No current BSkyB box uses Linux... they're all OS20, UCOS, Nucleus, or VxWorks. OS20 being STMicroelectronics' operating system for the ST20 chips?
Posting anonymously for obvious reasons... Because you work for Pace? (well let's face it, there aren't exactly many companies making STBs for BskyB).:)
Quick point about DVB and most CA systems -- you generally have three keys. The Control Words (two 64-bit keys with embedded checksums) roll every 10 seconds or so and are used to decrypt the video itself. An ECM key decrypts Entitlement Control Messages, which contain an encrypted version of the CWs. Lastly, the EMM key decrypts Entitlement Management Messages, which update the ECM keys (among other things).
Now if you know the card protocol, you can put a monitor on the smart card bus between the set-top box and the card, and sniff the control words as they go over the link. Then you can use freely-available software combined with the CWs to decrypt the video, or make a fake card that spits the CWs back at the receiver. One of the old Sky VideoCrypt (analogue video CA with a line-cut-and-rotate scrambler) hacks did this -- basically you recorded the encrypted video, then waited for someone to upload the CW file. Then you played the video back through the VideoCrypt decoder, with a PC connected to the card slot feeding control words back to the box to decrypt the video.
The other thing they don't want people doing is sharing cards -- same idea as above (saving and replaying the CWs), but done in real time over the Internet.
In his view, the lawsuit against NDS is an attempt to racketeering. "Of course I broke cards Kudelski, he begins annoyed. I was paid by NDS to do so. It's an activity that leads all companies in the sector. But why would I published these codes for free on the Net? I am not stupid, and I never had the intention to take that risk."
Interesting.. so AIUI all the CA (conditional access) vendors routinely break each others' systems. That's not surprising in itself (I'll admit to having learned a fair bit from reverse engineering other peoples' code). It does seem a tad unethical though, especially the alleged release of the code. I wonder if the code release was a decision made by upper management at NDS / News Corp (and it wouldn't surprise me in the least if that turned out to be the case). From the outside, this looks a lot like a protection racket... "Buy our system, because it would be an awful shame if your revenue stream were to be... terminated"
IIRC under UK law, the retailer has a choice -- they can either sell at that price, or take the item off the shelf for 30 days. Again, this is on the basis of my sketchy memory and naturally IANAL.
Of course, if you really want to annoy the sales staff, start spouting off about this immediately after he/she says "Hmm, it's ringing up at £2.99, but the sticker says £1.99, I'll have to talk to the manager...":)
What's the point? Everyone's just going to pick a password that meets the requirements, then add "#1" to the end of it. Then they just increment the number every time they're forced to change it...
IIRC the Frontiers use some form of 'variable exposure' on the lasers to get the brightness channel, so the amount of exposure on a given spot varies depending on the RGB value. I've NEVER seen a Frontier print with dithering on it - the photocopier-sized 'instant print' things sometimes do that, but generally the Frontiers don't need to. Think dye sublimation colour mixing, but with lasers instead of wax-based dye.
Some in-store printing kiosks (the ones that send the order to a Frontier-type printer) do make a mess - I won't name names, but I have seen some really big balls-ups. If you don't edit your images on the machine, they should end up on the printer exactly as they were on the memory card/CD. If not, ask the lab guy (really nicely) if he/she can put the prints through on the machine itself. Only do this if you have grounds for complaint, though, and don't ask for "one of #5, two of #12, 13 of #32"...
Most of the labs I've seen use the Fuji Frontier machines. Basically a three-laser colour printer (as in 'lasers print straight onto the photo paper') combined with a supply of light-sensitive photo paper and a develop/fix engine on the back end. All the advantages (print longevity, tried-and-tested technology, cheap in quantity) and disadvantages (chemical waste to deal with) of colour print processing, combined with the ability to print from digital.
Feed a Frontier TIFF images (with no EXIF information, unless you want it to run auto colour correction on your images before it prints them - this applies to JPEG too), in the sRGB colour space, with around 300DPI of resolution and you'll get some pretty good prints. If you want to be fussy, get your local lab to run off a couple of colour check prints, then create a colour profile for that printer from the images. Of course, most people aren't that fussy...
I challenge you to find an inkjet printer that can match the quality of a Frontier, and at the same speed. That's why you don't see mini-labs using inkjet printers for anything except the while-you-wait services - they're too slow for the volumes involved, and when they are quick enough, the quality is abysmal.
What you could do is do a DNS lookup on the domain, see what the nameservers are (IP and hostname) and block some of the squatters based on that.
Other than that, get people to report them? Maybe have a button on the Firefox toolbar to do so (or add it to the Address Bar context menu)?
Oh yes, the Atari 7800. The start of Atari's foray into "unbreakable" licence protection. Rumour has it, Atari top brass got sick of the badly-written unlicensed 2600 games spoiling the 2600's reputation, so they demanded that the engineers find some way to stop it. Engineering managed to implement a full 960-bit Rabin digital signature system on a 6502 CPU, then rigged it so that the graphics chipset would lock into '2600-compatible' mode if the signature check failed.
It was eventually broken though - when someone found an ex-Atari hard drive with the encryption keys and tools on it...
Let me get this straight, your 'roommate' broke the drive, then you sent it in for a warranty replacement?
Am I the only person here that still believes that if you break something by dropping it you should cover the cost of replacement? Breaking a HDD by knocking it off the top of a PC, then RMAing it sounds incredibly unethical to me.
Thankfully they're keeping the two brands separate (for now).
I've had Maxtors before - a %DEITY-knows-how-many-years-old 7850AV (850MB), a 90845D4 (8.45GB DiamondMax series) that died after about six years' heavy use but was resurrected by a trip to the freezer (but still got 'sledgehammered' once I found out it was out of RMA), a 5T040H4 (40GB DiamondMax 60+ series) that had intermittent startup issues and a 6L080J4 (80GB DiamondMax D740X series) which was the RMA replacement for the H4. I've got 19,000 hours on the '080, and it's still chugging along. It's also from one of the drive series they bought from Quantum... hmm...
I've got a pair of IBM DeskStars (a DeskStar 75GXP with the microcode patch and a 34GXP) with >10k hours on them, a 40GB Seagate Momentus in the laptop and a brand-new Seagate Barracuda 7200.9 SATA in the desktop. Oh, and there's the 6GB Medalist in the RiscPC. And the 4GB U4 in the backup server. Hm.. I don't think I've ever seen a Seagate drive die...
Isn't it against myspace.com TOS to continue to use the site with an invalid e-mail address?
No idea, but I have no intention of squealing on someone to Myspace just for using a bouncing email address, especially if I like their music...
Plus I seriously doubt Ms would actually do anything about it.
Because not all of the Myspace-hosted stuff is on P2P. A lot of unsigned bands upload their tracks, set them to no-download-allowed, but don't have CDs available. The only option left is to use TotalRecorder or MP3Gopher to grab the tracks.
Or go to a live show (if any) and smuggle in a Minidisc recorder. I hear that's quite a popular option, too.
... what possible applications do Mersenne primes of this size have? Is this just some big 'penis envy' thing, or are there actually uses for these?
I mean, Dnet have pretty much proved that any encryption key less than 64 bits is hopelessly insecure (ISTR they're working on 72 bits at the moment), and they did the Optimal Golomb Rulers search, but what possible use does all this stuff have? Are we just looking for things that are neat, but have no use in the real world?
Folding@Home is still pretty neat though - the whole "use your spare CPU cycles to (potentially) find cures for various nasty things" concept is pretty neat, and no-one can say that saving lives isn't worth spending a few clock cycles on.
SETI@Home I'm still not sure about. Yes it would be nice to find 'intelligent' creatures on other planets, but what are we going to do if we find them? Chances are they're going to be at least a few light-years away, so the round-trip times for radio signals are going to be pretty severe...
> Good luck that they get the 10million digits, but its just a pissing competition as far as I can see.
Yeah, all that computing power could be doing something useful, like say, helping the NSA and other TLAs break encryption keys. Probably under the cover story that they're 'searching for extraterrestrial intelligence'... Yeah, like that'll ever happen..:P
If you think blocking providers without any notification is bad, check this out.
Here's a brief rundown of the story:
Guy notices his phones aren't working
Guy calls in Comcast to get phones fixed
Comcast line tech digs up a buried cable
Comcast line tech chops the aforementioned cable into little tiny bits
Comcast line tech marches into the house and hurls abuse at the guy's wife
I have to admit, destroying someone's property, then screaming at his wife.. that's a good one. Obviously the tech was too much of a coward to actually confront the guy about it, and instead opted to throw abuse at his wife instead....
It's an interesting story - at least read the messages from the OP before replying, he mentions a lot of important stuff later on (for instance, the cable was actually a private LAN cable and wasn't wired up to the DSL at all)...
Re:Don't forget LucasArts
on
Five That Fell
·
· Score: 1
The first adventure game I ever played was Day of the Tentacle. Then it was Sam and Max Hit The Road and Full Throttle... In my opinion, the LucasArts games were some of the best adventure games ever written. I can't be the only person with that opinion - just look how popular ScummVM is. Over 60,000 downloads of the latest release, and that's just for the Windows port.
But one my all time favourite adventure games is Beneath A Steel Sky. Props to Revolution for releasing it as freeware, and giving the ScummVM team the source code and documentation that enabled them to support it in ScummVM. It's on the ScummVM download page, and is well worth playing if you're into adventure games.
Telltale Games are apparently releasing the new Sam and Max game this autumn. I can't wait to see what they come up with.
Slashdot Mirror
OS20 being STMicroelectronics' operating system for the ST20 chips? Posting anonymously for obvious reasons... Because you work for Pace? (well let's face it, there aren't exactly many companies making STBs for BskyB).
Now if you know the card protocol, you can put a monitor on the smart card bus between the set-top box and the card, and sniff the control words as they go over the link. Then you can use freely-available software combined with the CWs to decrypt the video, or make a fake card that spits the CWs back at the receiver. One of the old Sky VideoCrypt (analogue video CA with a line-cut-and-rotate scrambler) hacks did this -- basically you recorded the encrypted video, then waited for someone to upload the CW file. Then you played the video back through the VideoCrypt decoder, with a PC connected to the card slot feeding control words back to the box to decrypt the video.
The other thing they don't want people doing is sharing cards -- same idea as above (saving and replaying the CWs), but done in real time over the Internet.
Interesting.. so AIUI all the CA (conditional access) vendors routinely break each others' systems. That's not surprising in itself (I'll admit to having learned a fair bit from reverse engineering other peoples' code). It does seem a tad unethical though, especially the alleged release of the code. I wonder if the code release was a decision made by upper management at NDS / News Corp (and it wouldn't surprise me in the least if that turned out to be the case). From the outside, this looks a lot like a protection racket... "Buy our system, because it would be an awful shame if your revenue stream were to be... terminated"
For those with short memories: http://it.slashdot.org/article.pl?sid=08/01/24/1930207&from=rss http://www.channelregister.co.uk/2008/01/16/mysterious_web_infection_continues/
In other words, the attack goes something like this:
- Attacker finds exploitable PHP/Perl script and gains a shell as the Apache user (or the local user if Suexec is enabled)
- Attacker uploads an exploit based on this to get a root shell
- Up goes the "dynamic Javascript" Apache module and the hacked execs.
Plausible or not?IIRC under UK law, the retailer has a choice -- they can either sell at that price, or take the item off the shelf for 30 days. Again, this is on the basis of my sketchy memory and naturally IANAL.
:)
Of course, if you really want to annoy the sales staff, start spouting off about this immediately after he/she says "Hmm, it's ringing up at £2.99, but the sticker says £1.99, I'll have to talk to the manager..."
... shouldn't that be 47% more enraged by the advertising?
:)
What's the point?
Everyone's just going to pick a password that meets the requirements, then add "#1" to the end of it. Then they just increment the number every time they're forced to change it...
Any bug distinguishable from an undocumented feature is insufficiently advanced. :-)
IIRC the Frontiers use some form of 'variable exposure' on the lasers to get the brightness channel, so the amount of exposure on a given spot varies depending on the RGB value. I've NEVER seen a Frontier print with dithering on it - the photocopier-sized 'instant print' things sometimes do that, but generally the Frontiers don't need to. Think dye sublimation colour mixing, but with lasers instead of wax-based dye.
Some in-store printing kiosks (the ones that send the order to a Frontier-type printer) do make a mess - I won't name names, but I have seen some really big balls-ups. If you don't edit your images on the machine, they should end up on the printer exactly as they were on the memory card/CD. If not, ask the lab guy (really nicely) if he/she can put the prints through on the machine itself. Only do this if you have grounds for complaint, though, and don't ask for "one of #5, two of #12, 13 of #32"...
Most of the labs I've seen use the Fuji Frontier machines. Basically a three-laser colour printer (as in 'lasers print straight onto the photo paper') combined with a supply of light-sensitive photo paper and a develop/fix engine on the back end. All the advantages (print longevity, tried-and-tested technology, cheap in quantity) and disadvantages (chemical waste to deal with) of colour print processing, combined with the ability to print from digital.
Feed a Frontier TIFF images (with no EXIF information, unless you want it to run auto colour correction on your images before it prints them - this applies to JPEG too), in the sRGB colour space, with around 300DPI of resolution and you'll get some pretty good prints. If you want to be fussy, get your local lab to run off a couple of colour check prints, then create a colour profile for that printer from the images. Of course, most people aren't that fussy...
I challenge you to find an inkjet printer that can match the quality of a Frontier, and at the same speed. That's why you don't see mini-labs using inkjet printers for anything except the while-you-wait services - they're too slow for the volumes involved, and when they are quick enough, the quality is abysmal.
What you could do is do a DNS lookup on the domain, see what the nameservers are (IP and hostname) and block some of the squatters based on that.
Other than that, get people to report them? Maybe have a button on the Firefox toolbar to do so (or add it to the Address Bar context menu)?
It was eventually broken though - when someone found an ex-Atari hard drive with the encryption keys and tools on it...
More details here: http://www.cgexpo.com/encrypt/atari7800.htmn
Source code here: http://www.atarihq.com/danb/a7800.shtml#encryptio
And details on the Lynx and Jaguar crypto too (which IIRC was plain RSA and a proprietary message-digest algorithm) here: http://www.cgexpo.com/encrypt/
Am I the only person here that still believes that if you break something by dropping it you should cover the cost of replacement? Breaking a HDD by knocking it off the top of a PC, then RMAing it sounds incredibly unethical to me.
I've had Maxtors before - a %DEITY-knows-how-many-years-old 7850AV (850MB), a 90845D4 (8.45GB DiamondMax series) that died after about six years' heavy use but was resurrected by a trip to the freezer (but still got 'sledgehammered' once I found out it was out of RMA), a 5T040H4 (40GB DiamondMax 60+ series) that had intermittent startup issues and a 6L080J4 (80GB DiamondMax D740X series) which was the RMA replacement for the H4. I've got 19,000 hours on the '080, and it's still chugging along. It's also from one of the drive series they bought from Quantum... hmm...
I've got a pair of IBM DeskStars (a DeskStar 75GXP with the microcode patch and a 34GXP) with >10k hours on them, a 40GB Seagate Momentus in the laptop and a brand-new Seagate Barracuda 7200.9 SATA in the desktop. Oh, and there's the 6GB Medalist in the RiscPC. And the 4GB U4 in the backup server. Hm.. I don't think I've ever seen a Seagate drive die...
The Coral Cache version still works though: http://www.cryptodox.com.nyud.net:8080/
Plus I seriously doubt Ms would actually do anything about it.
Yeah, I tried a few times, but every time I did it I either got a bounceback from some remote mailserver, or no reply at all.
Or go to a live show (if any) and smuggle in a Minidisc recorder. I hear that's quite a popular option, too.
At least finding ETs doesn't involve enriching some MegaHuge PharmaCo's patent portfolio...
... what possible applications do Mersenne primes of this size have? Is this just some big 'penis envy' thing, or are there actually uses for these?
I mean, Dnet have pretty much proved that any encryption key less than 64 bits is hopelessly insecure (ISTR they're working on 72 bits at the moment), and they did the Optimal Golomb Rulers search, but what possible use does all this stuff have? Are we just looking for things that are neat, but have no use in the real world?
Folding@Home is still pretty neat though - the whole "use your spare CPU cycles to (potentially) find cures for various nasty things" concept is pretty neat, and no-one can say that saving lives isn't worth spending a few clock cycles on.
SETI@Home I'm still not sure about. Yes it would be nice to find 'intelligent' creatures on other planets, but what are we going to do if we find them? Chances are they're going to be at least a few light-years away, so the round-trip times for radio signals are going to be pretty severe...
> Good luck that they get the 10million digits, but its just a pissing competition as far as I can see. :P
Yeah, all that computing power could be doing something useful, like say, helping the NSA and other TLAs break encryption keys. Probably under the cover story that they're 'searching for extraterrestrial intelligence'... Yeah, like that'll ever happen..
Here's a brief rundown of the story:
- Guy notices his phones aren't working
- Guy calls in Comcast to get phones fixed
- Comcast line tech digs up a buried cable
- Comcast line tech chops the aforementioned cable into little tiny bits
- Comcast line tech marches into the house and hurls abuse at the guy's wife
I have to admit, destroying someone's property, then screaming at his wife.. that's a good one. Obviously the tech was too much of a coward to actually confront the guy about it, and instead opted to throw abuse at his wife instead....It's an interesting story - at least read the messages from the OP before replying, he mentions a lot of important stuff later on (for instance, the cable was actually a private LAN cable and wasn't wired up to the DSL at all)...
But one my all time favourite adventure games is Beneath A Steel Sky. Props to Revolution for releasing it as freeware, and giving the ScummVM team the source code and documentation that enabled them to support it in ScummVM. It's on the ScummVM download page, and is well worth playing if you're into adventure games.
Telltale Games are apparently releasing the new Sam and Max game this autumn. I can't wait to see what they come up with.
"Do you know where the Enter key is, Sir? I'm just asking, because you don't seem to be, well, *using* it." :)
Mod parent "totally unreadable"
Sounds interesting.. Does anyone know which book this story is in, and if it's been translated into English?