I _really_ don't understand the appeal of ringtones. Who the f cares what the ringer sounds like? The dang things shouldn't even _be_ ringing audibly in most situations anyway. JFC!
At first I just thought I was being slightly eccentric with my disdain for popular American culture, now I'm beginning to wonder if it's just to keep my sanity.
I have one at home and it works great. However, I've heard that Linksys modified the newer models such that they're not as hackable as they used to be. ISTR hearing something about them now running something other than Linux kernel.
FWIW, the FreeBSD project recently commited a new geom_xbox360 class to the development tree. I don't have any experience with it (just been reading the mailing list), but it provides access to the hard disk through the GEOM system.
Glad to hear that someone's been hacking the DS. I own the old and new revisions and have considered trying to write an application to drive my home stereo setup (which is connected to a server via an RS-232 link) via the touchscreen. It would be sweet to hit a button on the DS to turn on the stereo, select an A/V input and then choose a movie to play on the server.
Are you arguing that if a school history course talks about the Holocaust, that they also be required to give time to the idea that the Holocaust never occurred and is a big Jewish conspiracy?
Global warming is not a controversial issue. There are an extreme minority of groups that would like to convince the public otherwise.
The fact that the parents in question are religious fanatics is troubling enough in and of itself, but then you have this comment:
"From what I've seen (of the movie) and what my husband has expressed to me, if (the movie) is going to take the approach of 'bad America, bad America,' I don't think it should be shown at all," Gayle Hardison said. "If you're going to come in and just say America is creating the rotten ruin of the world, I don't think the video should be shown."
Well, what if America really is creating the rotten ruin of the world?
While I understand that it's status quo to not document these sorts of things, I still don't like it. Some part of my day is typically spent troubleshooting misbehaving hardware and it would make my life a whole lot easier if everything pertaining to the system board were documented. Most recently, I've struggled with some Sun X2200s and V20zs where maybe one-third of the diagnostic LEDs are labelled, where there's a secret diagnostics mode you can access via the front-panel if you move a certain jumper, etc.
I don't think most people (even the skeptics) thought that the TSA would turn out to be such a bureaucratic nightmare draining off billions for security theater.
That's a joke, right? I mean, it's a Federal program!
I have read 1984, several times, and watched the film twice.
That book actually made me feel physically ill while reading it. I also own the film, but haven't gotten around to watching it yet; how is it?
There is a huge difference between having cameras monitoring public places, as is happening here, and having cameras in every home monitoring everything you do. The difference is the expectation of privacy. In your own home, you can expect to be private. You can expect to be free from surveillance. In public, however, everything you do is, by definition, public. There is no difference between cameras monitoring what you do in public and people watching you other than the quality of the record.
For the most part I agree with you, but there are places in public where one tends to have an expectation of privacy. For example, say I really have to take a leak and choose a spot between two garbage bins in an alley. I look around, don't see anyone, assume I have some privacy for the moment and do my business. Yes, I'm doing it in public, but it's not as public as peeing on a train platform during rush hour.
Surveillance cameras that have been installed in public places typically aren't as noticable as someone walking down the street or looking out their back window. Cameras tend to be quite small and placed in inaccessible areas, like twenty feet up on a telephone pole.
Note also that surveillance was not the major factor in 1984. A much bigger issue, one taken from Nazi Germany, was the idea that good citizens (especially children; contrast with the Hitler Youth) would inform on each other for violating arbitrary rules.
I thought Orwell's ideas were based on a totalitarian Soviet Union, not Nazi Germany? Don't forget some of the other ways that people were controlled: modification of language to prevent the expression of certain ideas, rewriting history, the Two Minute Hate, the elimination of sexual pleasure, etc.
No, you can't be arrested in the United States for committing actions that were illegal here, but legal in the country where you performed them. Well, you could be arrested, but the charges probably wouldn't stick.
Those Thai services you're talking about (presumably sex with young children) are illegal in Thailand. The U.S. would arrest you as a courtesy to the Thai government.
Yeah, I'm not a fan of my credit card company deciding which transactions they're going to process. If I use the card at a merchant, they need to pay the merchant. What's next, credit card companies deciding they don't like certain restaurants, types of products, etc?
We all keep hearing these stories where some punk kid hacked a web server and the company that owned it then spend hundreds of thousands of dollars investigating and fixing their security problems. Is Sony now liable for similar damages against businesses that were infected by Sony's rootkit? A $1.5 million dollar settlement sounds like it's orders of magnitude too low considering the potential cost of cleanup.
IANAL, but I'd guess that if you don't accept the settlement from the class-action lawsuit, then you still retain the right to sue in civil court. Don't you typically have to sign an agreement waiving your right to sue for damages when you accept settlements like this?
Hell no Javascript doesn't deserve more respect. Unlike, say Java applets, there's no security sandbox so rogue Javascript code can connect to the network and leak information from the client system.
People drink Starbucks because they use quality beans, don't abuse those beans too badly and then don't drastically overuse them.
I call bullshit; Starbucks coffee tastes terrible! People go to Starbucks because there's one on practically every corner, there's furniture to sit on, wireless Internet access and very good brand awareness.
I think this is the third time I've posted the trick to fastballs. Don't go through the standard pitching motion, instead hold your straight hand out, palm down, and flick your wrist down. You should get a 90+ mph pitch every time.
Owners of the Nintendo Wii reported that when they used the Nintendo remote and wrist strap, as instructed by the material that accompanied the Wii console, the wrist strap broke and caused the remote to leave the user's hand.
I slid the wrist strap over my hand and the Wii remote suddenly jumped up and flew at the television, breaking the strap and my tv in the process; just like the linked article said!
Seriously, exactly where in the manuals are Wii owners instructed to violently throw the controller at the screen?
Anyone want to guess how many more stupid articles we're going to see explaining the basics of how HTTP, cookies or Javascript works? I find it amusing, yet sad, that so many people are pointing out web vulnerabilities that are nothing more than a n00b not understanding how someting works and either misconfiguring it or using it improperly.
I'm sorry, but cross-site scripting attacks are not real vulnerabilities! The problem is that your stupid browser can execute Javascript that's allowed to read local files and send data out over the network. The problem is not some forum maintainer allowing people to post Javascript, the problem is that you're allowing it to run. Turn Javascript off! It's garbage.
As for cookies being used improperly, what's so hard to understand? It's a file that's stored on a client's system. Under no circumstances should you store data you don't want the client to see, nor should you blindly trust the data the client provides.
Let's not even get into form validation. Apparently a lot of "web developers" don't understand the difference between an HTTP server and HTML content. No, just because you limited that pulldown to three options in your HTML doesn't mean the client can't send something else in its POST request.
I can't help but to wonder where companies are finding all of the idiot web developers.
Because I'm in a similar situation. I didn't want to give Microsoft any money, so I didn't buy an Xbox. However, I also collect game consoles, so I'd like to have an Xbox in the collection. I figured that so long as I bought the equipment used it would be okay.
Excited or not, I don't think anyone reasonably expected players to be trying to throw 100 MPH pitches!
*LOL* It's quite easy to throw pitches that fast, and you don't even have to move your arm! Simply hold the Wiimote vertically and then flick your wrist down; that's it! You'll get the maximum pitch speed every time.
I think a lot of people playing the Wii have yet to realize that you don't need to make huge movements with the Wiimote.
I didn't list any web resources because I typically don't use them. I picked up most of the books mentioned when I was an undergrad and continue to use them to this day. Also, I don't particularly care to read from a CRT or LCD; they're not as easy on the eyes. I can't take it with me (I don't carry a laptop around wherever I go) and I can't take notes on them like I can in a book.
I swear, once I find those CDs, I'm going to go through our entire collection and rip every one of them using some lossless codec and store them on a hard drive.
That's what I've done; I've currently ripped over 100 GB of WAV files from my discs. If you do decide to go this route, be prepared to spend a significant amount of time. A disc ripped using a DVD drive takes about five minutes on my machine; I actually used multiple drives simultaneously so I got about 3 discs done every ten minutes. So, for a meager 200 disc collection, you're looking at about ten hours of effort.
Once your music is on a server though, it's quite nice. I've setup NFS and Samba shares on my wireless network at home so I just have to boot my laptop up and I have access to all of my music anywhere in the house. I've also connected a server directly to my A/V receiver (Denon 2805AVR) which has an RS232 based control interface so I can turn the stereo on and select tracks to play all from my laptop.
While I do like your comment overall, I have written an emulator while an undergrad and would never suggest that someone begin learning about them by reverse engineering something as complex as a NES emulator. ari1981 didn't mention what material he covered in school, only that it was theoretical so that makes it a bit difficult to determine what areas of knowledge need some improvement. Actually, knowing computional theory is probably half of the battle when it comes to programming.
Writing in a programming language is exactly like writing in any other language. As a neophyte, you're constantly consulting your textbook for the proper verb tense to use, you're looking up simple nouns, etc. Eventually you get the grammar down and have built up enough of a vocabulary that you only have to consult the dictionary once in awhile. Eventually you rarely have to look words up and can start focusing on things like elegant sentence structure.
Here's a list of what I considered to be essential areas of learning with regards to computer science. UNIX was mentioned in the article, so I'll include that as
well:
Here's a list of general knowledge:
A procedural programming language: something like Pascal, Fortran, C or Perl
A functional programming language: traditionally Lisp, but Erlang's cool too!
An object oriented programming language: Eiffel, Smalltalk, Java, C++ (really a hybrid)
Data structures: lists, heaps, stacks, trees, dictionaries, etc.
Algorithms: complexity, sorting, graph traversal, etc.
Theory of computation: Turing machines, deterministic and non-deterministic finite automata, context-free grammars, etc.
Operating systems: job scheduling, filesystems, memory management, shared resources. I really liked "Operating System Concepts" by Silbershatz and Gavin.
Computer architecture: different types of machines, cpu pipelining, memory cache design, application binary interfaces, etc. "Computer Architecture: A Quantitative Approach" is THE book for this.
Software design: I can't recommend anything specific, but have noticed that many University courses do a really bad job of covering this (mine did).
And here's a list of UNIX specific knowledge:
Layout of the system: where files are and what they're used for
Design and implementation: I really like the Daemon (Design and Implementation of the 4.4 BSD Operating System) book for this
Systems programming: IPC, networking, etc; get Richard Stevens' books
And some more:
Revision control systems
Build systems
Debugging/test frameworks
I agree that one should simply explore what they're most interested in, but an emulator is a lot to bite off if you don't know the difference between little and big-endian, RISC versus CISC architectures, and ABI's.
Forget honeypots. Unless you put a human behind that VM it's running on. Automated pots are becoming less and less useful with attackers becoming more and more aware of them. Especially you can dump any kind of "honeypot kit", they are known and their quirks are tested painstakingly before an attack takes place.
Well, I suppose it depends on what type of honeypot you're running. Is it a research honeypot or a detection honeypot? I'm currently running a couple on my Windows network simply to catch something trying to talk to it. Worms typically scan the local network and this activity will be detected.
You have what is known as "database corruption" and that does NOT spontaneously solve itself. You have a serious problem.
*LOL* That happened at a place I once worked for; their solution was simply to migrate people over to a new Exchange server. Eventually we regained the ability to access data on the old Exchange server, but we were never able to combine the accounts which was a real hassle.
A few weeks ago the boss came by and asked about using Exchange (we're a mostly UNIX shop running Sendmail) and rather than berating the product simply asked him if he liked receiving his email. If you're running Exchange you will have a major outage at some point.
The worst that's ever happened on our Sendmail servers is that some application starts nailing a box with debug email, the load spikes, mail processing slows and the spool possibly fills causing new messages to be rejected. Eventually some admin comes along and fixes the issue (typically by changing the app's email alias to/dev/null for a while) and the messages that were originally rejected are resubmitted.
Slashdot Mirror
I _really_ don't understand the appeal of ringtones. Who the f cares what the ringer sounds like? The dang things shouldn't even _be_ ringing audibly in most situations anyway. JFC!
At first I just thought I was being slightly eccentric with my disdain for popular American culture, now I'm beginning to wonder if it's just to keep my sanity.
I have one at home and it works great. However, I've heard that Linksys modified the newer models such that they're not as hackable as they used to be. ISTR hearing something about them now running something other than Linux kernel.
WTF, who modded that offtopic? Rocky and Bullwinkle rocks! I used to get up at like six in the morning when I was little to watch that show.
FWIW, the FreeBSD project recently commited a new geom_xbox360 class to the development tree. I don't have any experience with it (just been reading the mailing list), but it provides access to the hard disk through the GEOM system.
Glad to hear that someone's been hacking the DS. I own the old and new revisions and have considered trying to write an application to drive my home stereo setup (which is connected to a server via an RS-232 link) via the touchscreen. It would be sweet to hit a button on the DS to turn on the stereo, select an A/V input and then choose a movie to play on the server.
Are you arguing that if a school history course talks about the Holocaust, that they also be required to give time to the idea that the Holocaust never occurred and is a big Jewish conspiracy?
Global warming is not a controversial issue. There are an extreme minority of groups that would like to convince the public otherwise.
The fact that the parents in question are religious fanatics is troubling enough in and of itself, but then you have this comment:
Well, what if America really is creating the rotten ruin of the world?
While I understand that it's status quo to not document these sorts of things, I still don't like it. Some part of my day is typically spent troubleshooting misbehaving hardware and it would make my life a whole lot easier if everything pertaining to the system board were documented. Most recently, I've struggled with some Sun X2200s and V20zs where maybe one-third of the diagnostic LEDs are labelled, where there's a secret diagnostics mode you can access via the front-panel if you move a certain jumper, etc.
That's a joke, right? I mean, it's a Federal program!
That book actually made me feel physically ill while reading it. I also own the film, but haven't gotten around to watching it yet; how is it?
For the most part I agree with you, but there are places in public where one tends to have an expectation of privacy. For example, say I really have to take a leak and choose a spot between two garbage bins in an alley. I look around, don't see anyone, assume I have some privacy for the moment and do my business. Yes, I'm doing it in public, but it's not as public as peeing on a train platform during rush hour.
Surveillance cameras that have been installed in public places typically aren't as noticable as someone walking down the street or looking out their back window. Cameras tend to be quite small and placed in inaccessible areas, like twenty feet up on a telephone pole.
I thought Orwell's ideas were based on a totalitarian Soviet Union, not Nazi Germany? Don't forget some of the other ways that people were controlled: modification of language to prevent the expression of certain ideas, rewriting history, the Two Minute Hate, the elimination of sexual pleasure, etc.
No, you can't be arrested in the United States for committing actions that were illegal here, but legal in the country where you performed them. Well, you could be arrested, but the charges probably wouldn't stick.
Those Thai services you're talking about (presumably sex with young children) are illegal in Thailand. The U.S. would arrest you as a courtesy to the Thai government.
Yeah, I'm not a fan of my credit card company deciding which transactions they're going to process. If I use the card at a merchant, they need to pay the merchant. What's next, credit card companies deciding they don't like certain restaurants, types of products, etc?
We all keep hearing these stories where some punk kid hacked a web server and the company that owned it then spend hundreds of thousands of dollars investigating and fixing their security problems. Is Sony now liable for similar damages against businesses that were infected by Sony's rootkit? A $1.5 million dollar settlement sounds like it's orders of magnitude too low considering the potential cost of cleanup.
IANAL, but I'd guess that if you don't accept the settlement from the class-action lawsuit, then you still retain the right to sue in civil court. Don't you typically have to sign an agreement waiving your right to sue for damages when you accept settlements like this?
Hell no Javascript doesn't deserve more respect. Unlike, say Java applets, there's no security sandbox so rogue Javascript code can connect to the network and leak information from the client system.
I call bullshit; Starbucks coffee tastes terrible! People go to Starbucks because there's one on practically every corner, there's furniture to sit on, wireless Internet access and very good brand awareness.
I think this is the third time I've posted the trick to fastballs. Don't go through the standard pitching motion, instead hold your straight hand out, palm down, and flick your wrist down. You should get a 90+ mph pitch every time.
Unless there's a valid concern?
I slid the wrist strap over my hand and the Wii remote suddenly jumped up and flew at the television, breaking the strap and my tv in the process; just like the linked article said!
Seriously, exactly where in the manuals are Wii owners instructed to violently throw the controller at the screen?
Anyone want to guess how many more stupid articles we're going to see explaining the basics of how HTTP, cookies or Javascript works? I find it amusing, yet sad, that so many people are pointing out web vulnerabilities that are nothing more than a n00b not understanding how someting works and either misconfiguring it or using it improperly.
I'm sorry, but cross-site scripting attacks are not real vulnerabilities! The problem is that your stupid browser can execute Javascript that's allowed to read local files and send data out over the network. The problem is not some forum maintainer allowing people to post Javascript, the problem is that you're allowing it to run. Turn Javascript off! It's garbage.
As for cookies being used improperly, what's so hard to understand? It's a file that's stored on a client's system. Under no circumstances should you store data you don't want the client to see, nor should you blindly trust the data the client provides.
Let's not even get into form validation. Apparently a lot of "web developers" don't understand the difference between an HTTP server and HTML content. No, just because you limited that pulldown to three options in your HTML doesn't mean the client can't send something else in its POST request.
I can't help but to wonder where companies are finding all of the idiot web developers.
Because I'm in a similar situation. I didn't want to give Microsoft any money, so I didn't buy an Xbox. However, I also collect game consoles, so I'd like to have an Xbox in the collection. I figured that so long as I bought the equipment used it would be okay.
I can confirm that my company is using jitter buffers much larger than 20ms.
*LOL* It's quite easy to throw pitches that fast, and you don't even have to move your arm! Simply hold the Wiimote vertically and then flick your wrist down; that's it! You'll get the maximum pitch speed every time.
I think a lot of people playing the Wii have yet to realize that you don't need to make huge movements with the Wiimote.
Okay, but why not buy one from eBay? Microsoft doesn't see any money from that sale.
I didn't list any web resources because I typically don't use them. I picked up most of the books mentioned when I was an undergrad and continue to use them to this day. Also, I don't particularly care to read from a CRT or LCD; they're not as easy on the eyes. I can't take it with me (I don't carry a laptop around wherever I go) and I can't take notes on them like I can in a book.
That's what I've done; I've currently ripped over 100 GB of WAV files from my discs. If you do decide to go this route, be prepared to spend a significant amount of time. A disc ripped using a DVD drive takes about five minutes on my machine; I actually used multiple drives simultaneously so I got about 3 discs done every ten minutes. So, for a meager 200 disc collection, you're looking at about ten hours of effort.
Once your music is on a server though, it's quite nice. I've setup NFS and Samba shares on my wireless network at home so I just have to boot my laptop up and I have access to all of my music anywhere in the house. I've also connected a server directly to my A/V receiver (Denon 2805AVR) which has an RS232 based control interface so I can turn the stereo on and select tracks to play all from my laptop.
Writing in a programming language is exactly like writing in any other language. As a neophyte, you're constantly consulting your textbook for the proper verb tense to use, you're looking up simple nouns, etc. Eventually you get the grammar down and have built up enough of a vocabulary that you only have to consult the dictionary once in awhile. Eventually you rarely have to look words up and can start focusing on things like elegant sentence structure.
Here's a list of what I considered to be essential areas of learning with regards to computer science. UNIX was mentioned in the article, so I'll include that as well:
Here's a list of general knowledge:
And here's a list of UNIX specific knowledge:
- Layout of the system: where files are and what they're used for
- Design and implementation: I really like the Daemon (Design and Implementation of the 4.4 BSD Operating System) book for this
- Systems programming: IPC, networking, etc; get Richard Stevens' books
And some more:I agree that one should simply explore what they're most interested in, but an emulator is a lot to bite off if you don't know the difference between little and big-endian, RISC versus CISC architectures, and ABI's.
Well, I suppose it depends on what type of honeypot you're running. Is it a research honeypot or a detection honeypot? I'm currently running a couple on my Windows network simply to catch something trying to talk to it. Worms typically scan the local network and this activity will be detected.
*LOL* That happened at a place I once worked for; their solution was simply to migrate people over to a new Exchange server. Eventually we regained the ability to access data on the old Exchange server, but we were never able to combine the accounts which was a real hassle.
A few weeks ago the boss came by and asked about using Exchange (we're a mostly UNIX shop running Sendmail) and rather than berating the product simply asked him if he liked receiving his email. If you're running Exchange you will have a major outage at some point.
The worst that's ever happened on our Sendmail servers is that some application starts nailing a box with debug email, the load spikes, mail processing slows and the spool possibly fills causing new messages to be rejected. Eventually some admin comes along and fixes the issue (typically by changing the app's email alias to /dev/null for a while) and the messages that were originally rejected are resubmitted.