Domain: pastebin.ca
Stories and comments across the archive that link to pastebin.ca.
Comments · 22
-
ChakraCore Contributor License Agreement ..
* I have sole ownership of intellectual property rights to my Submissions and I am not making Submissions in the course of work for my employer.
* I am making Submissions in the course of work for my employer (or my employer has intellectual property rights in my Submissions by contract or applicable law). I have permission from my employer to make Submissions and enter into this Agreement on behalf of my employer.
Copyright License. You grant Microsoft, and those who receive the Submission directly or indirectly from Microsoft, a perpetual, worldwide, non-exclusive, royalty-free, irrevocable license in the Submission to reproduce, prepare derivative works of, publicly display, publicly perform, and distribute the Submission and such derivative works, and to sublicense any or all of the foregoing rights to third parties.
Patent License. You grant Microsoft, and those who receive the Submissiondirectly or indirectly from Microsoft, a perpetual, worldwide, non-exclusive, royalty-free, irrevocable license under Your patent claims that are necessarily infringed by the Submission or the combination of the Submission with the Project to which it was Submitted to make, have made, use, offer to sell, sell and import or otherwise dispose of the Submission alone or with the Project ..
Notice to Microsoft. You agree to notify Microsoft in writing of any facts or circumstances of which You later become aware that would make Your representations in this Agreement inaccurate in any respect. ref
ChakraCore Contributor License Agreement (CLA) -
Slahdot broken?
Sorry tor being offtopic, but did slashdot kind of break for anyone else? I got this as quote at the bottom of the page.
-
Re:This is only temporary
Hosts file workaround instructions:
-
Re:What's going to be their new TLD?
Full Hosts file workaround instructions:
-
Re:There's not much point to addressing Anonymousholy fuck.. do you not click the link the the chat room where it's all being planned?
http://pastehtml.com/view/1b3tqp1.html
and here's a link to the timer RIGHT HERE!!!
this is very much an anon/4chan operation called operation payback due to airplex's DDOS on the pirate bay
and point to note they are still trying to take down airplex again>>>> FOCUS ON 122.181.180.181 (AIPLEX) (TCP port 80, 3-4 threads - No 'Wait for Reply') (TCP MESSAGE "payback is a bitch")
>>>> CURRENT STATUS [UP!] http://downforeveryoneorjustme.com/aiplex.com >>> USE LOIC [SAFE] http://http//sourceforge.net/projects/loic/ >>> Linuxers use SLOWLORIS, it's super effective! In fact its more effective then javaloic. >>> MACS USE JAVALOIC >>> Timer see http://www.tinyurl.com/riaatimer >>> AIPLEX WILL GO UP AND DOWN, IT AUTO REBOOTS >>> NEWFAGS PLEASE SEE RULES AT http://pastebin.ca/1943830
-
Re:Maybe...
Amazon has an automated feature that tags any book as "adult" if a certain number of people complain about it (using the "report this as inappropriate" button.)
A hacker, apparently as revenge for some delisting on Craigslist for which he blamed gay people, scraped Amazon for books whose metadata tagged them as GBLT, and then mass-reported them as "adult" to get them removed from search rankings. (The details are here: http://pastebin.ca/1390576.)
So it was both a glitch *and* a hack: that is, the glitch was that a hacker could take advantage of an automated feature in this way. The reply sent to Mark Probst -- that Amazon excludes adult material from searches -- was perfectly accurate, and simply sent to him at a time when Amazon had not yet realized that this hack was taking place. -
Re:I don't think "hack" is the right word
This seems like a hack to me, assuming it's true of course.
Oh hey Owen Thomas! How you doin?
Hay dude. Amazon removed its customer-based reporting of adult books yesterday. I guess my game is up! Here's a nice piece I like to call "how to cause moral outrage from the entire Internet in ten lines of code".
I really hate reputation systems based on user input. This started a while back on Craigslist, when I was trying to score chicks to do heroin with. My listings like "looking to get tarred and pleasured" and "Searching for a heroine to do the paronym of this sentence's lexical subject" kept getting flagged. The audacity of the San Francisco gay community disgusted me. They would flag my ads down but searching craigslist for "pnp" or "tina" reveals tons of hairy dudes searching for other hairy dudes to do meth with. So I decided to get them back, and cause a few hundred thousand queers some outrage.
I'm logged into Amazon at the time and see it has a "report as inappropriate" feature at the bottom of a page. I do a quick test on a few sets of gay books. I see that I can get them removed from search rankings with an insignificant number of votes.
I do this for a while, but never really get off my ass to scale it until recently.
So I script some quick bash.
#!/bin/bash
let count = 1
while true; do
links -dump 'http://www.amazon.com/s/qid=0/?ie=ASCII&rs=1000&keywords=Gay_and_Lesbian&rh=n%3A!1000%2Ci%3Astripbooks%2Ck%3AHomosexuality&page='`echo $count`|grep \/dp\/ >> /tmp/amazon
((count++))
doneThere's some quick code to grab all the Gay and Lesbian metadata-tagged books on amazon. Then I pull out all the IDs of the given books from those URLs:
cat
/tmp/amazon |sed s/.*dp\\/// |sed s/\\/ref.*//and I have a neat little list of the internal product ID of every fag book on Amazon.
Now from here it was a matter of getting a lot of people to vote for the books. The thing about the adult reporting function of Amazon was that it was vulnerable to something called "Cross-site request forgery'. This means if I referred someone to the URL of the successful complaint, it would register as a complaint if they were logged in. So now it is a numbers game.
I know some people who run some extremely high traffic (Alexa top 1000) websites. I show them my idea, and we all agree that it is pretty funny. They put an invisible iframe in their websites to refer people to the complaint URLs which caused huge numbers of visitors to report gay and lesbian items as inappropriate without their knowledge.
I also hired third worlders to register accounts for me en masse. If you ever need a service like that, you can find them in a post like this advertising in the comments:
http://ha.ckers.org/blog/20070427/solving-captchas-for-cash/Then they would log into the accounts, save the cookies in a cookie file and send it to me.
Then I used the cookie files like so to automated-report all the books:
for i in `cat
/tmp/amazon |sed s/.*dp\\/// |sed s/\\/ref.*//`; do lynx -cookie_file=/home/avex/cookie1 http://www.amazon.com/ri/product-listing/`echo $i`/;doneThe combination of these two actions resulted in a mass delisting of queer books being delisted from the rankings at Amazon.
I guess my game is up, but 300+ hits on google news for amazon gay and outrage across the blogosphere ain't so bad.
The only person to figure it out was dely from Six Apart:
http://tehdely.livejournal.com/88823.html
but he has been ground zero at my work, cleaning up my messes before.
So just letting you know the chain of events. if you choose to report on this, please don't disclose my identity/email address. Thanks!
-
Amazon was framed?
According to this, the mass downrating of purportedly-gay-themed books at Amazon was engineered from the outside.
Ideas on how to verify this?
-
Re:Idle?
Heeeey dude. First grab Stylish for Firefox. It's an extension that overrides the CSS of the page: https://addons.mozilla.org/firefox/addon/2108
Then try some Slashdot overrides: http://userstyles.org/styles/search/slashdot
I used one of these and tweaked it a bit to fit my taste. Here it is:
http://pastebin.com/f1b780512 (backup link: http://pastebin.ca/1286782 )All I can see here is classic Slashdot
;) -
Lua
Here's a working (although somewhat messy) implementation in Lua. I could probably optimise performance and/or LoC, but that's another exercise.
:)
It accepts an optional size parameter (defaults to 8), prints out the running time, and the solution if it's <= 16x16.
http://pastebin.ca/1272049Running times on Ubuntu Feisty 32-bit on a P4 2.8:
8x8 = 0.000s, or thereabouts...
100x100 = 0.400s
200x200 = 1.740s
300x300 = 3.950s
400x400 = 7.040s
500x500 = 10.080s
600x600 = 15.240s
700x700 = 20.180s
800x800 = 33.670s
900x900 = 42.580s
1000x1000 = 53.480s
10000x10000 = ...still going :) -
review copy
The leaked 360 version isn't retail, but is a review copy. The interwebs have given a lot of flack to SEED4ME about their releases.
-
Re:I got this much
Found this while google screwing. Someone got it!
1.
Reliable DNS Forgery in 2008: Kaminskyâ(TM)s Discovery
2.
from Matasano Chargen by ecopeland
3.
0.
4.5.
The cat is out of the bag. Yes, Halvar Flake figured out the flaw Dan Kaminsky will announce at Black Hat.
6.
1.
7.8.
Pretend for the moment that you know only the basic function of DNS â" that it translates WWW.VICTIM.COM into 1.2.3.4. The code that does this is called a resolver. Each time the resolver contacts the DNS to translate names to addresses, it creates a packet called a query. The exchange of packets is called a transaction. Since the number of packets flying about on the internet requires scientific notation to express, you can imagine there has to be some way of not mixing them up.
9.10.
Bob goes to to a deli, to get a sandwich. Bob walks up to the counter, takes a pointy ticket from a round red dispenser. The ticket has a number on it. This will be Bobâ(TM)s unique identifier for his sandwich acquisition transaction. Note that the number will probably be used twice â" once when he is called to the counter to place his order and again when heâ(TM)s called back to get his sandwich. If youâ(TM)re wondering, Bob likes ham on rye with no onions.
11.12.
If youâ(TM)ve got this, you have the concept of transaction IDs, which are numbers assigned to keep different transactions in order. Conveniently, the first sixteen bits of a DNS packet is just such a unique identifier. Itâ(TM)s called a query id (QID). And with the efficiency of the deli, the QID is used for multiple transactions.
13.
2.
14.15.
Until very recently, there were two basic classes of DNS vulnerabilities. One of them involves mucking about with the QID in DNS packets and the other requires you to know the Deep Magic.
16.17.
First, QIDs.
18.19.
Bobâ(TM)s a resolver and Alice is a content DNS server. Bob asks Alice for the address of WWW.VICTIM.COM. The answer is 1.2.3.4. Mallory would like the answer to be 6.6.6.0.
20.21.
It is a (now not) secret shame of mine that for a great deal of my career, creating and sending packets was, to me, Deep Magic. Then it became part of my job, and I learned that it is surprisingly trivial. So put aside the idea that forging IP packets is the hard part of poisoning DNS. If Iâ(TM)m Mallory and Iâ(TM)m attacking Bob, how can he distinguish my packets from Aliceâ(TM)s? Because I canâ(TM)t see the QID in his request, and the QID in my response wonâ(TM)t match. The QID is the only thing protecting the DNS from Mallory (me).
22.23.
QID attacks began in the olden days, when BIND simply incremented the QID with every query response. If you can remember 1995, hereâ(TM)s a workable DNS attack. Think fast: 9372 + 1. Did you get 9372, or even miss and get 9373? You win, Alice loses. M -
Re:I assumed a kind of simplified tape backup systTime Machine looks like a simplified interface to something like Netbackup or (more likely) Miranda to me. It's a handy thing to have natively but I was less than happy about how it works out of the box: in short it claims to take weekly full backups plus incremental changes every ten minutes.
Time Machine keeps:
- Hourly backups for the past 24 hours
- Daily backups for the past month
- Weekly backups until your backup disk is full
When the disk is full, it deletes the least recent backup(s) as necessary to complete the most recent backup. You may optionally receive a warning when this is about to occur.
The weekly full backups are taken until the disk is full (Apple's words). I can see that a lot of people are going to get caught out by this: on my Mac Mini the full backup came to 44Gb, which on an empty 300Gb external drive (which seems to be about the most common size sold in Maplin and PCWorld these days) will come to five or six weeks of full backups.Because OS X now supports directory hardlinks, it is possible to keep full backups while only taking the disk space for new changes. I plugged in my TM disk after about a week last night, and it backed up 1.8 G of stuff. A few minutes later, it backed up 52kb of stuff. A few minutes after that, 15 megs of stuff. Each of these directories looks, when you browse it in the FS, as though it takes up the entirety of the space required for a full backup, but in actuality, it only takes up the space required for an incremental backup. I pastebinned an example of this last night. the 'sparsebundle' file is a disk image containing the directories indicated. Note that despite having three backups of 9.1G, one of 1.8G, and one in-progress of 5.3G, the total size of the disk image is a whopping 12G.
Thus, we can see that backing up your 44G mini will take 44G initially, and then each additional backup will only take the space that a delta would require - if you change 200M of files, your next backup takes an additional 200M from the drive, not an additional 44G.
There's no indication of what it does then: does it overwrite the oldest backup? Are you prompted to delete the oldest backup? Does it suggest you go and buy another drive? In an enterprise environment decisions would have to be made about what was kept and for what duration: you wouldn't keep everything indefinitely.As mentioned above, it deletes the eldest, optionally prompting you.
I'm going to have to see if it's possible to write some usable rules this weekend: off the top of my head, keep music and video and photos and the like backed up regularly and maybe only back the OS and applications up periodically, in the case of the OS particularly before the 10.5.1 update as I have bad feelings about it. I think there might well be some wailing and screaming from people who have just switched it on in a few weeks time when their external drive is full...I don't see that situation happening for months, possibly years depending on their usage patterns, and the people who enable it and have it backing up their 5G torrents left and right will soon learn to add ~/Torrents to their exclude list.
BTW, worthy tip for anyone who's looking to enable Time Machine - exclude ~/Library/Caches. Seriously, it's gigs of crap for nothing, and it can all be regenerated when needed. I hardly need TM to back up my Safari browser history.
-
Re:Are they TRYING to shoot themselves in the foot
>But it's NEW man! NEW!!! YOU MUST SUPPORT THE NEW!!!
In other words...
http://counter-strike.de/modules/screenorama/showb ender.php?id=181
(translat at http://pastebin.ca/653400 ) -
Re:my seemingly eternal question:
There is no threading in Safari.. Sorry.
What do you make of this? -
Re:Lets just hope that
Wait, you mean like this code... to prevent Firefox from being able to suppress the script that will override its context menu. Trust me, this works even if you have that little checkbox marked. The only way to stop this is to disable javascript (noscript plugin) (at least as far as I know, I haven't tested this in a long time).
BTW: This code features the ability to disable itself so I'm not one of those idiots that tries to protect content with it... Its actually useful the way I use it... In my opinion...
Eh, its a long script, so I'll pastebin it...
http://pastebin.ca/499577
Don't hate me for my bad coding/documentation technique... its years old... -
Re:cpu frequency problems
Yes, my system does slow down when not heavily used. You can view my results.
What's yours like? ALso, do you have the URL(s) of this known issue? I'd like to read about it. -
DK rap
http://www.pastebin.ca/441339
dk rap song -
Simple Programming Solution
For the public computers I service, I merely loaded a little program that checks for certain window titles I specify. If it finds them, it closes the application. Some might say that it might find legitimate windows and think them bad, which is true, but for the most part people shouldn't be going REMOTELY near any of the unwanted sites/software (In my case, P2P, porn, and games). Any computer programmer could EASILY shut down this program, but again, for the most part it works great. Simply dropped the program in startup folder for all users, and each time someone tries to install LimeWire or visit Pogo.com it closes their browser and they get a warning message. The warning message alone is often enough to completely turn people off from ever trying the sites again. Link to source code template: http://pastebin.ca/220437
-
Re:Who hit him?From #freenode-announce.
christel "was lilo wearing a helmet and was the car driver responsible? if they are responsible will they be charged?"
christel lilo was not wearing a helmet, we are unsure at this point about what will happen wrt the driver of the car
christel from what we know, it was a hit and run
christel and the driver has not yet been found
No, it's not verifiable, although if you ask around people will agree that christel said this. It is all very sudden and I don't think anyone knows yet. I'm sure his family have better things to do right now than a) finding out what the police are doing about the driver and b) telling Freenode about it.
BTW, I don't think I did express an opinion about CCTV. In any case, lets not discuss that here. -
Re:10 was arbitrary
nothing fancy, here's my
/etc/apache2/sites-enabled/sites:
http://pastebin.ca/54877
using Apache/2.0.54 -
slashdotted, pastebin copy of interview