truecrypt for personal use (assuming you're the kind of person who reads Slashdot, at least...)
Passwords in Firefox and Thunderbird are not encrypted, merely obfuscated. in edit / preferences / security / saved passwords in firefox it will display all passwords saved. They're only unencrypted if you don't turn on password encryption, which everyone should do. Set a master password, and then your saved Firefox passwords aren't available for the taking for anyone who happens to get access to your hard drive.
I've started using the library a little more, but it's not exactly pleasant. Run my bag through the x-ray machine to get in, it's crowded full of homeless people (inside and out) looking for a place to hang out, and not much selection.
It seems that most of their business is renting out DVDs (for probably the same price as Blockbuster) and providing a warm place for homeless people, and less anything research or book-related.
I'm pretty sure that the govt has said that there must be boxes available in the $40 range that would be free with this coupon. Now, whether or not that becomes a reality is a different issue.
If you thought Hollywood was out of penguin movie fuel (after March, Happy Feet, and the other animated one that I can't remember the name of), this is just the thing they've been waiting for. Cute green Martian penguins dancing around on an iceberg. Fun for everybody!
This was too funny, I was reading these messages all morning. So many completely stupid people sending messages out with their title, agency, often phone numbers, etc. Some having fun with it and a whole bunch going "stop sending e-mails!" The best was the official reply that came a few hours in, which said "please don't use 'reply all.'"
Even better was that anyone in the world could send to the mailing list, it didn't even check to see if you were subscribed before sending your message out. Trust me, I tried it. You also get a few hundred more e-mail addresses and all kinds of internal company details from the out-of-office replies (e.g., "I'm on medical leave, contact so-and-so at x1234").
Now, it was no big surprise, I do security in the federal government and so I know how clueless so many of my coworkers are. But it was hilarious to watch it all play out so publicly and persistently; it just kept going throughout most of the day.
Many people already watch TV or movies on a computer
But I doubt it's anywhere near enough people to market a whole service to them.
who wants to watch a movie on a device with a tiny screen anyway?
Probably the same people who keep buying TV shows from iTunes, which seems to be doing very well. I don't understand the appeal either, but it seems like they're out there.
Once cracked, THEN you could burn DVD's, and move the media to use as you see fit...
Then it would be a worthwhile way to purchase media IMHO.
I disagree. I still think it would be pretty worthless.
If I can pay the same price for the DVD, getting 5.1 sound and extras in the process, I'm not going to pay for the download even if I have the option of losing video quality and wasting time by re-encoding it to MPEG2 and burning it to DVD.
I got worked up enough to write up a rant about Unbox's pricing and lack of features (come on, who wants to watch V For Vendetta without 5.1 sound?) before seeing that I was late to the bash-Unbox party. Oops.
If it's not just me, and everyone's first reaction is "oh my god, how much does this idea suck?" you really have to wonder about their motivation, and you start putting more weight into the theories that this is so the studios and MPAA can say "see, people just don't want to pay for movie downloads."
But I don't think that's the case. I think Amazon is expecting that my reaction and the typical technologically informed person's reaction aren't going to be universally shared. The average consumer who is thrilled to be paying for DRM music downloads is another issue. Of course, you'd still think that that person would much rather have a DVD they could watch on their TV without having to figure out how to hook their computer up to their television...
I still keep coming back to "what the hell were they thinking" on this one.
In fact, it looks like it doesn't work with any Verizon phone as Verizon is insistent on using Brew so they can charge for the apps.
Works fine on my Verizon Blackberry, but I guess Blackberries might be an exception to that, since Verizon probably can't lock them down as much as they'd like.
By the way, is there really still any controversy over Youtube's new TOS? Even the EFF guy came out and said that it's not a big deal:
YouTube wants to CYA itself in case it flows into new formats with old videos, e.g., cell phone downloads. They don't want to have to go back and relicense all the content in new mediums. And its also true that simply yanking the video will cut off all their rights, which is a powerful weapon to keep them in check.
I guess it's just their competitors that wrote that article that want to keep the "controversial" label going, and apparently it's working.
Folks are apparently surprised that when you post your video to YouTube, you give them the right to distribute it, sell ads against it, and generally make money from it. But this is YouTube's business model. They aggregate an audience around consumer generated video and make money by selling access to that audience in one way or another.
I thought Youtube was going through cash like a late 90's.com, and haven't come close to making any money off of anyone's content yet. Maybe that's why these guys decided to compete with them, wrote their little blog post and got it on here: because they didn't realize that Youtube wasn't profitable? Or they're just figuring that they'll do it right where Youtube has missed the boat as far as making money...
Or maybe my brain isn't what it used to be and I'm completely wrong about this, and Youtube has been insanely profitable.
Yeah, the picture in the article doesn't look very appealing. I'm more interested in the generator side of it in the hopes of using that with who-knows-what. Maybe a regular laptop, maybe other portable devices.
That sounds awesome. Literally, since they say it's much quieter than your usual hand-cranked generators. And 'generating 20 watts is comfortable, and it's possible to generate 10 watts for "as long as you want," the developers say."
Free energy and a little exercise in the process. I like it. Watch it cost $250 for just the generator in the US.
There are lots of third party apps that can get the Google pagerank. I use a Firefox extension to show pagerank, and there are endless web sites that can look up pagerank for you. The toolbar pagerank call was reverse engineered a long time ago.
Yeah, I think part of the problem with the whole SEO field is that there are several sides. There's the white hat stuff where you make sure you're not limiting the spiders from getting to your content, making sure your titles and markup is all good, etc. Then there's the blacker hat stuff like splogs, spamming, cloaking, etc. If you just say "SEO", some people will automatically assume the latter.
Page Rank seems to work on the premise that the more a site is linked to, the more valuable it is. So if five million people link to a white supremacist site, that means there's valuable content there, right?
That's part of the point behind the nofollow attribute, so you can link to a site like that without passing on pagerank to them.
If you've looked at the SEO world at all, you know that there are lots of people who write half-assed articles so they can have more unique content on their web site. Or, they offer those articles up to other sites to get links back to their site. The articles never really say anything, and are just an attempt to build up traffic.
And then once in a while Slashdot goes and links to one of those useless articles on one of those web sites. Imagine how much money that guy just made from all the Slashdot visitors, not to mention the pagerank boost from a Slashdot link. And for an article that bad that he knocked out without really putting any effort into it?
Slashdot Mirror
Acrobat vulnerabilities let you directly drop and install your malware on the system, you don't need to invoke a browser at all.
I've heard that PDFs were used, and that's the one that sounds the most logical. Whenever I've seen attacks against my network from the Chinese, it's always been in the form of malicious spear-phished PDFs.
Whatever they actually used against Google, there's not one easy solution. You can't just say that they should have used Firefox, because then the attackers would have exploited some random Firefox add-on that some people were using. I'm sure Google employees use every browser out there throughout the company. Keeping Acrobat Reader fully patched and keeping your users alert and well-trained would probably stop a lot of it, but not all.
Anyone who sees a encryption device/service that offers the option of recovering your data without the passphrase should already know to run away, quickly. That's admitting right in the open that they have serious weaknesses.
My reading is that the hardware decrypts and gives up the data when the right key is sent. However, the right key is unrelated to your passphrase, it's a standard key for either that device or all devices (the article is unclear on this.)
Unfortunately, if you work in the federal government, you need that FIPS 140-2 compliance. While I'd love to use Truecrypt all over the place instead of commercial software that I don't really trust, it's not really an option.
Now, for personal use, absolutely. But I'd have to assume that people already just use Truecrypt for personal use (assuming you're the kind of person who reads Slashdot, at least...)
Ok, that's very interesting. Has anyone tried sticking that into the Perl script at the first link to try all possible mappings?
I'd do it, but, you know, lazy and all...
I've started using the library a little more, but it's not exactly pleasant. Run my bag through the x-ray machine to get in, it's crowded full of homeless people (inside and out) looking for a place to hang out, and not much selection.
It seems that most of their business is renting out DVDs (for probably the same price as Blockbuster) and providing a warm place for homeless people, and less anything research or book-related.
I'm pretty sure that the govt has said that there must be boxes available in the $40 range that would be free with this coupon. Now, whether or not that becomes a reality is a different issue.
If you thought Hollywood was out of penguin movie fuel (after March, Happy Feet, and the other animated one that I can't remember the name of), this is just the thing they've been waiting for. Cute green Martian penguins dancing around on an iceberg. Fun for everybody!
This was too funny, I was reading these messages all morning. So many completely stupid people sending messages out with their title, agency, often phone numbers, etc. Some having fun with it and a whole bunch going "stop sending e-mails!" The best was the official reply that came a few hours in, which said "please don't use 'reply all.'"
Even better was that anyone in the world could send to the mailing list, it didn't even check to see if you were subscribed before sending your message out. Trust me, I tried it. You also get a few hundred more e-mail addresses and all kinds of internal company details from the out-of-office replies (e.g., "I'm on medical leave, contact so-and-so at x1234").
Now, it was no big surprise, I do security in the federal government and so I know how clueless so many of my coworkers are. But it was hilarious to watch it all play out so publicly and persistently; it just kept going throughout most of the day.
I was thinking it was more for early adopters who already have a computer hooked up to their TV and sound system, acting as a DVR or HTPC (like me.)
Right (like me). This is why Unbox just doesn't make any sense to me.
But I doubt it's anywhere near enough people to market a whole service to them.
Probably the same people who keep buying TV shows from iTunes, which seems to be doing very well. I don't understand the appeal either, but it seems like they're out there.
I disagree. I still think it would be pretty worthless.
If I can pay the same price for the DVD, getting 5.1 sound and extras in the process, I'm not going to pay for the download even if I have the option of losing video quality and wasting time by re-encoding it to MPEG2 and burning it to DVD.
If it's not just me, and everyone's first reaction is "oh my god, how much does this idea suck?" you really have to wonder about their motivation, and you start putting more weight into the theories that this is so the studios and MPAA can say "see, people just don't want to pay for movie downloads."
But I don't think that's the case. I think Amazon is expecting that my reaction and the typical technologically informed person's reaction aren't going to be universally shared. The average consumer who is thrilled to be paying for DRM music downloads is another issue. Of course, you'd still think that that person would much rather have a DVD they could watch on their TV without having to figure out how to hook their computer up to their television...
I still keep coming back to "what the hell were they thinking" on this one.
Oops, I see that Phanfare is a complete different business model and isn't providing anything for free. Never mind.
I guess it's just their competitors that wrote that article that want to keep the "controversial" label going, and apparently it's working.
I thought Youtube was going through cash like a late 90's .com, and haven't come close to making any money off of anyone's content yet. Maybe that's why these guys decided to compete with them, wrote their little blog post and got it on here: because they didn't realize that Youtube wasn't profitable? Or they're just figuring that they'll do it right where Youtube has missed the boat as far as making money...
Or maybe my brain isn't what it used to be and I'm completely wrong about this, and Youtube has been insanely profitable.
Yeah, the picture in the article doesn't look very appealing. I'm more interested in the generator side of it in the hopes of using that with who-knows-what. Maybe a regular laptop, maybe other portable devices.
That sounds awesome. Literally, since they say it's much quieter than your usual hand-cranked generators. And 'generating 20 watts is comfortable, and it's possible to generate 10 watts for "as long as you want," the developers say."
Free energy and a little exercise in the process. I like it. Watch it cost $250 for just the generator in the US.
There are lots of third party apps that can get the Google pagerank. I use a Firefox extension to show pagerank, and there are endless web sites that can look up pagerank for you. The toolbar pagerank call was reverse engineered a long time ago.
Yeah, I think part of the problem with the whole SEO field is that there are several sides. There's the white hat stuff where you make sure you're not limiting the spiders from getting to your content, making sure your titles and markup is all good, etc. Then there's the blacker hat stuff like splogs, spamming, cloaking, etc. If you just say "SEO", some people will automatically assume the latter.
That's part of the point behind the nofollow attribute, so you can link to a site like that without passing on pagerank to them.
If you've looked at the SEO world at all, you know that there are lots of people who write half-assed articles so they can have more unique content on their web site. Or, they offer those articles up to other sites to get links back to their site. The articles never really say anything, and are just an attempt to build up traffic.
And then once in a while Slashdot goes and links to one of those useless articles on one of those web sites. Imagine how much money that guy just made from all the Slashdot visitors, not to mention the pagerank boost from a Slashdot link. And for an article that bad that he knocked out without really putting any effort into it?
Wow.