Aerith's Theme from FFVII. To think that something so simple on a grand scale can lodge itself so deeply in the soul.

The whole point of this new method is that you can cauterize a wound without charring the flesh, instead just melting it. The optimal temperature for this is, apparently, 60-70 deg. C., and this is maintained using feedback from an infrared sensor on the "soldering pen". They apparently also use a water soluble protein as "solder". The scars on in the TFA pictures look real nice. Wonder if the wound will hurt more or less than a conventionally sealed wound?

You can hate and love something at the same time, for different reasons.

No, sorry. I am however quite certain that it is *much smaller* relative to the population (It's difficult to be homeless if you don't fit into one of the categories above), but saying that it is *nonexistent* would be an outright lie. Remember, Sweden has a large "problem" with our illegal immigrants, in that we deport women and children back to warzones, so they're forced to go underground and cut all ties with society, living on the mercy of underground humanitarian networks. Our immigration policy is a disaster that US leftists tend to be ignorant of.

I live in Sweden, and we have a non-insignificant population of homeless people in the major cities, mainly consisting of uneducated immigrants, druggies and runaway kids. A few "normal" citizens down on their luck too. You get an apartment from the social services if you are drug-free, but some people just can't quit, and i guess some people are too sane to be in an asylum but too insane to live on their own. Remember, illegal immigrants don't get those benefits, if they don't manage to find hostpital staff willing to look the other way.

Port john the ripper/aircrack-ng? Buy a few terabyte drives and start generating hash tables?

The thing with spyware is that it's included in legitimate apps, typically, and the user has to click through an EULA. Also, all software sold with the intended purpouse of large-scale crime have to be explicitly designed for the fraud in question (code for capturing credit card numbers and passwords from browser sessions/committing various forms of DDOS attacks for example.) The purpose of the software is obvious from it's construction (which conveniently also sets it apart from how commercial pen testing tools are constructed, which have no need for the above features, not to mention how they are marketed.) Relatively benign hacking software not explicitly designed for large-scale economic crime (phearbot, phatbot, poison ivy) would certainly slip under the pen-test or remote administration heading while actually being used in a very large amount of semi-skilled targeted attacks, but on the other hand these are not at all as dangerous given the assumption that the attacker simply acts as a passive consumer that cannot modify the tools he has bought (which is the load-bearing point of first post), and that the crimes we are looking to prevent are DDOS/data encryption extortion and large-scale credit card fraud.

I totally meant to type "malware", but my head is muddled from a sleepless night. Spyware is of course only a part of the problem.

You mean like the catch-all German "hacker program" law, that has had the entire security industry up in arms? The one where you could in theory get arrested for possessing a copy of NMap?
www.schneier.com/blog/archives/2007/08/new_german_hack.html

I honestly don't think you could pass of something this simple as a pen-test tool. You could probably pass it off as a pure remote administration utility. But this would require you to add lots of extraneous functionality that would seriously confuse the intended market, and you couldn't market it to them directly either (I guess this could work anyway if you could incite some really strange grassroots campaign.) On the upside, if the virus engines wouldn't recognize it, you wouldn't have to include signature-evading code (polymorphism, packing...).

But it's stuff like this we're really after: http://en.wikipedia.org/wiki/MPack_(software). People who code professional-grade malware generally do so to profit off of it. It's well known that in the existing ecosystem of digital crime the malicious hackers themselves rarely act as attackers in large-scale id/credit card theft; instead they sell it to people who do. Quoting this extremely enlightening interview: http://www.securityfocus.com/news/11476

"The project is not so profitable compared to other activities on the Internet. It's just a business. While it makes income, we will work on it, and while we are interested in it, it will live. Of course, some of our customers make huge profits. So in some ways, MPack could be looked at as a brand-name establishment project."

This particular piece of spyware is amateur stuff, aimed at paranoid spouses/bosses, but if we can hit the business of selling spyware (probably requiring the cooperation of the international banking system, as well as the governments of china and russia) it would totally cripple large-scale internet crime as we know it. It's a pipe dream, of course. But one can always dream.