homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam

The Geek Culture Forums


Post New Topic  New Poll  Post A Reply
my profile | directory login | | search | faq | forum home
  next oldest topic   next newest topic
» The Geek Culture Forums   » News, Reviews, Views!   » Your News!   » Thread Risk Warning: "Beta Testers Wanted" (Page 2)

 - UBBFriend: Email this page to someone!  
This topic comprises 2 pages: 1  2 
 
Author Topic: Thread Risk Warning: "Beta Testers Wanted"
drunkennewfiemidget
BlabberMouth, a Blabber Odyssey
Member # 2814

Member Rated:
4
Icon 1 posted December 02, 2004 05:56      Profile for drunkennewfiemidget     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by magefile:
HPUX? At least it's mostly portable. I mean, how many people actually use HPUX?

14
Posts: 4897 | From: Cambridge, ON, Canada | Registered: Jun 2004  |  IP: Logged
Black Widow
Uber Geek
Member # 3046

Icon 1 posted December 02, 2004 19:17      Profile for Black Widow     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by Ti:
I have posted details, or see my NEW privacy statement:
here

I love how we have to go to his website to see the privacy statement, thus making ourselves vulnerable to his cookies and tracking devices all over again.

Sneaky lil' ba****d.

Posts: 931 | From: Missouri | Registered: Oct 2004  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted December 02, 2004 20:27      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by Black Widow:
quote:
Originally posted by Ti:
I have posted details, or see my NEW privacy statement:
here

I love how we have to go to his website to see the privacy statement, thus making ourselves vulnerable to his cookies and tracking devices all over again.

Sneaky lil' ba****d.

Page contents for the cautious:
quote:

Privacy Statement
Only the following information is recorded when a user visits a logichigh site, or views a "Spook":

* IP Address - Your computers unique ID on the internet.
* Browser Information - What browser, and what operating system you are running
* Time and date that you loaded the graphic
* Whether you've been to the page before (Unless Cookies have been turned off)

I will not use any information I obtain through this website for commercial purposes, or share it with third parties. Please understand that although spook information is not shared between users, and abuse is discourged, this page is not monitored and I accept no responsibility for the actions of the users on this page. Please use it at your own risk.

If you would like to remove any logs that you have left on this system, or would like to block further logging, please |opt out|[LINK!].

Thank You,

Kevin Lohman

Opt out page;
quote:


Option Out
Although the information collected from this site is not personal, we value your privacy and provide methods to remove any existing logs and also prevent further data from being collected.

Remove existing hits to site
Your IP: [!Um, not here!]
|Erase hit logs| {clicked}

Don't Log Cookie
Cookie: Not Present
By allowing us to put a cookie, or marker on your computer we can prevent further logs from being stored. You can check the value of the cookie once it is stored, it will be stored for the logichigh.com domain and will have the value optout=TRUE. If you have cookies blocked you will need to turn them off in order to accept this cookie. You currently do not have the cookie.
|Get opt out cookie|[Button!]



--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
quantumfluff
BlabberMouth, a Blabber Odyssey
Member # 450

Member Rated:
5
Icon 1 posted December 02, 2004 20:29      Profile for quantumfluff     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by spungo:
In the UK, if one attempted to make use of server logs - e.g., to sell to a third party, you would be in breach of the Data Protection Act. I expect there's similar legislation everywhere. Anyone who's fond of mining server logs had better have a good justification if they get found out. [Smile]

AFAIK, The United States doesn't have such clear cut laws. This is just one of the many reasons more and more countries are considering us a rogue state.

But, that is moot. I go under the presumption that legitimate businesses will generally obey legislation, while the ones you should watch out for will happily disregard any and all laws. Thus, I assume there is no privacy on the internet. With a nice anonymizer, you might protect yourself from someone like Ti, but it ain't going to help against a government with supeona power.

Let's look at this from a risk managment point of view. By posting an image from a web server I can read, I can eventually figure out the primary IP address for a lot of you. Then, if I really wanted, I could probably figure out what towns you live in, or what companies you post from. ...Yawn... This is only of interest if I'm a stalker. It's not commercially useful unless I can do it en-masse, and without any human analysis. I have posted picture in these forums on web servers I own. Yes, I could look at my server logs and maybe figure out some things about a few of you, but it's just not interesting.

Now, if I can install a web tracker, and can associate you with all the web pages you visit, I can sell that to someone. I may not know who you are, but it doesn't matter, because we know what you like. This is why there is so much spyware. Again, this isn't my bag, which is one of the reasons I don't make nearly as much money as I'm worth.

Either way, the only real risk is from a psycho nut-case. This is a danger of hanging out with people who you can't look in the eye. IRL they are easier to stay away from. To give Ti the benefit of the doubt, I would say he's mostly just proud of his work and didn't have the common sense to explain what he was doing in a non-combustive way.

Still, if any of you are creeped out by him, you can easily find where *HE* lives by doing a
whois [email protected]
from your unix command line.

Posts: 2902 | From: 5 to 15 meters above sea level | Registered: Jun 2000  |  IP: Logged
Ti
Assimilated
Member # 941

Member Rated:
5
Icon 1 posted December 02, 2004 21:42      Profile for Ti   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by Ti:
Kevin Lohman
1230 West Mountain AVE
Fort Collins, CO 80521
[/QB]

Thank you for understanding Quantumfluff.

Additionally, my apologies for not posting the privacy statement here (bumblehead) but the above post have it correct.

The primary point of the IP logging on the site is for an en-masse information sort of thing. I've added graphing functions and later versions will have the ability to implement with the ARIN database and give a rough idea of what states visit you the most, and possibly a little automatic tack map.

*RANT*
The reason I posted my home address above (and earlier, see quote) is because I have a personal war against fear, and paranoia.

There is a line between reasonably protecting yourself, and going stupid nuts putting up ineffective barriers and securities. All day long you are sending your information to EVERYONE you visit, and the people that you need to be afraid of AREN'T the people who come right up and tell you.

There are 2 ways to protect yourself:

1. Browse using a combination of an anonymizer (A website that gets data from other websites for you) and a browser that doesn't load graphics (like lynx). Read your e-mail without graphics, an e-mail program like PINE. Don't use instant message clients and stay away from any program that hasn't been around for 5 years. Install a snitch program that blocks all outside port connections and bombards you with "Do you wish to allow this?" pop ups. Ultimately you won't be able to take advantage of 50% of the web as most pages require cookies, JavaScript, etc; and the parts that you do get will be boring and vanilla.

2. Use an ISP you trust. Make sure that they won’t give out your information based off an IP address to anyone but the authorities.

I have always preferred the second route, I'm not a hacker, I don't have secret documents on my computer and I'm not really that afraid that people get my home address or phone number (story could change if I have children etc). But the second route provides the easiest, and least restrictive (not to mention most effective) way of protecting myself from real life stalkers.

Please, as intelligent members of this community we have a responsibility to set a good example for people who may not have the inclination nor the background to understand the entire situation that they are in. FEAR and PARANOIA spread quickly, and they spread even faster if a person respects your intellect or your opinion.

*/RANT*

Thanks for listening.

Kevin Lohman

--------------------
Check out my webpage/blog/review stash
www.logichigh.com

Posts: 377 | From: Sunnyvale, CA | Registered: Oct 2001  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted December 02, 2004 22:47      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Ti,
I just want to say for the record that I have no wish to spread FUD. It's also late here, and I should probably be sleeping instead of posting now, but c'est la vie. The reason I said what I did, when I did, is because of the ways you've presented your interests in these matters in the past. You sort of trouble me, when it comes to matters of following data like all the information cited above, as I just don't know what you're brewing up. The difference between you and random advertiser 105 is that you can put 2 & 2 together from this site, as qf stated. That's the kind of thing I don't wish to see happening around here, and why I sounded the siren. I'm fully aware of what can be done on the Internet with tracking, and frankly, if you want to be paranoid, Google has got to be the biggest thing you could ever fear, great as it is. But, *again,* Google mostly utilizes algorithms, not people who can really link stuff up (let's generalize that for now, k?). I think qf said it best in this: "I would say he's mostly just proud of his work and didn't have the common sense to explain what he was doing in a non-combustive way." I'll agree on that - what I don't appreciate is being pulled into something without my say -- such as your experiment. Of course it *can* be done, but with respect, it can be done with permission. When I put stuff up here, I pay no significant attention to my server logs (just routine maintenance here and there, but I could not care less about who's looking at what, when, and from where [Churchill can turn in his grave right now - too tired to write that nicely]).

Anyway, I've been hacking away at Perl all evening, and it's about time for me to sleep - thanks again for your improved stand on things, and I'm sorry if I went at it a bit much. [Smile]

P.S. Now, if you *really* want scary, read the "Follow the Bouncing Malware" series in the ISC Handler Diaries - that could keep you awake at night.

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
quantumfluff
BlabberMouth, a Blabber Odyssey
Member # 450

Member Rated:
5
Icon 1 posted December 03, 2004 07:47      Profile for quantumfluff     Send New Private Message       Edit/Delete Post   Reply With Quote 
A little off topic, but I actually accidentally built and deployed some extreme spyware a few years ago. The product was designed to allow you to publish and subscribe to annotations (i.e. PostIt notes) on web pages. There were a bunch of really interesting (to us) uses for this. The problem was that the way it worked was that an IE plugin would send every URL you visited back to our servers asking for a note. Then comes the scary history.

We deployed to a few dozen "focus-group" testers. I started seeing things in the server logs like "file:\\\C\My Documents\Wilson Contract.doc". Opps, damm. Let's prevent it from sending those.

Next I started seeing "https://www.foobar.com/card=amex&number=5555444433333".
Oh shit. I just sent this guys credit card number over the net in clear text!. So we changed the client side to prevent looking at those as well.

Then I would watch the server logs, and I would see streams of data rolling by which would identify people by email address and porn sites they visited. OK, that's bad. I rewrote the back end systems so that only anonymous user IDs could ever appear in the operations side and no browsing history could ever appear on the customer service side.

The moral of the story is that you actually have to go out of your way to design in privacy safeguards. Also, that it's really easy to write spyware.

Posts: 2902 | From: 5 to 15 meters above sea level | Registered: Jun 2000  |  IP: Logged
greycat

Member # 945

Member Rated:
5
Icon 1 posted December 06, 2004 05:18      Profile for greycat   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
No, I don't know of any sources for used machines capable of running HP-UX. Or rather, to be slightly more honest, we're hoarding them ourselves, a couple or a dozen B180Ls at a time, and wouldn't want anyone else to snatch them up. (And what's with this new-fangled HP-UX 11 you're running? It's all 10.20 here.... [Beard of Peter Gabriel!] )

I'm not the one who's ordering them; one of my coworkers has that joyous responsibility. So I don't actually know where he gets them. But I do know that the first batch he ordered were from a Canadian seller whom he had located by searching on eBay. They had 512 MB of RAM apiece (we actually had to remove some of it, because if there's too much RAM in the machine, one of our applications gets cranky). The next set came from a different seller somewhere in the US. The latest set, from another US seller, which hasn't arrived yet, is supposed to be RAMless, so we'll get to use some of the excess RAM we removed from the first batch.

Posts: 1522 | From: Ohio, USA | Registered: Oct 2001  |  IP: Logged
magefile
Highlie
Member # 2918

Member Rated:
5
Icon 1 posted December 06, 2004 07:46      Profile for magefile     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:

The moral of the story is that you actually have to go out of your way to design in privacy safeguards. Also, that it's really easy to write spyware.

Moral #2 from my story: people don't care. I do home IT support on the side (as I'd guess most of us here do, for "fun" (i.e., family) or profit). Some of the stuff I see ... reminds me of the time I ran a proxy for my local LUG, and some idiots decided it was anonymous. Even after I told 'em I checked the logs to make sure the load wasn't too high and it wasn't being abused.
Posts: 743 | From: Massachusetts | Registered: Aug 2004  |  IP: Logged


All times are Eastern Time
This topic comprises 2 pages: 1  2 
 
Post New Topic  New Poll  Post A Reply Close Topic    Move Topic    Delete Topic next oldest topic   next newest topic
 - Printer-friendly view of this topic
Hop To:

Contact Us | Geek Culture Home Page

© 2015 Geek Culture

Powered by Infopop Corporation
UBB.classicTM 6.4.0



homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam