It's neither hard to block, nor hard to detect. Ever heard of firewalls and transparent proxies? I can block all POST's if I want to. And I can also limit the size of them. I can even *gasp* LOG THEM!
There's NOTHING that says you *HAVE* to disable usb storage devices. The extract simply states that Microsoft MAKES IT POSSIBLE. This will make it a lot harder for people to extract company data *without being traced* (With mail you can..., ftp/http/cvs etc. can be blocked at the firewall). The clue isn't always to block the actual data theft, but making sure it can be traced. If it can be traced, it's usually not worth it even trying.
As another comment in this thread stated... Linux can already do this. Why don't you go bash Linux instead?
Yeah, yeah, yeah. I know, MicroSoft deserves a good spanking. But not for this.
I hate you for your sig... There is a reason. It's for fucking US residents only. Now will everyone that has that shit in their.sig PLEASE freaking stop?
Boot my trusty pentium router (Diskless, crammed into the smallest space possible, and write-protected) Boot my old pentium webserver (Not diskless, but sometimes it screws up lilo) Install windows 2000/xp on my desktop (I have a S-ATA raid-controller on-board. I *need* that driver disk, or I have no harddrive to install to)
If I *could* do any of that with a USB key, I'd be overjoyed. But alas... No can do.
Yep. Gentoo can't use binary diffs, because they'll be guaranteed to fuck up the system.
There are several reasons for this: 1. CFLAGS. The users can adjust the optimizations of every binary compiled. Which means that *many* systems will not have identical binaries. 2. Varying versions of gcc/binutils. GCC will produce different binaries depending on which revision you have used. So unless *everyone* uses the same version of GCC, you can be damn sure things will get stuffed. 3. USE-flags. Every user can adjust the dependancies of every single package by adjusting the USE-flag. Which results in differences in the binary.
Now, *source* patches would make a great difference. But at the moment, portage isn't intelligent enough to do this. I know there has been some discussion about this, and I was actually asked to submit this as a bug to bugzilla. I haven't done this yet (*blush*).
I will submit it later today, unless it's already been done;)
I'm sure there are utilities to convert most of the formats to text. MS Word to text? No problems, there's an utility to handle that. PDF? Of course. Basically, what you might do is something like this:
1. Figure out what kind of file it is (using 'file') 2. Select the correct converter based on file 3. grep 4. Profit? -- not quite sure about this one.
You're right, but that's just a workaround. There's no way for the Gentoo developers to really fix this without disabling an important security feature of portage.
Sorry, gotta poke a serious hole in that. important security feature?
Wake up and smell the shit, dude. Do you think the ebuild submitters/developers have bothered checking the tarballs before making the ebuild?
Just look at the damn cedega tarball... The md5sum is from the developers tarball... He hasn't downloaded it twice. He apparently hasn't checked it at all.
So this could easily be a r00ted tarball.
Wrong, And even if they are defeated you will find that the goal of this security method is to deter piracy, not to prevent it. I.e. If you are a cracker, you will circumvent the system. If you are a general user you won't know where to start. For example, the company I work for uses SecuROM CD protection which can be overcome without too much difficulty, but most customers don't know how to.
Look... before the digital age, this way of thinking could work. Now that we're in the digital age, it's enough for one little fucker to pirate whatever you've made, and (fanfare), it's out on p2p for everybody and his dog to download.
Seriously, software is going to be pirated (Until someone comes up with a better scheme). Until then, all it does is annoy legitimate users. Pirates bypass the copy-protection anyways. Hell, pirates even get the software before it hits the street (ref. DooM 3, Condition Zero, UT2004).
So basically it's better to be a pirate. Not only do you get the latest über-cool game before that annoying neighbour, but you can laugh at him while he struggles to play his game (bought with his hard-earned money), fighting a copy-protection scheme that seems to be designed for one reason only... To make it hard for normal users to play.
Also, the fact that several of the programs I've bought actually denies me the right I have to make a backup copy (Yes, I *do* make archival copies and store them off-site. I've been through two fires in my life). A pirated version allows me to make as many backup copies I'd like. With *no* fuzz.
So, for the average user, can we extrapolate where this is going? I still buy stuff that I want. But if there's a copy-protection scheme of some sort, I'm not going to buy from that vendor again.
Also, you can run arbitrary bit sums which would be ideal in this case. For exaple, the Java language has classes for this. You can download the.tgz on one machine, run an arbitrary crc or adler checksum on a portion of the file that does NOT include the signature. Then simply download on another machine and repeat. This should give cynical people like you the reassurance you need. If both sums are the same you might be ok, of course you can have as many sum checks as you want..
What on earth are you smoking? If a l33t script kiddie has managed to replace that damn.tgz with a one containing a r00t kit, do you think it'll help downloading it twice?
I'm not saying Gentoo's way of checking the sources isn't flawed. But it's a hell of a lot better than downloading the r00ted tarball twice.
Dropping incoming packets doesnt make you "invisible". If you were "invisible" and I tried to ping you, I'd get a "destination unreachable" error. If I get timeouts, I know you're there and dropping my packets. If you replied to my pings with "destination unreahables" you might trick me, unless I noticed that the destination unreachable messages were coming from the IP I was pinging (duh!).
Duh! yourself. The router behind my PC has no way of knowing whether my PC is actually up and running with an ip or not. How does it decide whether to return a destunreach?
FYI, iD hired a writer for the story in DooM III. And it is a quite interesting plot. Unlike DooM and DooM II, it actually has a plot, which develops throughout the game. It also has a few twists;)
I'm using a better solution:) I'm using the FM-transmitter on my iPod, which my Nokia 6610 picks up. If I get an incoming call, I get a tone in my ear and the phone picks up. If I want to listen to regular radio, I just change the channel on the phone.
Seriously, there is little you can't do with sed/cut/cat that you can do with vi. I'd rather use those tools (That most certainly are on all *nix boxen) than using vi.
Slashdot Mirror
It's neither hard to block, nor hard to detect. Ever heard of firewalls and transparent proxies? I can block all POST's if I want to. And I can also limit the size of them. I can even *gasp* LOG THEM!
Yeah, but that would also stop people from using other USB gadgets (from thinkgeek for instance).
That'll block *all* USB devices, which might not be what you want.
There's NOTHING that says you *HAVE* to disable usb storage devices. The extract simply states that Microsoft MAKES IT POSSIBLE. This will make it a lot harder for people to extract company data *without being traced* (With mail you can..., ftp/http/cvs etc. can be blocked at the firewall).
The clue isn't always to block the actual data theft, but making sure it can be traced. If it can be traced, it's usually not worth it even trying.
As another comment in this thread stated... Linux can already do this. Why don't you go bash Linux instead?
Yeah, yeah, yeah. I know, MicroSoft deserves a good spanking. But not for this.
Thank you.
Can mods please mod the parent up?
Had I had any modpoints and postet anonymously, I'd mod you Funny ;)
I hate you for your sig... .sig PLEASE freaking stop?
There is a reason. It's for fucking US residents only. Now will everyone that has that shit in their
*I* still need a floppy disk to:
Boot my trusty pentium router (Diskless, crammed into the smallest space possible, and write-protected)
Boot my old pentium webserver (Not diskless, but sometimes it screws up lilo)
Install windows 2000/xp on my desktop (I have a S-ATA raid-controller on-board. I *need* that driver disk, or I have no harddrive to install to)
If I *could* do any of that with a USB key, I'd be overjoyed. But alas... No can do.
Of course not direct binary patches, since that'd be virtually impossible to implement on gentoo (Every system has different binaries).
( downloads only a patch to the sources you already have)
But *do* read this: http://forums.gentoo.org/viewtopic.php?t=215262
Yep. Gentoo can't use binary diffs, because they'll be guaranteed to fuck up the system.
;)
There are several reasons for this:
1. CFLAGS. The users can adjust the optimizations of every binary compiled. Which means that *many* systems will not have identical binaries.
2. Varying versions of gcc/binutils. GCC will produce different binaries depending on which revision you have used. So unless *everyone* uses the same version of GCC, you can be damn sure things will get stuffed.
3. USE-flags. Every user can adjust the dependancies of every single package by adjusting the USE-flag. Which results in differences in the binary.
Now, *source* patches would make a great difference. But at the moment, portage isn't intelligent enough to do this. I know there has been some discussion about this, and I was actually asked to submit this as a bug to bugzilla. I haven't done this yet (*blush*).
I will submit it later today, unless it's already been done
I'm sure there are utilities to convert most of the formats to text. MS Word to text? No problems, there's an utility to handle that. PDF? Of course.
Basically, what you might do is something like this:
1. Figure out what kind of file it is (using 'file')
2. Select the correct converter based on file
3. grep
4. Profit? -- not quite sure about this one.
They've set the release date to September 3rd. If you *really* want to be a geek, you preload the stuff, and next friday you can play the game :)
And it was promptly renamed "Damn Warrens Infernal Machine" ;)
-- www.jargon.org
ManI write sooooo muhc fastr then think!
Sorry, gotta poke a serious hole in that. important security feature?
Wake up and smell the shit, dude. Do you think the ebuild submitters/developers have bothered checking the tarballs before making the ebuild?
Just look at the damn cedega tarball... The md5sum is from the developers tarball... He hasn't downloaded it twice. He apparently hasn't checked it at all. So this could easily be a r00ted tarball.
Look... before the digital age, this way of thinking could work. Now that we're in the digital age, it's enough for one little fucker to pirate whatever you've made, and (fanfare), it's out on p2p for everybody and his dog to download.
Seriously, software is going to be pirated (Until someone comes up with a better scheme). Until then, all it does is annoy legitimate users. Pirates bypass the copy-protection anyways. Hell, pirates even get the software before it hits the street (ref. DooM 3, Condition Zero, UT2004).
So basically it's better to be a pirate. Not only do you get the latest über-cool game before that annoying neighbour, but you can laugh at him while he struggles to play his game (bought with his hard-earned money), fighting a copy-protection scheme that seems to be designed for one reason only... To make it hard for normal users to play.
Also, the fact that several of the programs I've bought actually denies me the right I have to make a backup copy (Yes, I *do* make archival copies and store them off-site. I've been through two fires in my life). A pirated version allows me to make as many backup copies I'd like. With *no* fuzz.
So, for the average user, can we extrapolate where this is going? I still buy stuff that I want. But if there's a copy-protection scheme of some sort, I'm not going to buy from that vendor again.
Also, you can run arbitrary bit sums which would be ideal in this case. For exaple, the Java language has classes for this. You can download the .tgz on one machine, run an arbitrary crc or adler checksum on a portion of the file that does NOT include the signature. Then simply download on another machine and repeat. This should give cynical people like you the reassurance you need. If both sums are the same you might be ok, of course you can have as many sum checks as you want..
What on earth are you smoking? If a l33t script kiddie has managed to replace that damn .tgz with a one containing a r00t kit, do you think it'll help downloading it twice?
I'm not saying Gentoo's way of checking the sources isn't flawed. But it's a hell of a lot better than downloading the r00ted tarball twice.
Then you had SP4a, which fixed a few critical errors with SP4. Like breaking Intel's EtherExpress-cards (of which there were *many* users).
Dropping incoming packets doesnt make you "invisible". If you were "invisible" and I tried to ping you, I'd get a "destination unreachable" error. If I get timeouts, I know you're there and dropping my packets. If you replied to my pings with "destination unreahables" you might trick me, unless I noticed that the destination unreachable messages were coming from the IP I was pinging (duh!).
Duh! yourself. The router behind my PC has no way of knowing whether my PC is actually up and running with an ip or not. How does it decide whether to return a destunreach?
FYI, iD hired a writer for the story in DooM III. And it is a quite interesting plot. Unlike DooM and DooM II, it actually has a plot, which develops throughout the game. It also has a few twists ;)
I could find a secret area nicely without using the flashlight at all :)
If you wanna know where it is, check this link.
Rated Insightful? What on earth is insightful with this? I could see it rated Funny, but then again I might have a strange sense of humor :P
(Yeah, yeah, yeah. I know this is going to be modded off-topic, overrated, hapless, picky etc.)
Secure communication and the ability to decode "ancient" encryption technologies :)
I'm using a better solution :)
I'm using the FM-transmitter on my iPod, which my Nokia 6610 picks up. If I get an incoming call, I get a tone in my ear and the phone picks up. If I want to listen to regular radio, I just change the channel on the phone.
It's not CD-quality, but it's good enough for me.
I bet this is what happened to the Powerbook :)
Seriously, there is little you can't do with sed/cut/cat that you can do with vi. I'd rather use those tools (That most certainly are on all *nix boxen) than using vi.