The article doesn't seem to mention prosecution. Do the people running the honey pots just sit back and watch what the script kiddies are doing, plug the holes, and forget about it? Or are they filing in court? Also, suppose you had a white hat cracker. Would anyone running a honey pot care if the cracker broke in and plugged all the holes to prevent the kiddies from doing some real damage?
I fail to see the difference. Linux is a work in progress. There are test kernels being "released" all the time. New features are added. More compatibility is added (e.g. Pentium IV). Etc.
> that is the way it used to be and it was a pain in the ass
I know. Now, how many of your garden-variety users are going to make a journey to hell and back (assuming they're even able to) to try out an operating system that they probably won't like anyway? If Linux is to gain any kind of marketshare in the desktop world outside of a rounding error, your average user is going to have to be able to use it. GUIs are a step in the right direction, but if Yooser can't compile GNOME or KDE, and he doesn't have binaries, his reaction is probably going to be one of two:
OK. Say the Linux distributions didn't want to release procompiled binaries. Say they wanted to make their users truly understand how the various distros work. How many of you would still have tried Linux if you had to compile all the binaries yourselves?
MSN Messenger? Ah, a "reliable," "free*" product, brought to you by the kind folks at Micro$oft.
PowWow? Honestly, how many people do you know that have even heard of it, let alone have bothered to create an account?
* Subject to terms decided by Microsoft. By signing up for MSN Messenger service, you hereby agree to give Microsoft Corporation (hereafter referred to as "We Own Your Soul") sole ownership and possession of any and all inventions, ideas, etc. produced by you (hereafter referred to as "Putty-brain"), including any electrochemical developments and all genetic by-products. These terms are subject to change at our discretion.
Has anyone here considered that the "mistakes" in the printed cryptograph might have been intentional? I know that I'd have a few "mistakes" in any message I'd encrypt (if I was doing it manually), with the REAL message available upon decrypting the decrypted message. I'd probably even eliminate all the vowels, and use homonyms, etc. Has anyone checked into this? If not, maybe someone should do so, to see if there is another message encrypted inside the decrypted message.
Sounds like a great idea, as long as it's done right. I'm a student who's just beginning to learn C, and after an exhaustive search, I've come to the conclusion that good, free programming courses (in non-proprietary languages) are very rare indeed. If this project turns out to be what it promises, I'm really looking forward to seeing it. If it's another course in proprietary algorithms and libraries, it would be merely one project among many.
Only six? I lost count somewhere arount twenty-three . ..
>"Ender's Shadow" was terrible.
I don't know if I'd go that far. I agree that it wasn't quite as good as Ender's Game, but it was an enjoyable book. Where it paled in comparison to Ender's Game was where it focused more on Bean's analyses of the situations that he's put into rather than Ender's analyses of the people he's around.
Hmmm. As I recall, the filtering software at my old school (WebSENSE , I think it was called) filtered domains (e.g. http://www.pcgamer.com ) but not their IP addresses (e.g. 209.246.21.46 ). All one would have to do to get around this would be to write a script to output the IP address of a domain given to it and write a utility to replace all outgoing TCP/IP requests for domains with IP addresses stored in a database on the user's computer. Is this typical of filtering software, or do most companies have blocked domains also block their IP addresses?
No voting on the Internet (I'd like to, it'd be very handy, but bear with me).
When one gets to the polling place, he/she is checked for proper ID (driver's license, etc.), which is entered into a computer for logging. The voter is given a smartcard-like device and a paper ballot. When the voter enters the booth, he/she sticks the ballot and the smartcard into a machine, the computer in the booth displays a message (you are responsible for making sure your ballot is correct, by continuing, you agree that you take all responsibility for a vote mistakenly cast for another candidate, etc.), and, for the candidates, displays names and faces. When the voter chooses from a list who he/she wants to vote for, the computer shows the names/faces of the candidates and asks if these are the right people. Assuming the voter chooses "yes," the machine automatically punches the ballot. The computer then spits out the ballot and asks for the voter to check to make sure all the holes are punched correctly (showing a picture of what the ballot should look like with the holes punched). If it isn't, the voter is asked to put it back into the machine, at which time another hole is punched in an "invalid" space, or some such thing, after which it spits the smart card back out. If the vote is correct, it keeps the smart card, logs the vote for reporting to the state, and the voter goes to put the paper ballot in the box. If any challenges as to the validity of the ballots are made, the paper ballots are there for records.
I honestly don't see what's so confusing about the butterfly ballot. I took a look at one of Florida's butterfly ballots (in the disputed area), and it seemed perfectly clear to me that, since the second arrow was between the first and the third, and that because Buchannan was there, punching the second hole would be a vote for Buchannan. You just have to look at both sides of the ballot (right and left). It's ironic, though, that this would confuse some elderly people who voted, because this was designed to be easier to read (bigger print, so they had to redo the layout).
Why do people talk about this going to court? If anything, it should go to the House and the Senate. If this drags on into January, one could argue that it's Constitutionally bound to (12th and 20th amendments). If that happens, we're likely to wind up with Bush and Cheney winning by default.
Just out of curiosity, would the encryption/scrambling clause include compression? Technically, any file that's been compressed has been, to some degree, "scrambled" (from its original form). If the DMCA covers this method of software distribution, I think that we can expect to see quite a few Windows software distributions that consist of a compressed file with the program's contents (probably a ZIP file), a decompressor/runtime executable, and a notice threatening people with legal action if the decompress the file and modify/reverse engineer/hex edit/etc. the contents. Just a thought.
Does anyone know whether someone could threaten legal action against one's ISP for "hacking" attempts? If it's not okay for someone to do that to a large company (try portscanning your ISP and see what they say . . . if it's not already forbidden), then why do they presume to have the right to portscan their customers? Say that the frequent portscans are a possible attempt to "gain unauthorized access to your computer." Something like that. If they complain that you were trying to run a server, counter with the fact that they can run their DSL/cable service through a proxy server and filter out all incoming port connections. That would close the loophole. Thus, they have no valid case for portscanning.
I don't want to see reverse engineers exploited. I specifically did not say for companies to hire reverse engineers. Whatever they give them to play with has to come with no strings attatched (including legal indemnification for the basics, i.e. common architecture, etc.). If reverse engineers are hired by a company, then you're right. They would be exploited. If, however, they're allowed to do whatever they want with the hardware/software they're given, it will probably help the companies that gave it to them. Being in fear of your job for doing your job too well (finding too many bugs, exploring the product too well) is no way to test a product.
If enough companies openly endorse reverse engineering, it will benefit the entire community. Suppose someone is a reverse engineer. Do you think he'll be more willing to share what he finds if he think it'll get him into legal trouble? The unethical reverse engineers who may be risking lawsuits already (warez, etc.) would be more likely to be the ones to share what they find. This information would probably go to the script kiddies first. On the other hand, if reverse engineering is openly endorsed by the company, they'll probably be the first ones to get news of a "new" securtiy hole/bug in their products. They will then either tell their customers and provide a fix for the problem or take the heat when the reverse engineer publishes his findings. It would be much the same as how things work now, but the companies, and, hopefully, the customers, would be the first one's to get news of problems with the hardware/software they bought.
Beyond this, reverse engineers provide an aftermarket. By releasing new software (or hardware) designed to enhance a company's product, they are actually helping the company. You can't use the enhancement without using the original product. (Think Apple II; how long did that thing last after it was obsolete?) This also provides income for the reverse engineers. If they reverse a product and sell an enhancement, they would keep the profits.
Reverse engineering benefits everyone in the long run. If the DMCA goes unchallenged, we can expect to see quite a few buggy, underpowered, proprietary products in the future.
Slashdot Mirror
The article doesn't seem to mention prosecution. Do the people running the honey pots just sit back and watch what the script kiddies are doing, plug the holes, and forget about it? Or are they filing in court? Also, suppose you had a white hat cracker. Would anyone running a honey pot care if the cracker broke in and plugged all the holes to prevent the kiddies from doing some real damage?
Won't we get all the trolls voting dozens of times if that happens?
> ban the dumb link
I second the motion.
> they are talking about works-in-progress
I fail to see the difference. Linux is a work in progress. There are test kernels being "released" all the time. New features are added. More compatibility is added (e.g. Pentium IV). Etc.
> that is the way it used to be and it was a pain in the ass
I know. Now, how many of your garden-variety users are going to make a journey to hell and back (assuming they're even able to) to try out an operating system that they probably won't like anyway? If Linux is to gain any kind of marketshare in the desktop world outside of a rounding error, your average user is going to have to be able to use it. GUIs are a step in the right direction, but if Yooser can't compile GNOME or KDE, and he doesn't have binaries, his reaction is probably going to be one of two:
"This sucks!"
or
10 Enter chat room/message board
20 Whine
Goto 10
OK. Say the Linux distributions didn't want to release procompiled binaries. Say they wanted to make their users truly understand how the various distros work. How many of you would still have tried Linux if you had to compile all the binaries yourselves?
> 10 years ago how often did you need to flash the BIOS?
Hmmmm. Well, considering that, ten years ago, BIOSes weren't widely available (read: did not exist) on reflashable chips . . .
AIM? Uhhh. Look at the article. Ask yourself: Do I feel lucky?
.
.
ICQ? Hmmm. Nope. Used to be good, until AOL bought it. Now I wonder whether UINs are going to be vulnerable . .
Yahoo! Messenger? Ah, a prima donna company that tries to take ownership of its users' pages. I think I'd be better off with AOL . .
MSN Messenger? Ah, a "reliable," "free*" product, brought to you by the kind folks at Micro$oft.
PowWow? Honestly, how many people do you know that have even heard of it, let alone have bothered to create an account?
* Subject to terms decided by Microsoft. By signing up for MSN Messenger service, you hereby agree to give Microsoft Corporation (hereafter referred to as "We Own Your Soul") sole ownership and possession of any and all inventions, ideas, etc. produced by you (hereafter referred to as "Putty-brain"), including any electrochemical developments and all genetic by-products. These terms are subject to change at our discretion.
-1, Redundant (I know, I know; someone else probably thought of it first)
Has anyone here considered that the "mistakes" in the printed cryptograph might have been intentional? I know that I'd have a few "mistakes" in any message I'd encrypt (if I was doing it manually), with the REAL message available upon decrypting the decrypted message. I'd probably even eliminate all the vowels, and use homonyms, etc. Has anyone checked into this? If not, maybe someone should do so, to see if there is another message encrypted inside the decrypted message.
Sounds like a great idea, as long as it's done right. I'm a student who's just beginning to learn C, and after an exhaustive search, I've come to the conclusion that good, free programming courses (in non-proprietary languages) are very rare indeed. If this project turns out to be what it promises, I'm really looking forward to seeing it. If it's another course in proprietary algorithms and libraries, it would be merely one project among many.
Does anyone have a mirror for this site? (BTW, I wonder if this could be considered a DDoS attack . . .)
> I have read Ender's Gamer at least six times
.
Only six? I lost count somewhere arount twenty-three . .
>"Ender's Shadow" was terrible.
I don't know if I'd go that far. I agree that it wasn't quite as good as Ender's Game, but it was an enjoyable book. Where it paled in comparison to Ender's Game was where it focused more on Bean's analyses of the situations that he's put into rather than Ender's analyses of the people he's around.
Hmmm. As I recall, the filtering software at my old school ( WebSENSE , I think it was called) filtered domains (e.g. http://www.pcgamer.com ) but not their IP addresses (e.g. 209.246.21.46 ). All one would have to do to get around this would be to write a script to output the IP address of a domain given to it and write a utility to replace all outgoing TCP/IP requests for domains with IP addresses stored in a database on the user's computer. Is this typical of filtering software, or do most companies have blocked domains also block their IP addresses?
Here's my idea for a voting system:
No voting on the Internet (I'd like to, it'd be very handy, but bear with me).
When one gets to the polling place, he/she is checked for proper ID (driver's license, etc.), which is entered into a computer for logging. The voter is given a smartcard-like device and a paper ballot. When the voter enters the booth, he/she sticks the ballot and the smartcard into a machine, the computer in the booth displays a message (you are responsible for making sure your ballot is correct, by continuing, you agree that you take all responsibility for a vote mistakenly cast for another candidate, etc.), and, for the candidates, displays names and faces. When the voter chooses from a list who he/she wants to vote for, the computer shows the names/faces of the candidates and asks if these are the right people. Assuming the voter chooses "yes," the machine automatically punches the ballot. The computer then spits out the ballot and asks for the voter to check to make sure all the holes are punched correctly (showing a picture of what the ballot should look like with the holes punched). If it isn't, the voter is asked to put it back into the machine, at which time another hole is punched in an "invalid" space, or some such thing, after which it spits the smart card back out. If the vote is correct, it keeps the smart card, logs the vote for reporting to the state, and the voter goes to put the paper ballot in the box. If any challenges as to the validity of the ballots are made, the paper ballots are there for records.
"Lego" used as an adjective, be it singular or plural, is always "Lego." This is demonstrated below:
"May I have a Lego, please, mother?"
"Those Lego houses certainly look outstanding."
I honestly don't see what's so confusing about the butterfly ballot. I took a look at one of Florida's butterfly ballots (in the disputed area), and it seemed perfectly clear to me that, since the second arrow was between the first and the third, and that because Buchannan was there, punching the second hole would be a vote for Buchannan. You just have to look at both sides of the ballot (right and left). It's ironic, though, that this would confuse some elderly people who voted, because this was designed to be easier to read (bigger print, so they had to redo the layout).
Why do people talk about this going to court? If anything, it should go to the House and the Senate. If this drags on into January, one could argue that it's Constitutionally bound to (12th and 20th amendments). If that happens, we're likely to wind up with Bush and Cheney winning by default.
All I have to say about Nader and Gore is:
Bush, Clinton, Perot in '92
Then I heard on Geeks in Space Rob and co rant about Google coming out of beta.
You waited until it was out of beta?
Just out of curiosity, would the encryption/scrambling clause include compression? Technically, any file that's been compressed has been, to some degree, "scrambled" (from its original form). If the DMCA covers this method of software distribution, I think that we can expect to see quite a few Windows software distributions that consist of a compressed file with the program's contents (probably a ZIP file), a decompressor/runtime executable, and a notice threatening people with legal action if the decompress the file and modify/reverse engineer/hex edit/etc. the contents. Just a thought.
People releasing harmful microcode. Hmmm. Nope. Don't think I've got to worry about buggy processors . . .
I've got an Athlon.
Does anyone know whether someone could threaten legal action against one's ISP for "hacking" attempts? If it's not okay for someone to do that to a large company (try portscanning your ISP and see what they say . . . if it's not already forbidden), then why do they presume to have the right to portscan their customers? Say that the frequent portscans are a possible attempt to "gain unauthorized access to your computer." Something like that. If they complain that you were trying to run a server, counter with the fact that they can run their DSL/cable service through a proxy server and filter out all incoming port connections. That would close the loophole. Thus, they have no valid case for portscanning.
Imagine using one of these while you're sick.
.
*ACHOO*
Just TRY and find your computer now.
Or . .
Imagine taking a project-based class in learning how to build these things (a degree in nanotechnology).
Professor: "You didn't turn in your project."
You: "Yes, I did. I put it in that microscope slide on your desk so you wouldn't lose it."
Professor: "You mean the one I'm using to examine my e-coli culture?"
I don't want to see reverse engineers exploited. I specifically did not say for companies to hire reverse engineers. Whatever they give them to play with has to come with no strings attatched (including legal indemnification for the basics, i.e. common architecture, etc.). If reverse engineers are hired by a company, then you're right. They would be exploited. If, however, they're allowed to do whatever they want with the hardware/software they're given, it will probably help the companies that gave it to them. Being in fear of your job for doing your job too well (finding too many bugs, exploring the product too well) is no way to test a product.
If enough companies openly endorse reverse engineering, it will benefit the entire community. Suppose someone is a reverse engineer. Do you think he'll be more willing to share what he finds if he think it'll get him into legal trouble? The unethical reverse engineers who may be risking lawsuits already (warez, etc.) would be more likely to be the ones to share what they find. This information would probably go to the script kiddies first. On the other hand, if reverse engineering is openly endorsed by the company, they'll probably be the first ones to get news of a "new" securtiy hole/bug in their products. They will then either tell their customers and provide a fix for the problem or take the heat when the reverse engineer publishes his findings. It would be much the same as how things work now, but the companies, and, hopefully, the customers, would be the first one's to get news of problems with the hardware/software they bought.
Beyond this, reverse engineers provide an aftermarket. By releasing new software (or hardware) designed to enhance a company's product, they are actually helping the company. You can't use the enhancement without using the original product. (Think Apple II; how long did that thing last after it was obsolete?) This also provides income for the reverse engineers. If they reverse a product and sell an enhancement, they would keep the profits.
Reverse engineering benefits everyone in the long run. If the DMCA goes unchallenged, we can expect to see quite a few buggy, underpowered, proprietary products in the future.
I am the legal owner of 1 copy of windows 98
Read your license. You own one UPGRADE license. You do not own a license for installing Win98 on a box without an OS.