Slashback: Regalia, Godseye, Undetection 170
How very magnanimous. Amazing Quantum Man writes "ZDNet reports that Timothy Koogle and Yahoo were acquitted of condoning war crimes by selling Nazi memorabilia. The article is rather sketchy, so that's all I have. Here are some background articles from Slashdot history."
He doesn't sign anything, just sprinkles on some invisible nanobots. shawn writes "The Penguin Group's site has a schedule of upcoming book signing events for Willam Gibson's Pattern Recognition . The new book was mentioned on Slashdot earlier."
And now Gisbon's new book has been reviewed, as well. Look out for a review of the No Maps For These Territories DVD (with extras) soon too.
Aren't you glad some people are realistic enough to be paranoid? For everyone worried about your ISP suddenly deciding to detect and crack down on everyone who's taken advantage of the currently ubiquitous, simple-to-use NAT hardware (here's the post we ran about the means to snoop behind your NAT box, which links to the Bellovin paper mentioned below), an anonymous reader writes with one way to foil detection efforts: "Good news coming from OpenBSD camp! Read CVS log message (mail archive): 'Add scrub option 'random-id', which replaces IP IDs with random values for outgoing packets that are not fragmented (after reassembly), to compensate for predictable IDs generated by some hosts, and defeat fingerprinting and NAT detection as described in the Bellovin paper.'"
Right place at the right time when the wrong thing happens. fonixmunkee writes "an 11-year-old Mac and a COTS (commercial-of-the-self) telescope may have captured a very helpful image in solving the shuttle Columbia tragedy. this article here at CNN tells the story of how some self-proclaimed 'geeks,' working on an Air Force project aimed at watching satellites & incoming missiles, whipped up a contraption with some simple parts that captured an image of the shuttle on descent that may offer some light on what happened. also interesting is how many news sources mistook the image as a capture from the high-tech cameras that the people *actually* worked on."
Just a scratch in the historical record. truthsearch writes "In response to a leaked Sun memo complaining of Sun's Java implementation on Solaris, News.com has Sun's response. Many posters doubted its authenticity (myself included due to missing dates), but 'Sun confirmed the memo's authenticity, but said that the document is two years old and that the problems it describes have been fixed.'"
GPS, free databases -- these are a few of my favorite things ... Tony Pryor writes: "In April 2001, while there at arsDigita University, I developed a web interface called the Godseye Project, designed to enable 'grassroots cartography,' allowing individuals with web access to add subjective knowledge details about their surroundings to closeup satellite images. Although I wrote Godseye over a year and a half ago, it isn't currently online- I'll spare you the gory details of the events between then and now.
I just wrote two new pieces which *are* live. The first is a script that dynamically adds geolocation pages using Movable Type, and automatically registers each of them with http://www.geourl.org. The second part is a geolocation-based search centered upon any one of these geopages. The search aggregates the results of consecutive google queries on each of the sites (or geopages) within a given radius."
Visit the still-growing Godseye Project to test out this cool geographic search capability; Tony promises that the functionality will improve with lots of visitors and suggestions.
How to make JVM memo woes irrelevant? (Score:1)
Sat tracking... (Score:5, Informative)
Sat Tracker [heavenscape.com] allows you to track/image sats with a LX200 chipset telescope.
Re:Sat tracking... (Score:4, Informative)
Sat tracking software [quasarastronomy.com.au]
they missed the obvious way (Score:5, Insightful)
The problem with this paper is that it describes an overly complicated way to detect multiple IP's behind a NAT firewall when there is a much easier, simpler and already used method: transparent proxying of HTTP and checking the browser identifier.
Shocking, but true. Many ISP's already use this method to scan all of your outbound HTTP traffic. Figuring out if you have more than one computer (especially if their OS or browser's are different) is trivial.
The only way to defeat this is to implement your own proxy (like squid) and have it re-write HTTP headers. Or... run all machines with the exact same configuration.
Re:they missed the obvious way (Score:5, Insightful)
Re:they missed the obvious way (Score:1)
Re:they missed the obvious way (Score:1)
So what are people supposed to do, if they have 2 home PCs and want broadband? Do they have to get 2 broadband connections? I have friends that play Diablo 2 online, on 2 PCs. Is that so wrong?
Re:they missed the obvious way (Score:3, Interesting)
Starts with a V? BAN IT! (Score:1)
How many people use VMWare?
Now watch residential ISPs ban VMWare along with VPN and VNC.
Re:they missed the obvious way (Score:1, Informative)
Re:they missed the obvious way (Score:5, Interesting)
There's 4 computers on our network with the exact same OS on them.
You might as well throw darts at a board and read the score as the number of computers behind the firewall.
That'll work (Score:5, Insightful)
Geek ISP and NAT boxes switching user agents? (Score:2)
And when somebody fires up IE because a site they are looking at doesn't work in Mozilla? Or they change their browser ID to make a site that checks the browser type before letting you access it?
I agree, that's a point... (though Mozilla's finally gotten to the point where I can only think of one non-microsoft.com site which doesn't work with Mozilla, and that's because it doesn't like the fact that the term "MSIE" isn't in the user agent string)
However, if I were an ISP looking for a short but sweet way of coping with massive NAT usage, I'd be collecting that list anyway, and shortlisting those users for closer inspection.
Anyone know of any way of transparently replacing the user-agent strings at the NAT box?
Not that I personally care, my ISP kicks ass. They offer a 1.2Mbps DSL service with the option of a static IP address for cheap. And they don't care if you run servers, truly a geek's ISP. www.dsl.ca [www.dsl.ca]
Junkbuster is your friend. (Score:1)
Yes, one way is to transparently proxy to junkbuster [junkbuster.com] and have it rewrite the user agent.
Re:Junkbuster is your friend. (Score:2)
Yes, one way is to transparently proxy to junkbuster and have it rewrite the user agent.
Yeah... Thanks, but that's not really what I was looking for; I'm already running Junkbuster on the LAN at work.
I'm hoping to do it at a NAT level... though, I suppose, if I make all outgoing port 80 run through a given box, it's imperceptable to the user.
Why? I've got 600 bored secretaries here who can at least skew webmasters demographics toward developing for Linux, in the hope that one day something other than the kernel will be ready for the desktops of the masses.
(See my previous rants, I'm currently far too drunk to be copying and pasting URLs.)
Re:Junkbuster is your friend. (Score:1)
Re:they missed the obvious way (Score:2)
Re:they missed the obvious way (Score:2)
This is nuts. I often use at least two browsers. I use Mozilla for most browsing, but occasionally will also open IE if a page needs it. Furthermore, opening media files off the internet with that crappy Windows Media Player ALSO fetches files via HTTP but with a different browser identifier. So opening IE and MPlayer together will get you flagged by your ISP? Thats ludicrous.
Lastly, certain types of tasks REQUIRE many browsers to be used together. Ask any of the hundreds of thousands of people who do web page development. (At least, those who actually bother to check if their page works in anything other than IE). Every responsible web page developer, while coding HTML, typically tests their page in at least two browsers.
Personally, I think ISPs should just start selling what they're supposed to be selling, i.e. bandwidth and a (usually temporary) IP address. If they can't afford to do that at current prices under a flat pricing structure, then change the pricing structure, or offer less bandwidth. I don't see why two people doing casual, low-bandwidth-using web surfing through one NAT connection should be seen as worse than one user downloading huge files at full speed.
Re:they missed the obvious way (Score:1)
In addition, it seems that some browsers are even able to... send fake identification strings.
Let's all use just those and rotate ID strings every 5 minutes, that should teach 'em!
Re:they missed the obvious way (Score:1)
I use one PC#1:
Mozilla(Win32)
Internet Explorer
Opera(Win32)
Phoenix(Win32)
Mozilla(L
Phoenix(Linux)
Konqueror(Linux)
On PC#2(connect shared from PC#1):
Mozilla(Win32)
Internet Explorer
So tell me, how do you suppose your idea would prove that I share my connection? Especially considering the most use is on PC#1.
Which Gibson is it again? (Score:4, Funny)
Is this William Gibson we're talking about or Steve Gibson [grc.com]?
Re:Which Gibson is it again? (Score:1)
Hack the Planet!!!!
For those of you with no clue http://us.imdb.com/Title?0113243 [slashdot.org]
Signing URL (Score:5, Informative)
Re:Signing URL (Score:1)
Re:Signing URL (Score:1)
BTW, he *does* actually sign books; I've now got first editions of The Difference Engine and Pattern Recognition, and an advance reader's copy of Mona Lisa Overdrive, signed by the author. Hee, hee, hee.
Re:Signing URL (Score:1)
ISPs "cracking down" on NAT users (Score:5, Insightful)
Either they will lose customers in droves due to the fact that the users can no longer use their fancy-schmancy Linksys router to connect all their computers together, or the router manufacturers will cook up an option in thier firmware to use the NAT-hiding approach mentioned above...
Just my 192.168.1.1's worth
--RickTheWizKid
P.S.: FIRST INTELLIGENT POST
Re:ISPs "cracking down" on NAT users (Score:5, Insightful)
I wish ISPs would just bill like other utilities. You pay a fixed cost per month + X dollars for every GB of traffic. Instead they charge a flat rate and put all sorts of rules on what you can do such as no Servers, no NATs, etc. They should just provide Internet service to me rather then sniffing my packets to try and see if I'm running a Windows machine and XBox behind a NAT. The electric company doesn't care what appliances I hook up, they just bill me for what I use.
</rant>
Re:ISPs "cracking down" on NAT users (Score:4, Insightful)
They are afraid of misuse. They don't want people running warez servers or spam sites. Thank you, $krypt K1ddi3z.
It's a sad world when an ISP can be held reponsible for user misuse. It's not like the electric company is the party responsible when somebody throws a toaster in a bathtub with someone else in it...
Re:ISPs "cracking down" on NAT users (Score:1)
I also know of ISPs that offer more or less restrictive conditions on what you can do with your link.
Of course, all of the above probably depends on what country you live in (Australia in this case).
Re:ISPs "cracking down" on NAT users (Score:2, Informative)
ISP bandwidth costs are largely flat. They pay for an OC3 whether their customers happen to use most of the available bandwidth or not. They have to buy their bandwidth based on peak capacity. If they were to charge based on use it would *only* be to discourage use and therefore reduce the need to add capacity.
The most important part of a network connection is binary, either you have it or you don't. How many actual bits you can cram through it in a given day is far less important. The only use fees I would be cool with would be ones which specificlly charge for (and therefore discourage) the behavior which ends up costing the ISP money, disproportionate use at peak times. Monthly or daily GB limits are stupid because if I download a bunch of
Most ISPs aren't stupid enough to care about whether you're using a NAT within your home. You don't need multiple computers in your house to use a crazy amount of bandwidth. They *do* care about you using a NAT in your home to share your connection with your neighbors, that's robbing them of a potential customer. Your electric company would also care if you were doing the same thing with an extension cord instead of Cat5 because they also have flat fees. My utlity bill has a "Minimum Monthly Charge" of $17.50. If I just used my neighbor's electricity and split the bill, we would be robbing the utility of that monthly charge from me.
Re:ISPs "cracking down" on NAT users (Score:2)
Already (Score:5, Informative)
I think currently most providers take the sensible option of allowing it but not supporting it.
I am told that similarly, phone companies made you pay when you hooked up another telephone to your existing line, but this was challenged in court and declared illegal.
Tim
Re:ISPs "cracking down" on NAT users (Score:1)
Think about it: who in their right mind is going to pay for multiple cable modems for multiple PCs, when a single broadband connection would serve the whole house just nicely? Mom and Dad aren't going to pop for extra cable modems so that Johnny and Sally can each have broadband in their rooms and broadband on the computer in the den.
Multiple PC households are starting to become as common as multiple TV households. Heck, my brother's not a much of a computer-type and his family has THREE of them. A single broadband connection has plenty of bandwidth to serve them all at once.
Hah. (Score:4, Funny)
What, he pulled it out of his ass?
Re:Hah. (Score:1)
Re:Hah. (Score:1, Funny)
Perceptive Management (Score:4, Funny)
Finally, management who understands! Now when are they going to let me start dinking around with gadgets at work when I have a good idea, instead of telling me to file more paperwork.
-theGreater Geek.
Re:Perceptive Management (Score:2)
Columbia Picture (Score:3, Interesting)
Yes, that is interesting. Interesting in a way that might make one wonder if this story is total fabrication to conceal the existence of higher-quality images from the "professional" scopes at that site.
Not saying I believe that's the case, but it is simply more fodder for the anti-NASA conspiracists
Re:Columbia Picture (Score:4, Informative)
You see, they can't release the photos from the Starfire Optical Range until NASA's examined them, because if they did that, the uninformed public would leap to conclusions. But that doesn't mean they were trying to misinform us about the origin of the picture. I think they just made an honest mistake.
I didn't know there was a conspiracy against NASA. Did you mean, anti-NASA conspiracy theorists?
Re:Columbia Picture (Score:1)
I didn't know there was a conspiracy against NASA. Did you mean, anti-NASA conspiracy theorists?
If you're going to flame regarding a definition, be correct.
A conspiracist is someone who has a conspiracy theory.
A conspirator is someone who is part of a conspiracy.
The term as I used it is correct.
Re:Columbia Picture (Score:1)
I'll keep that in mind coming from an AC. I suggest you get a better dictionary. The online ones aren't usually the best. However, here's one apparently better than what you had: conspiracist [reference.com].
Maybe the makers of those other online dictionaries are conspiring to hide words from you.
Re:Columbia Picture (Score:3, Informative)
Re:Columbia Picture (Score:3, Insightful)
Re:Columbia Picture (Score:2)
Yes, that is interesting. Interesting in a way that might make one wonder if this story is total fabrication to conceal the existence of higher-quality images from the "professional" scopes at that site.
Well I saw the press briefing live when this photo was shown. Dittmore(sp?) said it came from that site. He did not say it was amature photos taken by employees at that site. We all know how to spell assume but to be fair the way he said it implied that fact and I think evn Dittmore thought that the photo was a Government photo as well.
Re:Columbia Picture (Score:1)
Or perhaps it's a little backpedaling to cover up the failure of an over-budget, underachieving program that's yielded only very poor images.
Gibson chokes in Boulder, CO (Score:3, Interesting)
I asked him for some pearl of wisdom. He offered: "Never eat anything bigger than your head!" [superchurch.net] Should have thought *a head* and gotten a few extra signed books for eBay... ;) - Alex
Re:Gibson chokes in Boulder, CO (Score:3, Funny)
Now there's a memorable souvenir to take home with you from a signing -- a famous writer's lung!
Re:Gibson chokes in Boulder, CO (Score:2)
Re:Gibson chokes in Boulder, CO (Score:1)
Re:Gibson chokes in Boulder, CO (Score:1)
Dear Slashdot (Score:4, Informative)
Re:Dear Slashdot (Score:1, Informative)
Seems relevant to me.
-AC
Gibson reading at UW (Score:4, Interesting)
Gibson mentioned the book started coming together after he was sent by Wired to meet with a lot of music video directors at a festival a few years back- He even fictionalized the Bjork video with the sexy female robots into background material for one of the main characters.
Actually, the Columbia picture quality... (Score:3, Funny)
Tour dates URL (Score:3, Informative)
William Gibson (Score:1)
Re:William Gibson (Score:1)
Re:William Gibson (Score:1)
Sun's JVM Woes (Score:4, Interesting)
'Sun confirmed the memo's authenticity, but said that the document is two years old and that the problems it describes have been fixed
The problem is that many of these issues are not fixed in the 1.3 JVM, which is still the one that most enterprise systems ship with (WebLogic for example). I've just done a six month contract performance testing a WebLogic 6.1 J2EE application on Solaris and I can tell you now that performance of their JVM is less than stellar. Memory requirements, for example, are insane.Re:Sun's JVM Woes (Score:1)
Re:Sun's JVM Woes (Score:2)
Exactly...I would NOT say Solaris runs Java "like the wind" IBM's JRE is better anyhow
Perhaps, but the IBM engine has other troubles - in particular it does not scale across multiple processors. You get the same performance on one versus eight CPUs in the benchmarks I've seen. These are the same symptoms you typically see in heap intensive multithreaded C++ programs run in SMP. Whether or not that's the cause of the WebSphere scaling problems I don't know (unlikely I think). More likely it's just some sychronisation primitive(s) that they need to tune or remove.Re:Sun's JVM Woes (Score:2)
Re:Sun's JVM Woes (Score:2)
Re:Sun's JVM Woes (Score:1)
And these would be which benchmarks, exactly?
SPECjbb 2002 Q1 [spec.org] and SPECjbb 2003 Q3 [spec.org]-- look at the xSeries 360 and 370 results, where it scales quite nicely as you double the number of processors.
More likely it's just some sychronisation primitive(s) that they need to tune or remove
Holy shit, let's all rush out and tell David Bacon [nec.com] that his locks suck
Re:Sun's JVM Woes (Score:2)
And these would be which benchmarks, exactly?
These benchmarks would be from the theserverside.com. And as for locks, you can have the most "featherweight" lock in the world, but if it's in a 'bad' place in the code, it'll still throttle your performance.Re:Sun's JVM Woes (Score:3, Informative)
Go Tiger! (Score:1)
JSR 121 -- The Isolation API [jcp.org]
Re:Sun's JVM Woes (Score:1)
I haven't checked to see if the other editions of their 1.4 J2RE have the same terms. The funny thing is that in my e-mails with Sun, they see no problem with these license terms!
Re:Sun's JVM Woes (Score:1)
So don't use Webstart.
Yahoo v. France (Score:4, Funny)
France surrenders.
-(())
Re:Yahoo v. France (Score:1)
Again.
Re:Yahoo v. France (Score:2)
And your choice of Vietnam as a point of contrast is terrific. Did you ever wonder why it used to be called "French Indochina?"
However, that said, you're right in that many Frenchman fought hard and died for their country, and not a few fought for the United States when we were young. That they were fully prepared for the wrong war in 1940 was hardly unique to them, and I'd say it's time we got over all that.
Not 'Yahoo v. France', dammit -- RTFA! (Score:3, Interesting)
Re:Not 'Yahoo v. France', dammit -- RTFA! (Score:2)
Point certainly taken and appreciated...however, how do you respond to the NO DEODERANT accusation? Hmmm? Yes or no, do you Frenchies use deoderant?! Answer the question!
Pisses me off... (Score:1)
PS: this is NOt offtopic.
Shuttle Simulator (Score:1)
I remember it ran on a pc and was amazingly hard to figure out with no instructions. There were about a million knobs and buttons to play with.
There were many screens of the shuttle interior and you could also switch to an external view.
Anyone know what I am talking about?
Re:Shuttle Simulator (Score:3, Informative)
I remember you could play "realistic" mode where the shuttle platform moves out in real time, which is about 3 days I think. now that's realism!
if you bought it, it came with a *huge* wall chart with all the switches. The two real life shuttle disasters look positivley pedestrian compared to some of my botched landings in that game.
Re:Shuttle Simulator (Score:2)
Thoughtcrime (Score:1)
Condoning war crimes is illegal? It seems Mr. Orwell was only out by 9 years :-(
Feedback for the Godseye Project (Score:2, Informative)
Please take a moment *look* at the Godseye Project [godseye.com], look it over, try the search feature at the bottom of one of the geopages, and then yell at me if you would.
There's more to this project than you can see- the orthophoto polygonal clickthrough tool is already written, and I'm working on making this distributed.
You can add geosearch functionality to your own site fairly easily with the directions provided.
The Media are Morons (Score:2, Funny)
- CNN Said the shuttle was going 18 times the speed of light
- Foxnews said the shuttle was 200,000 miles above the earth
- CBC Newsworld had an interview with a redneck who claimed to find an 'afterburner' and a 'solenoid' from the shuttle that looked suspiciously like it was from an old dodge
- CNN publishes crap photo as high-tech secret military photo
Tomorrow CNN will probably report the "shuttle blown up by palestinian suicide bomber" story again.Agreed (Score:2)
Hilarious! (Score:2)
Re:Hilarious! (Score:2)
Well, duh. Haven't you seen the cracking tools in the movies? Running-digit displays, where one digit locks in at random intervals, until the whole code is broken?
Re:The Media are Morons (Score:3)
Where do they even find these idiot self-proclaimed "expert" pundits?
From the original CNN article:
Or, you might be an idiot conspiracy theorist with nothing useful to offer.
The thing is that the quality of pundit commentary is always exactly this stupid - it's just usually not exposed. So why do they bother talking to these empty spaces? Because it's the easiest way to lend the appearance that the article writer actually talked to someone about it. By-the-numbers journalism.
I can't decide who I'd prefer to have a late-falling piece of shuttle landing gear land on their head, the useless pundit or the useless journalist. The latter should know better to than to ask idiot questions of people unqualified to offer a useful opinion. The former should know better than to answer.
Regarding France vs. Yahoo! (Score:1, Funny)
ISP's checking behind NATs (Score:1)
My current provider, Adelphia, seems to think 15KB/s is reasonable. My previous ISP, Roadrunner, was at 60KB/s. I won't depress you or myself with my previous previous ISP's stats, but here's a hint: university.
Re:ISP's checking behind NATs (Score:1)
And that is kilobytes (B, not b) so it is still faster than a modem.
get the same funtionality on Linux with grsecurity (Score:1, Interesting)
Moreover is has something on lines of "systrace" from Niels Provos. Basically you create ACLs for what applications may or may not do, including an autolearn-mode.
PS: I know that PaX can be circumvented, but there is much more than PaX included in this project.
PS2: I am aware that parts of this patch is based on SolarDesigner's OWL patches. Although you can get OWL for 2.4 kernels (finally), they lack a lot of the cool protection functions included in grsecurity.
Re: Moses Invests! (Score:1)
Re:I posted an article about the new BLUE laser DV (Score:2)
Re:Isn't it funny... (Score:3, Insightful)
Both are actually required as evidence in ongoing investigations. No doubt some bits of the WTC, at this very late stage, would not be of much use to anyone, but even the smallest fragment of the Columbia could be crucial to figuring out what happened. The US is hardly the only country that gets excited when people wander off with bits of evidence from crime scenes and crash investigations.
Unless this nazi regalia is actually needed for some continuing investigation into war crimes there is no real comparison here.
Re:Isn't it funny... (Score:2)
Re:Jealousy (Score:1)