I think Stallman just shot himself in the foot by even revealing that much. Unless a lot of people do the same thing, it's very easy to conclude that it was Richard Stallman who sent that WGET request, granted a few variables. The difficult part is perhaps tracking it back to its actual source, but I don't think Stallman is that hard to find. All this is of course extremely chilling. I'm sure a profile could be built up around WGET requests, and then employing some "likelihood machine" on it, to make educated guesses as to how likely it is that the WGET request was actually from Richard Stallman. I think we've just stumbled upon a new and "fun" Where's Wally game here!
I actually did exactly that a while ago. Where I worked, we didn't have internet access but we had email access, so as a workaround, I made an email server on my home machine that fetched web pages for me. A coworker took it even further and made a proxy server that automated the process so you could actually browse the web, although very slowly. Just to say that Stallman is not the only one with this idea.
It was in the early 2000, and smartphones weren't a thing. It also was a time where companies were paranoid into letting employees access the internet, but at the same time had abysmal security. By that I mean viruses ran free on shared folders, undetected because their antivirus software was years outdated. Very different times...
In the early 2000's I was working as an analyst for a VFX studio, and I had a meeting with the CFO first thing in the morning. At some point we needed to look at something on his computer, and he responds "we'll have to wait about 15 more minutes." "Why?" I ask, and he shows me every day when he turns his computer on the browser starts producing "pop under windows" at a rate of about 10 pr second, and that lasts for about 40 minutes. Shocked, I debate with him for a bit and he says they've tried every antivirus. I shake my head. When they stop popping windows he has a program that mass closes all of them and then he goes to work, using that same computer - and for studio finances. Blew my mind.
I'm pretty sure there was something, within the last year or so, on HN front page which used [exploit/protocol/hack] to browse wikipedia over [SMS/tweet/etc.], or similar
> Guthabenaufladung mind. 5 € alle 6 Monate zur Verlängerung des Aktivitätszeitfensters.
So it costs at least 83 cents per month. Still might be worth it compared to the insane mobile data charges here if you can get a usable bandwidth. I suspect in practice they will just ban you if you abuse it like that.
I recall one time in 2015 or 2016 when I had only a very weak 2G signal, but wanted to check a couple of pages (at least one of which was several hundred kilobytes). Connections always timed out in browsers, but I got it working by SSHing into my VPS, downloading the page with curl, then copying that down with scp. My recollection is that the file size would increase by 32KB every 15–30 seconds. Fun times!
Mosh works over 2.7 KBPS capped data plans. I connected to a tilde and just use lynx/links/edbrowse for light www/irc/jabber and gopher. It runs much faster than being connected natively to the inet.
I can read everything and even answer in fora with Edbrowse.
> It also was a time where companies were paranoid into letting employees access the internet, but at the same time had abysmal security
In the early 2000s I was working at an insurance company. They used some kind of blocker in their outgoing firewall that prevented access to certain sites. At one point the blocklist included sourceforge, which threw my team's work a wrench because at the time a lot of the packages we depended on were hosted there. It took a few days to get that removed from the blocklist.
This same insurance company shut down for multiple days when a virus, I think it was ILOVEYOU, infested their email system so bad that nobody could work, and everyone (except the poor IT folks) got a long weekend. And then a while later, it happened again, but with a different virus, possibly Nimda. The company was very bad about updating its systems, and even in 2003 most users were stuck on Win95.
> It also was a time where companies were paranoid into letting employees access the internet, but at the same time had abysmal security.
I recall we had a crappy firewall that would collapse under the load of NAT for the 100ish employees and so executives got static IPs mapped to their machines. The late 90s and 00s were crazy.
Same at my University in the mid-90s. I was the CS department network admin and we had an entire /24 to use as we liked.
At least it taught me how to detect attempted hacks early because every machine had to be monitored for attacks.
I just looked and they still have a /16 (65k public addresses). This is for a school that has maybe 15k students, not all of them living on the campus. And I’m sure most of the computing takes place in the cloud now anyway.
I know there are a lot of places who were on the Net early besides the military that have excess address capacity.
I did the reverse and had an ssh connect to my home machine and ran an IPv4 tunnel back through it so that I could browse the entire corporate internet from my home network, creating a full VPN essentially. Make me about 10 times as productive as going through the dial-up we had to use while we were oncall.
Stallman shot himself in the foot by having a text only blog that was easily searchable when it came time for the wolves to cancel him. A crappy proprietary blog or thousands of hours of ranting via Youtube videos ironically would have slowed down the haters and maybe even cause them to miss things with which to cancel him with. Its hilarious in an ironic way. Bonus points if the cancelers were running GNU software. :D
And how does that invalidate his technical expertise?
More importantly, was he charged and convicted with anything?
I am getting really tired of this public opinion tribunal, where mere accusation is enough to get a person out of their position. This is not how this is supposed to work at all.
No you don't get it. He was a "creep" aka should be cancelled wholesale on everything /s
The only questionable thing he did was try to rationalise pedophilia, which he has since changed his mind about. Given that he's clearly _not all there in the head_ (i.e neurodiverse) and assuming he hasn't tried to access child pornography or similar I couldn't care less. All of the other accusations against him are nonsense[0] and all center around unsubstantiated rumors of him being a "creep." People being anti-Stallman is insane to me considering how much he has contributed and advocates for not only free software but also gender equality.
That's right, the guy who sits down, takes off his socks and eats his toenails/toe skin in the middle of a Q&A[0] shouldn't be held to some ambiguous standard of how to navigate society.
It's exactly this eggshell stepping that people are expected to adhere to that has people treating him the way they are.
Actually, he was "cancelled" by people lying about him supporting Epstein and saying child rape is good, neither of which were even close to being uttered.
The disingenuous nature of this all is why he's back in his foundations again.
Try to do that to a site with CF bot protection cranked up... Not happening without a custom build/custom ssl proxy that mimics the SSL fingerprint of Chrome.
Are we losing the point, here?
“Does not browse”
When interacting with webmail- also does not browse directly, preferring CLI scripts to act as intermediary.
Does wget execute .js or .css or execute anything it reads beyond a URL redirect?
Is wget a huge attack surface like a browser?
I'm sure too! But there are some very important differences with Stallman's use and "my" use. Personally I use WGET all the time to get specific stuff, mainly downloads of binaries say for some UX system I'm setting up. I'm fairly certain that this is the most common use of WGET, so all that can easily be filtered out. This leaves Stallman's use case, and a few other secretive users, whom I'm sure can also be divided into separate categories, that can then be used to further identify each user's uniqueness. I'm not saying that it's easy, but I'm saying that he's got a higher chance of getting "caught" simply by revealing his rather unique use case.
