NYT Reports Porn Spam Hijacking Network 497
twitter writes "This NYT story describes how thousands of PCs have been used as porn spambots and reverse proxy servers, and mentions that they could be used for kiddie porn. Finally, though Microsoft is not mentioned, people might start to understand what a monoculture of poor quality software enables."
Whew! (Score:5, Funny)
But is it worth giving up Linux? (Score:4, Funny)
Monoculture it is, but... (Score:5, Interesting)
I guess that's pretty authoritarian, and there are better ways to beat spam. Still... the elimination of the luser is a shining grail for us all, no? ;)
Re:Monoculture it is, but... (Score:2, Interesting)
However, putting users in tightly controlled segments of the internet (filtering inbound/outbound of most unnecessary garbage and attack vectors) by default would cut down on this problem greatly. The first to complain will be those with esoteric needs and "power users." Require them to read/pass some ba
Re:Monoculture it is, but... (Score:3, Insightful)
But they passed the driver's exam so it's safe for them to drive a car? Just because they have a basic class in it, doesn't make them safer.
What, you mean you've never seen Grandma swerving across the road?
Re:Monoculture it is, but... (Score:2)
Re:Monoculture it is, but... (Score:4, Insightful)
The general populace might never see the difference. Increasing site-operation costs (thereby eliminating small niche sites), government regulation of our activities on the Net, and other factors seem to be dooming us to a repeat of the ClearChannel experience. Maybe I should get out the tinfoil, but I don't see how the powers that be could possibly want us to have unrestricted access to such an empowering (hate that word) medium as the Internet.
Re:Monoculture it is, but... (Score:5, Insightful)
I agree with you: if 90% of the world were running UNIX instead of Windows, we'd still have heaps of insecure, obsolete old RedHat 6.2 boxen sitting around on the Net because users just do not take security seriously and it doesn't matter what the underlying OS is.
I've pointed out before that the rise in popularity of Linux will not make the Internet more secure; it will merely result in poorly-configured Windows boxes being replaced with equally poorly-configured Linux boxes.
There are significant differences... (Score:5, Interesting)
I cannot speak for later versions of Windows since I stopped using them, but I never saw a version of windows that does not force you to completely log off and back on to access privileged functions, encouraging people to run with privileges on all the time, because they cannot just enter the password for privileged activities. Su does not exist, nor does sudo.
Most other modern versions of OS's are significantly better (Lindows early versions were an exception). Just having su and sudo is much better.
OSX has no root enabled by default, and relies on sudo to limit elevated privileges to single operations.
GNU/Linux/XFree86 systems typically give warnings when the user logs in to the window manager as root, give a limited environment with a red background, etc., and on the other hand make it easy for the user to run without elevated privileges most of the time.
And the monoculture is also inherently less even if everyone were to use Linux, because the licensing allows significant derivitive / deviant branches.
Claiming that Linux would be no better if it were as successful as Windows ignores facts.
This is just the tip of the iceberg. I have been on an email team faced with the question, do we allow contents to auto-execute, which actually thought about the problem before blindly implementing it, unlike Microsoft.
Re:There are significant differences... (Score:4, Informative)
That may have gotten modded up as interesting, but it's just plain wrong. All modern versions of Windows have the "Run As..." command whereby you can start a process as if you were logged in as any other given user. This includes doing things like starting a Control Panel applet or CD Burning program as Administrator or running an installation program as a Power User.
To do this, just shift-right-click on the shortcut, or use "runas" on the command-line
Re:There are significant differences... (Score:4, Informative)
I clearly stated that I was not up on the latest windows versions. Another poster in the thread has said he was never able to get this sort of thing to work for him.
When OSX or Mandrake install, they provide GUI support for this sort of thing, and install configuration icons, etc. by default that way, so they can easily be accessed by non-privileged users via su or sudo. If Windows XP and Windows 2000 also have GUI support and discourage the user from running as root by default, then I stand corrected. But if it is too difficult for a novice to use in a default installation, then it hardly qualifies.
My neighbor tells me that when he installs XP, it makes them root by default, demonstrating that it is apparently not practical to do security right on that box. Relative novices, on the other hand, use Mandrake's non-privileged defaults easily, supplying the privileged password when performing a GUI management function.
A way to do it without a GUI is no way at all for most users, especially if XP is still commonly installed to log in the default user as root, unlike OSX and Mandrake.
Re:Monoculture it is, but... (Score:3, Insightful)
You're right. Homeowners shouldn't have to think about things like door locks. House builders need to get with the program and build houses that automatically detect people leaving, lock the doors themselves and close all the windows. And the home builders should make sure only authorized people can get in the homes they build, because after all the home owner shouldn't have to concern himself with all that technical security stuff!!
Excuse me? (Score:5, Insightful)
Umm, no they won't. First of all, very few people would notice the article in the first place. Second, people who did notice wouldn't know what to do to protect themselves (not supporting MS isn't an option for 90% of the computer users in the world). Third, was the comment necessary?
Re:Excuse me? (Score:2, Funny)
[ ] Clueless Newbie [ ] Lamer [ ] Flamer
[ ] Loser [ ] Spammer [ ] Troller
[ ] "Me too" er [ ] Pervert [ ] Geek
[ ] Freak [ ] Nerd [ ] Elvis
[ ] Racist [ ] Fed [ ] Freak
[ ] Fundamentalist [ ] Satanist [ ] Homeopath
[ ] Unbearably self-righteous person
I took exception to your recent:
[ ] Email [ ] Post to ____________________.
(newsgroup)
It was (check all that apply):
[ ] Lame [ ] Stupid [ ] Abusive
[ ] Clueless [ ] Idiotic [ ] Brain-da
Indeed (Score:5, Insightful)
(1) Those that recognize Microsoft's influence and approve of it.
(2) Those that recognize Microsoft's influence and disapprove of it.
(3) Those that are oblivious to Microsoft's influence and wouldn't care even if someone told them.
Groups 1 and 2 are not going to have very many people switching from one to the other. Group 3 is going to have even fewer people leaving it. So the whole "people might start to understand" bit is, quite simply, B.S. It reflects the submitter's membership in Group 2 more than anything else.
Re:Excuse me? I think he implies Linux... (Score:2)
In which case, the author feels a world of insecure Linux systems could be a kiddie-porn-peddlers dream. But then, that should be a nice problem for the Linux folks
Peace
Convenient Excuse (Score:2)
Re:Convenient Excuse (Score:4, Informative)
Interesting thing is, though, that it occurred in the UK, not the US. In the US, he would have been guilty because the child porn statutes are strict-liability offenses, meaning that possession of child porn, even if unintentional, is still a crime.
Yeah, it's a messed up law, but it's not the first one...
is it me, or is it crazy? (Score:4, Funny)
so um, not to Microsoft bash or anything, but what OS does this 'sploit attack then?
Re:is it me, or is it crazy? (Score:3, Insightful)
It'd be like sending your spam e-mails to just 5% of people - not very effective.
FUD (Score:5, Insightful)
"Some random guy says grillions of computers are infected with an undetectable virus and is going to distribute kiddie porn!!"
Please.
P.S. I'm not saying it's not possible, but for fuck's sake, get a few details before bothering to blather on about it for pages at a time.
Re:FUD (Score:5, Funny)
Is that some sort of new grilled onion sandwich at Burger King?
Re:FUD (Score:2)
Who needs proof when the old grey lady can just waggle her tongue and someone posts it to slashdot?
It seems that the percentage of slashdot articles referencing the NYT is definately increasing.
Re:FUD (Score:5, Interesting)
- It's pretty much all pornographic or for "enhancement" products.
- The content is very similar - it's clearly the same small set of spams run through a hack to "randomise" the sender and basic subject/content details.
- The originating IPs are *all* assigned to Windows boxes where I could sufficiently NMAP them.
- WHOIS records almost always point to home/SOHO networks; I only found one corporate IP block in around 100 IP lookups.
- There are no SMTP smarthosts being used - it's going direct from a Windows box to my SMTP gateways. Outlook *cannot* do this, so it's coming from malware with a dedicated SMTP engine.
- I've also been seeing a huge increase in the amount of macro viruses inbound - just a guess, but it's probably the bot trying to propogate itself.
Couple this with the 500Mb/s DDoS attack on SpamCop over the last few days and the picture is fairly clear. Someone is thumbing their nose at the US/EU attempts to legislate against spam and sending a message loud and clear. If the antispam community cannot find and nail the person or persons responsible for this, then the eventual legislation is going to have no effect what-so-ever.So. We have 500Mb/s+ of bandwidth being used in a DDoS, anyone's guess going on the actual spam, kids undoubtably seeing hardcore porn and computers being deliberately compromised and abused. Tell me again that spammers have a right to free speech and it's a victimless crime that doesn't cost anyone anything? They have a right to be force fed Hormel products until they explode like the Glutton in Seven if you ask me.
Re:FUD (Score:3, Insightful)
All email is:
- Sent directly (no relays)
- Usually from always-on internet accounts at cable/DSL companies.
- Either ads for Viagra, email virii, or strangely email with no payload
All the email has forged return addresses and the content (if and ad) is using HTML obfuscation.
The problem with this new technique is because the
Re:FUD (Score:3, Interesting)
I've examined some of the boxes (by either NMAP, SSH, or telneting into them) and there were a couple routers (Linksys or similar home routers) but many of the boxes are actually Linux.
This seems to suggest one of two things to me: Either Linux boxes are getting hacked, or the spammers are using (multiple?) DSL accounts and Linux to send out their spam (this seems
Re:FUD (Score:4, Funny)
http://www.lurhq.com/migmaf.html [lurhq.com]
Also search Google Groups for "onlycoredomains.com"
Another link (Score:5, Informative)
Total flamebait! (Score:3, Insightful)
Why do the Slash Editors(ha!) put this drivel up? We can bash Microsoft enough in the comments without the extra crap in the article itself.
Sorry, what was so wrong with the post? (Score:4, Interesting)
Flame on if you like, but it is quite common for these sorts of things to happen on Windows boxes, and not on Linux boxes, due precisely to the monoculture and the flawed default security model of Windows (actually a number of different flawed models in Windows OS and apps).
Perhaps you could clarify how the comment in this instance was not appropriate. The GNU/Linux default security model that my family run all their machines on does not run arbitrary software with elevated privileges as Microsoft does. It never has. And it is not such a monoculture, resulting in being less susceptible to attack.
These are attacks I have never had to worry about. A neighbor, who typically runs Linux with no breaches of security, tried putting up an IIS server just once to see how it compared, and it was owned by hackers within 15 minutes.
Sure there could be an increase in real security incidents some day with Linux, but not before there are far worse problems with existing Windows platforms (until there is much change to Windows).
Perhaps there just needs to be a windows-only section of Slashdot, so that Windows users can discuss these problems which are less relevant to the rest of us without feeling continuously picked on due to the technical problems with their choice of an OS.
distributed webserver (Score:2)
Just say Microsoft. (Score:2, Insightful)
What is it with the mass media not wanting to say that a given worm or trojan affects only systems running Microsoft Windows?
Re:Just say Microsoft. (Score:4, Insightful)
What is it with the mass media not wanting to say that a given worm or trojan affects only systems running Microsoft Windows?
In fact, the statement is wildly inaccurate. It doesn't affect VAX computers running VMS. It doesn't affect computers running AmigaOS. It doesn't affect IBM AS/400s running OS/400. It doesn't affect computers running OS/2. It doesn't affect computers running BeOS. It doesn't affect computers running MS-DOS.
I mean, it's patently ridiculous, quite honestly. None of those OSes are Apple Macintoshes nor are they UNIX variants. Actually, for that matter neither is Linux, technically. It's an original from the ground up POSIX-compliant OS (unless you believe SCO
Re:Just say Microsoft. (Score:3, Interesting)
Well, this [nowthis.com] explains the NYT article (they don't want to piss off Gates), and I suppose you could assume something similar for the other media outlets.
Erm... (Score:5, Insightful)
Shouldnt that read:
"... though Microsoft is not mentioned, we thought we might use this as an excuse to attack them anyway."
I mean I understand MS doesnt exactly have a large fanbase here but that is frankly ridiculous.
Re:Erm... (Score:5, Insightful)
Certainly it may only infect Win32, but that is by design. There have never been rootkits for Linux? Trojaned apps?
ha ha! (Score:3, Interesting)
Someone else has provide technical details [slashdot.org]. This is not run of the mill.
exploit a common hole in Windows, but to indicate that this is a symptom of Windows insecurity with insufficent evidence is unethical.
You can say that wihout laughing? I love you too!
reg free partner link (Score:3, Informative)
What's new about this? (Score:5, Insightful)
Someone (by someone, I mean companies that put out SMTP servers with a large share of the market) should strike while the iron is hot and take it a step further by airing some simple PSA's during a small assortment of shows. Maybe some must see TV "The More You Know" type thing...
Re:What's new about this? (Score:5, Funny)
[Fade in on dim interior of grimy trailer packed with disused computer equipment and swimsuit calendars. Greasy-looking SPAMMER puts down a half-eaten slice of cold pizza and starts dialing the phone.]
SPAMMER: Hello, is this Ms. Smith? I was wondering, would you mind if I used your computer to put some pirated pornography on the Web? [click, dial tone in background] Hello? Ms. Smith?
[Cut among views of SPAMMER on the phone, sleazy as ever.]
SPAMMER: Could I borrow your computer to send millions of spam emails? [click]
SPAMMER: ... just want to use it to run a quick scam -- [click]
SPAMMER: Uh, Mr. Jones, could I steal passwords -- [click]
SPAMMER: ... I want to crack into eBay and rip people off, could I use your computer for that? [click]
[SPAMMER looks sweatier and nervous, impatient and guilty.]
SPAMMER: [click] Hello? Hello?
[SPAMMER puts the phone down and starts typing, face illuminated by the screen.]
JAMES EARL JONES VOICEOVER: In the real world, spammers and Internet criminals don't ask your permission. They use viruses and insecure computers world-wide to steal from people. To find out what you can do to protect yourself and your family from crime on the Internet, log on to computer security dot gov.
[Fade out to black screen:]
http://computersecurity.gov/
Take a byte out of crime.
JAMES EARL JONES VOICEOVER: Brought to you by the FBI and the SANS Institute.
Recommended Daily Allowance (Score:5, Funny)
Oh, but we'll take care of that.
translation (Score:5, Funny)
Translation:
Great. (Score:3, Funny)
A little late (Score:5, Funny)
Microsoft not mentioned? (Score:2, Interesting)
Not to mention the obviousness of using such a widespread and vulnerable platform. I think this is what everyone's getting at.
And to think of how many NT4 machines are out there with a root RPC vulnerability that MS refuses to fix. If someone's ru
It's not a bug--It's a feature (Score:4, Funny)
Why don't they just say "Windows"?! (Score:2)
According to that statement, my Amiga and Commodore 64 might be affected. 1000 computers affected one the net? That seems like the right number of those computers left in the world. I guess I'll have to spent days and nights wondering if mine are affected.
"The rogue program ..." (Score:2)
Gosh, I wonder who it does affect? I mean, who's left?
Serious question: So why is the NY Times being so purposefully evasive?
Broadband providers are partially at fault (Score:5, Interesting)
What kills me is that it's in the ISP's best interests to encourage safe computer habits, and they don't really emphasize that.
Re:Broadband providers are partially at fault (Score:3, Interesting)
Personal Firewall products don't help idiots (Score:3, Informative)
Even other tech support people came to me everytime a port was scanned, or anything showed up on it. Then those tech support people recommended it to their callers, and the problem got worse.
Of course, 99.9999% of these scans/hits/etc were not attacks and were just routine net traffic. The personal firewalls just builds paranoia of something they don't understand.
These things really are problems (Score:5, Interesting)
Here's the thing though, with StarBand, they have an auto-imposed limit of around 500mb/week upload, and if you go over it, you are automagically shut off for a few days. The problem with this, and I have seen it happen, is that the Spam/Pornbots can infect a Starband Customers computer, and easilly make them go over their weekly 500mb upload limit. Thus causing them to lose their internet connection.
This poses a real problem, not only for the end user (The people I deal with are all in the far reaches of Northern Minnesota where Satellite Internet is the ONLY broadband option) but also for the ISP's. Its viruses/bots like this that make it even more necessary for legislation to fight spam.
The writers of the Bots would be the spammers, not the owners of the infected systems. Just because I borrow your car to deliver the paper, does that mean that in reality, you delivered the paper because it was YOUR car?
-I may not me amish, but I am a geek!-
Oh, he's not biased... *grin* (Score:2)
Mr Smith:
For the sake of my sanity, I respectfully request that you not label these 2-bit punks as "clever", as you are giving them far more credit than they deserve. The folks who deserve the clever label work in marketing for Microsoft, because while they regularly advertise a secure operating system (that seems
It's about time... (Score:2, Interesting)
Someone went to jail for running Microsoft Windows.
This isn't as far-fetched as you might think. For instance, the federal child-porn laws are strict-liability laws, which means that if someone is found in possession of child porn, they are guilty, regardless of how it got to their machine. So when these viruses start delivering child porn, some clueless windows user could literally get 5 to 10 years for running their machine without a firewall.
I say this is a good thing. When computer virus victi
Where do I sign up? (Score:5, Funny)
So you're saying all I have to do is install one of those screensavers shrouded in four web-site redirections and I can sit back and wait for some pirate in The Phillipines to jack all the 1337 w4r3z and pr0n for me?
Dude! This is better than PointCast **AND** Kazaa -- The stuff just shows up! It's like subscribing to the FBI files-you-shouldn't-have mailing list!
Spyware and viruses r0ck!
Technical details (Score:5, Informative)
http://www.lurhq.com/migmaf.html [lurhq.com]
Mirror: http://www.joestewart.org/migmaf.html [joestewart.org]
Terrible (Score:5, Funny)
They put all that porn on my computer, and I don't even get to see it?
Microsoft is mentioned...by ommision (Score:4, Interesting)
If you actually read the article, you read:
The rogue program does not affect the Apple Macintosh line of computers or computers running variants of the Unix operating system.
OK, so that leaves what? Windows, OS/2, and a few oddities. And the only likely one of those, the only possible one is Windows.
So, Windows is there, but the NYT went out of their way to *avoid* mentioning it.
Re:Microsoft is mentioned...by ommision (Score:3, Interesting)
I wrote the article. I didn't go out of my way to avoid mentioning it. I didn't scream it, either. I simply wrote that the other systems are not affected.
I have written specifically about the problems of the software monoculture in many, many stories, and thought that I laid it out in this one as well. If I didn't hit MSFT with a ball-peen hammer, no, and obviously many slashdotters expect to see that at every possible opportunity.
Sorry that I'm not the advocate that you want me to be,
Wow! (Score:5, Insightful)
So instead of their normal scare-mongering by involving terrorism in any way possible, they are now suddenly switching into scaring everyone by mentioning kiddie porn instead? Wow, such diversity! Next thing you know NYT actually becomes a good source of news with facts and interesting content without a "we will spam your ass off" scheme! Maybe right after DNF is released...
Average users can help control SPAM (Score:5, Informative)
As a system administrator this worries me. Typically we use blocklists for netblocks that are known to be sources of spam. But when a random internet host is compromised and used as a mail relay, this slips past our blocklists (for a while).
The moral of the story is that computer security and spam fighting go together. Though average users don't get the point, it is every internet user's responsibility to keep their host secure both for their own good, and to be a good neighbour.
The real blame... (Score:3, Funny)
I blame K & R for writing such a fundamentially broken language in the first place.
So what does this mean? (Score:3, Insightful)
Items like this seem to be happening more and more frequently (spyware, viruses, etc) and I am wondering what the impact will be on the legalities involved. I mean, in the old days, I controlled EVERYTHING that came into and out of my PC -- now, that has changed and there may well be things hiding on my PC that I am not aware of. I do my best to administrate properly but I don't know everything and I am certain that Joe Sixpack knows even less than me about his machines.
Food for thought...
Slashdot as an extortion tool? (Score:3, Funny)
\begin{sinister Slavic voice}
You must pay one gazillion dollars to my PayPal account immediately, or I will post a link to your site on Slashdot.
\end{sinister Slavic voice}
P.S. I happen to be a hacker from the former Soviet Union.
It's not always the end user who is at fault.... (Score:4, Informative)
Well I didn't appreciate that responce so I changed hosts I tried icestorm [icestorm.com] and I tried globalhost [globalhost.com] it would be fine for awhile then it would start again - the more traffic I got the more of a pain in the ass it became to explain to people that I was sorry for something I wasn't doing.
In the end I just stopped caring, unless I ever get a fast enough connection at home to host the site myself it looks like this is somethign that will just happen. And as an end-user I have no control over the security of the website since it is my hosting companies responsibility to lock there shit down. And everyone I've tried seems to have the same responce "well its easy to fake where email comes from, sorry your shit out of luck in having people confuse you with ass holes"
Re:It's not always the end user who is at fault... (Score:5, Informative)
<script language="JavaScript">
function writeAddress(name, domain, msg) {
document.write('<a href="mailto:' + name + '@' + domain + '">');
document.write(msg);
document.writeln('</a>');
}
</script>
Blah blah blah
<script language="JavaScript">
writeAddress('mymail', 'nospam.com', 'E-mail me!');
</script>
Now you've produced a document which displays links to e-mail addresses, without specifying any easily-harvested e-mail addresses in the source of the document.
So I'm curious (Score:3, Insightful)
What I want to know is what can we do about it aside from choosing another site to get our news from? How can we get our issues to the people they need to. Does CmdrTaco really care if there was MS Flaming in the summary? No, he probably likes it, because guess what, it means more comments. Which in turn means more eyeballs on the ads, which in turn means more money from advertisers.
The quality of this site has been going to hell lately, and everybody bitches and moans about it in the comments, but guess what, NOTHING gets done about it. How can we change that?
The Sun at my old work was used as a pr0n FTP (Score:3)
I really wanted to implement some sort of firewall at my work, MS proxy server. Most of our executive and administrative staff was on windows, but our developers were all mac people, and they resisted hard..
One paticular dev was a mac/sun junkie. He went around like a drone (well, I was a MS drone so I guess it's like the pot calling the kettle black) telling everyone that my MS proxy plan was evil and how it would interfere with product development. Eventually he got my plan to implement MS proxy shot down, so there we were on a nice fat n juicy T1 line with absolutely no firewall or protection of any kind.
What goes around, comes around.
We started getting calls and e-mails complaining about us sending out pr0n spam. Turned out someone had been using the open relay on this dev's sparc II to send out his e-mail. Worse yet this hacker had somehow managed to root the box and in addition to using it as a spam relay, he had used it as a FTP site for his porn. The root account was renamed, and our entire directory structure had been copied to a subfolder under
Everything was fixed by dropping into single user mode and fixing the real
The executive team realized that the dev team would never let me implement anything. So they hired another admin with more of a unix background and he put in those little red fireboxes at each of our locations. After that we never had a problem again.
Re:Flamebait (Score:2)
Flamebait? These guys don't write the articles, they just relay on the links and such so people that like to read about all sorts of things can have a nice central place to find all these types of articles.
You know the old adage, if you are not part of the solution, then you are part of the problem. How about submitting whatever you think is worth reading as an article or stop whining about what is reported.
If you don't like an article, don't read it and surely don't waste your time putting in a wo
Re:Flamebait (Score:2, Insightful)
Why not blame the rain on Microsoft, even though the weather report didn't mention them? They probably use MS to generate their forcasts.
Re:Flamebait (Score:2)
Well, then submit a comment via e-mail to NYT because THEY wrote the article not the person supplying the article.
I mean, come on, I think it's good to see all information and stories that are written have to say about anything computer related.
Whether or not you agree with the article is entirely up to you, but should have NO reflection on the person submitting the article.
Re:Flamebait (Score:3, Informative)
Nope, the NOAA is smarter than that, they use Linux [fcw.com]
Re:Flamebait (Score:3, Insightful)
Re:Heh (Score:4, Informative)
Whatever. That won't happen anytime soon.
Just as an example, we brought a remote user's laptop into the shop the other day to update it and found over 250 infected files. Even though we provide the option everytime he logs in to update the virus identites, they hadn't been updated in over a year.
To many people, a computer is like a screwdriver. They could care less about it, they just want to pick it up, make it work, and toss it aside when they are done with it. It's unfortunate, yes, but that's just the way it is.
Re:Heh (Score:5, Insightful)
Why is this unfortunate? Do you want to know every nuance of the car you drive, just to get to work? How about when you watch TV? Do you really need to know about NTSC vs PAL? No, you want to watch TV.
Computers should be no different. People just want to send grandma some pictures, surf the web, type a paper, whatever... Not spend forever updating their AV package, SP updates, etc.
A computer is a tool. It is merely a means to an end.
Re:Heh (Score:2)
Re:Heh (Score:5, Funny)
Re:Heh (Score:5, Insightful)
I agree with the general line of your reasoning, but please observe that the examples you mention do not necessarily support your own thesis. First: if you don't know NOTHING about "NTSC vs PAL", you might quite soon end up with an unpleasant surprise buying video tapes abroad. Say, you might be an American on a trip to Amsterdam, taking advantage on their, uh-huh, liberal law regarding the pr0n. Ditto for European in Tokio.
With the car, it's even worse. You can't drive a car without valid license. The authorities consider untrained drivers too much of a threat for the public (and the drivers themselves). And it becomes more and more obvious that the Internet is also a very dangerous place for untrained computer users. You can damage yourself (sometimes just opening an email attachment) and cause damage to the others. You are absolutely right saying:
People just want to send grandma some pictures, surf the web, type a paper, whatever... Not spend forever updating their AV package, SP updates, etc.
Re:Heh (Score:3, Insightful)
Does the average American have to worry about NTSC v PAL when they go Blockbuster? No. I have to worry about when I want to order the DVD of last year's World Rally Championship season, but I'm buying it from a bloke in England....
Good point about the driver's license. But doing things safely on your computer is more akin to manufacturers making the cars safer rather than the driver knowing their car better. I may know how to service my brakes, but if the design is poor
Re:Heh (Score:5, Interesting)
It isn't elitist to say that computers are fairly unique and complex devices. Just because everyone uses one now, improperly for the most part, doesn't mean they should or even can magically becomes television sets with six buttons on the front.
Good point...but...then they shouldn't be sold as such. If you're going to market your computer/operating system as "easy enough for grandma to use" then it better be easy enough for grandma to use.
Products will have a development cycle that gradually make them more and more user friendly. Remember programming with punchcards? Remember the days before UIs? Computers are very much like cars and toasters and VCRs. All you're showing is an elitist attitude. You are obviously a smart person (and I don't say that sarcastically), and you enjoy having a complex machine to work with. Great. But you make up about 5% of the demographic that most software and hardware companies are designing their products for.
There is a place for complex software...there's also a place for simple software that works as advertised. There _will_ be a computer with six buttons on the front sooner rather than later, because that's what the general population wants. Not everyone is a hacker, and like I said, most companies in the industry aren't getting their profits from hackers like you (or me).
By your logic, a VCR should be just as simple to use a shampoo bottle, and thus, so should computers.
Perhaps a bit of overstatement there, eh? I don't expect my shampoo bottle to safely connect to the internet and send email. But if I purchase an operating system that claims it does that, it should do it. I don't need to understand the engineering behind the top of shampoo bottle to open it. Nor do I need a degree in electrical engineering to play a VHS tape. So why should I have to be hacker to safely send and receive emails?
Re:Heh (Score:5, Insightful)
Computers, on the other hand, are designed to be in partial to full control of nearly anything. In their desktop and laptop form, they are extremely generalized, and a skilled person can do all manner of tasks on it, up to and including writing their own operating system for it.
The problem, in my opinion, is the marketing not the computer. It is fully possible, and indeed there are examples, to make computers specifically designed to do non-generalized tasks, such as the one you provided at the end, reading and responding to email. It is the responsibility of manufacturers to make and support devices that do this, instead of selling all-in-one-wonder desktops that can do everything from receiving television signals to crunching gigabtyes of data in some rendering farm in Simi Valley, California.
I completely agree with your viewpoint there. Where I do not agree is that the desktop concept should be reduced in complexity to become a lesser all-in-one, just for the sake of easy of use. That is what specific intention devices should be manufactured for. There is a legitimate need for multi-purpose machines that goes beyond just satiating types like ourselves that like to tinker.
Oh, and by the way, I know people who do expect their raspberry mango shampoo bottles to connect to the Internet, people want it everywhere. :)
In summery, I don't think things are as bad as you make it sound. Yes, they are more expensive, but if all you want to do is email and a little word processing now and then, an Apple works just fine, and is enough out of the way or the mainstream to where you do not need to be hyper-paranoid about security. When you use something that is by far the most popular, and hated, operating system, in an interconnected semi-anonymous world, you have to expect a little overhead in keeping things secure. If hypothetical person A does not want to put up with that, there are alternatives that work quite nicely, even in the realm of specialized devices. I saw a little black box with a keyboard that hooks up to Earthlink that allows you to do email, and that is it. Bravo.
Once the problem with getting good alternatives to the generalized super-machine is overcome, then you really only have the newness of the tech to get over. Computers are a vast thing. Even the most hardcore geek could not claim to have significant knowledge in more than a few branches (or meta-branches,) and there are thousands of branches -- all weaved in such a way to create potentially millions of pseudo-branches through combination. The fact that we have gotten computers to the point that we have, where a vendor like Apple and even some PC vendors, can send out a machine and have a complete novice checking email a few hours later, is pretty impressive (and I am not even going to try and fix that run-on sentence, I get tired just looking at it.)
Anyway, sorry about the glib response earlier, I just get tired of the car and VCR analogies, because a turn signal stick does one thing, it operates a blinking light -- whereas a computer has to have the hypothetical turn signal programmed, and the same physical material that allows the turn signal software to work can be wiped clean and turned into a SETI number cruncher by somebody else. A powerful ability that implies the potential for powerful mistakes. :)
Cars and Computers (Score:4, Insightful)
There is a lot of maintenance work that requires driver attention and knowledge.
It is much the same with a computer. You may not have to know the internals of fixing it, but you should know enough to recognize that it needs servicing, and know who to take it to when those symptoms appear.
Re:Heh (Score:4, Funny)
Tell her "Look, lady, I'm sorry if you feel neglected, but I'm sending out as much of it as I can. I'll send you a couple extra tonight when I get home, but after that, I can't make any promises." Then apologize for having misspelled "barnyard" in the subject line.
Re:Heh (Score:3, Insightful)
hell, even I know that stuff.
computers should be like as cars, your right. you need to know basic maintinence and care and know that if you don't, it's gonna get messed up real quick. if the oil light comes on, stop the car immediately. know that you shouldn't pour sugar in your gas tank or drive into trees. know basic stuff. don't ever open, reply to or send spam- just delete it. update your virus software
Re:Heh (Score:3, Insightful)
Re:Heh (Score:3, Insightful)
I think, ideally, I would block the saving of any file on the hard drive unless it has certain extensions (.doc,
Our local public library has the following blocks in place with Fortres Grand:
Re:Heh (Score:3, Insightful)
Re:Heh (Score:5, Funny)
Computer Usage vs Driving to Work (Score:3, Informative)
I want to drive my car to work, you're right. I shouldn't need to know every single component and how it works. I don't need to know the tire pressure. I don't need to understand what the gas guage is for or what the speedometer indicates. I ignore the little blinking red lights, too.
Oh - wait - no, I don
Re:Heh (Score:5, Insightful)
"The rogue program does not affect the Apple Macintosh line of computers or computers running variants of the Unix operating system."
Let's see, it doesn't affect Mac's or *nixes, what else is there? Why didn't they just say that it affected Windows systems only? The average person probably wouldn't put that together. It reminds me of that scene from the new austin powers movie when Dr. evil indirectly tells mini-me to go by telling everybody to get out, but then telling everybody but mini-me they can stay.
Really, I've never seen this before. Usually you report which systems were affected rather than the systems that weren't. What reason, other than ignorance, would the reporter have not to mention windows?
Re:Heh (Score:3, Funny)
"The rogue program does not affect the beleaguered Apple Macintosh line of computers or computers running variants of the evil hacker Unix operating system."
Re:Heh (Score:3, Insightful)
Not just the luzers, it's the ISPs. (Score:4, Informative)
Fair enough.
But the real problem from the spam point of view is the negligence of consumer broadband ISPs.
Dialup pools block outbound port 25. Why can't attbi.com, comcast.com, and rr.com get their acts together too?
At present, 12.0.0.0/8, 66.0.0.0/8 (fuggit, I'm lazy!) and 24.0.0.0/8 produce nothing but spam, and I block 'em wholesale.
You wanna run an MTA? Fine - smarthost. The 90% of Windoze luzers with SoBig.* and 9% of 0wn3d Linux boxen don't belong on the 'net, and IMO the ISPs where these boxen reside are criminally negligent in not blocking outbound port 25 traffic to anything other than the ISP's outbound mail server.
Re:Not just the luzers, it's the ISPs. (Score:3, Informative)
Re:Cause no other OS (Score:2, Insightful)
You hit the nail on the head. I stopped using Windows because I felt like I was not responsible for what I did on my computer. I feel like Windows is constantly changing things, and automagically configuring things for me, without asking. I dont want to install things and have them break other things. That means you're doing something I dont want you to do. I hate that. I hate tha
Re:NYT registration site stories should be filtere (Score:2)
but then again, if you bitch about registration that much i bet you steal your neighbors paper too... so they wont know where you live.
Re:NYT registration site stories should be ... (Score:2)
--
Says the Registered Slashdot user (Score:2)
Or register, which you're obviously not entirely opposed to.
Re:Obligatory no reg text (Score:5, Insightful)
There is no reason to break copyright law and repost this article. This is an example of irresponsible internet behavior at its worst - there is no justification for such action - this is not 'fair use'--it's just lazyness.
Unfair expectation (Score:4, Interesting)
Hardly a fair question, and I'll use your car safety requirement example to demonstrate.
Back before there were seatbelt laws, many cars simply did not have them. So once those laws were put into place, would it be fair to expect older cars to pass the seatbelt test?
Now if this minimum security law you suggest were to become a reality, it would be Microsoft's responsibility to make sure that future operating systems pass the security test. But you cannot hold them to a standard that does not currently exist.