Goede spamfilter is (tot nu toe) de enige oplossing.[/quote]

Noem eens een simpele en doeltreffende spamfilter, volgens mij is het allemaal ingewikkeld of het werkt niet.

MSBlast suspect pleads not guilty
Posted by malebolgia on 18 Sep 2003 - 21:06 | 1 comment

Jeffrey Lee Parson, the teen suspected of creating a variant of the destructive MSBlast worm, pleaded not guilty Wednesday in federal court in Seattle to one count of causing damage to a computer.

If convicted of intentionally causing or attempting to cause damage to a computer, the 18-year-old high school senior from Hopkins, Minn., faces a maximum of 10 years in prison and a $250,000 fine. According to a complaint filed in U.S. District Court, Parson told law enforcement officials that he created a variant of the worm, which exploited a flaw in Microsoft's Windows software. MSBlast and its variants are self-replicating Internet worms that bore through a Windows security hole, harnessing computers to launch concerted data attacks via the Internet. Parson, flanked by two federal public defenders, appeared in a gray T-shirt, jeans and sneakers. Standing over 6 feet tall and weighing more than 300 pounds, he sported a bleach-blond Mohawk haircut and occasionally wiped sweat from his forehead.

Federal prosecutors credited the man responsible for transmitting the Melissa virus—a computer bug that did more than $80 million in damage in 1999—with helping the FBI bring down several major international hackers.

Court documents unsealed Wednesday at the request of The Associated Press show that David Smith began working with the FBI within weeks of his 1999 arrest, primarily using a fake identity to communicate with and track hackers from around the world.

"Smith provided timely, substantial assistance to the United States in the investigation and prosecution of others," New Jersey's U.S. Attorney, Christopher J. Christie, wrote to federal judge Joseph Greenaway in an April 2002 letter.

Greenaway, who could have sentenced Smith to about 10 years in prison under federal sentencing guidelines, reduced the sentence to 20 months after reading the letter.

quote:

---

Op 18 september 2003 17:51 schreef draconian power het volgende:
Goede spamfilter is (tot nu toe) de enige oplossing.

Noem eens een simpele en doeltreffende spamfilter, volgens mij is het allemaal ingewikkeld of het werkt niet.

---

MailWasher

quote:

---

Op 18 september 2003 18:16 schreef grindcore het volgende:
Parson, flanked by two federal public defenders, appeared in a gray T-shirt, jeans and sneakers. Standing over 6 feet tall and weighing more than 300 pounds, he sported a bleach-blond Mohawk haircut and occasionally wiped sweat from his forehead.

---

Mja klinkt als een hacker

quote:

---

Op 18 september 2003 18:55 schreef Zenial het volgende:
Mja klinkt als een hacker

---

quote:

---

Op 18 september 2003 17:51 schreef draconian power het volgende:
Goede spamfilter is (tot nu toe) de enige oplossing.

Noem eens een simpele en doeltreffende spamfilter, volgens mij is het allemaal ingewikkeld of het werkt niet.

---

Het werkt nooit 100% perfect. Ik gebruik spamassassin: http://spamassassin.org/index.html

Super filter, niet "makkelijk" te installeren...

AMD's Athlon steps up to 64 bits
Posted by Voodoo on 23 Sep 2003 - 12:31 | 0 comments

The chipmaker will unveil its Athlon 64 processor on Tuesday. Along with added performance, the chip offers PC buyers the option of upgrading to 64-bit software--a feature Intel's Pentium doesn't offer. Such software, which offers improved graphics capabilities, will start hitting shelves later this year.

Analysts have said that in order for AMD to set itself apart in the PC processor race, it needs two things: competitive performance and something its archrival doesn't have. "AMD needs to demonstrate that it's competitive with Intel and at the same time is offering some differentiation--one of the things it is doing through 64-bit capability," said Dean McCarron, analyst with Mercury Research.

On the performance front, sources familiar with AMD's plans said the Athlon 64 will run at higher-than-expected clock speeds, a measure that will help against Intel. That leaves the 64-bit angle. The payoff from upgrading to 64-bit software involves higher performance from applications such as video-editing programs, along with more "cinematic" graphics for games. The improvements come mainly from a 64-bit computer's ability to use much more RAM than 32-bit computers can.

bron: www.neowin.net (neem ik aan)

quote:

---

Op 23 september 2003 9:54 schreef Elfensteen het volgende:
bron: www.neowin.net (neem ik aan)

---

24/09 Microsoft sluit chatdienst wegens teveel misbruik
Microsoft staakt zijn chatdienst MSN in Europa en een groot deel van Latijns-Amerika en Azië, omdat pedofielen de zogenoemde MSN-chatrooms misbruiken om kinderen te benaderen en er via MSN veel pornografische spam wordt verspreid. Dat heeft het Londense kantoor van Microsoft bekendgemaakt.

MSN wordt per 14 oktober opgeheven. In de Verenigde Staten, Canada, Japan en Brazilië blijft de dienst bestaan, maar worden wel maatregelen genomen tegen misbruik.

Microsoft wilde niet zeggen hoeveel mensen er wereldwijd gebruik maken van MSN, maar ongeveer 8,6 miljoen mensen maken via Microsoft gebruik van internet. MSN-woordvoerster Lisa Gurry zei dat het aantal gebruikers van de chatservice terugloopt, omdat veel mensen overschakelen op de chatdiensten van concurrenten als AOL en Yahoo!

Volgens Rob Helm van het onafhankelijke onderzoeksbureau Directions on Microsoft is de maatregel in werkelijkheid bedoeld om MSN winstgevender te maken. In de VS worden gebruikers van de gratis MSN-chatservice verplicht een betaald abonnement te nemen op ten minste een andere MSN-dienst, zodat mensen die misbruik maken van MSN opgespoord kunnen worden via het nummer van hun creditcard


Betekent dit dat MSN-messenger ook niet meer gaat werken ?

MSN messenger blijft wel werken...

"Microsoft concerns about child safety" My ass...
Hun advocaten zagen aan de horzion zeker al rechtzaken tegen Microsoft door ouders van slachtoffers enzo...

Toevallig kwam ik vandaag weer 3d prints tegen. Ik wist al een tijdje dat die apparaten bestaan maar blijf het retevet vinden

Meer info:
CNS 3d printer

www.zcorp.com (staat een hele gave demo!!!)

hier: demo van ZCorp

Wat "printjes":
print 1

print 2

Niet te vergeten: de printer!

Heerschend

Edit: een gaaf plaatje op normaal formaat gevonden





[Dit bericht is gewijzigd door Snaack op 24-09-2003 16:16]

Geen octrooi op software in Europa

STRAATSBURG - Het Europees parlement wil niet dat er octrooi komt op software. Eurocommissaris Bolkestein (interne markt) moet zijn plannen voor octrooien op computertoepassingen daarom beperken.

Bij de stemming woensdag heeft het parlement het werkingsgebied aangescherpt tot 'technische toepassingen', zodat software er buiten valt. Het parlement is bang dat sommige computerprogramma's anders te veel het eigendom worden van een bepaalde onderneming. Een grotere openheid moet de vernieuwing prikkelen.

De beoogde looptijd van de octrooien voor computertoepassingen blijft wel op twintig jaar. Voorstellen van enkele parlementariërs om de looptijd met dertien jaar te verkorten tot zeven jaar, kregen geen meerderheid.

Het parlement heeft over de beoogde richtlijn volledige medezeggenschap. EU-lidstaten en parlement moeten zich later buigen over een aangepast voorstel van Bolkestein.

Bron: Nu.nl

Wat weet die Bolkestein nou van software...

Windows Longhorn to RTM in August 2005?
By John Lettice
Posted: 25/09/2003 at 11:41 GMT



Longhorn, the next version of Windows, isn't due to ship until 2005; but according to Neowin.net, it's due on August 15 2005.

A record-breaking risky prediction? Actually, the site's taking a rather bigger risk than is immediately obvious, because it's citing Microsoft sources claiming that the date will be given to partners and OEMs next month, when it will also appear on Microsoft roadmaps. It's always less stressful to predict things that are going to happen in two years than things happening next month, but this is a next month prediction.

Naturally, it's ludicrous to believe that a precise arrival date can be specified for a product that's two years away, but there are good reasons why Microsoft needs to take a shot at it now, and reasons why August 15 is a pretty plausible shot.

Microsoft comes under continual pressure from OEMs and major customers to come up with roadmaps that are sufficiently accurate to allow them to plan rollouts, and given that what comes after XP, and when, has been surrounded by considerable murk, the company needs to get more specific about Longhorn. And it's expected to do so at next month's Professional Developers Conference.

Microsoft has insisted there's no XP SE release, that Longhorn is definitely the next one, and that Longhorn will ship in 2005. This however is not good enough if you're an experienced Microsoft partner. Early 2005? Mid-2005? Late-2005? 2005, really? ('2005, really' is generally something described as Q4 2005, but RTMing in late December, so nobody tries to sell it then, and it's a long way until holiday season 2006.

A product that will have an impact on 2005 sales, on the other hand, will hit the stores with the marketing campaigns all rolling by October. Track back from there to allow for OEM testing and production ramp, and you get the last two weeks in August. So specifying August 15 might be overkill, but it's a perfectly plausible target date for a product Microsoft wishes to ship to customers in 2005.

Of course, as major project target dates get closer, Microsoft execs tend to start saying things like 'it'll ship when it's done,' so if we start hearing that in early 2005, we should be starting work on our Plan B holiday season special deal bundles, shouldn't we, OEMs? ®
Bron: The Register

[Dit bericht is gewijzigd door grindcore op 25-09-2003 15:40]

bron?

Microsoft: a threat to global IT and job security?
By John Lettice
Posted: 26/09/2003 at 15:07 GMT



Security consulting company @Stake has drawn further attention to an unfavourable study on Microsoft's impact on global computer security by firing one of the authors. Dan Geer was CTO of @Stake until the publication of "CyberInsecurity: the Cost of Monopoly" then, pow, he wasn't.

@Stake said that Geer hadn't had permission for his involvment in the study, and that the views expressed in the document were not in line with the views of the company. @Stake does do consultancy for Microsoft, but Microsoft protests that it was in no way involved in Geer's sudden, unfortunate encounter with the precipice. And we believe them - The Beast is no stranger to baby-knifing, but surely even the merest imbecile in there must understand the horrendous consequences that would ensue from picking up the phone and suggesting the continued presence of a particular employee might be contract-threatening.

If we at The Register have faults, then we accept they may include an over-readiness to assign high IQs to industry participants. But we don't think we're wrong this time. So why did @Stake do it? The company would surely have understood the conclusions people would leap to, and the effect close identification with Microsoft in the rumour-mill might have on its business. Here we go recklessly assigning high IQs again, but think about it - if your company does not agree that the Microsoft monoculture is a "clear and present danger" to global computer security (we know, but just pretend for a second, OK?), then would it not be an inconvenience to employ a high-level exec who did? It's perfectly possible the company went ahead and did it, knowing the consequences, because it felt it was the right thing to do.

Whatever, Dan Geer's pay-check is no doubt important to Dan Geer, but of less consequence to the world in general; what about the study itself?

We have trouble with the headline thesis that monoculture is of itself bad for security, and also - particularly - with the pitch that the security problems of Microsoft software largely stem from illegal but successful attempts to monopolise, e.g. (from the intro):

"Microsoft's efforts to design its software in evermore complex ways so as to illegally shut out efforts by others to interoperate or compete with their products has succeeded. The monopoly product we all now rely on is thus both used by nearly everyone and riddled with flaws. ... a software monoculture that each day becomes more susceptible to computer viruses, Trojan Horses and other digital pathogens."

A little too purple for our tastes. Both arguments are possible, but in this context we think they're counter-productive, because they'll tend to get the document dismissed in some circles as purely anti-Microsoft propaganda, whereas much of the argument under the headlines strikes us as material that thinking Microsoft techies would at the very least give a hearing to.

From the security perspective monoculture is not of necessity bad; the problems (as indeed the document argues) lie in the flawed nature of the design of the base product, magnified many times by the ubiquity of that product, and again by the complexities introduced under the banner of integration and automation. So in theory at least, it seems to us, you could have a monoculture whose fundamental design premise was not fatally flawed, and whose security issues would therefore not be magnified by "cascade failure" across the network. Sure you could still argue it was lining the pockets of a bunch of greedheads who were stifling diversity, but that's a different argument.

Did somebody at Microsoft think linking stuff together so it could do other stuff without asking you would be cool, or was it a fiendish plan to lock rival products out and lock users in all along? This is a chicken and egg argument that we don't need to deal with here. But for the record, although we accept that Microsoft has used integration as a monopolisation tool, we think they approached it first from the perpective that automation was cool, and that this was always a very stupid and reckless thing to think.

Which still gets us into similar territory to the document's authors. Tight integration, they say, is "a principal driver of dominance and of insecurity... [it] violates the core teaching of software engineering, namely that loosely-coupled interfaces make maintenance easier and life-cycle costs lower."

Microsoft itself accepts that it has a security problem, and while you might reckon it only does so because it's not possible to deny it, clearly the company has to do something about it, indeed is doing something about it. So next we need to ask ourselves whether we think we'll like what that something turns out to be, whether it will be effective, and in what ways it might be effective (because we might not like all of these effects).

The document again: "Efforts by Microsoft to improve security will fail if their side effect is to increase user-level lock-in. Microsoft must not be allowed to impose new restrictions on its customers - imposed in the way only a monopoly can do - and then claim that such exercise of monopoly power is somehow a solution to the security problems inherent in its products. The prevalence of security flaw in Microsoft's products is an effect of monopoly power; it must not be allowed to become a reinforcer."

Basically, how much do you trust Microsoft to fix security in Microsoft products without doing so via further lock-in, with purely monopoly-motivated aspects being introduced under the banner of 'it's good for you, we know best'?

We've said here several times that we think that there are many smart and honest people working on Microsoft's software and its security, but that we doubt their ability to overcome the monopolisation desires of the marketing droids, when it finally comes down to it. So our answer to that last question is, 'not a lot', and that also appears to be the conclusion the authors come to. The susceptibility of networks to attack "cannot be mitigated without addressing the issue of monoculture. Risk diversification is a primary defense against aggregated risk when that risk cannot otherwise be addressed." (our emphasis)

That is, if you don't believe the monoculture is capable of reforming and fixing itself, then you must tackle it by eroding it, by deploying other platforms yourself, by placing restrictions on the extent of monoculture in key sectors, and by legislating to force diversification within the monoculture itself.

Got that? To summarise, monoculture itself is not of necessity bad for security, nor in theory is Microsoft monoculture, provided Microsoft is prepared and able to reform itself. If however it is not, then the Microsoft monoculture is a clear and present danger to global IT security, and it must be reformed via external means.

That is the document's argument, and it's a perfectly sustainable one, albeit not entirely susceptible to being boiled down into a headline soundbite.

What, presuming The Beast fails to rise to its reponsibilities, do you do about it, specifically? The authors argue that governments should accept that "competition is entangled with security policy", which if you accept their reasoning it is, and that "If governments are going to be responsible for the survivability of our technological infrastructure, then whatever governments do will have to take Microsoft's dominance into consideration."

So they should keep a watching brief on Palladium/TCPA, as "there can be no more critical duty of government and governments than to ensure that a spread of trusted computers does not blithely create yet more opportunities for lock-in." (There can, really, but you know what they mean) As regards current products they should note that for many organisations "the only thing keeping them with Microsoft in the front office is Office. If Microsoft were forced to interoperate, innovators and innovation could not be locked-out because users could not be locked-in."

So they propose forcing multi-platform versions of Office, for Windows, Mac and Linux, and perhaps insisting that these ship at the same time. They also suggest forcing Office to be split into components, although from where we're sitting it looks like Microsoft might be doing this anyway, and we don't expect that to make a great deal of difference.

Microsoft Exchange protocols should be standardised and opened up, and "governments must not permit critical or infrastructural sectors of their economy to implement the monoculture path". No operating system should have more than a 50 per cent installed base within key infrastructures, in both the public and private sectors. It's worth noting that they don't think Microsoft should be broken up into OS and apps companies, as they feel that would simply result in two monopolies. And maybe we shouldn't place too much emphasis on the specific measures they put forward - overall, what they're saying is that if you think something's not in the public interest and it won't reform itself, you have to whack it from the outside.

It is possible that governments might accept promises of reform, rather than coming to the conclusion that this isn't possible without their intervention. In this case: "If governments do not dismantle the monopoly but choose instead to modify the practices of the monopoly they must concede that that route will, like freedom, require eternal vigilance." Effectively, this is the difference between structural and conduct remedies. If you don't go for structural, then the conduct remedies have to be sufficiently stringent to make a difference, and you've got to make sure they're rigorously adhered to.

In this area, they lob in one intriguing possibility that we reckon might just play. Given that security failures cost customers a great deal of money, could not a more consumerist view of product liability be taken by the law? They argue that security failures could be deemed "per se offences" resulting in fines, jail or whatever for the vendor of the offending product. Now, what they mean is that when Sobig or whatever hits Microsoft could be busted into the next galaxy, but look at it in a more general way. Are software licensing "agreements" that say that by using this product you agree that it's all your fault, that it's only broken to the extent that it ships 'as is' and therefore if you think it's broken you accepted that this was the case when you bought it, and anyway you agreed it wasn't and you didn't buy it anyway, because it's still ours..."

Er, where were we? But you know what we mean. Software licensing agreements are an outrage and it's high time the law made vendors face up to their responsibilities and told them to shove their licences up the appropriate end. That'd play with the public, and would help concentrate Microsoft's mind on the security issue as collateral.
Bronhe Register

.. naar aanleiding van Helmet's reality check heb ik deze post maar weer verwijderd .. (was vrij onzinnig, maar wel computer gerelateerd, echter bleek het geen nieuws mee... (voor wie benieuwd was wat hier stond: het ging over een usb-koffiemok , kijk maar op fokzine)

[Dit bericht is gewijzigd door Valorian op 03-10-2003 17:13]

quote:

---

Op 3 oktober 2003 17:04 schreef Valorian het volgende:
Speciaal voor mensen die altijd hun koffie koud laten worden bij hun pc , is er in Japan een koffiemok met verwarmingselement uitgevonden, die met een USB kabel aangesloten wordt op je pc

---

Eh, dit topic heet toch 'Computer gerelateerd nieuws'? Enig idee hoe oud die mok al weer is ondertussen? Ik was hoogstverbaasd dat dat vanochtend ineens op Fok! stond

De HalfLife 2 source is geleakt

Gamers : Main page : Software Register or Login

Innocent file-sharers could appear guilty
Posted by configure on 09 Oct 2003 - 07:47 | 8 comments


A research paper highlighting security weaknesses in a popular internet file-sharing network has raised concerns that innocent users could in theory be wrongly accused of sharing copyrighted music.

The Recording Industry Association of America (RIAA), which represents the largest US music companies, has already begun legal action against 261 file-sharers who are accused of sharing "substantial" amounts of copyrighted material through peer-to-peer (P2P) networks.

The RIAA carried out surveillance of P2P networks to determine the usernames of alleged copyright infringers. A subset of these users was then tracked down via their internet service providers.

So far, 52 have agreed to settle with the RIAA for a few thousand dollars each. A further 838 have admitted infringements and promised to destroy illegally obtained files in return for a legal amnesty. An estimated 62 million Americans are thought to have used P2P networks, though it is not known how many have illegally shared music.

The anonymous paper, Entrapment: Incriminating Peer to Peer Network Users, was posted to a free Australian web hosting service and suggests some users could claim that the evidence on which they are brought to trial is flawed. Experts contacted by New Scientist say the paper is a credible piece of work.

News source: NewScientist - Innocent file-sharers could appear guilty


False request

The document focuses on the Gnutella file-sharing network that forms the backbone of a number of widely-used file-sharing clients including Morpheus and Bearshare.

The RIAA's lawsuits have so far targeted users of the largest file-sharing network, Kazaa. The protocol used to trade files through this network is proprietary and has not been publicly analysed.

It describes various techniques that could be used to make it appear to a third party on the Gnutella network as if an innocent user is hosting or searching for copyrighted files. It also describes methods for tricking users into inadvertently downloading copyrighted files so that they actually host these files.

Some of the methods described are made possible because peer-to-peer networks like Gnutella rely on users passing on requests for files and information about the files stored on users' machines. Manipulating these network messages can make it look as if a user is illegally offering files for download.

"These Gnutella-specific attacks seem reasonable at first glance," says Adam Langley, a UK-based peer-to-peer programmer. But the techniques described are not surprising, he says: "Gnutella was certainly never designed to resist an attack like this."

Unreliable evidence

Others experts say the paper raises interesting issues about the ongoing legal furore. "The core point the author is making - the unreliability of the 'evidence' used to sue file sharers - is valid," says Ian Clarke, who invented Freenet, a file-sharing network designed to provide anonymity for users.

Theodore Hong, a peer-to-peer networking researcher at Imperial College London, UK, comments: "It's interesting that these technical weaknesses may actually be a legal strength [for P2P users] by introducing doubt as to who is really doing what."

Langley says it is unclear whether other P2P networks might be similarly vulnerable to misuse. But he notes that there are other ways to incriminate an innocent party: "Most Windows users will run any old attachment you send them, so if you want to implicate someone you can just send them a Trojan."

dubbelpost

[Dit bericht is gewijzigd door grindcore op 09-10-2003 15:13]

Dit was toch al een tijdje bekend? of ligt dat nu aan mij

quote:

---

Op 9 oktober 2003 15:13 schreef Elfensteen het volgende:
Dit was toch al een tijdje bekend? of ligt dat nu aan mij

---

is nieuws dus waarom niet?