Just to keep the Fed's guessing how about www.071124062565071103070171005164.org where the domain name changes every 15 microseconds or so via a fast-flux domain name server hack. Ok Feds, just try and shut *that* web site down! The down side is trying to download and install the applications you need to be real fast fingered with the web browser.;)
That would only work for RAW unprocessed images. Once the image is converted to jpeg and compressed then the signature would be invalid. Even then the cameras these days do image enhancement right in the camera which you may or may not have control of, so often the images are reprocessed by the artist/person before the image is published.
Without an encryption mechanism in the camera you may still be able to establish the authenticity with respect to the camera to some degree. Astronomy has been using a technique for years where they take many shots of a completely black background and process those images to calculate the noise level of each pixel in the camera. Applying that as a mask to the images taken they are able to reduce the noise in the real photos taken by that amount and end up with better photos of the darker portions of the universe. Once the noise is established for a given camera that pixel data could be used to analyze the photo in question to determine if the image has a high or low probability of coming from that particular camera. Not fool proof, but with the right processing you might have a high degree of confidence of a match in some cases, but more likely you would be able to prove that it was absolutely not the camera.
On the other hand, for a crime scene investigator this technique would work fine if the camera was manufactured specifically to achieve this goal. I have often thought about creating a webcam data logging system for my car that would have digital frame signatures with logged data as time in microseconds, my cars GPS position, my speed, my orientation and such. Having that level of detail of my own vehicle plus the video images would allow me to use the video to calculate just how fast that %$^&!! was flying before he ran someone off the road. Catching his license plate on the video would be just priceless, providing the authorities would accept a new technology as evidence. Thats where I see a problem. Maybe one day the cars will have a video upload service for accident reports and all cars in the area could voluntarily participate (assuming you were not speeding at the time of course;) or not.
Now I can get sued by the RIAA just for mistyping something that is even remotely close to some movie or rock stars name. I'll be searching for some new open source Matlab image loading and manipulation library and wind up being sued by the MPAA for trying to downloading "The Matrix Reloaded".
Next they will begin suing people for just "thinking" about typing in a query, that may or may not have been something 'close enough' to a portion of some MPAA's movie title. Fuzzy searches might just beget more fuzzy lawsuits by some slimy lawyer.
Just create a read only VIEW that limits them to what records and columns they should be allowed to access and let them replicate the results to their own server for playing around with. Optionally you can create a stored procedure to track what they are looking at, limit the number of times per day, or even time of the day when they have access to that data. In fact, why not just hook the stored procedure into paypal so they can make a direct payment to your company each time they hit your database! That should at least make them a little more thoughtful about beating on your database too hard.
Its just a ploy to keep 'all eyes', including DoJ's and EU's, off of Microsoft's anti-competitive practices. OOXML? Um... Oh, look! Whats that over there! </sarcasm>
In many states "its the law" that they have to. Its called 'net metering' and it is becoming quite popular with all the state legislatures. If your state doesn't then write them a letter.
Each state can of course choose to do things differently, and what you need to look for is what rate you get from the power company when you sell it back vs what you pay for their power. Some states force the power company to pay the going rate for power, which means you sell to them when the price is high and use it at night when the rates are lower. But, if you generate more than you use, you usually loose.
All they need to do is have each machine create a popup message on each host telling the owner they are infected, but nothing any more invasive than simple notification. They should _not_ be changing any binaries or updating/patching the machine, but the owner of the machine does need to be made aware of the problem. Of course making the machine beep every ten seconds until it is fixed might help annoy them into fixing it sooner rather than later, or at least turning the machine off.
> net send <logged in username> "your machine is infected with the Storm rootkit, go here for the fix URL:..."
and scare them into fixing it! Just a little tough love and education is what is needed, not hosing up their machine. Anything that has the potential to damage the machine is a very bad idea, but the owner really needs to know its hacked, and then how to fix it.
It seems to me that a Blackdog http://www.projectblackdog.com/ might help get around at least some of this problem given the right setup. Think about this scenario; You walk up to the public terminal and plug in the Blackdog into the USB port and it boots up a X-Terminal session on the host, and from there you use ssh and port forwarding to proxy your web traffic to a trusted host at home/work through its ssh VPN. The authentication is done via a secret key stored on the Blackdog and unlocked via something like s/key or a keyring stored on the blackdog, and subsequent passwords could be either injected into the session by the Blackdog processor environment, or stored in a Firefox browser running from the dongle itself. Keystrokes might be visible but if the Blackdog can supply the authentication where needed then the crooks can't reconstruct enough of the session to do or learn anything. Sure they might log a bunch of mouse movements and a few key strokes but they would not even know what application those keystrokes were going to much less what sites you visited.
Yes, you said it, but provided nothing to back up any other statements you made. I gave concrete facts on topic, and you said absolutely nothing that was on topic, much less even relevant to anything I discussed. Please, if you are going to bother us with your thoughts at least be considerate enough to be able to hold a discussion on topic. Your emotions don't count, especially considering that your entire point was that WE were being emotional? You get real, and think for once in your life! Wake up and address the world you really live in, not some make-believe place you want us to think we live in. Give us some facts if you want to even be taken seriously! Better yet, be an man and use your real identity! how can we take you seriously if you just cower behind a false identity?
Anybody that can understand the syntax rules of a Makefile deserves a good soap box. Or is that vacation?
Oh well, in any case that theory must explain the SETI project results. The minute a society creates a machine capable of the magnetic flux density necessary to be noticed by an alternate extra-planetary society everything just goes FOOP (thats "poof" spelled backwards, since it is an implosion after all). But the bigger question here is would it make a noise since nobody would be around to hear it? Any decent theory should make predictions!
Mocrosloth doesn't even say they have a problem, much less announce it until they have a patch ready (or nearly ready). Take a look at the "shatter attack" privilege elevation exploit that just got fixed in Vista, it started with Win NT 4.0, and when was that out? What YEAR was that? And now with have the wonderful Fire-Wire exploit, which they were aware of in 2004, reminded again in 2006, and the exploit finally published in 2007 because they refused to do anything! The only reason why MS is coming out on top is because they own the kitchen and cook their own numbers to order.
Salesman: Here are the keys to your new car! Customer: Thanks, and just in time its starting to rain. (gets in car and buckles up) Salesman: Are you sure you don't want any upgrades? Customer: No, a million times no. Just the basic car! Salesman: Your choice. Have a nice day! Customer: Hey! Why won't the widow roll up? Salesman: Oh, You wanted a Window? Customer: Of course I wanted a Window! Salesman: But you said you didn't want any upgrades. Customer: Well I NEED a window, my car is getting wet inside. Salesman: Ok, that will be another two thousand dollars. Customer: TWO THOUSAND!!?? Are you crazy? Why that much. Salesman: That particular option package is bundled with the expensive model radio. Customer: Thats crazy! Why would you bundle the window with a radio option. Salesman: Now that would be silly to put an expensive radio in a car if its just going to get wet now isn't it? Customer: Ok, Ok, just give me the window now. Salesman: (reaches in his pocket, click click) There you go, you can put the window up now. Customer: What about the radio? You said I get a radio with that option! Salesman: You already have the radio installed, it should be activated now. Customer: But wouldn't the radio get wet without the window? Salesman: Thats why its bundled with the Window. If you don't have the good sense to put your window up we are certainly not going to waste a good radio by leaving it out in the rain. Customer: That still makes no sense! (Salesman reaches in his pocket again; click, click, Window rolls up automatically, sprinkler on the roof turns off, engine starts, and the tires start laying rubber through the parking lot.) Salesman: (shouting) Are you still sure you don't want any other options? We have a great deal on breaks today!
Less we forget that she can still get that $2 million+ at the conclusion of the trial? If the RIAA thinks that a mere $2 million will cut the trial short and hide their dirty laundry, then they have seriously under estimated the wrath of a woman who has been royally PISSED OFF. Knowing what they put her through I can't imagine her settling before the RIAA's bag of tricks are all spread out on the table for everyone to see. Can you just imagine what a jury would think? Thats when the real music (that they don't own) begins to play.
I have a Treo and use Sprint for my network. The browser they supply is rigged so that I can not download anything bigger than a couple of k in size. Not even a full SlashDot web page! This prevents me from downloading any media files that I did not purchase from them and also any applications I might like to run on it. They are attempting a complete lockin situation by virtue of keeping me from using anything I don't buy from them. I have news for them, I WONT buy from them because they won't let me use what I want when I want. In the final analysis I still transfer what I want to listen to and/or read on my device, they just make it harder than it needs to be.
I for one would welcome Firefox on all my mobile devices as along as it lets me download what I want.
Next they'll be patenting 'surface area' as intellectual property and we will have to revise all the high school math books to deprecate that section. Who would have ever thought that antiparticles could ever increase surface area?
I have news for them. Increasing the surface area on an electrode does noting to increase the efficiency of the process, only that it makes the equipment able to be made a little smaller. What we need is to make more hydrogen with even less electricity. I don't care if the equipment is so large I can't put my car in the garage anymore, it just has to make enough hydrogen to get me to work and back everyday.
Never mind the 1984 syndrome, adding a watermark to an image is just a DUMB idea. What happens when you resize the image, or change the compression ratio? All you need is one bit out of place and the whole image gets recompressed differently. Take JPEG for instance, it is, get this, not a "lossless" compression algorithm. Once you edit the image and resave it you can never get the original image resolution back. Likewise the "watermark" data along with that image will be changed forever. This is just another case of a solution looking for a problem, and a company looking for moo-la by doing a snake-oil snow job. There is nothing that you can embed in an image that can't be changed, and the best you can hope for is proving that the watermark was broken and invalid "intentionally". Now try proving that the broken DRM watermark was derived from the original image if there was more than one edit operation and file recompress done to it. The only way this could work would be to devise a completely different lossless file format that could not be converted to any other. Who would use it?
When will people learn, that DRM is a an application of an illogical technology trying to solve a "Social Problem". Even if DRM could be "logically" be perfected, and it won't, it will never solve the root cause of the original problem. File sharing and copyright violations happen because the people who do it feel somehow that they are either justified in doing it or are just getting even with the crooks. Now, try to solve that problem using DRM? Sorry, try as they will its just not going to happen.
The Internet helps all the want-a-be bank robbers to find one another, and then figure out the addresses and hours of operations. Maybe we should just shut down the Internet to solve this problem at the same time?
We could fire the attorneys into space, couldn't we? Please?
Perhapse that
rail gun
would do the trick? The excape velocity is quite obtainable these days!...only the RIAA lawyers head may not quite fit through the opening between the rails at this time. We all well know that with rail guns the density, or mass of the projectile, is everything, so by my calculations with the density of Encephalitis Spongiform required to file these law suites in the first place, it may still make it feasible. After all "F=MA"
Why, we need both. I just realized we need to put the tazers IN the voting machines! First, that will deter the incumbents from tampering with the machines and keep the DRM software inside the voting machine relatively safe during the elections. Second, its also a great incentive for the closed source people during the testing phase to make sure there are no unwanted bugs in the software. Finally, we will have solved the real problem, and we will have none of that 'pushing the wrong buttons' by mistake during the actual election! If you ask me this sounds like a real win-win combination!
Mod parent up!
CodeSurfer is the Industrial Strength code analysis suite. Understand-C++ is a great bargain for the price, but CodeSurfer wins hands down in the available features and extensibility.
Slashdot Mirror
Just to keep the Fed's guessing how about www.071124062565071103070171005164.org where the domain name changes every 15 microseconds or so via a fast-flux domain name server hack. Ok Feds, just try and shut *that* web site down! The down side is trying to download and install the applications you need to be real fast fingered with the web browser. ;)
Without an encryption mechanism in the camera you may still be able to establish the authenticity with respect to the camera to some degree. Astronomy has been using a technique for years where they take many shots of a completely black background and process those images to calculate the noise level of each pixel in the camera. Applying that as a mask to the images taken they are able to reduce the noise in the real photos taken by that amount and end up with better photos of the darker portions of the universe. Once the noise is established for a given camera that pixel data could be used to analyze the photo in question to determine if the image has a high or low probability of coming from that particular camera. Not fool proof, but with the right processing you might have a high degree of confidence of a match in some cases, but more likely you would be able to prove that it was absolutely not the camera.
On the other hand, for a crime scene investigator this technique would work fine if the camera was manufactured specifically to achieve this goal. I have often thought about creating a webcam data logging system for my car that would have digital frame signatures with logged data as time in microseconds, my cars GPS position, my speed, my orientation and such. Having that level of detail of my own vehicle plus the video images would allow me to use the video to calculate just how fast that %$^&!! was flying before he ran someone off the road. Catching his license plate on the video would be just priceless, providing the authorities would accept a new technology as evidence. Thats where I see a problem. Maybe one day the cars will have a video upload service for accident reports and all cars in the area could voluntarily participate (assuming you were not speeding at the time of course ;) or not.
Next they will begin suing people for just "thinking" about typing in a query, that may or may not have been something 'close enough' to a portion of some MPAA's movie title. Fuzzy searches might just beget more fuzzy lawsuits by some slimy lawyer.
Just create a read only VIEW that limits them to what records and columns they should be allowed to access and let them replicate the results to their own server for playing around with. Optionally you can create a stored procedure to track what they are looking at, limit the number of times per day, or even time of the day when they have access to that data. In fact, why not just hook the stored procedure into paypal so they can make a direct payment to your company each time they hit your database! That should at least make them a little more thoughtful about beating on your database too hard.
</sarcasm>
http://www.scienceshareware.com/bike_gen.htm
http://www.instructables.com/id/Bicyle-Power-for-Your-Television%2C-Laptop%2C-or-Cell-/
For those that prefer to just buy one that uses a bike:
http://www.econvergence.net/electro.htm
You can find all sorts of power inverters on eBay: http://electronics.listings.ebay.com/Parts-Accessories_Power-Inverters_W0QQfclZ3QQfromZR11QQsacatZ58020QQsocmdZListingItemList
Each state can of course choose to do things differently, and what you need to look for is what rate you get from the power company when you sell it back vs what you pay for their power. Some states force the power company to pay the going rate for power, which means you sell to them when the price is high and use it at night when the rates are lower. But, if you generate more than you use, you usually loose.
Check your own states law on net metering here http://www.serconline.org/netmetering/stateactivity.html.
For those who are really serious about doing something with alternate power technologies I would suggest this site: http://www.homepower.com/home/
All they need to do is have each machine create a popup message on each host telling the owner they are infected, but nothing any more invasive than simple notification. They should _not_ be changing any binaries or updating/patching the machine, but the owner of the machine does need to be made aware of the problem. Of course making the machine beep every ten seconds until it is fixed might help annoy them into fixing it sooner rather than later, or at least turning the machine off.
> net send <logged in username> "your machine is infected with the Storm rootkit, go here for the fix URL:..."
and scare them into fixing it! Just a little tough love and education is what is needed, not hosing up their machine. Anything that has the potential to damage the machine is a very bad idea, but the owner really needs to know its hacked, and then how to fix it.
It seems to me that a Blackdog http://www.projectblackdog.com/ might help get around at least some of this problem given the right setup. Think about this scenario; You walk up to the public terminal and plug in the Blackdog into the USB port and it boots up a X-Terminal session on the host, and from there you use ssh and port forwarding to proxy your web traffic to a trusted host at home/work through its ssh VPN. The authentication is done via a secret key stored on the Blackdog and unlocked via something like s/key or a keyring stored on the blackdog, and subsequent passwords could be either injected into the session by the Blackdog processor environment, or stored in a Firefox browser running from the dongle itself. Keystrokes might be visible but if the Blackdog can supply the authentication where needed then the crooks can't reconstruct enough of the session to do or learn anything. Sure they might log a bunch of mouse movements and a few key strokes but they would not even know what application those keystrokes were going to much less what sites you visited.
Yes, you said it, but provided nothing to back up any other statements you made. I gave concrete facts on topic, and you said absolutely nothing that was on topic, much less even relevant to anything I discussed. Please, if you are going to bother us with your thoughts at least be considerate enough to be able to hold a discussion on topic. Your emotions don't count, especially considering that your entire point was that WE were being emotional? You get real, and think for once in your life! Wake up and address the world you really live in, not some make-believe place you want us to think we live in. Give us some facts if you want to even be taken seriously! Better yet, be an man and use your real identity! how can we take you seriously if you just cower behind a false identity?
Oh well, in any case that theory must explain the SETI project results. The minute a society creates a machine capable of the magnetic flux density necessary to be noticed by an alternate extra-planetary society everything just goes FOOP (thats "poof" spelled backwards, since it is an implosion after all). But the bigger question here is would it make a noise since nobody would be around to hear it? Any decent theory should make predictions!
Mocrosloth doesn't even say they have a problem, much less announce it until they have a patch ready (or nearly ready). Take a look at the "shatter attack" privilege elevation exploit that just got fixed in Vista, it started with Win NT 4.0, and when was that out? What YEAR was that? And now with have the wonderful Fire-Wire exploit, which they were aware of in 2004, reminded again in 2006, and the exploit finally published in 2007 because they refused to do anything! The only reason why MS is coming out on top is because they own the kitchen and cook their own numbers to order.
Salesman: Here are the keys to your new car!
Customer: Thanks, and just in time its starting to rain. (gets in car and buckles up)
Salesman: Are you sure you don't want any upgrades?
Customer: No, a million times no. Just the basic car!
Salesman: Your choice. Have a nice day!
Customer: Hey! Why won't the widow roll up?
Salesman: Oh, You wanted a Window?
Customer: Of course I wanted a Window!
Salesman: But you said you didn't want any upgrades.
Customer: Well I NEED a window, my car is getting wet inside.
Salesman: Ok, that will be another two thousand dollars.
Customer: TWO THOUSAND!!?? Are you crazy? Why that much.
Salesman: That particular option package is bundled with the expensive model radio.
Customer: Thats crazy! Why would you bundle the window with a radio option.
Salesman: Now that would be silly to put an expensive radio in a car if its just going to get wet now isn't it?
Customer: Ok, Ok, just give me the window now.
Salesman: (reaches in his pocket, click click) There you go, you can put the window up now.
Customer: What about the radio? You said I get a radio with that option!
Salesman: You already have the radio installed, it should be activated now.
Customer: But wouldn't the radio get wet without the window?
Salesman: Thats why its bundled with the Window. If you don't have the good sense to put your window up we are certainly not going to waste a good radio by leaving it out in the rain.
Customer: That still makes no sense!
(Salesman reaches in his pocket again; click, click, Window rolls up automatically, sprinkler on the roof turns off, engine starts, and the tires start laying rubber through the parking lot.)
Salesman: (shouting) Are you still sure you don't want any other options? We have a great deal on breaks today!
http://www.globalrust.org/ For those who want to keep track of rust development. Also see http://www.plantcell.org/cgi/content/full/18/1/1 for some more technical details.
Less we forget that she can still get that $2 million+ at the conclusion of the trial? If the RIAA thinks that a mere $2 million will cut the trial short and hide their dirty laundry, then they have seriously under estimated the wrath of a woman who has been royally PISSED OFF. Knowing what they put her through I can't imagine her settling before the RIAA's bag of tricks are all spread out on the table for everyone to see. Can you just imagine what a jury would think? Thats when the real music (that they don't own) begins to play.
Defiantly the latter of your two choices. Then again, I am locked in for several other reasons unrelated to this discussion.
I for one would welcome Firefox on all my mobile devices as along as it lets me download what I want.
Just let him use the same old foot gun. We all know he just can't miss with that piece of iron.
I have news for them. Increasing the surface area on an electrode does noting to increase the efficiency of the process, only that it makes the equipment able to be made a little smaller. What we need is to make more hydrogen with even less electricity. I don't care if the equipment is so large I can't put my car in the garage anymore, it just has to make enough hydrogen to get me to work and back everyday.
When will people learn, that DRM is a an application of an illogical technology trying to solve a "Social Problem". Even if DRM could be "logically" be perfected, and it won't, it will never solve the root cause of the original problem. File sharing and copyright violations happen because the people who do it feel somehow that they are either justified in doing it or are just getting even with the crooks. Now, try to solve that problem using DRM? Sorry, try as they will its just not going to happen.
Perhapse that rail gun would do the trick? The excape velocity is quite obtainable these days! ...only the RIAA lawyers head may not quite fit through the opening between the rails at this time. We all well know that with rail guns the density, or mass of the projectile, is everything, so by my calculations with the density of Encephalitis Spongiform required to file these law suites in the first place, it may still make it feasible. After all "F=MA"
Why, we need both. I just realized we need to put the tazers IN the voting machines! First, that will deter the incumbents from tampering with the machines and keep the DRM software inside the voting machine relatively safe during the elections. Second, its also a great incentive for the closed source people during the testing phase to make sure there are no unwanted bugs in the software. Finally, we will have solved the real problem, and we will have none of that 'pushing the wrong buttons' by mistake during the actual election! If you ask me this sounds like a real win-win combination!
Mod parent up! CodeSurfer is the Industrial Strength code analysis suite. Understand-C++ is a great bargain for the price, but CodeSurfer wins hands down in the available features and extensibility.