These are not domains like ICE have seized (which are analogous to post office box #xxxx) but the ccTLDs (more analogous to the zip code at the end.) Which is really a good way to grok how absurd the request is - imagine the families of the Iranians who died when the USN shot down their passenger jet sue the USA in their court systems, get a civil judgement, and then attempt to 'confiscate' the international postal codes used to route mail to the USA.
"Offtopic i know, but another thing that strikes me as absurd is the lawsuit. "Plaintiffs who successfully sued Iran, Syria and North Korea as sponsors of terrorism" include who exactly? and of these plaintiffs how many are willing to admit they openly ignore their own governments sponsorship of terrorism? The suit seems rather silly."
Indeed. The article has no other information on the plaintiffs involved but it certainly sounds like lawfare. There are a few governments brazen enough to misuse their court systems like this... aside from the ones mentioned as targets.
"I can understand wanting to save money by putting tech script as the first line of tech support, but it gets a little tiring when want to skip to the advanced folks and still they want to stick to their script and ask me to reboot the modem as if I hadn't done that 3 times already. If it isn't low hanging fruit for the script readers it's not going to be a very successful or efficient support call."
The sad thing is that the volume of calls is so heavily weighted towards people that refuse to do anything whatsoever on their own before calling and demanding someone else fix it that clued-in customers with real problems are just lost in the noise from their perspective.
"The pdf javascript reader wastes kilobytes on your / or C:\ partition, that's all."
It also adds more lines of code that need to be carefully analyzed, audited, and constantly re-audited for exploitable bugs to the codebase.
Web browsers are the main point of vulnerability, they have an absolutely horrible track record for anything related to security. There are several relatively good.pdf programs that are actively maintained and whose security track records are not nearly so tarnished as Mozilla's. Some are Free Software as well. So I am seriously having a very hard time imagining a scenario where this has any reason to exist. And I am usually the one that's all in favor of having 15 slightly different choices for every role.
"Screw your acceptable ads, there's no such thing as an acceptable ad."
You are entitled to your point of view. I personally do not agree.
I like to expose myself to advertising. By seeing what is currently being pushed I know which products to avoid, which is a big time-saver. And the notion that some small payment comes to a website as a result of giving me this information is 100% ok with me.
Yet I almost never see ads. Why? Because I refuse to allow random servers all over the net a free hand to run programs on my computer. And ad companies apparently have some sort of problem with using the web, the only thing they know how to do is javascript, java, and flash.
"So what do you think should be Israel's response to the constant bombing of their country?"
What constant bombing? Hamas has honored truces and cease-fires in the past, it's the IDF that keeps breaking them. How do you think the Palestinians should respond to Israel periodically 'mowing' their families down 'like grass?'
Ultimately you simply cannot keep a nation captive forever, nor can you exterminate them, and Israelis of all people should realize that.
Which makes it sound like some sort of attack on the ad network.
Without more details it's hard to say, but it sounds like the ad network should file a complaint with the UK and get these overenthusiastic corporate cops charged.
There's a battle to love - ad networks versus the 'city of london.' May they fight forever and leave the rest of us in peace.
I see a lot of theories but no one seems to have hit on the most obvious one yet.
*You* are not the customer. *You* are the product to be sold. *They* dont care what you want. *They* want you to have a big screen to more effectively display their ads, and so that is what you get.
Russia is certainly a bit authoritarian, but they dont tolerate outright neo-nazis.
Whereas the Ukrainian putsch relies heavily on two overtly neo-nazi parties. Their members hold several cabinet posts including security and defense. Their names are Svoboda and Right Sector, you can look them up yourself.
If Chinese backed neo-nazis took over Mexico city and threw the country into a civil war, I wouldnt be surprised if we gave the loyalists a little discrete help here and there as well.
"The choices are unelected leaders, elected leaders or no leaders. "
That's not actually an exhaustive list to start with, and even if it were it still conceals differences. Perhaps it does not matter so much exactly how the 'leaders' are chosen, but instead their competence, loyalty, and relationship with the law? Perhaps even more important than their personal properties are the properties of the office itself, as Lord Acton observed?
The kings were filthy thugs, but they never dreamed of being able to visit the sort of horror on their 'subjects' that modern states have visited on their supposed citizens, in e.g. Nazi Germany, the USSR, Turkey, and many other places over the last 200 years. They simply did not have that kind of power.
"Malware blocking" = yet another bad signature/reputation based scanner. If I wanted one, I would have one installed - and Firefox versions without this misfeature would still use it to scan, so in what universe was this worth doing?
If you really want to do something about malware, disable javascript by default.
"Automatic handling of pdf and ogg files" - I have a pdf reader already. I dont need another one, and I dont need one 'integrated' in my browser, period.
"loaded with new features for developers." Pretty sure that means for advertisers.
"There are those who say you need to use RequestPolicy and Ghostery and AdBlock and NoScript (and some other stuff, like a cookie blocker) to catch everything...."
It's a sign of utter insanity among the browser maintainers.
All this crap should be guaranteed off by default, and require an extension to enable, rather than the reverse.
Well if popups, popunders, auto-playing audio and video files and the like are what you call fun, you can keep it. For me, getting directly to the content I was looking for without navigating a maze of insulting crap is more conducive to fun.
An emotionally resonant argument but not a rational one.
Cancer, heart disease, kidney disease, and diabetes are the leading causes of death in Israel. Rockets fired by Hamas is waaaay down the list, and it would still be waaaay down the list without the interceptors.
Let's say you can spend a billion dollars to save one person from death by rocket, or the same billion to save 250,000 from cancer, but of course you cant do both, once the money is spent it is spent. Which is the wiser use of the money?
Not really. The Amish reject technology across the board, whether useful or not. People that are on the internet are obviously not rejecting technology across the board - javascript-in-the-browser is a single, very problematic technology, which is responsible for the vast majority of computer infections.
So no, people that do not allow javascript are not much like the Amish of the internet. We are more like the 'people who know how to use condoms' of the internet.
So it's designed to stop the threat that does not exist, and therefore should be excused for failures against the one that does? That makes little sense.
"And eve if it really was only 5% effective, I'd take 5% less ballistic missiles headed at my town thank you."
Irrational. When the damage done by the ineffective rockets is less than the cost to shoot them down, the money could clearly be better spent elsewhere.
That would be true even if the conflict were not one of choice, but is doubly so in the current situation.
"Sacrificing upload to gain extra download makes perfect sense when the person at the end of the line does far more downloading than uploading"
Two false postulates concealed here.
First that upload and download can be totally separated. Common misunderstanding. The way the internet works, all traffic is bidirectional - even if you are coming as close as possible to 'pure downloading' you are still using your upstream for traffic management. So while a certain amount of asymetricality can be tolerated, as long as the usage cases are very narrowly limited, even with all those caveats it can still amount to fraud. At least, if you are paying for 100mbit download but given so little upload allowance that you could not use it, you would probably call it fraud (when and if you caught on.)
But that is relatively minor in comparison to the second, which is that the internet is designed and should be used as a peer to peer network. It is not a broadcast network, and it was not designed to replace TV or facilitate more intrusive advertising. Asymmetrical bandwidth caps are thus seen correctly as direct attacks on the Internet itself - attempts to limit customers, to prevent them from truly and fully joining the Internet, since the cable companies prefer to keep making their monopoly rents instead of having to compete for our dollars.
Back on topic, I'm truly amazed at what crap people will buy.
There is not a cellphone on the market that I would pay money for right now, yet people just keep buying this crap, and as long as they are selling why would anyone spend money to fix them?
"You are trying to say that users needing to type chmod +x./latest_flash_player_youtube.sh , is sufficient protection to prevent end users from running things they shouldn't.... "
I did not actually say that, but it is probably true. Most users are either a) smart enough to realize they do not actually want to do this or b) not actually capable of pulling it off without help (hopefully, from someone who belongs in category a).)
However that is NOT what I was saying. The exploits we are discussing rely on Win32 executables, NOT SHell scripts. Even if the user manages to slide in between case a) and b) somehow, setting an executable bit on a win32 application will not magically make it work on *nix. You would need to also install WINE and do some intricate configuration magic with it before this would work.
"Ransomware is not prevalent in Linux, but again, it is absurdly naive to think that it couldn't"
Notice I explicitly agreed with you that it could be done.
"Again, end user education is key, regardless of OS. Implying to under-informed users that OSX is magically secure against cryptoware, is a recipe for disaster."
Yes and no. Certainly end-user education is key, regardless of OS. And certainly it's true that no OS is magically secure against malware. And I think it's correct to say that the OS does nothing to prevent it. But that's looking at it backwards.
What OSX, and *nix systems in general, should get credit for is not that they *do something to prevent infection* but that they do *less to facilitate infection*.
Of course, the same things that make Windows an extraordinarily easy target for malware also makes it an extraordinarily easy target for more legitimate programming as well.
And that, ultimately, is why it was designed that way. Developers, developers, developers! Windows is ultra-friendly to developers, it goes out of its way to make life easy for them, and guess what? A subset of those developers make malware. And the same things that makes Windows easy for one set of developers makes it easy for the other.
OSX actually deserves some kudos because it *does* make development a little harder here and there, for the benefit of the user. And while saying OSX is 'virus-immune' would be clear BS, saying that it's an effective way for a technically challenged computer user to dramatically reduce their risk of being infected is actually true.
Linux can be deployed to even better effect on the security front, of course, though I would not recommend it for the technically-challenged unless said user has a friend or family member to help with setup and ssh in occasionally to administer it.
"It is good to be proud of your operating system of choice, but it is smug to think that Linux/OSX/BSD/Solaris will do anything technical to protect from such an attack."
Well unless you have configured your *nix box to automatically privilege and run windows executables somehow, using a real OS is probably sufficient to stop this attack.
Is it conceivable that a very similar attack could be written specifically for your OS of choice and do the same job? Yes, it's conceivable, that's right. But it's not in evidence.
More generally, regardless of OS, this attack wont even trigger if your browser is configured sanely. The exploit kits and injectors all rely heavily on javascript. Make sure it is disabled and you have not only defeated this exploit before it even got started, along with all the others, but you have also taken a positive step towards making the web readable again!
Slashdot Mirror
Nice rant but missing a few facts.
These are not domains like ICE have seized (which are analogous to post office box #xxxx) but the ccTLDs (more analogous to the zip code at the end.) Which is really a good way to grok how absurd the request is - imagine the families of the Iranians who died when the USN shot down their passenger jet sue the USA in their court systems, get a civil judgement, and then attempt to 'confiscate' the international postal codes used to route mail to the USA.
Indeed. The article has no other information on the plaintiffs involved but it certainly sounds like lawfare. There are a few governments brazen enough to misuse their court systems like this... aside from the ones mentioned as targets.
"I can understand wanting to save money by putting tech script as the first line of tech support, but it gets a little tiring when want to skip to the advanced folks and still they want to stick to their script and ask me to reboot the modem as if I hadn't done that 3 times already. If it isn't low hanging fruit for the script readers it's not going to be a very successful or efficient support call."
The sad thing is that the volume of calls is so heavily weighted towards people that refuse to do anything whatsoever on their own before calling and demanding someone else fix it that clued-in customers with real problems are just lost in the noise from their perspective.
"The pdf javascript reader wastes kilobytes on your / or C:\ partition, that's all."
.pdf programs that are actively maintained and whose security track records are not nearly so tarnished as Mozilla's. Some are Free Software as well. So I am seriously having a very hard time imagining a scenario where this has any reason to exist. And I am usually the one that's all in favor of having 15 slightly different choices for every role.
It also adds more lines of code that need to be carefully analyzed, audited, and constantly re-audited for exploitable bugs to the codebase.
Web browsers are the main point of vulnerability, they have an absolutely horrible track record for anything related to security. There are several relatively good
"Screw your acceptable ads, there's no such thing as an acceptable ad."
You are entitled to your point of view. I personally do not agree.
I like to expose myself to advertising. By seeing what is currently being pushed I know which products to avoid, which is a big time-saver. And the notion that some small payment comes to a website as a result of giving me this information is 100% ok with me.
Yet I almost never see ads. Why? Because I refuse to allow random servers all over the net a free hand to run programs on my computer. And ad companies apparently have some sort of problem with using the web, the only thing they know how to do is javascript, java, and flash.
"So what do you think should be Israel's response to the constant bombing of their country?"
What constant bombing? Hamas has honored truces and cease-fires in the past, it's the IDF that keeps breaking them. How do you think the Palestinians should respond to Israel periodically 'mowing' their families down 'like grass?'
Ultimately you simply cannot keep a nation captive forever, nor can you exterminate them, and Israelis of all people should realize that.
Which makes it sound like some sort of attack on the ad network.
Without more details it's hard to say, but it sounds like the ad network should file a complaint with the UK and get these overenthusiastic corporate cops charged.
There's a battle to love - ad networks versus the 'city of london.' May they fight forever and leave the rest of us in peace.
"...but there is this thing called Truth in Advertising."
Doubtless it's in hiding in a parallel dimension, along with the unicorns and all these other things that nobody has ever seen, right?
I see a lot of theories but no one seems to have hit on the most obvious one yet.
*You* are not the customer. *You* are the product to be sold. *They* dont care what you want. *They* want you to have a big screen to more effectively display their ads, and so that is what you get.
Russia is certainly a bit authoritarian, but they dont tolerate outright neo-nazis.
Whereas the Ukrainian putsch relies heavily on two overtly neo-nazi parties. Their members hold several cabinet posts including security and defense. Their names are Svoboda and Right Sector, you can look them up yourself.
And frankly does not matter even if it were true.
If Chinese backed neo-nazis took over Mexico city and threw the country into a civil war, I wouldnt be surprised if we gave the loyalists a little discrete help here and there as well.
"The choices are unelected leaders, elected leaders or no leaders. "
That's not actually an exhaustive list to start with, and even if it were it still conceals differences. Perhaps it does not matter so much exactly how the 'leaders' are chosen, but instead their competence, loyalty, and relationship with the law? Perhaps even more important than their personal properties are the properties of the office itself, as Lord Acton observed?
The kings were filthy thugs, but they never dreamed of being able to visit the sort of horror on their 'subjects' that modern states have visited on their supposed citizens, in e.g. Nazi Germany, the USSR, Turkey, and many other places over the last 200 years. They simply did not have that kind of power.
They deliberately make this difficult to calculate, but by my reckoning the current version should probably be Firefox 7.6.
"Malware blocking" = yet another bad signature/reputation based scanner. If I wanted one, I would have one installed - and Firefox versions without this misfeature would still use it to scan, so in what universe was this worth doing?
If you really want to do something about malware, disable javascript by default.
"Automatic handling of pdf and ogg files" - I have a pdf reader already. I dont need another one, and I dont need one 'integrated' in my browser, period.
"loaded with new features for developers." Pretty sure that means for advertisers.
"There are those who say you need to use RequestPolicy and Ghostery and AdBlock and NoScript (and some other stuff, like a cookie blocker) to catch everything...."
It's a sign of utter insanity among the browser maintainers.
All this crap should be guaranteed off by default, and require an extension to enable, rather than the reverse.
Well if popups, popunders, auto-playing audio and video files and the like are what you call fun, you can keep it. For me, getting directly to the content I was looking for without navigating a maze of insulting crap is more conducive to fun.
"So how much is your family worth?"
An emotionally resonant argument but not a rational one.
Cancer, heart disease, kidney disease, and diabetes are the leading causes of death in Israel. Rockets fired by Hamas is waaaay down the list, and it would still be waaaay down the list without the interceptors.
Let's say you can spend a billion dollars to save one person from death by rocket, or the same billion to save 250,000 from cancer, but of course you cant do both, once the money is spent it is spent. Which is the wiser use of the money?
Not really. The Amish reject technology across the board, whether useful or not. People that are on the internet are obviously not rejecting technology across the board - javascript-in-the-browser is a single, very problematic technology, which is responsible for the vast majority of computer infections.
So no, people that do not allow javascript are not much like the Amish of the internet. We are more like the 'people who know how to use condoms' of the internet.
So it's designed to stop the threat that does not exist, and therefore should be excused for failures against the one that does? That makes little sense.
"And eve if it really was only 5% effective, I'd take 5% less ballistic missiles headed at my town thank you."
Irrational. When the damage done by the ineffective rockets is less than the cost to shoot them down, the money could clearly be better spent elsewhere.
That would be true even if the conflict were not one of choice, but is doubly so in the current situation.
Not like another was needed, but there you go.
"Sacrificing upload to gain extra download makes perfect sense when the person at the end of the line does far more downloading than uploading"
Two false postulates concealed here.
First that upload and download can be totally separated. Common misunderstanding. The way the internet works, all traffic is bidirectional - even if you are coming as close as possible to 'pure downloading' you are still using your upstream for traffic management. So while a certain amount of asymetricality can be tolerated, as long as the usage cases are very narrowly limited, even with all those caveats it can still amount to fraud. At least, if you are paying for 100mbit download but given so little upload allowance that you could not use it, you would probably call it fraud (when and if you caught on.)
But that is relatively minor in comparison to the second, which is that the internet is designed and should be used as a peer to peer network. It is not a broadcast network, and it was not designed to replace TV or facilitate more intrusive advertising. Asymmetrical bandwidth caps are thus seen correctly as direct attacks on the Internet itself - attempts to limit customers, to prevent them from truly and fully joining the Internet, since the cable companies prefer to keep making their monopoly rents instead of having to compete for our dollars.
"When you're talking DSL or Cable, it's a different ballgame, due to the frequencies in use."
Uh, no it's not.
The frequencies in use? What kind of BS is that?
The frequencies in use do not care which direction the traffic is going in. I suppose I just hallucinated having SDSL for years?
Asymmetrical connections were always BS.
Now if only they would roll out FIOS to the rest of the country like they have already been paid to do... ah well.
Sad, what's happened to slashdot.
Back on topic, I'm truly amazed at what crap people will buy.
There is not a cellphone on the market that I would pay money for right now, yet people just keep buying this crap, and as long as they are selling why would anyone spend money to fix them?
"You are trying to say that users needing to type chmod +x ./latest_flash_player_youtube.sh , is sufficient protection to prevent end users from running things they shouldn't.... "
I did not actually say that, but it is probably true. Most users are either a) smart enough to realize they do not actually want to do this or b) not actually capable of pulling it off without help (hopefully, from someone who belongs in category a).)
However that is NOT what I was saying. The exploits we are discussing rely on Win32 executables, NOT SHell scripts. Even if the user manages to slide in between case a) and b) somehow, setting an executable bit on a win32 application will not magically make it work on *nix. You would need to also install WINE and do some intricate configuration magic with it before this would work.
"Ransomware is not prevalent in Linux, but again, it is absurdly naive to think that it couldn't"
Notice I explicitly agreed with you that it could be done.
"Again, end user education is key, regardless of OS. Implying to under-informed users that OSX is magically secure against cryptoware, is a recipe for disaster."
Yes and no. Certainly end-user education is key, regardless of OS. And certainly it's true that no OS is magically secure against malware. And I think it's correct to say that the OS does nothing to prevent it. But that's looking at it backwards.
What OSX, and *nix systems in general, should get credit for is not that they *do something to prevent infection* but that they do *less to facilitate infection*.
Of course, the same things that make Windows an extraordinarily easy target for malware also makes it an extraordinarily easy target for more legitimate programming as well.
And that, ultimately, is why it was designed that way. Developers, developers, developers! Windows is ultra-friendly to developers, it goes out of its way to make life easy for them, and guess what? A subset of those developers make malware. And the same things that makes Windows easy for one set of developers makes it easy for the other.
OSX actually deserves some kudos because it *does* make development a little harder here and there, for the benefit of the user. And while saying OSX is 'virus-immune' would be clear BS, saying that it's an effective way for a technically challenged computer user to dramatically reduce their risk of being infected is actually true.
Linux can be deployed to even better effect on the security front, of course, though I would not recommend it for the technically-challenged unless said user has a friend or family member to help with setup and ssh in occasionally to administer it.
"It is good to be proud of your operating system of choice, but it is smug to think that Linux/OSX/BSD/Solaris will do anything technical to protect from such an attack."
Well unless you have configured your *nix box to automatically privilege and run windows executables somehow, using a real OS is probably sufficient to stop this attack.
Is it conceivable that a very similar attack could be written specifically for your OS of choice and do the same job? Yes, it's conceivable, that's right. But it's not in evidence.
More generally, regardless of OS, this attack wont even trigger if your browser is configured sanely. The exploit kits and injectors all rely heavily on javascript. Make sure it is disabled and you have not only defeated this exploit before it even got started, along with all the others, but you have also taken a positive step towards making the web readable again!