To fake the hash, the attacker would have to have access to the private key used to generate the original hash, which is not so simple. These guys never had that level of access.
Have you tried using a site like Jamendo? (I'm not associated with the site, just a user of it.)
It seems to provide a decent framework for this sort of thing, and I've been introduced to a number of great artists through it. Plus you can receive post-purchase payments (tips) via the site.
One thing I think works with the site is that the tips are transparent, so you can see what other people are paying for an album. That's a great way of working out at a glance whether an older album is worth downloading, so your payments actually become a form of recommendation. Until now, nobody except you knew that your average payment was $6.80. So how much does anyone think to donate?
Anyway, I hope you are successful with your efforts.
Dylan.
I am in the group that paid more for the Radiohead album, I paid GBP3.50 for it. And I don't even like Radiohead. However, I wanted to support them for making this move, and hope that it encourages other bands to release their albums for optional pricing.
In the future, I would prefer to be able to try before I buy, and then set the price. As it was, I think this is a pretty good album, probably worth shelling out GBP3.00 or so for, so I am happy with it. But I would have been annoyed if I didn't like it.
Sorry, but who rated this asstrumpetry "Informative?"
The poster states that they haven't bothered to read any of the application apart from the few bits they quoted. If you were to bother to read the full (or even significant portions of the) application, you would see that it is pretty clear.
IBM has essentially patented a mode of operation for checkboxes that nobody uses except IBM. I can't imagine many scenarios where this is a superior method of operation to a shift-click or ctrl-click approach. I can't see it taking off (especially since its been patented) and it seems fairly harmless, if a little tenuous, and I an't believe it's taken more than 4 years to go through the process of being assessed, and then still accepted!
In essence they have patented a method for checking and unchecking multiple checkboxes at once, using a combination of mouse and keyboard. Doesn't seem terribly unique or profitable.
I run a forum in Australia which is industry-specific and encourages subscribers to post critical information about suppliers and software vendors.
The difference is that my forum is private, and not indexed on the web. Subscribers must join with a valid industry-specific email address, and no vendors or suppliers are allowed to join, read or post to the forum.
We still get occasional requests from vendors to take down content that is negative about them.
I am able to respond that the posts will not be removed, but that the vendors have a right of reply in their own section of the forum. This has been a useful approach and has worked well in the past.
I think that Whirlpool is in extra trouble becuase their content is now indexed and appears in any web search that users may feel like performing for 2clix.
I've been down this road in Australia, and here the rights are pretty explicit. Here's hoping that you are covered by similar rights too. (I post this for the information and edification of my fellow Australians.)
Keep all invoices, dockets and receipts -- you may not be entitled to a refund or replacement without proof of purchase. Also keep your software licence, hardware serial numbers plus make and model details in a safe place.
Under consumer law, all products sold in Australia must be safe and fit for purpose. That is, if a printer or piece of software claims to be compatible with Windows XP, but fails to run on your XP system, you have the right to return the product to the retailer and get a refund. You can also negotiate other solutions such as a replacement or repair, if you wish.
You're also entitled to a refund if the purchased product doesn't match the sample or description provided, or is defective (for example, it breaks down, doesn't work or develops a serious fault).
You're not entitled to a refund if you change your mind about the product, know about a fault when you buy it, are unable to prove when and where you bought the product or damaged it through misuse.
Although a product's written warranty may have expired, you may still have rights under its implied or statutory warranty. This means that all products sold in Australia must meet a basic level of quality and performance, bearing in mind its price, suitability for purpose, how long you've had it and how much you've used it. For example, you can expect a $600 personal digital assistant (PDA) to last longer than six months.
If you feel you've received a poor level of service, you can file a complaint with the department of fair trading or consumer affairs in your state -- services, including support, are also covered under the Trade Practices and Fair Trading Acts. For example, you have the right to your money back or further repairs, if your problem isn't fixed properly or you don't receive adequate support.
For more information and advice on consumer rights and laws in your state or territory, contact your local consumer protection agency. You'll find that some departments, such as the Queensland Office of Fair Trading, also provide specific advice on buying a computer and computer problems. Contact details for individual offices can be found at www.consumersonline.gov.au.
We've had several similar threats from cybersquatters in the past. As well as the usual imposters trying to get us to transfer domain registrations.
This sort of thing deserves closer policing. It is a drain on the time of registrars and registrants alike to have to deal with these sorts of charlatans.
2. Readings are Not Averaged Correctly: When the software takes a series of readings, it first averages the first two readings. Then, it averages the third reading with the average just computed. Then the fourth reading is averaged with the new average, and so on. There is no comment or note detailing a reason for this calculation, which would cause the first reading to have more weight than successive readings. Nonetheless, the comments say that the values should be averaged, and they are not.
This is interesting.
The effect is that if your levels are dropping, it magnifies the drop, and if your levels are rising, it magnifies the rise. I'm not certain that this is a problem, as such. It might even be a benefit, on some level (especially if your levels are dropping.) Read on to see what I mean.
If you were to take ten readings, and they were rising from "1" to "10", then the correct average according to the report would be the sum of 1 to 10 divided by 10, or 5.5. That is, you would have ten readings and the average of them would be 5.5 even though your present reading was 10. This artificialy minimises your reading. Using the machine's algorithm, your "average" reading would be 9.001953.
If, on the other hand, your levels were descending from 10 to 1 in the ten readings, then the "correct" average is 5.5 still, but the machine would say your reading was 1.998047. Which is closer to your final reading.
OK, so what does this mean efffectively? Well, I guess the biggest concern is a residual alcohol effect, where you ahve alcohol in your mouth either from the beer you had between your knees, or from the mouthwash you quaffed at the last second. In this case, you would expect to spike the first reading. The machine's algorithm takes the spike into account, but minimizes its effect on your overall reading.
It should be noted that both algorithms have the same result for one or two blows. To maximise your results, you would need to insist on more than 4 blows, and only if the average reading was dropping each time.
That's because it isn't really relevant. This case focused on the right of the police to ask for someone's name, not their ID, and then on whether the suspect had a right to refuse to respond.
This wasn't the case here. In the Circuit City situation, the guy has been asked for his name and provided it.
What is shameful is the police attitude that if you have given them any delay (for instance, by lawfully refusing to provide identification documents) then you are necessarily committing a crime because you are using up their valuable time. And therefore you can be charged for obstructing justice on some level because they are now investigating your crime, which wasn't a crime until they started investigating it.
A sort of criminal Heisenberg Uncertainty Principle. By checking to see if you are a criminal, a policeman can turn you into a criminal. Call it a "Get Into Jail Free" card.
I'm pleased to see that the Europeans are again taking a jump ahead of the colonials.
These days I pretty much exclusively get my music from http://www.jamendo.com/ where all the music is free (and much of it is pretty terrible, by the way, but there is also some excellent stuff.)
After observing the *AA fiasco, I've decided to vote with my wallet. Nowadays all my financial contributions are volutary. Jamendo provides me with a way to pay however much I like for the music I like, and just about all of it goes to the artist (for a change.)
Go the French!
I wonder if this will be good or bad for Creative Commons music like that I get from Jamendo http://www.jamendo.com/ which is distributed via BitTorrent?
If colleges are being asked to prove that they are investing in technology to prevent illegal downloads, I think it is only fair that they also invest some in allowing legal downloads too. I think I could support this sort of legislation if it provided that sort of sweetener.
For what its worth, I have about 30 protected email addresses at BlueFrog, and only the ones that were already getting spammed have been at all affected. Their extra spam is insignificant. They doubled my spam catch for a day. Feel me tremble.
Another spam outfit is planting a joe-job campaign against BlueFrog, actually spamming millions of addresses with propaganda asking people to join BlueFrog, and putting the BlueFrog email addresses as the return address for the emails. They are doing this to try to get BlueSecurity blacklisted as a spamming outfit.
One side-effect of this is that I know of several people who have joined BlueFrog as a result.
Way to shoot yourself in the foot.
The spammers are actually giving BlueSecurity free (albeit lame) publicity.
Slashdot Mirror
You can't just make up an MD5 hash.
To fake the hash, the attacker would have to have access to the private key used to generate the original hash, which is not so simple. These guys never had that level of access.
Have you tried using a site like Jamendo? (I'm not associated with the site, just a user of it.)
It seems to provide a decent framework for this sort of thing, and I've been introduced to a number of great artists through it. Plus you can receive post-purchase payments (tips) via the site.
One thing I think works with the site is that the tips are transparent, so you can see what other people are paying for an album. That's a great way of working out at a glance whether an older album is worth downloading, so your payments actually become a form of recommendation. Until now, nobody except you knew that your average payment was $6.80. So how much does anyone think to donate?
Anyway, I hope you are successful with your efforts. Dylan.
I think you may be right.
I am in the group that paid more for the Radiohead album, I paid GBP3.50 for it. And I don't even like Radiohead. However, I wanted to support them for making this move, and hope that it encourages other bands to release their albums for optional pricing.
In the future, I would prefer to be able to try before I buy, and then set the price. As it was, I think this is a pretty good album, probably worth shelling out GBP3.00 or so for, so I am happy with it. But I would have been annoyed if I didn't like it.
I just want to know where I can buy one? Better be quick, for damn sure the government won't want you to be able to get one of these.
Sorry, but who rated this asstrumpetry "Informative?"
The poster states that they haven't bothered to read any of the application apart from the few bits they quoted. If you were to bother to read the full (or even significant portions of the) application, you would see that it is pretty clear.
IBM has essentially patented a mode of operation for checkboxes that nobody uses except IBM. I can't imagine many scenarios where this is a superior method of operation to a shift-click or ctrl-click approach. I can't see it taking off (especially since its been patented) and it seems fairly harmless, if a little tenuous, and I an't believe it's taken more than 4 years to go through the process of being assessed, and then still accepted!
In essence they have patented a method for checking and unchecking multiple checkboxes at once, using a combination of mouse and keyboard. Doesn't seem terribly unique or profitable.
A fairly comprehensive list of affected ids is available at this site.
I run a forum in Australia which is industry-specific and encourages subscribers to post critical information about suppliers and software vendors.
The difference is that my forum is private, and not indexed on the web. Subscribers must join with a valid industry-specific email address, and no vendors or suppliers are allowed to join, read or post to the forum.
We still get occasional requests from vendors to take down content that is negative about them.
I am able to respond that the posts will not be removed, but that the vendors have a right of reply in their own section of the forum. This has been a useful approach and has worked well in the past.
I think that Whirlpool is in extra trouble becuase their content is now indexed and appears in any web search that users may feel like performing for 2clix.
From the Australian Consumer's Association:
- Keep all invoices, dockets and receipts -- you may not be entitled to a refund or replacement without proof of purchase. Also keep your software licence, hardware serial numbers plus make and model details in a safe place.
- Under consumer law, all products sold in Australia must be safe and fit for purpose. That is, if a printer or piece of software claims to be compatible with Windows XP, but fails to run on your XP system, you have the right to return the product to the retailer and get a refund. You can also negotiate other solutions such as a replacement or repair, if you wish.
- You're also entitled to a refund if the purchased product doesn't match the sample or description provided, or is defective (for example, it breaks down, doesn't work or develops a serious fault).
- You're not entitled to a refund if you change your mind about the product, know about a fault when you buy it, are unable to prove when and where you bought the product or damaged it through misuse.
- Although a product's written warranty may have expired, you may still have rights under its implied or statutory warranty. This means that all products sold in Australia must meet a basic level of quality and performance, bearing in mind its price, suitability for purpose, how long you've had it and how much you've used it. For example, you can expect a $600 personal digital assistant (PDA) to last longer than six months.
- If you feel you've received a poor level of service, you can file a complaint with the department of fair trading or consumer affairs in your state -- services, including support, are also covered under the Trade Practices and Fair Trading Acts. For example, you have the right to your money back or further repairs, if your problem isn't fixed properly or you don't receive adequate support.
For more information and advice on consumer rights and laws in your state or territory, contact your local consumer protection agency. You'll find that some departments, such as the Queensland Office of Fair Trading, also provide specific advice on buying a computer and computer problems. Contact details for individual offices can be found at www.consumersonline.gov.au.There's always hope.
John Zuccarini ended up serving more than a year in prison for cybersquatting, and this seems more serious to me.
We've had several similar threats from cybersquatters in the past. As well as the usual imposters trying to get us to transfer domain registrations.
This sort of thing deserves closer policing. It is a drain on the time of registrars and registrants alike to have to deal with these sorts of charlatans.
I understood that that was what PZEV meant. Not lett CO2, but less pollutants (smog-forming particulates.)
This is interesting.
The effect is that if your levels are dropping, it magnifies the drop, and if your levels are rising, it magnifies the rise. I'm not certain that this is a problem, as such. It might even be a benefit, on some level (especially if your levels are dropping.) Read on to see what I mean.
If you were to take ten readings, and they were rising from "1" to "10", then the correct average according to the report would be the sum of 1 to 10 divided by 10, or 5.5. That is, you would have ten readings and the average of them would be 5.5 even though your present reading was 10. This artificialy minimises your reading. Using the machine's algorithm, your "average" reading would be 9.001953.
If, on the other hand, your levels were descending from 10 to 1 in the ten readings, then the "correct" average is 5.5 still, but the machine would say your reading was 1.998047. Which is closer to your final reading.
OK, so what does this mean efffectively? Well, I guess the biggest concern is a residual alcohol effect, where you ahve alcohol in your mouth either from the beer you had between your knees, or from the mouthwash you quaffed at the last second. In this case, you would expect to spike the first reading. The machine's algorithm takes the spike into account, but minimizes its effect on your overall reading.
It should be noted that both algorithms have the same result for one or two blows. To maximise your results, you would need to insist on more than 4 blows, and only if the average reading was dropping each time.
That's because it isn't really relevant. This case focused on the right of the police to ask for someone's name, not their ID, and then on whether the suspect had a right to refuse to respond. This wasn't the case here. In the Circuit City situation, the guy has been asked for his name and provided it. What is shameful is the police attitude that if you have given them any delay (for instance, by lawfully refusing to provide identification documents) then you are necessarily committing a crime because you are using up their valuable time. And therefore you can be charged for obstructing justice on some level because they are now investigating your crime, which wasn't a crime until they started investigating it. A sort of criminal Heisenberg Uncertainty Principle. By checking to see if you are a criminal, a policeman can turn you into a criminal. Call it a "Get Into Jail Free" card.
I'm pleased to see that the Europeans are again taking a jump ahead of the colonials.
These days I pretty much exclusively get my music from http://www.jamendo.com/ where all the music is free (and much of it is pretty terrible, by the way, but there is also some excellent stuff.)
After observing the *AA fiasco, I've decided to vote with my wallet. Nowadays all my financial contributions are volutary. Jamendo provides me with a way to pay however much I like for the music I like, and just about all of it goes to the artist (for a change.)
Go the French!
I wonder if this will be good or bad for Creative Commons music like that I get from Jamendo http://www.jamendo.com/ which is distributed via BitTorrent?
If colleges are being asked to prove that they are investing in technology to prevent illegal downloads, I think it is only fair that they also invest some in allowing legal downloads too. I think I could support this sort of legislation if it provided that sort of sweetener.
I wonder how long before the RIAA hires a botnet to attack sites that they can't get at otherwise (allofmp3 for instance?)
And then, how long before one company takes down another company using botnets?
I was more worried about these spammers when they didn't care about Blue.
U AaIRZk2e.54@.3c52c5a1)
Now I know they are scared.
Once BlueSecurity gets over its slashdotting, check out their forums. Lots of angry rhetoric from spammers is posted there (http://community.bluesecurity.com/webx?14@780.8k
For what its worth, I have about 30 protected email addresses at BlueFrog, and only the ones that were already getting spammed have been at all affected. Their extra spam is insignificant. They doubled my spam catch for a day. Feel me tremble.
Another spam outfit is planting a joe-job campaign against BlueFrog, actually spamming millions of addresses with propaganda asking people to join BlueFrog, and putting the BlueFrog email addresses as the return address for the emails. They are doing this to try to get BlueSecurity blacklisted as a spamming outfit. One side-effect of this is that I know of several people who have joined BlueFrog as a result. Way to shoot yourself in the foot. The spammers are actually giving BlueSecurity free (albeit lame) publicity.
Sorry, but summer is already over here. Australian summer ends at the end of February. (And starts at the beginning of December.)