Slashback: Texasocial, Networking, Attacks 134
Why meet people in real life? Roland Piquepaille writes "I wrote [Saturday] a column about social-network mapping tools mentioned by Slashdot. Slashdot readers sent me many comments and e-mails about other visualization tools. Here are these new tools, in no particular order: email constellations, Apache Agora, NetVis Module, EtherApe, inGridX, NameBase's Proximity Search, Surf3D Pro and the dazzling KartOO. Finally, a reader talked about another kind of tools, the Visual Thesaurus. This web tool is not about social mapping, but it shows graphical connections between words. In this previous column, "The Visual Thesaurus: What Does it Show About Thanksgiving?," I already explored this very funny tool. Check this new story for more the details about all these tools."
Update: 03/19 00:34 GMT by T : Directly related: Josh Tyler writes "Related to a recent Slashdot posting on social networks is this paper on automatically discovering communities based on email data, just published by our group at HP Labs. We find that simple communication data is enough to identify communities, both formal and informal, and possibly even to identify the leaders of these groups."
Speaking of online community ... TGK writes "Audioscrobbler (which many of us visited the first time it was posted here) has a new site up, and most importantly, new plugins for XMMS and Winamp 3."
From the site, a capsule description of what Audioscrobbler does: "It grows to know what music you like by monitoring what songs you play on your computer. From this information you can discover other users that share some or all of your taste in music."
Feedback is always cool. An anonymous reader writes: "Sudhakar Govindavajhala, co-author of the paper referenced by the Saturday Slashdot article 'Using Memory Errors to Attack a Virtual Machine,' has responded to many of your [Slashdot readers'] questions and comments. His commentary is located at his Princeton CS website."
Another reason that Social Security isn't. GregAllen writes "Remember the recent case of SSN data theft at The University of Texas? A student has turned himself in. In his confession he says that he acted alone, and had no intention to disseminate the information. Maybe this will convince them to stop using SSNs for student IDs." Bonker also points out that "Salon is carrying an AP article that's a followup to the story a few days ago about the mass of Social Security Numbers stolen from University of Texas. Christopher Andrew Phillips is described as a 'fine young man who has never before been in trouble with the law'. Apparently he wrote a program 'to access a university Web site that tracks employees who attend training classes'. Whether or not this was done for illegitimate purposes remains to be seen. As a former UTA student, I'm glad my SSN is no longer in danger!"
What's the state of the device? An anonymous reader writes "N-Philes.com did another State of the GBA Industry Article and Roundtable. Here is the Industry Article, and here is the Roundtable"
Update: 03/19 00:34 GMT by T : And one more presroi writes "Just one week after even slashdot has noticed the new 2.2.24 linux kernel, Alan Cox has announced a new version due to a security issue found in 2.2 as well as in the 2.4 branch. I hope that we all were to lazy to upgrade from 2.2.X to .24 until now :)"
Re:huh? (Score:1)
Re:huh? (Score:2, Informative)
It is just a number of tidbits about a number of stories that have already been posted before, kind of like an update.
SeekForth
Re:huh? (Score:1, Funny)
You mean they finally found an excuse to post dupes?
Re:huh? (Score:4, Funny)
I like to think of it more as a multiple double post.
no intention of crime = not guilty? (Score:5, Funny)
something about a guy who stole money / robbed a store JUST so that he would go to jail to be away from his wife. The judge decided that since he was not stealing with the intention of theft, he was not guilty and don't get to goto jail. (in the other words, be still under the whips and chains of his wife - which might be a fitting punishment?)
Could have just been a joke that I took for real, though...
Re:How about this (Score:5, Funny)
They later found him, took the money back, and did not arrest him. Of course, in that case, he was given the money. I think he should have sued the cops for stealing it from him
This was a local news item. I doubt it's a hoax.
Re:How about this (Score:3, Funny)
He didnt want to wait in the long line, so he left and took his note to the bank across the street.
When he got to the teller, she noticed he was obviously mentally challenged. So he hands her the note written on the deposit slip, and she says "I cant do anything with this, this slip is from another bank".
The frustrated robber leaves, and is arrested a few minutes later standing in line a
Re:How about this (Score:3, Funny)
Re:How about this (Score:3, Interesting)
Re:How about this (Score:2)
Re:How about this (Score:2)
Confusing intent and profit (Score:2)
A good example of lack of intent may be running into a hardware store and running out with a fire extinguisher because a car in the parking lot is on fire.
What law was broken? (Score:3, Insightful)
Suppose someone from the school administration had memorized everyone's SSN and sat in the student union and would answer questions of the form, "do you know who has xxx-xx-xxxx as their SSN?" If students (or others) asked questions of this form and eventually learned a list of SSNs, would this be a crime? And
Re:What law was broken? (Score:1)
Well, by going past the cover page, you would have illegally bypassed the access device, and thus be in violation of the DMCA...
there is a crime (Score:4, Interesting)
Asportation is what they get the smart a$$es in stores who ACT like they are stealing somthing then put it down elsewhere..
asportation
n. removal, especially crime of removing property.
Re:there is a crime (Score:3, Interesting)
If you pick up something and walk out of the store carrying it in plain sight and claim it was an accident/oversight, they can't (won't?) charge you with shoplifting since you didn't attempt to conceal it. Apparently the skullduggery is necessary.
I'm probably wrong, but I've done this before -- picked up something, got to talking or browsing, forgot I was holding something and walk
haha (Score:1)
slashdot, news for criminals, techniques that work.
Heck; with all of us adamently defending these kids, when will the feds get the bright idea that slashdot is in fact "news for terroists, stuff that'll get you shot"?
Re:there is a crime (Score:2)
We are all making some huge assumptions based on little to no REAL evidence
BTW I used to be a county sheriff's deputy, in a galaxy far far away...
Re:there is a crime (Score:1)
plain sight theft (Score:1)
ok fine about the SSN issue. (Score:5, Informative)
I went to BGSU [bgsu.edu] and we had P00 numbers as our student ID (P001123344 for example). While I remember mine from BGSU the college I currently work for has "student IDs" as well but they are not as widely known (most of the foreign students w/o SSNs know theirs but not many others).
So if colleges didn't use them MANY people would have problems getting the info they needed b/c searching through 10000 Michael John Smith's is a pain in the ass.
Was Mr. Hankey a fellow student? (Score:4, Funny)
That system must really stink!
Learn your PIN then (Score:5, Insightful)
For those that can't... put it in your damn wallet on a card or something, because with the SIN they're probably referencing their card anyhow.
Re:Learn your PIN then (Score:3, Insightful)
But then, their student number is on their student ID card. A physical ID+unique integer is a godsend.
Re:Learn your PIN then (Score:2)
Financial aid still needs SSNs and they are going to be generally stored in the same god damn database as the other information, what the fuck is the difference?
Re:Learn your PIN then (Score:3, Insightful)
A lot the fuck is the difference. For example, how are you going to identify foreign/remote students or visiting professors? Your social security number should not be used as an identifier, and smart universities have already implemented some other system. In fact, IIRC, you are not even obliged to give your SSN out.
Re:Learn your PIN then (Score:3, Interesting)
You're close. 7 (plus or minus 2) is widely believed to be the number of "chunks" we can hold in short-term memory at one time. Because we usually learn this type of (otherwise meaningless) data by mentally rehearsing it, it's harder to learn a longer number (because it's harder to rehearse - you'd have to be looking at the number and rehearsing it, instead o
Re:Learn your PIN then (Score:2)
B. When I first started, they used SSNs. THEN they switched to some other number the next year.
C. I don't really care. SSN's are fine with me. I think everyone should have their own unique number to pull up everything from taxes to bank accounts to power bills, etc. I think there needs to be some sort of secondary ID associated with the number though (like palm or thumbprints, ala Identix scanners). Together, they form a, while not flawless, security/id me
Re:Learn your PIN then (Score:3, Insightful)
Now, every institution could give me a unique ID number. They do anyway. That's okay as long as my relationship with the institution is limited and specific, like with a retailer. But a school is a much more extended relationship, with a lot more bureaucracy -- I need
Re:Learn your PIN then (Score:1)
When their money is at risk, they spend whatever it takes (how much does a longer password cost, really?)
When our money is at risk, tough. 4 digits is all you get.
(I did once have a Merrill Lynch Visa card that could be used in ATMs to withdraw cash. It had a six digi
Re:ok fine about the SSN issue. (Score:2)
Re:ok fine about the SSN issue. (Score:1)
Re:ok fine about the SSN issue. (Score:2)
At Arizona State, they had some students with Social-Security ID numbers, some with 9-figure "bogus" ID numbers (99x-xx-xxxx). At some point, someone must have thrown a fit about using the Social Security number as an ID number. The logical solution was to give people a 99x number if they didn't have it. The solution they chose was to give *everyone* a new number (I think about 10 figures-- 10000xxxxx) For a bonus humiliation point, they call them 'Affiliate ID', like some sort of MLM-spam p
Re:ok fine about the SSN issue. (Score:3, Informative)
All UCLA students, faculty, and staff are issued photo ID cards with the number and their name printed on it. Remembering it isn't a big
Re:ok fine about the SSN issue. (Score:1)
I fear no longer after having mine was changed to a 5 digit number!!!
Re:ok fine about the SSN issue. (Score:1)
My College, which will remain nameless, uses SSN as the students' ID-Number, BUT they will let you change it to a number of your choosing if you ask (so long as it is not being used and it is =9 digits). I fear no longer after having mine changed to a 5 digit number!!!
slashdot degrees-of-separation (Score:4, Interesting)
Re:slashdot degrees-of-separation (Score:2)
Re:slashdot degrees-of-separation (Score:4, Funny)
Re:slashdot degrees-of-separation (Score:1)
Re:slashdot degrees-of-separation (Score:2)
Re:slashdot degrees-of-separation (Score:2)
-
Re:slashdot degrees-of-separation (Score:2)
scrobbler privacy (Score:1, Insightful)
what steps are being taken to protect the data and users privacy ? hypothetically if a large company offers say a million dollars to use the data how protected are the users who contribute or are they for sale to the highest bidder ?
or is it a case of when they hand over the cash the project leaders will be rich so who cares
WHAT privacy? (Score:3, Interesting)
What privacy?
The whole POINT of the service is to tell other users who listen to similar music who you are.
So execs don't even need to buy the info in a special transaction. Just subscribe a pseudo-user who "listens to the songs" they're interested in, and BINGO! The service gives 'em a contact list.
Re:WHAT privacy? (Score:1)
You could force people to register and view a EULA, but even still, you wouldn't be able to tell if a company stole your database for there own use.
I don't really care personally. =o
If it helps them produce better music, so be it. If it doesn't.. well. I don't buy it.
Slashbacks vs Dupes (Score:1, Offtopic)
With that out of the way, I may as well have a valid, on-topic comment. For the SSN thief, wouldn't it just be easier for a malicious student to install a keylogger? I'm sure that someone would think of doing that in alm
Not sure I'd use Audioscrobbler, but cool idea (Score:1)
Audioscrobbler (Score:5, Informative)
See Developer Mailing List [serverbiz.net]
Sourceforge projects:
Main [sourceforge.net]
XMMS Plugin [sourceforge.net]
Winamp Plugin [sourceforge.net]
iTunes Plugin [sourceforge.net]
Hmmmn on balance I should probably tell RJ to consolidate the projects into one and use modules... Ah well
Re:Audioscrobbler (Score:3, Informative)
Why SSN? (Score:3, Insightful)
Re:Why SSN? (Score:2, Interesting)
Sure, it's easy enough to correllate a student id to a SSN, but some dont.
The university I went to had our SIN (canadian version of the SSN) mixed in with other 'info', like the semester and year you started, to form a new number. It was possible to take your number and extract the SSN, but much harder to brute force student ID's and get the SSN back.
Re:Why SSN? (Score:3, Informative)
That's a side-issue (which could be done as easily by storing the SSN in a database attached to the student's record - and not until the first time it's needed).
The real reason IT departments try to use SSNs: It's a very close approximation to a "unique identifier" - i.e. (with few exceptions) everybody has exactly one and no two people have the same one. So it heads off some problems when one per
Alternative: use network userIDs (Score:3, Interesting)
This userID also appears on the college food/rent bill, so I assume they're just using these usernames as the u
Think Again (Score:5, Informative)
"As a former UTA student, I'm glad my SSN is no longer in danger!"
Depends on how long ago you attended. Most universities keep your record on file indefinitely right along with active students indefinitely. I have a friend who works in the student services division of my university. She tells me that she routinely has to perform maintenance on records of people who graduated 10 or more years ago. You may want to call your uni and tell them to remove you if they haven't done so already.
Re:Think Again (Score:1)
Re:Think Again (Score:2, Informative)
Re:Think Again (Score:1)
I think that was why he was implying his SSN was no longer in danger, not because of the time since he graduated. If he thought that his record had been removed, he wouldn't care.
Re:Think Again (Score:3, Interesting)
Makes me wonder if t
Re:Think Again (Score:1)
Re:Think Again (Score:2)
I could understand the military still having records on my father, but a community college?!?!?! thats just silly...
yeah buddy. (Score:2)
Re:Think Again (Score:2)
-jag
SSN security at my old school (Score:2, Insightful)
Re:SSN security at my old school (Score:1)
I was able to gain access without much work (and I suspect I could still do so). In fact, I have a file on my computer right now (encrypted of course) containing the names and SSNs of every faculty member of the entire district as of when I left. This includes janitors, teachers, principals, district administrators - anyone with an account on their system.
Oh my god, where are your professional ethics?
Audioscrubber... very cool (Score:1)
Finally a way to find more music I like w/o haveing to download gigs of crap. (Yes, of *course* I own all the CDs for the music I download, you ignorant clod)
XPde? (Score:1)
Re:XPde? (Score:1, Informative)
I'm guessing user error. I've been trying to get a message to them (if they read their logs) by sending GETs for:
http://xpde.com/your-server-is-fucked
http :
http:// xpde.com/or-perms-on/var/www/htdocs
http://xpde.c om/did-you-just-convert-to-php3?bad-i dea-to-rush-through-QA
http://xpde.com/really-i'd -be-happy-to-help-fix-th is
http://xpde.com/low-contract-rates-available
Re:XPde? (Score:1, Informative)
Audioscrobbler & Privacy (Score:2, Interesting)
Re:Audioscrobbler & Privacy (Score:1)
I would imagine he has no policy. It's a student project for a class he takes at university.
As with anything.. If you're worried, don't do it. But seeing as how no personal data is collected except songs you listen to: Who really gives a shit? He offers a service, which I think is damned cool. If he makes a couple bucks off knowing that I like to listen to Metallica after my Melodic Trance, I'm happy for him.
Re:Audioscrobbler & Privacy (Score:2, Informative)
What music I like (Score:2)
"mood-based" playlists that generate themselves. Why not?
Re:What music I like (Score:1)
Social Network mapping (Score:1)
"Ultimate Internet Seduction Guide".
Seriously, if it studies our social networks, it could be really useful to people who have trouble forming networks... Study what it says about your own networks, and see where you are weak.
telephone-enrollment-exchange dept.? (Score:1)
Welcome to TEX, the telephone enrollment exchange at the University of Texas at Austin. TEX is currently scheduling classes for the...Fall...19...92 semester...
Other schools almost as bad (Score:1)
BTW, Unix accounts were mandatory for a good number of classes.
=Blue(23)
Re:Other schools almost as bad (Score:1)
And the moral of the story is... (Score:2, Funny)
no longer in danger????? (Score:1)
Your SSN has been spread around every information source on that campus and will linger forever in some form or another. My SSN is also my student ID at my school (TAMU), and I'm 100% seriously planning to get a new SSN after I'm done with grad school. AFAIK, that's the only way to have a completely clean slate in terms of people not knowing your SSN.
Didn't hack anything (Score:2)
About the UT Hack (Score:2, Informative)
Clarification about UT and SSNs (Score:2, Insightful)
Gotta Love Texas (Score:2)
What a relief!
UT website on incident (Score:1)
Finding similar music.. (Score:1)
I've been doing something similar to this via the online blogging communities at LiveJournal [livejournal.com]
LiveJournal, like a lot of these online diarie thingys, has a field where you can enter the music you're currently listening to when you make new entries.
My system takes your username and grabs the most recent 50 tracks you've entered and trys to compare these tunes with the music that other people have entered - if you get a match then it will display some random tracks from that matching users most recent entrie
Re:c5Nzgx+UEISkY5ukoUpkI8f8QmuQ9iK (Score:1)
It's base-64 encoded, but when I decode the message body the only readable part is:
Science and Human Rights Program <shrp@aaas.org>
There is nothing meaningful in the title, but perhaps it's a foreign character set or a binary that just happens to have a string embedded in it.
Re:Sudhakar corrections (Score:1)
--Sudhakar