Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
News

Slashback: Taxes, Fraudulence, Woodland Creatures 111

Skipping, hopping (and bumbling amd wheezing) toward inevitable perfection, we're pleased to bring you another handful of updates, re-instatements, "that is no longer the operative statement" disclaimers and at least one general thought provoker.

After francokleptomania, restoring GNOME dignity. Bob Smith writes: "KDE beta was anounced but GNOME beta wasn't." Well, GNOME's latest freeze stage on the way to 1.2 was announced back in January, and Miguel answered questions about the state of GNOME in March, but point taken. With all the developments in GNOME, neither Miguel or his programs are likely to hurt for Slashdot coverage. You can grab the beta Bob mentions here.

Now, gentlemen, is there a way to perhaps merely maim this Golden Goose? Misch writes to point out this item on "ABCNews [which]reports that the House of Representatives has passed an extension of the Internet Tax Moratorium. Looks like it's tax free time on the Internet (depending on where you shop)."

Barely enough for a coven ... nullstar writes: "The NTIA has posted its report to Congress concerning the comments it received in regard to section 1201(g) of the DMCA, which deals with exceptions to the prohibition on circumventing encryption techniques intended to protect access to copyrighted materials. They basically claim, 'it's too soon to tell what effects the restriction will have on encryption research, etc., as the exception doesn't go into effect until October, so we're not yet recommending changes in the wording of the law.' Only 13 people submitted comments. "

Conflict of interest is an interesting term here ... full_tide writes "2600 has posted some news about how the MPAA is trying to get Martin Garbus (2600's hot-shot defense attorney) disqualified for a conflict of interest. Cryptome has posted a very long, but equally interesting, reply brief Mr. Garbus has writting in response to the injunction (damn, he's good). Also, the MPAA's web site is back up after a DDOS attack a few weeks back, and much downtime since. They appear to have added some fresh, juicy propaganda concerning the case."

Yessir, the gen-yoo-ine article, you betcha, mate. Jai From Insane Hardware writes: "Well, you may have heard all the rumours and whatnot about the Australian Fake Athlon deal and I confirm that it is true. But we have more info on the subject like on how they came about arriving in Oz and how they leaked thru the channel. This issue is very "close to home" for me so it's worthwhile reading for all the Aussies that go to your site. We also have exactly how the chips were modded. link " Meanwhile, Netsnipe wrote to point out that "Lucien Wells has updated his Web site Techwatch's coverage of the AMD Athlon tampering scandal. "Techwatch has now received press releases from two distributors involved, DMA and RTV Computers which claim that 'Neither RTV Computers Pty Ltd nor DMA (Direct Memory Access Pty Ltd) whom have their stickers on the CPU's knowingly at fault in this situation. At present legal action is underway to find the source of this problem.' At this stage AMD has not yet responded to Techwatch's requests for more information, says Lucien."

This discussion has been archived. No new comments can be posted.

Slashback: taxes, fraudulence, woodland creatures

Comments Filter:
  • Hmm, seeing that there is apparently no factual report about why /. has been so unstable this week, I guess it's time to take a conspiracy theory poll...

    Poll: Slashdot is very unstable this week because ...

    1. Giv'em a break, guys, they just switched servers and are still ironing out the problems. It will turn out OK.
    2. Microsoft has secretly set up a task force with the sole purpose of DDOS'ing Slashdot so that people won't be able to get a copy of the Kerberos spec without clicking through the license.
    3. These conspiracy theories are nonsense! Slashdot has just been getting too much popularity (think, how many people read Wired and see the Slashdot link?) -- it's Slashdotting itself!
    4. The Trolls Are Taking Over(tm)!!!
    5. It's the WAN routers that are at fault! Slashdot is infallible!
    6. CmdrTaco, Hemos, & co. obviously have lived up their promise of not sleeping until Monday. These server problems are a clear sign of drowsy admins who have been living off caffeine several days too long! "Caffeine overflow, Brain Dumped."
  • "If you don't have anything good to say, keep your mouth shut."

    "I do not agree with a word you say, but I will defend to the death your right to say it." --Voltaire

    Free speech is dirty and nasty, that's what makes it so fun. Remember, the only thing you know about a poster (usually) is what they write, not thier age, country of origin, race, mental state, motivations, or experiences. Parse it accordinly, and you might want to check this out too. [wahcentral.net]

    --
  • by PhiRatE ( 39645 ) on Saturday May 13, 2000 @06:55AM (#1075292)
    I'd like to point out an astonishing amount of hostility recently. In the last few weeks I have noticed it especially, when someone chooses to make a statement they don't just make the statement, they litter it with insults, formulating an angry comment dripping with either sarcasm or invective, for no reasonable purpose that I can see. Just the 18 or so comments in this article so far alone contain more hostility than I see in an entire week in any other medium.

    This in itself is a concern, it displays a marked lack of respect towards the others the comment is aimed at. On this very same page you can find a comment querying the lack of information on the recent problems with slashdot. Was the use of the word "Pathetic" really necessary? Was the implied accusation that Slashdot is no longer "open" included for any other purpose than vitrol? A single feather does not a bird make, and a single action by the editors should not be held up, against an astounding amount of evidence to the contrary, as an example of how it has become "closed" or "less responsive".

    I single out this post only because, being in the same article, it is easy to point to, make no mistake it is merely the tip of the iceberg as far as posts containing unnecessary attacks go.

    Please keep in mind that the editors of slashdot, the users who make comments here, the employees of the organisations that are referred to (yes, even those of Microsoft), and all the other people who are somehow brought to our attention in this forum are, in fact, just that. People. And too often I see them judged, instantly, upon such a scrap of information as wouldn't feed a shrimp. Indeed all too often one reads an article only to discover that people are being abused on the basis of nothing more than rumour.

    They are people, they deserve respect by default, the respect given to those who are human, who may make mistakes, but who have lived years of their lives, making hard decisions and taking responsibility for their actions.

    Some calm yes? some thought before writing, and perhaps a little dose of old saying.

    "If you don't have anything good to say, keep your mouth shut."

    Flames will be read, considered, and appreciated. Thankyou for your time.
  • Scientific American recently had an accurate article on the MPAA v. DeCSS situation. As for regular TV, um, those guys can't tie their shoes anyway.
  • Maybe they're still hunting the culprit; maybe they don't want to give the little bastard the attention he wants; maybe server downtime is something that speaks for itself; maybe you could just phone Andover.net [andover.net] and ask them? It's not as if anything they don't announce is automatically a conspiracy of silence (or is it? maybe Bill Gates' minions got into their underpants this morning...).
  • Y'know... The complaint I've more generally heard is that Slashdot tends to not announce KDE news. Witness the repeated stories on Evolution, without one mention of Magellan.

    --

  • by Anonymous Coward
    ... declaring [Microsoft] to be stupid for having done it, or attributing malice to the actions they're taking ...

    Microsoft had months in which to correct the error of their ways wrt their handling of Kerberos extensions. (As clearly documented.) Coupled with the recommendations regarding how to handle "commodity Internet protocols" (ref: the so-called "Halloween Documents), I for one think it's pretty darn obvious exactly what Microsoft's trying to do here. And then to protest /.'s handling of the resulting exposure? That was ill-advised, to say the least. IMO. (And I am "saying the least" I possibly can in that context.)

    When somebody behaves in such a blatantly anti-social and irresponsible manner as I feel MS to have done in this example: IMO they deserve the vituperation that's been heaped upon them.

    I'm certainly no fan of Microsoft. I dislike their products and I utterly detest the company. But right is right. And I have been known to defend them when they're being unjustly hammered. But the Kerberos issue certainly does not qualify in that respect, IMO.

    The point? While your thesis is valid, your example was poorly-chosen. IMO.

  • From the DVD FAQ:
    CSS is akin to the lock on your house.
    . . .
    DeCSS is akin to a tool that breaks the lock on your house.
    . . .
    Have the defendants actually used DeCSS to make illegal copies?

    It is irrelevant whether or not the defendants were personally engaged in
    making illegal copies. They are clearly "providing the keys to the castle," which
    is in violation of the anti-circumvention provisions of the federal copyright law.

    Too bad they didn't extend their analogy, then I think the last paragraph would have read something like this:
    It is irrelevant whether or not the defendants used to lock picks to rob your house. They are clearly providing the lock picks.
    AFAIK providing lock picks isn't illegal. Providing lock picks to criminals *might* be, but that makes the question quite relevant.

  • It's not fear. It's refusal and disgust. There's a difference.
    --------
    "I already have all the latest software."
  • I don't think you're insane, although I'm not sure that full-time piracy is the answer.

    I moved to the United States from a country with oppressive laws, because I saw the U.S. as emphasizing individual freedoms (sometimes at great cost to the society, e.g. gun ownership rights.) But the U.S. now seems to be moving from being a country which emphasizes the freedom of the individual, to one which emphasizes the freedom of corporations to exploit the individual.

    I do hold out some hope that in the long run, bad laws like the DMCA and the incipient UCITA will be overturned or weakened, just as the CDA was. In the meantime, millions of people will have been turned into lawbreakers. When a law is bad, in some cases our moral duty is to break it. If we go along with it, we become collaborators in a greater crime, and are as much at fault for the situation as those who lobbied for the laws in the first place.

    In this case, fair use is one of the issues, but full-blown piracy (selling or giving away copyrighted content to others) goes way beyond fair use. I'm not sure that this sends the right message - it may only lead to more of an arms race, as corporations try harder to protect their content. Wide-scale piracy will only bolster their case within the legal system, and may encourage stricter laws.

    That said, I don't know what the answer is, other than supporting people and organizations that are against these laws, supporting software which allows fair use of content (open source and otherwise), educating people on the subject, and so on.

  • by Roblimo ( 357 ) on Saturday May 13, 2000 @07:50AM (#1075300) Homepage Journal
    The people who should tell the server/DDoS story are the ones who are doing the actual server work, and right now they're simply too busy working to do any story-telling.

    They're also mad. This site is their "baby," and I think that if Martin, the two Pats, Chris, Liz or anyone else on that team tried to write anything right now, we'd get nothing but a string of cusswords.

    Give them some time. Let them work without everyone trying to look over their shoulder. I'm as frustrated as anyone else, but I'm willing to wait until there's an end to the story and hear the whole thing at once.

    - Robin
  • Actually, it was written for windows because windows was the platform they started reverse engineering it on.. due to the availability of licensed players. I thought it was the file system that was unsupported on Linux at the time. Further lies: they say region coding exists so that they can do staggered theatrical releases. So why the f--- are movies that are long gone from the theatres anywhere region-coded?
  • Beome a locksmith's apprentice, or go to a school. There are a number of vocational schools, not to mention the really cheesy mail-order schools that are about as good as a mail-order computer school.

    BTW, in California at least it is illegal to sell picks to anybody without a valid California locksmith license. IIRC all the license requires is a background check.

    I still think the DeCSS/lock picks is a lousy analogy.

  • My house is physical, the movie is not, it's information which wants to be free.
    'nuff said. I can take apart my copyrighted whatchamacalit and rebuild another,
    as long as I basically attribute the source (derived work), but IP laws
    (and MPAA lawyer whores) think that this is just as illegal as copying something I bought,
    when in reality, putting protection there in here first place is the illegal thing (in my mind).

    ICQ#2584116
  • Please consider logging in to get that automatic
    +1 so your future posts will be more visible.
  • I haven't tried either of those, but I'll definitely give them a go.

    There's still something that bothers me about having to feel like a criminal for trying to find out how something works, or making a backup copy in case my DVD player breaks down. This hurts the public more than it helps the artists. Of course, it helps the big record companies most of all.

    But then, it's not like this hasn't been said before 10^6 times on /.

    They couldn't fine me that much because I don't have that much, so I'd probably wind up doing hard time. Hmmm... selling one pirated copy of "The Lion King" == 300lb tatooed live-in "girlfriend" for 10 years.

    Aw, f**k it. OK, I love Big Brother. :0(

  • If you weren't serious, this would be a good troll...

    The obvious problem with this scheme is that demand for some goods and services is much less elastic than for others: for example, your food costs about the same (within a factor of ten or so), whether you're Joe Shmoe or Bill G.

    So the "Fair Tax" would take the same amount from the rich and the poor on these things, but it might be 20% of Joe's income and 0.000...01% of Bill's income. Isn't DoubleSpeak wonderful?

    Or is this all a troll anyway?

  • I guess you're new to the Internet, not knowing how to log in and all. Let me dumb this down for you:

    Net connectivity is not always predictable. Often, network problems can cause inaccessibility to some sites but not others. There are many points between two computers where a problem could happen, and many involved systems. For example, DNS or routing problems could easily make only certain sites inaccessible. If that makes your brain hurt, then take a shower (with soap), learn about "social skills", and use them to ask someone familiar with computers to explain it to you.

  • > The point? While your thesis is valid, your example was poorly-chosen. IMO.

    Upon reading your comment, I totally agree :)

  • I appreciate your compassion and consideration. However, in this case, I think the party who did a bad job was whichever executive made the decision to co-opt Kerberos, in the sleazy way Microsoft normally does things. Whoever made that decision DOES deserve scolding and a virtual slap, and more. Since they're already lying to us, stealing from us, and otherwise treating us with such dismissal, I doubt their feelings would be hurt no matter how many names we call them. Which is too bad, because I wish there was a way to correct their antisocial behaviour, just as we try to correct a child's antisocial behaviour.

    It is unfortunate that in this case, just as in many others, relativism comes into play, they just don't see themselves as doing wrong, and as a street missionary once said to me, "A man convinced against his will is of the same opinion still". A little poetic but true all the same, until they realise of their own volition the harm that they do, we can try and correct them all we like and it will make no difference.

    Even if the breakup of Microsoft goes ahead, all it will achieve is the protection of society from its practices, it will not change how Microsoft views its strategy, indeed they may try all the harder, believing themselves unfairly treated.

    I suspect that in the long term there is only one way to resolve those kind of differences, you have to be recognised as someone whose input counts to the other party before it is possible to convince them of an alternate view, and you have to be prepared to be convinced in turn, for surely we are not always right :) I suspect psychology literature might be the best source of wisdom on this subject.

  • When Yahoo et al. were DDOSed, the Feds and the Mounties were on the case and they busted "mafiaboy" for doing it.

    But Slashdot is just a geeks' nest. I get the feeling the Feds aren't going to care, especially if it turns out that M$ is behind this.

    --
    So many "first post" idjits...so few moderator points... | Delenda est Windoze
    --
    Ooh, moderator points! Five more idjits go to Minus One Hell!
    Delenda est Windoze

  • 1. No can do.
    2. #slashdot on openprojects.net and slashnet.org had quite a few /. reps explaining everything.
    3. Particular to #1. They had to use wired cuz /. was down.
    4. Comprendes?
  • Don't attempt 'striyen unless you are a native speaker. For those who don't know what I am typing about, we have bushflies to keep out of our mouths down here. (-;
  • Are there other software packages besides DeCSS available for decrypting DVD movies, and if so, is the MPAA attacking them as well?

    There are no legal software packages available for decrypting DVDs.

    Hmmm... I wonder what a DVD player does according to the MPAA...

  • Remember that moderators are chosen randomly from the population (mod a few tweaks like eliminating those who abused it) and only get a handful of moderation points each time they're chosen.

    So you no doubt had different moderators than he did.

    Also: The earlier you post, the more people with moderator points will see your post, and the more chances you have to get a point, plus or minus. Three reasons for this:
    - It's up longer.
    - It's higer in the thread tree, so fewer people will have gotten bored and moved on to another article.
    - It's higher in the thread tree, so fewer moderators will have responded to another posting, after which they can't moderate anything in that article.
  • The slashdot stats on the front page seem to say that the site hasn't been down in the past days:
    Slashdot Stats
    date: 12:34pm
    uptime: 30 days, 2:33, 4 users
  • by Anonymous Coward
    I hope this is not out of line, but HopeOS [slashdot.org] posted this here [slashdot.org] and I thought it deserved a wider audience. If I am out of line, sorry.

    ----------------

    Now that the cat is out of the bag, I believe the best way to move forward on this is to release a new spec. Read on...

    MS W2K Kerbos V5 Authorization Fields

    1.0 PREAMBLE - READ THIS NOW
    This document is a compilation of information posted publicly on the
    internet. The author has not entered into any agreement with Microsoft
    regarding non-disclosure of this specification, nor bypassed any copyright
    protections, nor reverse-engineered the protocol.

    1.1 INTENT
    The author intends for this document to assist in the reverse-engineering
    of the protocol by describing the fields necessary to interoperate between
    UNIX and W2K server implementations of the Kerbos V5 specification. The
    author will not maintain this document, therefore it is requested that the
    relevent interested parties host, maintain, and correct this document as
    reference for future work, without being tainted by the MS EULA.

    1.2 LICENSE
    This document is licensed under the GNU Public License. See www.gnu.org
    for details.

    1.3 FURTHER READING
    http://www.ietf.org/internet-drafts/draft-ietf-c at-kerberos-revisions-05.txt
    http://www.ietf.org/internet-drafts/draft-ietf-c at-kerberos-pk-init-11.txt

    1.4 REPRESENTATION
    All symbolic names have been changed. The data representation has been
    changed. Any derived work will not violate MS copyright in this regard.

    1.5 PREREQUISTES
    Reader should have knowledge of MS API, particularly FILETIME, UNICODE,
    and SIDs. Reader should be familiar with NDR encoding and the Kerbos V5
    specification.

    2.0 SPECIFICATION
    Microsoft has produced an extension to the Kerbos spec called PAC
    (Privilege Attribute Certificate) which includes proprietary information
    in the ticket authorization field, specifically the IF-RELEVANT field
    with a sub-identifier of 128.

    2.0.1 FORMAT
    All data is in low endian format. Most data is in NDR format, a stream-
    based serialization of structures and arrays. Sometimes this data is
    encrypted. There are not many keys to deal with so some experimentation
    should yield good results.

    2.1 PAC STRUCTURE

    DWORD toc_count ; number of items in the TOC (table of
    ; contents)
    DWORD pac_version ; version number for this specification,
    ; currently 0
    TOCITEM toc_items[toc_count] ; array of TOC items
    BYTE raw_data[...] ; raw data corresponding to items in TOC,
    ; all items are aligned to 8 bytes

    2.1.1 TOCITEM

    DWORD item_type ; the type of the item in the data portion
    DWORD item_length ; the number of bytes in the item
    QWORD item_offset ; 64bit offset from the beginning of the PAC
    ; structure to the raw data corresponding to
    ; this item. least significant three bits
    ; MUST BE ZERO. isn't this a bit large for
    ; network traffic?

    item_type may be one the following values:

    item_login = 1 ; item contains client credentials (2.2)
    item_supplemental = 2 ; item contains supplemental credentials (2.3)
    item_server_sig = 6 ; item contains server signature (2.4)
    item_kdc_sig = 7 ; item contains kdc signature (2.4)
    item_user_name = 10 ; item contains the username (2.5)

    2.2 LOGIN information (NDR encoded)

    TIMESTAMP login_time ; last login time
    TIMESTAMP expire_time ; session expiration time or TIME_NA if n/a
    TIMESTAMP forced_time ; forced session expiration time or TIME_NA
    ; if n/a
    TIMESTAMP passwd_mtime ; last password modification time or 0 if not
    ; set
    TIMESTAMP passwd_min_time; time afterwhich password may be changed
    TIMESTAMP passwd_max_time; time afterwhich password must be changed or
    ; TIME_NA
    USTRING username ; (optional) the W2K user name
    USTRING userdesc ; (optional) the W2K descriptive user name
    USTRING script_path ; (optional) the user login script path
    USTRING profile_path ; (optional) the user profile path
    USTRING homedir_path ; (optional) the user home directory
    USTRING homedir_drv ; (optional) the user home directory drive
    ; mapping in the event of a UNC home directory
    WORD session_cnt ; (ignore) the number of sessions the user
    ; currently maintains
    WORD badpasswd_cnt ; number of bad authentication attempts since
    ; last successful authentication
    DWORD uid ; relative user id
    DWORD gid ; relative primary group id
    DWORD gid_cnt ; number of additional groups
    GIDATTRIB moregids[gid_cnt] ; array of relative gids and attributes
    DWORD flags ; determines the validity of the following
    ; fields: 0x0020= extra_sid* info is present,
    ; 0x0200= resgrp* info is present
    DWORD ignore1[4] ; (ignore)
    USTRING nb_server ; netbios name for KDC that requested AS
    USTRING nb_domain ; netbios name for user's domain
    SID sid_domain ; sid for user's domain, base for relative ids
    DWORD ignore2[2] ; (ignore)
    DWORD userflags ; tons of flags (see uf_* below)
    DWORD ignore3[7] ; (ignore)
    DWORD extra_sid_cnt ; number of sids to follow, see flags
    SIDATTRIB extra_sids[extra_sid_cnt] ; more sids, see flags
    SID resgrp_sid_domain ; sid for resource domain, base for relative
    ; ids below
    DWORD resgrp_gid_cnt ; number of groups to follow, see flags
    GIDATTRIB resgrp_gids[resgrp_sid_cnt] ; more relative gids and
    ; attributes, see flags

    2.2.1 TIMESTAMP

    QWORD time ; 64 bit value of 100nsec increments from
    ; 1601-01-01 GMT epoch

    TIME_NA = 0x7FFFFFFFFFFFFFFF

    2.2.2 USTRING

    WORD size ; number of bytes in the unicode string,
    ; length is size/2
    WORD max ; number of bytes in the buffer
    WORD buf[max/2] ; array of unicode characters

    2.2.3 GIDATTRIB

    DWORD id ; relative id
    DWORD attrib ; attributes (0x1=required,
    ; 0x2=enabled_by_default, 0x4=enabled)

    2.2.4 SID

    BYTE version ; version number
    BYTE agent_cnt ; number of authorizing agents, max 15
    SIDPREFIX prefix ; the sid prefix
    DWORD agent[agent_cnt] ; array of authorizing agents

    2.2.5 SIDPREFIX

    BYTE b[6] ; array of six bytes, presumably
    ; S-5-a-b-c-d SID prefix

    BTW, NT authority's SID is 0,0,0,0,0,5; note the unusual byte order

    2.2.6 SIDATTRIB

    SID sid ; sid
    DWORD attrib ; attributes (0x1=required,
    ; 0x2=enabled_by_default, 0x4=enabled)

    2.2.7 userflag VALUES

    uf_disabled = 0x00001 ; account disabled
    uf_directory = 0x00002 ; home directory is required
    uf_nopasswd = 0x00004 ; password not necessary
    uf_tmpdup = 0x00008 ; account is a temporary duplicate
    uf_normal = 0x00010 ; normal account
    uf_mnslogin = 0x00020 ; mns login account
    uf_domaintrust = 0x00040 ; domain-wide trust account
    uf_hosttrust = 0x00080 ; host-wide trust account
    uf_servertrust = 0x00100 ; server-wide trust account
    uf_noexpire = 0x00200 ; password does not expire
    uf_autolock = 0x00400 ; account is autolocked
    uf_encrypt = 0x00800 ; encrypted password is valid
    uf_smartcard = 0x01000 ; smartcard is required
    uf_delegate = 0x02000 ; delegate trust account
    uf_notdelegated = 0x04000 ; not currently delegated
    uf_desonly = 0x08000 ; only des key is valid
    uf_nopreauth = 0x10000 ; do not require pre-authentication

    2.2.8 NT TOKEN - is apparently generated from the following fields

    uid,gid_cnt,moregids,flags,sid_domain,extra_sid_cn t,extra_sids,
    resgrp_gid_cnt,resgrp_sid_domain,resgrp_gids

    2.3 SUPPLEMENTAL - additional information may be sent by the KDC
    depending on the security package, but this only pertains to PKINIT
    packets. I good deal of encryption goes on here as well. The data
    itself is encrypted with the client key, but also appears to be NDR
    encoded and encrypted with the KDC->client key as well. Some
    experimentation should resolve this once and for all. Be wary that
    multiple levels of NDR encoding may be present.

    2.3.1 SUPPLEMENTAL HEADER (NDR encoded and encrypted with KDC->client
    key)

    DWORD crypt_ver ; version number of key if encrypted,
    ; 0 otherwise
    DWORD crypt_type ; type of cryptography (see Kerbos types)
    BYTE raw[...] ; the raw data is an NDR encoded CREDARRAY
    ; below (size in TOC entry)

    2.3.2 CREDARRAY (NDR encoded)

    DWORD cnt ; number of credentials
    CREDS creds[cnt] ; credentials (NDR encoded again)

    2.3.3 CREDS (NDR encoded)

    USTRING pckg_name ; name of package
    DWORD size ; number of bytes in opaque data
    BYTE opaque[size] ; array of bytes comprising opaque data

    2.4 SIGNATURES

    DWORD sig_type ; type of signature (keyed checksum only)
    BYTE sig[...] ; raw signature data (size in TOC entry)

    FYI: signing of PAC is performed as follows:
    1. PAC is generated with both signatures zeroed out
    2. Signature is run on PAC with server key and stored in server
    entry
    3. Signature is run on PAC with KDC key and stored in KDC entry

    2.5 USER NAME - helps resolve that the PAC applies to the correct user

    TIMESTAMP timestamp ; ticket AuthTime field in timestamp format
    WORD size ; size of username in bytes, length is size/2
    WORD name[size] ; array of unicode characters comprising
    ; username delimited with / and @, NOT
    ; TERMINATED

    2.6 REQUEST PREAUTH DATA - PACS occur in conjuction with AS and
    TGS requests, but they can be requested on demand or suppressed
    with a PAC-REQUEST. The format is a mere BOOLEAN value. If the
    PAC is not present and the value is true, it is included. If the
    PAC is present and the value is false, it is omitted. The ID for
    this request is called KRB5_PADATA_PAC_REQUEST and has a value of
    128.


  • If that is the case (and it certainly could be, though I doubt it- even the old servers could have handled that type of load) then wouldn't it be really, really easy for Rob and Co. to just jump out and say it? Heck, even a simple "BTW, we weren't DDOS'd- it was just a server failure" would have been sufficient for most of us, I suspect. Of course, if I were a conspiracy theorist, I'd note that such an admission might depress the Andover stock price, which would make it a big problem to post at all... but that'd be crazy, wouldn't it.
    ~luge(not a conspiracist! I swear!)
  • I noticed with some amusement and disgust that the MPAA propaganda page states that copying a DVD for your own personal use is illegal. Since when? What a load of #%@$%$%!

    That's exactly what the DMCA changed. Fair use doesn't matter if you circumvented copy protection to get at the copyrighted material. That's what makes DMCA so dangerous: it renders the concept of fair use legally insignificant.

    I'm so fed up with the power of the mass-media conglomerates, I'm considering taking up full time piracy as a form of civil disobedience. Has anyone else had this thought cross their mind, or am I insane? (not XOR).

  • I love how the MPAA compares DeCSS to picking a lock on a house. They act like the DVD that I bought is their house!

    The last time I checked, I can break into my house as often as I want, even if I bought my house from someone who might not approve of it.

    Also, how many people here would care if someone got the blueprints to your house and made an exact duplicate without your permission?

    What's really sad is that Microsoft has been able to produce a more convincing propaganda-FAQ page than the MPAA did. I've also seen some considerably more convincing anti-DeCSS pages.
    --------
    "I already have all the latest software."
  • I prefer to consider this as one aspect of the flow-of-control diagram of the government. Of course I'm not an expert in multi-processor systems, but it sounds like you are properly describing a part of the model, drastically simplified, of course.
    Politics? I'm really not an expert there. I tend to consider that a subset (subclass?) of rhetoric.

    I know that programmer-speak is sometimes awkward, but we have ways to check whether or not our ideas work out in practice. So I trust the program analysis of an application as being a valid analysis (or at least potentially checkable). Political talk is generally explicitly designed to NOT be checkable. So I would prefer to avoid it as much as possible. And for this argument it isn't needed! (But you've left out many assumptions, that need to be explicit if one were to validate the argument).

  • DeCSS is akin to a tool that breaks the lock on your house.
    Since when does the MPAA have a right to put a lock on my house?!?!
  • I doubt we'll ever know the full truth of the matter. Not because of CT necessarily being opposed to telling it, but because I suspect the only people who'll even -know- what happened will be the attackers themselves.

    However, there are a few interesting things about the DDOS attack on Slashdot, which -could- offer some possibilities.

    First, the attack came about not long after the Microsoft demand story was posted.

    Secondly, no Microsoft-owned news service is covering the story, despite other mainstream news services covering it.

    (Microsoft NEVER misses an opportunity to ridicule opponents in the media. This time, they're keeping their mouths firmly zipped.)

    Thirdly, Microsoft employees are not above extreme demonstrations of loyalty, authorized OR unauthorized.

    Lastly, most widespread DDOS tools run on Microsoft OS'. In itself, this wouldn't mean much. But placed in context, it becomes a little more significant.

    It is therefore my theory that a Microsoft insider (probably -without- explicit permission) carried out the DDOS attack, and that any investigation will run into innumerable political obstacles, above and beyond any technical problems of tracing it.

    If this theory is correct, the only chance anyone has of knowing the truth is if that insider "defects" and talks. Very, very unlikely.

    To be honest, though, nobody else really has any motive or incentive, never mind the sheer bulk of machines needed to jam up a site designed by internationally-recognised experts in ultra-high volume web distribution. You are NOT talking about a server that'll fall over the moment anything more sophisticated than a goldfish logs on.

  • If voters feel that the tax cuts outweighs the local impact when they vote for Congress, why do they feel differently when they vote [sic-for] local representatives?

    Because local representatives (on municipal to state levels) are responsible for everything from your trash collection to schooling to policing to property taxes, that's why.

    When my property taxes rise because of Internet based sales taking eating away at the local tax base, those decisions, ultimately, are made by my local town government, NOT Leahy, Jeffords or Sanders (who happen to be my Congressmen).

    Not many local reps (governor, state reps, municipal, etc.) criticize local Congressman X. It just doesn't happen too often because someday, somehow Congressman X will bring home the pork and the local rep won't be invited to the ribbon cutting ceremony for whatever battleship is being built in the district.

    Also, many Congressmen try to cultivate the "elder statesman--working for America" image and rarely, if ever, get involved in local politics. Note the importance of committee assignments/chairmanships and investigations like Waco, Chinese spying, etc.

  • by Anonymous Coward
    I have a very hard time believing it was a DDoS. If anyone knows for sure, it would be /. staff, but still.

    1) We all know that at peak times /. struggles under the load.
    2) This story was so inflamatory that everyone who normally just reads /. had to post to this story. Further, instead of just refreshing an article a couple of times, this story was so interesting that we all refreshed many, many times just to get the latest comments.
    3) From what I observed, the blackouts coincided with peak times in the US and the Australia.
    4) Those that couldn't get on, were so emotionaly bound up in this, that no matter what, they had to reach slashdot and read the latest or post their comment. Consequently, they continually tried to connect to /. even when it was refusing any new connections (hence an effective DDoS of syn's), failing that, they pinged or tracerouted /. to test if the problem was fixed yet (hence an effective DDoS of icmp packets).
    5) Widespread media attention multiplied /.'s readership.
    6) As "proof" that /. servers were not keeping up with traffic, I had established tcp streams to /. returning with source IP of 10.1.48.4 (and port 80) instead of one of (64.28.67.64, 64.28.67.63, 64.28.67.62, 64.28.67.61) indicating either an unhealthy router or NAT.
    7) Finally, I would not be in the least suprised if this story multiplied /. traffic 10x or higher. What server wouldn't fold under similar circumstances?

  • Or do you really need want us to state the obvious?

    It may be obvious to you at Slashdot, but it's far less obvious to everyone else. We're not there.

    I have a fast but flaky Net connection. For all I know, when I can't reach Slashdot, there's something screwed up with the network I'm on, or a problem at MAE West, or something else. Yes, network problems sometimes prevent access to certain sites and not others. With testing/proxies/etc. I can formulate a better guess of what's going on, but why not just give us the answer if you have it? You may not realize it, but you're keeping us in the dark.

    Please communicate with us. Having network problems is nothing to be ashamed of, but it's much better handling to keep people informed. If you were a network admin at a company, wouldn't you let staff know when the file server has crashed? Even utility companies tell the public when there are outages, so everyone knows it's not a problem in their individual homes. A simple memo from Slashdot would go a long way, doesn't need to be fancy.

  • > they are making *broad* taxation decisions for the *GOOD* of the nation

    But they aren't elected by the nation at large. They're elected by those local shopkeepers and consumers. The same people that elected those State reps also elected the Congressmen.

    If voters feel that the tax cut outweighs the local impact when they vote for Congress, why do they feel differently when they vote local representatives?

    Frankly, I think all sales taxes are bad because they are simply the most regressive tax. But that's another thread entirely...
  • We're not (or at least I'm not) trying to look over anyone's shoulder. I just want to know what's happening, so I don't spend time trying to debug my own network. A short simple communique from anyone at Slashdot would help a lot. Basic communication. This is a team effort, we're supposed to be working together.

    My own connection is flaky. For all I know, when I can't reach Slashdot, my local network is screwed up, or any number of other problems between me and slashdot.org. I'll keep trying to fix it until I know it's out of my hands.

    Being attacked is nothing to be ashamed of, but keeping it hidden from friendly parties is the wrong way to deal with it. I would think it's easier to post a short note once than deal with hundreds of emails asking what's going on. You're sitting there at Andover, but the rest of us are in the dark.

    Anyway, good luck in fixing it. Afterwards, please tell us what happened so we can a) offer insight on how to avoid it in the future, and b) guard against it on our own sites. You know, the old open-source approach.

  • Another obvious problem with your plan is that with income tax, people are motivated to make more money, while with an expense tax they would motivated to buy less. Doesn't sound very productive.
  • They had a job to do, they did their best and have been found wanting, a terribly unpleasant feeling I can assure you, and I have little doubt that most other people know just how unpleasant it is.

    I appreciate your compassion and consideration. However, in this case, I think the party who did a bad job was whichever executive made the decision to co-opt Kerberos, in the sleazy way Microsoft normally does things. Whoever made that decision DOES deserve scolding and a virtual slap, and more. Since they're already lying to us, stealing from us, and otherwise treating us with such dismissal, I doubt their feelings would be hurt no matter how many names we call them. Which is too bad, because I wish there was a way to correct their antisocial behaviour, just as we try to correct a child's antisocial behaviour.

  • So far, we have seen DOS attacks and router deaths... these are not /.'s fault. They are Exodus's fault. Not surprising, in my experience they have proven pretty clueless, and I was surprised Andover was going with them, of all people. Nevertheless they do host a lot of big sites... just very poorly.
  • Their lawyer-whores said: "Hey! Let's set up a *real* trojan horse for those /.-hippies and nail their asses! We can design this whole disclosure so it'll work as a righteous open-source-geek-trap and when they fall for it -- which they *will* -- we've got /. and andover.net all in one swoop!"

    At the risk of karma-whoring, I'd say it's more like this: Microsoft, looking for a fight, draws a line in the sand and says, "I dare you to cross this line." Slashdot crosses it and says, "What are you gonna do about it?" I think both Slashdot and Microsoft knew (or at least hoped) that something like this would happen when the spec was posted -- I certainly did; as tests for the DMCA go, this one is as rigged in our favor as they get.

    On the other hand, MS is a corporation; they're used to hitting things with a hammer, and they're quite good at it. As someone else pointed out, they get somewhat confused when they encounter Jello -- which Andover is not. I expect this to go to court, and I wish the best of luck to Andover.

  • > When my property taxes rise because of Internet based sales taking eating away at the local tax base

    Well, this was my point about the regressive nature of sales taxes in general. Since you're local gov't isn't getting its sales tax, they have to tax something else. And since the sales taxes effect the poor disproportionate to the rich, you'll find the rich start lobbying to save their money.
  • How goes this whole Microsoft thing? I'd like to see an update on that story. -JeremyT Tughouse http://tughouse.tuginternet.com
  • Uhm shouldn't / just fix moderation so all posts start with a level playing field? Look at the crap I'm posting and this is 1 just like the AC.
  • "I guess you're new to the Internet, not knowing how to log in and all. Let me dumb this down for you"

    You're obviously new to manners and probability, buttmunch, so let me dumb this down for you: AC was not suggesting a guranteed method of debugging the connection but something that will give you an answer within reasonable probability bounds.
  • As a result of a very widely distributed attack, people can't visit my website. Hundreds of thousands of people have conspired to create web sites more interesting than mine, and so no-one's heard of it, and so no-one can find it.

    I'd like to see those DDoS dorkuses try that strategy against /.
  • Okay, you got me, tim. Which one is the thought provoker? What is up with this format anyway?
  • You're obviously new to manners and probability, buttmunch, so let me dumb this down for you: AC was not suggesting a guranteed method of debugging the connection but something that will give you an answer within reasonable probability bounds.

    Read it again, flameboy. He wasn't trying to be helpful, he was being insulting and sarcastic. I could find no other way to interpret it, and I tried. I was a lot more informative to him than he was to me. Do you care? Probably not. I think you're just looking for an argument.

  • Sorry, guys, but it is really pathetic that there has been no news here about the problems you've been suffering. There have been tons of people reporting SQL problems today, we all know the site has been shut down repeatedly over the last couple of days, and wired reported that you had a router die. I hate to make a "in the old days /. was better" but it isn't that hard to look through the archives and find CT saying "oops... our server died/crashed/whatever." That kind of honesty and straightforwardness is what made /. a community first and a news site second. It's sort of sad that this kind of openness (which is much more important than source) is apparently no longer a priority.
    ~luge
  • I'm so fed up with the power of the mass-media conglomerates, I'm considering taking up full time piracy as a form of civil disobedience.
    It's been said before ... lots of times ... probably even on /. ... but IMHO it bears repeating.

    Pirates of copyrighted works often claim "civil disobedience" as a justification. "We just want to protest Evil Corporations Who Exploit Artists And Customers Alike."

    But, without judging you in particular -- think about the following before you actually take up this occupation:

    • Is is just coincidence that pirating also happens to give you free access to what you would ordinarily have to pay for? If pirating cost you money instead, would you still do it just for the principle of the thing? (If so, you're in luck! You can pirate DVD's onto other DVD's! Blank DVD's cost a lot of money! You will really be making a statement when you can say "Rather than pay ECWEAACA for a copy of this DVD, I spent twice as much just so I could pirate my own.")
    • Would you pirate if it weren't so anonymous? Are you willing to stand up and be counted, and go to jail if need be? Have you contacted the copyright holders of the works you wish to pirate and dared them to take you to court? As a technocrat.net poster said a few days ago, if you're not willing to reap the consequences of breaking the law you disagree with, any sanctimonious claims of "civil disobedience" ring pretty hollow.
  • There's a landslide of attempts to remove freedom that we have all come to cherish. People are testy about it, tempers are short, politeness has, by necessity, gone out the window. When corporate america stops trying to fuck with us, we can get back to the level of civility we usually operate at.
  • That should make it stop, right? This isn't because of bad servers or something. This is because a single person (or several) is acting maliciously. And crowing on the front page about their actions every day, just would give that person more power.
  • IIRC, blueprints for buildings are on public record. So anyone with (usually) $5 could just file a request with the county (or city, or parish, or whatever) clerk and get them.

    They make a point of saying that cable descramblers are illegal. So why do I always see ads for them in Popular Science? And I guess the magazine is committing a crime by telling you where you can buy those "illegal" devices. Not to mention that video input devices for computers are illegal, since you could copy a movie from a VCR (or DVD player, egads!) to your computer and distribute it over the internet.

    My favorite, however, is where they say they only want _licensed_ players. Effectively, they admit to being a cartel. Shouldn't we be taking the DVD-CCA to court on anti-trust allegations? Incidentally, they answered the question "What is the the DVD-CCA?" twice, but didn't mention who is in this "not-for-profit corporation" (most people assocate non-profit with charity). Though they did name all the goons in the MPAA; so are there any studios NOT involved in this conspiracy?
  • by invenustus ( 56481 ) on Saturday May 13, 2000 @06:24AM (#1075344)
    From the MPAA page: DeCSS is akin to a tool that breaks the lock on your house. Uh, I prefer to think of it as a tool that lets ME break locks on my own possessions. Ugh. I don't know what to think about the fact that they called the creators "hackers". Guess we can't argue with it. :)

  • ...pathetic that there has been no news here about the problems you've been suffering. There have been tons of people reporting SQL problems today, we all know the site has been shut down repeatedly over the last couple of days...

    Amen. Slash has been reeling around thismorning as though bashed in the head with a ball bat...

    Enquiring Minds Want To Know

    ======
    "Rex unto my cleeb, and thou shalt have everlasting blort." - Zorp 3:16

  • Pirates of copyrighted works often claim "civil disobedience" as a justification. "We just want to protest Evil Corporations Who Exploit Artists And Customers Alike."

    I'm not claiming it as a justification, because I have no desire to actually pirate anything. I'm not rationalizing my own greed and cowardice. I actually just want to hurt the cause of corporate power.

    If I want music, I'll make it myself or with my friends or go to a concert. I don't really NEED pre-packaged, mass-produced, mass-marketed glop. So the only reason I would pirate would be to make a statement.

    Would you pirate if it weren't so anonymous?

    You don't see me hiding behind an AC, do you? But I suppose that's not what you meant. You mean like the anti-mafia judges in Sicily who virtually knew they would be killed and yet continued their campaign against the 'cosa nostra'.

    Yes, I would send out press releases to the media that I was pirating CD's and explain why I thought it was an act of civil disobedience. I would probably arrange to have the money donated to a charity (though I don't know if charities accept proceeds from a crime) or perhaps I'd just give the stuff away to prove that I'm not doing it just for my own gain.

    if you're not willing to reap the consequences of breaking the law you disagree with, any sanctimonious claims of "civil disobedience" ring pretty hollow.

    Don't tempt me. I'm not the kind to sit idly by.

  • uhh... remember, just this week, the story about "We're switching servers, and we don't plan to sleep until Friday or later." I'd say that is plenty of openness, and personally I'd rather be hearing the news, not "Oops, our system went down...". If their system went down, then either I know about it already, or I don't need to know about it because I was doing something else when it went down.

    --
  • I noticed with some amusement and disgust that the MPAA propaganda page states that copying a DVD for your own personal use is illegal. Since when? What a load of #%@$%$%!

    I agree with the other posts, what is the status on the DDOS attacks on ./? How's the Micro$oft thing going?
  • On a political level, no, this does not affect them because they are making *broad* taxation decisions for the *GOOD* of the nation, not just their district. There's little pork to bring home and get credit for. Normally, state/local taxes are not dealt with on the Congressional level and Congress is making a well placed bet that voters will look at the tax cut aspect not the local impact (if any). If I were in Congress, I'd place that bet too. (And if I had those chances in RENO, I'd certainly place that bet!)

    Also, the bill in the House is not taking away PRESENTLY collected taxes in only a few (something around--if I remember correctly-- a few states and two cities, Washington DC being one of them). This present taxing system works like catalog sales--if you have a presence in a state, state residents have to pay local sales tax.

    Local politicians are angry because 1) the moratorium wasn't set to expire until 2001 (and it is an election year THIS YEAR) and 2)the moratorium is set for 5 years, which is hobbling at best for those interests.

  • by Pentagram ( 40862 ) on Saturday May 13, 2000 @06:26AM (#1075350) Homepage
    I asked this in a post yesterday, but I was moderated down as offtopic; yet you get +3 Insightful ... hmm, moderators are fickle (as if we didn't know that already!) Mind you, I suppose this story is a little more general so more posts will slip through.

    What we need is a weekly (or whatever) story on the 'state of /.' where we can post about how much it sucks and how to improve it and so on.

    Err, anyway, regarding the DDOS... it seems strange trying to get news on it from other sites when /. is usually the first to report this sort of thing. Tell us what's going on please!

    Perhaps Taco can't bear the thought of all those posts discussing conspiracy theories about M$ slashdotting /., coming so soon after the legal threat. I admit that that will be quite painful, but I'd still rather see the discussion.

  • Actually doesn't /. under the DMCA only have 48 hours to respond (ie. take down "offending" material or be sued) to Microsoft. They can then have the material which was removed put back up at the request of the original poster, who under penalty of perjury says that Microsoft was wrong, and then Microsoft can go after the poster if it chooses to.

    I don't necessarilly think that this is what /. should do, only that I think if they wait longer than 48hrs their choices are severly limited.

    Thus I'd like to hear what their lawyers said, and what they are planning (ie are they not going to act on the request in 48hrs (btw has this already passed?))

    But of course it completely up to the editors to choose what to tell us, this is just what I'd like to hear.
  • by Anonymous Coward
    "If you don't have anything good to say, keep your mouth shut."

    Wouldn't that pretty much preclude any stories or comments about Microsoft, the MPAA, Network Solutions, the RIAA, the Government (pick one) and a host of others too numerous to mention?

    (Sorry, couldn't resist.)

  • by JoeShmoe ( 90109 ) <askjoeshmoe@hotmail.com> on Saturday May 13, 2000 @07:11AM (#1075353)
    BRIEF SUBMITTED BY MEDIA DEFENDANT 2600 ENTERPRISES, INC. AND ERIC CORLEY a/k/a
    "EMMANUEL GOLDSTEIN" IN OPPOSITION TO PLAINTIFFS' MOTION TO MODIFY THE PRELIMINARY INJUNCTION AND IN SUPPORT OF DEFENDANTS' CROSS-MOTION TO VACATE THE PRELIMINARY INJUNCTION MEMORANDUM OF LAW IN OPPOSITION TO PLAINTIFFS' MOTION TO MODIFY THE PRELIMINARY INJUNCTION AND IN SUPPORT OF EFENDANTS' CROSS-MOTION TO VACATE THE PRELIMINARY INJUNCTION


    Huh??? And companies wonder why consumers are so opposed to reading EULA click-thru licenses...

    - JoeShmoe

    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-
  • by talks_to_birds ( 2488 ) on Saturday May 13, 2000 @07:17AM (#1075354) Homepage Journal
    I was just over at the news.com article about the DDoS at /. and, as that article actually covered more about the M$/Kerberos/EULA deal, a thought occured to me [that's probably been brought up before, but what-the-hey...]:

    The whole way in which M$ posted the Kerberos specification, with the embedded EULA, was a setup right from the get-go that we -- of course ;-) -- fell for hook-line-and-sinker.

    Their lawyer-whores said: "Hey! Let's set up a *real* trojan horse for those /.-hippies and nail their asses! We can design this whole disclosure so it'll work as a righteous open-source-geek-trap and when they fall for it -- which they *will* -- we've got /. and andover.net all in one swoop!"

    So what they were doing had nothing to do with disclosure or openess or any of that touchy-feely bullshit!

    It was a trap, right from the start!

    Whoa! Acute conspiracy theory poisoning! My head hurts! Induce mental vomitting!

    t_t_b
    --

  • by Anonymous Coward
    dude, when are you going to GROW UP and give your real email address out? i'm from microsft and i've been trying to email you our retreat email but i keep getting it bounced. if it's not roblimo.nojunk@slashdot.org, can you please give us the real one? Thank you kindly.
  • "Err, anyway, regarding the DDOS... it seems strange trying to get news on it from other sites when /. is usually the first to report this sort of thing. Tell us what's going on please!"

    I never go to Wired.com anymore -- but found myself there recently reading a story about Slashdot. Weird.

    Rob, Jeff, I understand that you might not want to discuss the DDoS in order to avoid 'encouraging' that sort of thing, but if you're gonna talk about it to Wired, talk to us too!

    You needn't reveal technically sensitive details, but, please, tell us what you can.

    Don't make us start submitting news stories about the Wired article! ;) [heh. I'll bet you already got some, huh?]
  • From the section regarding region coding:

    "It is simply impossible with present technologies to supply film prints of a movie to all of the theaters around the world at the same time. Motion pictures released by the major studios are generally released first in the Untied States and subsequently overseas."

    Is that whats wrong? The States are Untied when they ought to be united..
    -
  • Rob... I think you are missing the point. No one wants the "story"- at least not yet. We just want to have some little tidbit, now. It's not just that /. readers are impatient (they are) but to a certain extent they feel that this is a community and they want to know (or at least have some clue) WTF is going on. Oh, and they don't want to get it from wired. Believe me, we sympathize- it's a miracle that this didn't happen a long time ago. But even the slightest little "shit! we're working on it!" would be respectful of the community and the role we play in your success.
    ~luge
  • Also, how many people here would care if someone got the blueprints to your house and made an exact duplicate without your permission?

    The owner probably wouldn't care. The architect is another matter.

    Any how, my take on the DeCSS issue has always been that people spoiled it by failing to make clear their intent. If they tout it purely as a means of playing DVDs on Linux I have no problem with it; unfortunately, it's been caught up by the anti-intellectual property zealots. As I've said: "If we take away intellectual property, intellectuals will have no property. Where have we seen that before?"

  • I just noticed on one the Technocrat [technocrat.net]'s Slashdot problems-related forums [technocrat.net] a response from Micheal Sims (michael@slashdot.org), in which he confirms that "Slashdot has been under DDOS attack for the last 24 hours or so."
    Why isn't this information being posted on Slashdot itself?
  • Check out http://www.fairtax.org [fairtax.org] -- they're pushing for a sales tax on all new goods, and services (used goods won't be taxed). They'd eliminate the income tax, capital gains tax, inheritance tax, and gift tax.

    The benefits to most of the people reading this are huge. First of all, it's shifting the burden of taxation from income to expense. This is great -- if you waste less, you're "punished" less. Thus we have a system which rewards efficiency, and so recycling would be rewarded, not just something "we should do." (People rarely do something unless it's in their immediate best interest.)

    In addition, many of us work for high-tech startups with stock options. Eliminating capital gains taxes gives you effectively 30% more of your millions, since most stock grants from startups prior to IPO are ridiculously low (i.e., buy it for $1 and sell it for $100, and you're taxed on 99% of your proceeds under today's system).

    By eliminating capital gains, inheritance, and gift taxes, you can ensure that the wealth that you build throughout the trials and tribulations of your life is preserved for you and yours, not wasted on pork barrel projects in some other city or state that don't affect you at all (so why should you have to pay for it?).

    I'm not affiliated with them in any way other than as a sponsor; I urge everyone who's already financially independent to donate (it's tax-deductible). If we can get this passed, then the return on your "investment" (in FairTax) will definitely be worth it.

    An example: let's say you've got $100,000 in stock from employee options. If you sell it you'll pay something like $30,000. So donate $1,000 to FairTax, and when it passes you'll get an additional $29,000 when you sell! That's a 2900% return on your money.

    ESR, CmdrTaco, Hemos: you've all got millions. You can have even more millions by helping this get passed.

    Thanks for listening,
    Thing 1

    --
  • Well, it seems to me that GNOME gets more stories than KDE, because GNOME seems to attract more ideological crusaders than KDE does. Thus, GNOME supporters tend to be more likely to be activists, and more willing to submit more stories.

    Throw in the fact that the illustrious Commander uses Debian, and Debian is carrying out a (in my opinion silly and childish) boycott of Qt and KDE, and you get an easy to understand picture of why slashdot shows more GNOME.

    It doesn't really seem like bias to me; just a consequence of the personalities involved.
  • There's this really cool thing you can do to verify that the connectivity problem is not at your end. You might not have heard of it, but here goes:

    Try to reach some other website besides slashdot.org! If you can connect to another site, your connection is probably okay. If it really, really bugs you to wander that far from your primary website, it's probably safe to connect to freshmeat.net or even linux.com.
  • In your FAQ [mpaa.org], there are several problems: The FAQ claims that a Linux DVD player is available. I have seen many other press releases where the MPAA states that there are many available licensed Linux DVD players. I am a user of Linux and Windows 2000 and am in pursuit of such software, I would like to purchase it immediately if possible.

    However, these players do not seem to exist. The FAQ says that Sigma and Intervideo had announced Linux players, but on their pages there is no indication of this (by the way your sigma link is broken, it is missing the ".com" in the href). I have not read about any assertion that Linux players exist or will ever be developed except by the MPAA. The mainstream press does not have any story on it, the press releases on these sites do not contain any such announcement. In fact, as you may see from the following links, they announce the opposite:

    == From Sigma Designs (hollywood plus page) [sigmadesigns.com]: Supports Windows 95, 98, NT 4.0 and Windows 2000 ==

    From the Intervideo FAQ [intervideo.com]: == WinDVD currently supports Windows 95, Windows 98 (original and Second Edition versions), Windows NT4 and the upcoming Windows 2000. For further details on how to install WinDVD into the operating system of your choice, and Operating System specific issues follow the below links: Windows 95 Windows 98 Windows NT 4 Windows 2000 There have been many requests for a Mac, Linux, and Windows CE version of WinDVD. While none of these can be ruled out in the future, we currently do not support any of these alternative OSs. ==

    I should also point out thatyour FAQ claims that the infamous DeCSS program is only used for piracy, and that the CSS encryption algorithm prevents copies from being made. However the CSS encryption algorithm never prevented copies from being made, it only prevents viewing the content. As your site admits, piracy would not require circumventing the CSS algorithm. In fact there is far more value to pirates in circumventing regional encoding. A pirated DVD MUST RETAIN the CSS encryption if it were to retain its value, since the DVD players would expect that.

    The only value in circumventing CSS stems from the ability to create players. DeCSS was only created after the basic refusal to create Linux players by manufacturers of current DVD players, and the refusal of the MPAA to allow Linux coders the licensing/information they needed to do so themselves. The fact that DeCSS is for windows is a non-issue. DeCSS was developed in windows because the players the authors reverse-engineered ONLY RUN ON WINDOWS. To say this is a proof of its nefariousness is at best a circular argument.

    The authors released the code so that people could quickly port this to Linux should they fail to do so. And as a result of their incarceration, they have failed to do so, the MPAA being responsible for said incarceration and the ensuing lawsuit which has scared Linux developers off from creating any players based on this code.

    It goes without saying that Linux users would pay for a program that allowed them to play DVD's. However that brings up another sore point. Even the players available for Windows are incredibly clunky and buggy, and incredibly sensitive to corruption. It is clear that limiting the number fo developers who are allowed to make this software is not a good thing.

    I imagine that this letter will be ignored, as will the facts, as they have been for some time. nevertheless I feel it is my duty to inform you in good faith that you are mistaken, and hope that the situation will be rectified in a civil manner, rather than becoming mired in all this inflammatory rhetoric and sabre-rattling, which is doing no one any good. For the first time in 70 years, America is taking a second look at the MPAA, and its value. This scrutiny cannot be doing your organization or the interests it represents any good. The opportunity yet exists for the MPAA to make this right.

  • Maybe people are annoyed because their favorite website has been up and down intermittently lately. Add that to the fact that Microsoft is making everyone's blood boil (even more than usual) and you can't be surprised that posts contain a little more vitriol this week.

    Nathan Whitehead

  • > You wanna know the real deal on why the tax moratorium is getting a push in Congress?

    Wait 'til November. Right now every politician and his dog is promising election year tax cuts. What better way to recoup their losses than to slap a tax on the internet the day after elections?

    --
  • (i) Permissible acts of encryption research. Section 1201(g)(2) creates an exception to section 1201(a)(1)(A) to permit an individual to circumvent a technological measure in the course of an act of good faith encryption research provided four elements are satisfied:

    (A) the person lawfully obtained the encrypted copy, phonorecord, performance, or display of the published work;

    (B) such act is necessary to conduct such encryption research;

    (C) the person made a good faith effort to obtain authorization before the circumvention; and

    (D) such act does not constitute infringement under this title or a violation of applicable law other than this section, including section 1030 of title 18 and those provisions of title 18 amended by the Computer Fraud and Abuse Act of 1986.(17)

    As a practical matter, this exception is not yet in force as it is a defense to a violation of the prohibition on acts of circumvention - a prohibition that will not go into force until October 28, 2000.

    DeCSS should fit all areas of this clause. The system that the information was gathered from was legaly purchased, this was nessacery to do this research, there had been multiple atemps by the community to get this information to create a DVD player, and this definatly is not computer fraud. Seems like this is already needed to be in effect. their is already one case that needs it for it's defence.
  • Ah, we both know the real reason now, don't we?

    Debian wants to support GNOME, because it's GNU and uses GNU licenses. Debian also doesn't like KDE, because KDE uses Qt, and Qt..

    1) has a closed, Win32 version
    2) isn't GPL or LGPL
    3) only recently became "Free Software"

    Any computer-literate contract lawyer could tell you that the license to use and distribute KDE implies the right to use it with Qt, and thus would be perfectly legal.

    I probably shouldn't have thrown in that aside, though. It was really off topic, and not nicely stated. :-) I just get really annoyed when I think about the way people act, sometimes.
  • This analogy reminds me of _Foundation_ by Isaac Asimov: "It's a poor laser blaster that doesn't work both ways." -- Salvor Hardin

  • with income tax, people are motivated to make more money, while with an expense tax they would motivated to buy less.

    Actually, with an income tax people are motivated to hide their earnings.

    With the FairTax, the only "collection points" for the IRS will be businesses -- you won't have to file a personal income tax, ever. This reduces the amount of work in collecting taxes by about 90%, which would make our government more efficient.

    With an expense tax, people are motivated to make even more money -- because they know it won't be taken from them. And yes, they are motivated to spend less as well, but there's nothing wrong with that -- I'd much rather people learn to be frugal and support themselves than voting all my money to the government for programs to support them (which keep them dependent).

    I'm not trolling. I've already given them lots of money, having made it at a startup and not wanting to lose it myself. This is the best answer I've found; rather than pointing out problems, try offering solutions.

    Thanks,
    Thing 1

    --
  • The problem (at least as reported by wired) is not the new servers- it is that the new servers are getting DDOSd. Like you say, you'd rather hear the news. Well, this used to not be just a news site. There was a sense that there was a community- CT was one of our buds, not just a talking head. If Rob wanted CDs, that's cool- we'd buy from CDNow. If Rob had a shitty day at school, he'd say it and say that's why he hadn't posted stuff. If I just want headlines (which appears to be the desire of most /. readers today, unfortunately) I'd go to wired... since, among other things, they actually seem to report on DDOSs.
  • The FairTax has a provision for the poor and for essentials. No DoubleSpeak involved. See their site [fairtax.org] for the details.

    The point being, those who want to purchase a luxury car can -- and those who want to be frugal and purchase a Honda Civic will get to keep more of their earnings. So it rewards efficiency, and puts the system in line with reality -- rather than the current system which rewards lying (and hoping you don't get audited).

    I don't know about the rest of you, but I certainly prefer the carrot to the stick.

    I'm not trolling, I'm putting my mouth where my money is -- I've already donated heavily to them in the hopes of keeping more of my IPO stock options.

    --
  • It does seem weird that i read about DDOS attacks amined at slashdot on news.com, and other news sites (news.com article covering slashdot recieving the laywer letter from MS), and not on slashdot it self ..
    I thought the slashdot community was composed of many smart network engineers, laywers, snoopers, coders, and other forms of computer educated people .. What better place to talk about DDOS's, and let others in on solving & learning from the problem.
    Isnt that what build this community? If we silence our own experiances, we might as well silence others (scinical reference to MS letter)


    -- Chris Chabot
    "I dont suffer from insanity, i enjoy every minute of it!"
  • (This was most likely a troll but I'll reply anyway.)

    The ideas of capitalism and inheritance are not mutually exclusive. Or are you saying that people get to build their empire however they like while they're here, but when they die they have to give it all up?

    What incentive would they then have to provide for their children, and their children's children? I'm not anti-freedom; I think you should have the freedom to do whatever you like with your own money, including giving it to your family, before or after you die.

    I didn't say anything about monarchy, knights, or titles. All I said was let's make the system more efficient and reward recycling and reuse.

    You can get the details at their site [fairtax.org].

    --
  • At least, according to a wired story [wired.com]. Thing is, I'd rather get my news from /. than Wired.

  • How are sales taxes the most regressive taxes?

  • Pent- I think I got it through because it was near the top (which any troller will tell you is key) and because I abused my +1 to get it to float to the top and get them to notice it better. You are right, the moderators are fickle, but they are also predictable. Trust me, it'll be back down reasonably soon. (-1, overrated.)
    ~luge
  • You're trying to be helpful? You call AC "new" and stupid, then you call me flameboy... OF ALL THE NERVE!!!

    You wanna throw? Let's throw! But try not to get delusional about your role in this flamewar.

  • He says to wired:
    "About 400 readers weighed in over the first 30 minutes. Then we got hit by a DDOS," wrote Slashdot founder Rob Malda in email to Wired News.

    How nice of Rob to tell wired, but ignore us.

  • "...it isn't that hard to look through the archives and find CT saying 'oops... our server died/crashed/whatever.' That kind of honesty and straightforwardness is what made /. a community first and a news site second."

    What the hell could we possibly say that would be so terribly interesting?

    Yes, Slashdot got hit by a denial of service attack. Yes, it's still having problems and has been up and down intermittently for various technical reasons. Yes, the network staff at Andover is working on it. Duh!

    The only interesting thing about the last few annoying days would be if we knew who launched the DoS attack. We don't (AFAIK). So there's nothing worth posting about it.

    Or do you really need want us to state the obvious?

    Jamie McCarthy

  • Amusement noted :)

    But on a more serious note, noting the actions of another is not "bad" per se, it is when you attach motive or extrapolate that things can go wrong, saying that Microsoft have released specifications under a weak security system and are now utilising a controvertial law to make up for the failing is one thing, declaring them to be stupid for having done it, or attributing malice to the actions they're taking via the law to attempt to recover from it is dubious.

    Somewhere in Microsoft, undoubtably, someone is feeling rather upset right now, because of their failure to consider or forsee the result of releasing the documentation in that particular format. While I consider the entire operation to be a mistake from the start, I do feel kinda sorry for that person, and the others involved. They had a job to do, they did their best and have been found wanting, a terribly unpleasant feeling I can assure you, and I have little doubt that most other people know just how unpleasant it is.

    I feel no desire to add, however indirectly or insignificantly, to that burden.
  • Apology accepted on behalf of myself, and I hope, others.

    Have a nice day :)

  • Actually, it was written for windows because windows was the platform they started reverse engineering it on.. due to the availability of licensed players. And as true hackers.. they aren't afraid to code in windows..
  • Or do you really want us to state the obvious?

    Actually, yes. As I posted elsewhere, a simple "yes, we got DDOS'd" would probably be sufficient. I think we are all accustomed to getting our news about /. from slashdot, and not from wired or news.com. If Taco has the time to do a wired interview, he should have the time to talk to us. Taco [slashdot.org] has [slashdot.org] done it before and that type of openness should continue to be the norm.
    ~luge
  • Well, a) it wasn't obvious - it could have been problems with the server or whatever. Wired thought it interesting enough to mention it in a story [wired.com], but if you hadn't read that you wouldn't have known.

    And b) Obviously the /. readership thought it interesting to discuss, otherwise we wouldn't be dicussing it in an unrelated story. Even a mention about what was happenning attached to another story would have been nice, rather than leaving us to get our news from wired.

  • > How are sales taxes the most regressive taxes?

    Poor people spend most of their income and save less. If you look at the ratio of their income to the money they spend on sales tax, you'll see that they are paying a larger ratio than those who save or invest.

    Income taxes, on the other hand, are generally designed to be progressive. The more you make, the higher percent you pay (unless it's a flat tax).

    Property taxes, by their very nature, or going to be larger for the rich, whose property tends to be more valuable (except in places like CA where Prop 13 applies, but that's a whole other story).
  • Before you go around thinking that Congress has become magically enlightened about tech issues and the Internet, here's some food for thought....

    You wanna know the real deal on why the tax moratorium is getting a push in Congress? Because the taxes that are not getting collected are LOCAL taxes (as in state and municipality taxes--those taxes that fund local education and infrastructure needs) and not FEDERAL taxes.

    As stated in the article the opponents of the bill are state legistlators and local merchants. Passing this bill DOES NOT AFFECT YOUR LOCAL CONGRESSPERSON politically and it makes them look "pro-business" and "pro-tech" at the same time. Notice that the Republicans are the majority in Congress, too.

  • > Passing this bill DOES NOT AFFECT YOUR LOCAL CONGRESSPERSON politically

    You mean Congressmen don't have to answer to the voters in their district? How do they get to Congress?
  • Give it some time. The M$ nasty letter was only received a few days ago, and after a flurry of press coverage its now a quiet weekend. Go see a new movie or something and give it a rest for a few days. More news will happen when people get back to work monday.

    We won't see any real news until one of three things happens

    M$ backs down and withdraws their copyright and trade secret claims. They will spin this action as a major victory for them, and quite possibly use it as more ammo requesting the DoJ forget the whole anti-trust action. Expect this to be the most logical outcome.

    M$ gets upset because /. hasn't complied with their childish demands, and files a formal lawsuit. When this happens, that's when the gloves come off and the andover/VA linux lawyers can get down and nasty. But expect very little factual information to be posted on /. on the advice of counsel, and lots more coverage in the mainstream press. The lawsuit will be taken up by the ACLU, the EFF, MIT, and many others. M$ will have a hard time, spend millions, and probably lose in the long run. Its doubtful an intelligent law firm would proceed given the forces arrayed against them, but bill gates ego and large bank account can get lawyers to do anything.

    The DoJ includes the anti-/. letter as another example of how M$ is truly unrepentant in their agressive stance, and ask for additional penalties. M$ then tries to let the whole thing blow over by being quiet about it, and leaves andover.net in the strange situation of ignoring a cease and desist letter, but with no follow-on legal action in which to defend themselves.

    Certainly the /. community can come up with many more scenarios like these.

    the AC

We can found no scientific discipline, nor a healthy profession on the technical mistakes of the Department of Defense and IBM. -- Edsger Dijkstra

Working...