According to the article, they think the CEO's skipped town to Morocco. Don't we have an extradition treaty w/them? If so, it shouldn't be that hard to get him back, assuming Morocco's police play along.
The Kapersky folks have already started disavowing the statements that are attributed to them. Apparently this is a big case of sensationalism (surprise, surprise). NtBugTraq forwarded on the Kapersky statement on it, which had this useful bit of info:
Kaspersky is not predicting the end of the Internet tomorrow -
or even in the near future. The story stems from brief comments made
yesterday at a press conference which was dedicated to cybercrime and
the problems of spam.
At this press conference, Kaspersky commented that the possibility of
terrorists using the Internet as a tool to attack certain countries was
a reality. As an example, he cited the fact that a number of Arabic and
Hebrew language websites contained an announcement of an 'electronic
jihad' against Israel, to start on 26th August 2004.
In an interview today, Kaspersky stressed that such information was not
necessarily trustworthy. 'We don't know who is behind these statements.'
He went on to clarify: 'It's not the first time the term 'electronic
jihad' has been used. We've seen this before, with the focus being on
sending racist emails, and defacing and hacking Israeli web sites. But
it is the first time I have seen sites encouraging the use of Internet
attacks against one country as a form of terrorism.'
Just so you know, the arrangement of seats on an airplane isn't something that can be easily moved around. The seats are on tracks, but they're fixed in place and inspected before the plane is cleared to enter regular service. If the airline changes the seat arrangement on a plane, the plane has to be re-inspected before it can be used for flight again (make sure they actually did tighten the seats down, for instance).
This is a slow process, and the airline is paying for the plane while not making any money off it the whole time. That sort of thing makes them unhappy.
Also, it should also be noted that we don't have nearly enough Air Marshalls to police every flight into and/or inside the US. There are thousands of flights every day in US airpace. It would take effectively a small army to put 1 or 2 Air Marshalls on every flight. The TSA, even with their insane budget, couldn't afford it.
Seriously, it's hugely useful. It's very nice to be able to show management that you not only have a config backup system for your network devices, but your backup system is also doubling as a change control system. It's at http://www.shrubbery.net/rancid . I tend to use something like webCVS with it, to let folks browse through the CVS configs (you will, of course, want to use authentication to restrict access to webcvs).
This isn't really a mail anoymizer. There are better mail mixers (like mixmaster) out there. Because latency isn't that big an issue for mailers, adding a 3 hour or so delay isn't a big deal to a mail anonymizer. Adding that kind of latency to http is unacceptable, so you can't use the same system to anonymize http as smtp, unfortunately.
Because of that, you can build a better anonymizing system for smtp because you can avoid timing attacks more easily. If you're interested in anonymous mail, though, have a look at mixmaster.
Ummm...unlikely. TOR was developed at the request of the Navy to help hide the fact that certain activities were coming from Navy devices (like, for instance, they may not want Navy-owned IPs showing up in webserver logs). This is something that the gov't reconnaissance folks will want. The interesting thing is, they *have* to open it, otherwise people will still know it's a government system, since it came from the government anonymizer. If they really want sites to not know that the government is looking at them, they have to let everyone use it, so that the anonymizer is no longer a "government" thing.
Yeah, he mentioned ZKS in his presentation. Their disappearing, and taking the network with them, is one of the reasons that he's BSD-licensing the code for this.
Interestingly, one of the other reasons is that he managed to convince the Navy that others would use and trust the code (therefore making the Navy's use of it more difficult to detect) if those others could read the code and implement it themselves. I'm honestly kinda surprised (but happy) that the Navy agreed to it.
Anyway, for those asking, no, this isn't quite like Freenet. In TOR, you decide which points you want to send traffic through (and negotiate encryption keys with each one individually), and, unlike FreeNet, you can tunnel existing protocols over it (like, say http).
There's a lot of promise here, but in his talk, he was looking for sites that had at least 1Mbps up & down speeds for nodes. This isn't quite like Peekabooty, in that right now they're not looking for everyone to run a middleman node.
Odd that they'd mention the BlueTooth rifle, but not mentioning the Shmoo 802.11 rifle..same idea, much sexier design, dangerous power levels...like, 13 Watts. They claimed that it was dangerous to stand in front of or behind it while it was on.
No, actually it made me giggle like a schoolgirl. I think this is great. I'd love to see a car like this on the roads...it would be hysterical. Heck, if you could retro-fit it to existing cars, I might add it to mine (depending on price).
Society of Composers, Authors and Music Publishers of Canada shortens to SOCAN? No way. That abbreviates to SCAMP, and everyone knows it. (and it makes more sense, too.)
A few thoughts: 1) This isn't like buying toothpaste (to borrow a quote). This is surgery. It is worth it to pay the extra money for someone good, rather than skimp and regret it later. 2) If your correction is still changing year-to-year, don't do it. It's only really worth it if your vision has stabilized for a few years. 3) Be prepared for side effects. Personally, my eyes are much drier than they were before, and small, point light sources have little halos around them...especially visible at night. 4) They may say that you can function normally the next day...don't even bother trying. Personally, the day after I could look out my window and watch the building across the way shift into and out of focus as my eyes dealt with their new shape. It was like tripping, only without the mood to go along with it. Kinda freaky, actually, now that I think about it.
With all that said, I would do it again in a heartbeat. I was about -6 or -6.5 diopter, and about a -3 or 4 astigmatism. That's well beyond the range measureable by the 20/20 scale. I don't need glasses now, for anything. I spent a good deal more than the average person, but it was absolutely worth it.
Gotta agree. I've had one for a year and a half now (was an early adopter), and I've almost always had to open the phone (exposing the keyboard) to talk on it. The reception issue is, I think, not as much related to the device as it is to T-Mobile's service. I've heard lots of folks complain about T-Mobile reception, whether they have hiptops or regular phones.
I stopped looking a while ago: did they ever ease up on the "you have to prove you can code before we'll let you upload your own apps" nonsense?
That's easy. "Winning" isn't defined by the table...it just moves the ball. To make intensity/non-relaxedness "win", just define the game so that pulling the ball to you wins, rather than winning by being relaxed & pushing it away.
As someone else mentioned, though, watching two people act constipated may not be any more fun.
While you're probably right, what ICANN's trying to prevent is the arms race that reintroducing Sitefinder (specifically the DNS wildcard) will cause.
If the wildcard comes back, you can count on ISPs and software companies building their own overrides for the service (some to prevent it from happening, some to point their users to their service instead). Then, of course, Verisign will modify their system to compensate, etc, etc. That arms race will almost certainly affect the stability of the system, so ICANN's trying to keep it from starting. If that takes getting a court-ordered shutdown, I think they're prepared to take that route.
ell me if you know of any distribution that can install VMWare Workstation, Eclipse, Tomcat, JBoss, etc... with one (ONLY ONE) command: emerge XXX
Umm...Debian? apt-get install XXX
Honestly, I'm in the process of moving from Gentoo to Debian, for both servers and desktops. Gentoo finally just pissed me off. From the package maintaner for bind just being a dork (refusing to deal with bind 9.2.3 for almost a year now), to random movements of config files in minor upgrades, to having to wrestle with packages being renamed and portage not cleaning up after that (vcron/vixie-cron, for example), I'm done.
Granted, I'm having to mix Debian testing with stable to get all the packages I want, but getting the Debian replacement up has taken me about a third of the time it took me to get the Gentoo box up. Gentoo was interesting, but they really haven't gotten their heads 'round the idea that while I *can* sit & tweak my systems all day, I don't really *want* to.
No, I tried. Was on a full scholarship for grad school & all.
The deal: while I was doing research in undergrad, the school I was at had an opening for one non-tenure track physics post (Physics being my area). They had over 1,000 applications, 400 of them qualified folks.
I looked at that, and looked at the folks I was with in Grad school, and realized that no matter how good or cool I think I am, there's no way I'm getting a job in this field. I was pretty good at Physics (still am), but if all the folks in my grad school all finshed & went out looking for academic work, we'd have a snowball's chance in hell of actually getting anything.
I posited this thought to various professors in grad school...they all pooh-poohed it, and all but one would not even acknowledge that this might be a problem. The one who did admitted that there was no way he'd be able to get an academic Physics job in today's job market (note: he was no slouch...he published regularly in experimental Chaotic Dynamics).
At that point, rather than kill myself for another few years, I bailed. The fact that only one of several professors I talked to would even admit that the job market was tough was...enlightening.
Do I want to have a small chance at cutting-edge research, get taken advantage of mercilessly by entrenched professors, and distantly dream of seeing my work mentioned in a high-profile publication, or do I want to actually have a life?
(For the curious: yes, I had to make that decision, and yes, that's about the position I was faced with in grad school...3 guesses which direction I went.)
Oh, fer crying out loud. I suspect you're trolling, but still.
By your logic, RC cars should be regulated (replace some of their space with explosives and go), so should RC places (same). Heck, so should balloons (just tie explosives to the bottom & let go).
Security (electronic, physical and otherwise) is not about eliminating risk. You can't eliminate risk. Ever. You *can* manage risk. Ie, limit potential damage, make recovery from damage easier, etc. To do that right, you have to decide if the costs associated with the control you're putting in place are appropriate to the risk. In this case, I think they're silly.
Slashdot Mirror
According to the article, they think the CEO's skipped town to Morocco. Don't we have an extradition treaty w/them? If so, it shouldn't be that hard to get him back, assuming Morocco's police play along.
Summary: nothing to see here. Move along.
Just so you know, the arrangement of seats on an airplane isn't something that can be easily moved around. The seats are on tracks, but they're fixed in place and inspected before the plane is cleared to enter regular service. If the airline changes the seat arrangement on a plane, the plane has to be re-inspected before it can be used for flight again (make sure they actually did tighten the seats down, for instance).
This is a slow process, and the airline is paying for the plane while not making any money off it the whole time. That sort of thing makes them unhappy.
Also, it should also be noted that we don't have nearly enough Air Marshalls to police every flight into and/or inside the US. There are thousands of flights every day in US airpace. It would take effectively a small army to put 1 or 2 Air Marshalls on every flight. The TSA, even with their insane budget, couldn't afford it.
Seriously, it's hugely useful. It's very nice to be able to show management that you not only have a config backup system for your network devices, but your backup system is also doubling as a change control system. It's at http://www.shrubbery.net/rancid . I tend to use something like webCVS with it, to let folks browse through the CVS configs (you will, of course, want to use authentication to restrict access to webcvs).
This isn't really a mail anoymizer. There are better mail mixers (like mixmaster) out there. Because latency isn't that big an issue for mailers, adding a 3 hour or so delay isn't a big deal to a mail anonymizer. Adding that kind of latency to http is unacceptable, so you can't use the same system to anonymize http as smtp, unfortunately.
Because of that, you can build a better anonymizing system for smtp because you can avoid timing attacks more easily. If you're interested in anonymous mail, though, have a look at mixmaster.
Ummm...unlikely. TOR was developed at the request of the Navy to help hide the fact that certain activities were coming from Navy devices (like, for instance, they may not want Navy-owned IPs showing up in webserver logs). This is something that the gov't reconnaissance folks will want. The interesting thing is, they *have* to open it, otherwise people will still know it's a government system, since it came from the government anonymizer. If they really want sites to not know that the government is looking at them, they have to let everyone use it, so that the anonymizer is no longer a "government" thing.
Yeah, he mentioned ZKS in his presentation. Their disappearing, and taking the network with them, is one of the reasons that he's BSD-licensing the code for this.
Interestingly, one of the other reasons is that he managed to convince the Navy that others would use and trust the code (therefore making the Navy's use of it more difficult to detect) if those others could read the code and implement it themselves. I'm honestly kinda surprised (but happy) that the Navy agreed to it.
Wow. Lots of DefCon related stories.
Anyway, for those asking, no, this isn't quite like Freenet. In TOR, you decide which points you want to send traffic through (and negotiate encryption keys with each one individually), and, unlike FreeNet, you can tunnel existing protocols over it (like, say http).
There's a lot of promise here, but in his talk, he was looking for sites that had at least 1Mbps up & down speeds for nodes. This isn't quite like Peekabooty, in that right now they're not looking for everyone to run a middleman node.
Odd that they'd mention the BlueTooth rifle, but not mentioning the Shmoo 802.11 rifle..same idea, much sexier design, dangerous power levels...like, 13 Watts. They claimed that it was dangerous to stand in front of or behind it while it was on.
Marketing.
No, actually it made me giggle like a schoolgirl. I think this is great. I'd love to see a car like this on the roads...it would be hysterical. Heck, if you could retro-fit it to existing cars, I might add it to mine (depending on price).
It's already got the ability to "cry"...no problem.
Society of Composers, Authors and Music Publishers of Canada shortens to SOCAN? No way. That abbreviates to SCAMP, and everyone knows it. (and it makes more sense, too.)
Yeah, because lying to your children is a great way to build credibility.
A few thoughts:
1) This isn't like buying toothpaste (to borrow a quote). This is surgery. It is worth it to pay the extra money for someone good, rather than skimp and regret it later.
2) If your correction is still changing year-to-year, don't do it. It's only really worth it if your vision has stabilized for a few years.
3) Be prepared for side effects. Personally, my eyes are much drier than they were before, and small, point light sources have little halos around them...especially visible at night.
4) They may say that you can function normally the next day...don't even bother trying. Personally, the day after I could look out my window and watch the building across the way shift into and out of focus as my eyes dealt with their new shape. It was like tripping, only without the mood to go along with it. Kinda freaky, actually, now that I think about it.
With all that said, I would do it again in a heartbeat. I was about -6 or -6.5 diopter, and about a -3 or 4 astigmatism. That's well beyond the range measureable by the 20/20 scale. I don't need glasses now, for anything. I spent a good deal more than the average person, but it was absolutely worth it.
Gotta agree. I've had one for a year and a half now (was an early adopter), and I've almost always had to open the phone (exposing the keyboard) to talk on it. The reception issue is, I think, not as much related to the device as it is to T-Mobile's service. I've heard lots of folks complain about T-Mobile reception, whether they have hiptops or regular phones.
I stopped looking a while ago: did they ever ease up on the "you have to prove you can code before we'll let you upload your own apps" nonsense?
...is why we'll never make it to the moon or mars with the gov't: we're not prepared to pay the price.
I hold out hope for private enterprise, but that's still decades away.
That's easy. "Winning" isn't defined by the table...it just moves the ball. To make intensity/non-relaxedness "win", just define the game so that pulling the ball to you wins, rather than winning by being relaxed & pushing it away.
As someone else mentioned, though, watching two people act constipated may not be any more fun.
While you're probably right, what ICANN's trying to prevent is the arms race that reintroducing Sitefinder (specifically the DNS wildcard) will cause.
If the wildcard comes back, you can count on ISPs and software companies building their own overrides for the service (some to prevent it from happening, some to point their users to their service instead). Then, of course, Verisign will modify their system to compensate, etc, etc. That arms race will almost certainly affect the stability of the system, so ICANN's trying to keep it from starting. If that takes getting a court-ordered shutdown, I think they're prepared to take that route.
Umm...Debian? apt-get install XXX
Honestly, I'm in the process of moving from Gentoo to Debian, for both servers and desktops. Gentoo finally just pissed me off. From the package maintaner for bind just being a dork (refusing to deal with bind 9.2.3 for almost a year now), to random movements of config files in minor upgrades, to having to wrestle with packages being renamed and portage not cleaning up after that (vcron/vixie-cron, for example), I'm done.
Granted, I'm having to mix Debian testing with stable to get all the packages I want, but getting the Debian replacement up has taken me about a third of the time it took me to get the Gentoo box up. Gentoo was interesting, but they really haven't gotten their heads 'round the idea that while I *can* sit & tweak my systems all day, I don't really *want* to.
No, I tried. Was on a full scholarship for grad school & all.
The deal: while I was doing research in undergrad, the school I was at had an opening for one non-tenure track physics post (Physics being my area). They had over 1,000 applications, 400 of them qualified folks.
I looked at that, and looked at the folks I was with in Grad school, and realized that no matter how good or cool I think I am, there's no way I'm getting a job in this field. I was pretty good at Physics (still am), but if all the folks in my grad school all finshed & went out looking for academic work, we'd have a snowball's chance in hell of actually getting anything.
I posited this thought to various professors in grad school...they all pooh-poohed it, and all but one would not even acknowledge that this might be a problem. The one who did admitted that there was no way he'd be able to get an academic Physics job in today's job market (note: he was no slouch...he published regularly in experimental Chaotic Dynamics).
At that point, rather than kill myself for another few years, I bailed. The fact that only one of several professors I talked to would even admit that the job market was tough was...enlightening.
Well, kinda. In the real world, it's more like:
Do I want to have a small chance at cutting-edge research, get taken advantage of mercilessly by entrenched professors, and distantly dream of seeing my work mentioned in a high-profile publication, or do I want to actually have a life?
(For the curious: yes, I had to make that decision, and yes, that's about the position I was faced with in grad school...3 guesses which direction I went.)
Ah. We may be in violent *agreement*, then, just looking at it in different ways. Fair enough.
Oh, fer crying out loud. I suspect you're trolling, but still.
By your logic, RC cars should be regulated (replace some of their space with explosives and go), so should RC places (same). Heck, so should balloons (just tie explosives to the bottom & let go).
Security (electronic, physical and otherwise) is not about eliminating risk. You can't eliminate risk. Ever. You *can* manage risk. Ie, limit potential damage, make recovery from damage easier, etc. To do that right, you have to decide if the costs associated with the control you're putting in place are appropriate to the risk. In this case, I think they're silly.