pastebin.com · Domains · Slashdot Mirror

here is the link by h54108 · 2014-02-04 00:46 · Score: 1 · on Anonymous Slovenia Claims To Have Hacked the FBI and Posted Emails To Pastebin

and here is the link http://pastebin.com/DwDJ0WW8

This is Machinima deal, not Microsoft by nomaddamon · 2014-01-21 03:14 · Score: 3, Informative · on Microsoft Paying for Positive Xbox One Coverage on YouTube

Full contract at http://pastebin.com/vec6vjv5/

Machinima lives of these kind of promotions (all Machinima affiliates get multiple offers per month)

The total cost for this promotion for Machinima is 3750$ (promotion ends when this CPM target is met)

It is likely Microsoft entered into a deal with Machinima to increase it's visibility and Machinima did the promotion on it's own (like it has done with a lot of brands before)

Re:You are the 5% that vendors don't care about. by Khopesh · 2014-01-18 15:03 · Score: 1 · on Stop Trying To 'Innovate' Keyboards, You're Just Making Them Worse

The problem is that they're trying to make the manufacture process cheaper in order to eek out a slightly higher profit. Plus, multitouch is increasing the amount of space necessary to devote to the touchkpad.

I really like the keyboard on my Thinkpad X201s, whose only isue is the Escape key being above the F1 rather than to the left of it, but at least it's at the upper-leftmost corner of the keyboard, so it was easy to adapt to (also, I mapped F1 to Esc in a lot of programs). The other problem with this laptop was the small touchpad. It supported multitouch, but it's tiny, measuring about two inches wide by one inch tall.

Clearing a row of keys obviously translates to increasing the vertical size of the touchpad. I get that, it just needs to be done more intelligently. The X1's touchkpad is about four rows of keys tall and has no buttons. The X201s's touchkpad, including keys, is about 3 1/3 rows tall. There are two rows of function keys up top which are each about two thirds of a row tall. Removing one of them solves the space problem to the millimeter. Don't get rid of those keys though! I think I could survive with that top (function) key row turned into a capacitive row the way the X1 does ... so long as there is still a normal Esc key on its far left (above the tilde, which is to the left of the digits).

How about:

- Backspace must be the rightmost key on the digits row.
- Esc must be the upper-leftmost key, one row above the digits' row.
- Power is fine at the upper-rightmost key.
- Also retain the standard positions for tilde (left of digits), CapsLk (under Tab).
- The top row can remain "adaptive" as long as its end keys, Esc and Power, are real.
- Give a non-multitouch middle-click option, either via emulation (right+left) or three spots at the touchpad's top.
- Grow down instead of up:
- - Bring back the numeric keypad's 0-9 and dot (default NumLk off) for 4 rows of arrows/numbers. This places PgUp/PgDn, Home/End, and Ins/Del.
- - New buttons (like Fn and Compose) can go under each Alt key for easy thumb access
- Fn is a hardware button, but if you add Compose, it's software (allow setting it as another bucky bit like Hyper or Option)

I've mocked this up and posted it in ascii art (mostly to scale) to pastebin at http://pastebin.com/sEECJKrh. If any laptop keyboard designers are reading this, it's free for you to use. I just want it to be used.

Rubbish Site by Anonymous Coward · 2014-01-15 11:43 · Score: 0 · on Code.org: Give Us More H-1B Visas Or the Kids Get Hurt

I remember that the site had some serious validation problems a while ago and 4chan had quite some fun skewing the ratio to 98% girls completing the Hour of Code. Sadly, someone noticed and rolled back most of the submissions. However, it looks like the vulnerability still hasn't been patched, so if anyone wants to have some fun promoting women in programming: http://pastebin.com/G95LMpK2

Re:Great topic by Yunga+Palatino · 2014-01-01 03:23 · Score: 1 · on Ask Slashdot: Command Line Interfaces -- What Is Out There?

I made a little cheat sheet that is mostly a copy/paste from whatisdb, and somehow grouped the commands by theme. Comments are appreciated if you think something's missing. http://pastebin.com/yGmGiDQX

Re:Huh, what? by Sarten-X · 2013-12-26 16:04 · Score: 3, Informative · on How Ya Gonna Get 'Em Down On the UNIX Farm?

Yes, you can enable SSH on ESXi. There are also varying levels of support from third parties, most of which are easier to deal with than Microsoft.

Perhaps I should clarify what I mean when I say I'm a "Windows sysadmin"... For the past two years, I've been doing systems work with Windows. For the first year, it was mostly in a bog-standard admin capacity, but for the past year I've been working exclusively on a project in Windows Server 2012, using PowerShell heavily. I'm now in charge of maintaining and improving about 10k lines of PowerShell scripts.

Powershell is the second-worst language I've encountered in almost two decades of programming. Here's a few reasons why:

It's supposedly all based around objects, but you can't natively define your own classes. You have to embed C# for that.
The "pipeline" passes objects from one command to the next, but there is no standard for what semantics a passed object must support.
Opaque objects can't easily be manipulated or constructed for debugging.
Commands are loaded modularly, but there are no namespaces. Collisions are inevitable.
No include-like functionality for scripts. You can import (with .) a modular script multiple times, but it'll run multiple times.
Multiple overlapping APIs. In addition to the PowerShell native commands, there are interfaces to .NET, WMI, COM, and command-line executables, any one of which may be the expected (or only) way to accomplish a given task, and of course the available features change with every revision of Windows.
Context-sensitive errors. Assign several kinds of Get-* results to variables, and you can check that variable safely in an IF condition. Checking the Get-* directly in the condition will throw an error if the Get-* operation returns an empty set.
Moving to an inner scope is copy-on-write.
Far too much boilerplate to declare constants (38 characters) or globals (27 characters).
Symbol aliases like "%" and "?" are not obvious when reading old code, and text aliases are also rarely intuitive unless you use them frequently.
No cross-platform support whatsoever.
Incomplete support in older OS versions, and no upgrades.
No unified documentation (due mainly to aforementioned modularity hell and split APIs)
Whitespace sensitive.
No native support for test-driven development.
No support for multiple entry points.
Worse multithreading support than Perl.
Little control over command output. Either you nitpick each command to accommodate its error, warning, and output streams, or you change the global error-handling variables
As with all Microsoft products, absolutely no guarantee of support beyond the current version. As soon as Microsoft decides that SuperShell is the next big thing, PowerShell will go join other abandoned systems like COM, WSH, and VBScript.

My theory is that PowerShell started as a way to tack .NET support onto batch files, but then some brain-dead executive thought it'd be a suitable competitor to Bash, so they had to add pipes, but it's just gotta use objects, because Windows is all about the objects! Then somebody actually tried to use it for something productive, and realized it was still limited, so they added half-assed module support so it could be more useful later. Executives saw the progress, and declared that it had to be integrated into all the new 2012 stuff, so that meant that each team had to figure out their own way to make PowerShell make sense. Of course, in typical Microsoft fashion, nobody thought to look over a

Re:Very different code by jthill · 2013-12-19 09:42 · Score: 1 · on Comparing G++ and Intel Compilers and Vectorized Code

So write a dumb little 10-liner to generate potentially-failing option combinations, with any luck it's just one or two of the ones enabled by the next level up from the lowest working `-On`.

Re:Bah! by Jah-Wren+Ryel · 2013-12-18 19:15 · Score: 1 · on Panel Urges Major NSA Spying Overhaul

Snowden has offered to help Brazil investigate US intelligence. Is that the patriotism you were referring to?

He offered to help "wherever lawful and appropriate" -- Do you have have a problem with lawful and appropriate actions? Are you advocating that Snowden do something to violate the law?

Pastebin mirror of code by Anonymous Coward · 2013-12-11 06:02 · Score: 5, Informative · on OpenSSH Has a New Cipher — Chacha20-poly1305 — from D.J. Bernstein

http://pastebin.com/3YaRWXFs

Australia is very, very corrupt by Brendan_Jones · 2013-12-03 17:35 · Score: 5, Informative · on Australian Defense Scientists Plagiarizing Trade Secrets

This was the actual text from Clayton Utz, the law firm acting for the Australian Department of Defence: "“The reason we believe your claim will fail is because you allege that the Commonwealth owes innovators submitting products or technology for evaluation a duty of care to ensure that the evaluations are either fair, proper and accurate or that the confidential information is respected. There is no such duty of care in Australian law.”

They are very disingenuous: The DSTO publicly solicits businesses to submit inventions to Defence under the "DSTO CTD Capability and Technology Demonstrator Program", and then screw them over behind closed doors.

Here the Defence Science Minister Warren Snowdon announced a DSTO Probity Board "to protect against conflict of interest" http://www.dsto.defence.gov.au/news/6648/, while here he sends a letter to an independent MP in which he falsely claims the whistleblower didn't want the thefts from other companies to be investigated(!): http://victimsofdsto.com/doc/2011-02-28%20Letter%20from%20Defence%20Science%20Minister%20with%20false%20information%20to%20Independent%20MP%20(NAMES%20BLACKED%20OUT).pdf

Australia's Federal Police force, the AFP, are systemically corrupt. They ignore public service crime http://www.smh.com.au/national/public-service-keeps-fraud-cases-private-20110923-1kpdr.html and terrorise whistleblowers: http://pastebin.com/tD8Vd6Vd http://victimsofdsto.com/psc/#kessing

You can't use the civil courts: Under the Model Litigant Policy the Australian government has to keep legal costs to a minimum, must offer alternate dispute resolution, etc. But the government lawyers simply ignore it, run up huge legal bills and threaten to bankrupt you with a costs order if you dare step foot into court. http://www.theaustralian.com.au/business/legal-affairs/gillard-government-lashed-for-ignoring-breaches-of-model-litigant-rules/story-e6frg97x-1226325228917 Another department did actually bankrupt a guy. Not mentioned in the article, the DSTO also stole IP from some big defence companies (including an American one).

It costs about $2M to litigate the gov. I don't know of a single company who has seen litigation through: SMEs can't afford it, and the large companies said litigating their biggest customer would lose future contracts. The only law firms capable of taking on the government pro bono in Australia are all on retainer to them! Here's a very good book "Our Corrupt Legal System" by an investigative crime journalist; Page 157- describes all the dirty tricks lawyers play: http://netk.net.au/Whitton/OCLS.pdf . play.

Targets supplied by FBI to Jeremy Hammond .. by Anonymous Coward · 2013-11-28 01:47 · Score: 0 · on Death and the NSA: A Q&A With Bruce Schneier

Jeremy Hammond, Sabu, and the Intelligence-Industrial Complex

Targets supplied by FBI to Jeremy Hammond

Re:Even Kubuntuforums has gone https by Slayer · 2013-11-16 22:38 · Score: 1 · on How Big Companies Can Hamper the Surveillance Infrastructure

HTTPS is completely pointless when it comes to stopping spies. Even the Iranian government was able to snoop on gmail communications thanks to compromised root certificates.. While the Iranians had to actually compromise a CA, the US could just coerce a US based CA into cooperating without anyone else ever hearing about it.

Re:And there's a whole series of comments at Ars.. by UnderCoverPenguin · 2013-11-01 10:03 · Score: 1 · on Ars: Cross-Platform Malware Communicates With Sound

I'm not up on my Audio Engineering, so excuse me if this question is recockulous, but since mic / speakers basically work on the same principles, is there any chance that its theoretically possible they are transmitting ultrasonic with the mic and receiving on the speakers!?

No. The input and output circuit amplifiers are arranged to only allow signal flow in one direction.

FYI, amplifiers can be arranged to allow 2 way signal flow (aka "full duplex") over a 2 wire connection. An example is a basic, landline telephone. You can demo this with 2 basic, landline phones, 2 phone jacks and a 9V battery. Connect the red wire from one jack to the red wire from the other, then both to + on the battery. Likewise, the green wires to - on the battery. Then with an assistant, each of you pick up one of the 2 handsets. You will be able to talk and hear each other over the 2 wire connection between the phones.

Over simplified diagram: http://pastebin.com/hQN58jDd - Download and save with the extension ".svg" then open file with Firefox, Chrome or Opera to view it.

Re:TFA does a poor job of defining what's happenin by mysidia · 2013-10-30 15:17 · Score: 1 · on How Your Compiler Can Compromise Application Security

Here we have a struct 100 bytes in size. However, st.a is not a pointer.

Where? Of course st.a is a pointer.... there are rules in C of pointer-array interchangeability.

st.a has type uint_t [100]. And sizeof both of those is the same.

&st.a has type uint_t (*)[100]

Just try it.... http://pastebin.com/7an0MS9g

.... Now what's really funny are two-dimensional arrays.

Remember: when you are defining an array of two dimensions dynamically, there are two completely different approaches.

1. List of pointers technique

int **Array = malloc(sizeof(int*) * OuterMax);

And 2. Built-in array type

Both result in the a[i][j] notation.

Both are structured completely differently.

Hilarity ensues, when a programmer accidentally forgets which type of 2D array it is, and tries to resize (a[i]); or bcopy/memcpy on 'a' in an array created using the list-of-pointers technique

Re:What? by fisted · 2013-10-29 10:30 · Score: 1 · on Toyota's Killer Firmware

Did you mean to post that on pastebin.com instead?
I think so -- here you go.

[Post on slashdot instead]

Re:White hat by vuln-report · 2013-10-23 15:05 · Score: 1 · on Users Slow to Update Netgear ReadyNAS Boxes Open To Remote Exploit

How hard would it be to write a program to find vulnerable boxes and force a patch via the exploit?

From a strictly technical perspective, this particular vulnerability is in fact not hard at all to exploit and deliver a fix. diff: http://pastebin.com/aWCwdnhL We didn't actually make such a tool but VERT did discuss the possibility.

Site's still down .. by codeusirae · 2013-10-21 03:12 · Score: 1 · on NSA App Ideas To Popularize Spying and Big Data

Ten ways to make NSA spying popular with Americans

Re:Fingerprint != user authentication by Anonymous Coward · 2013-10-05 12:08 · Score: 0 · on MasterCard Joining Push For Fingerprint ID Standard

This is relevant as well:

Anonymous claims link between iPhone 5S TouchID and US gov biometric database

http://www.itproportal.com/2013/10/01/anonymous-claims-link-between-iphone-5s-touchid-and-us-gov-biometric-database/

anonymous PasteBin with details:

http://pastebin.com/cmHs2VBn

In a nutshell:

3. It may be immaterial whether or not Apple's scanner is easily hackable and whether or not the NSA will have direct access to fingerprints granted to it by Apple and the FISA Court. Multiple industry leaders indicate that the real reason why the Intelligence Community was so keen on Apple launching AuthenTec’s biometric technology is because anything Apple touches automatically becomes über cool. Other biometric corporations are wetting themselves with delight.

Shortly on the heels of this news suddenly we see this Mastercard/FIDO article.

Re:Fluid Design... by Anaerin · 2013-10-01 10:50 · Score: 2 · on Come Try Out Slashdot's New Design (In Beta)

And, because nobody asked for it, but I might as well while I'm playing, re-skinned the comments section to look a little more familiar. Stylish preset is now on pastebin.

Re:Leaked evidence chemical attack was false flag. by Anonymous Coward · 2013-09-04 00:26 · Score: 1, Interesting · on US and Israel Test Missile As Syria War Tensions Rise

The hacker uploaded a load of email correspondence for several security contractors to pastebin, their wives and a colonel or two. it is being taken offline as fast as it is being distributed... it certainly does look damning evidence. Is anybody surprised given that we know Syria has been on the chopping block ever since "The New American Century" was published...

Re:Maybe by buddahcjcc · 2013-08-31 14:35 · Score: 1 · on Mechwarrior Online Developer Redefines Community Warfare

According to IGP/PGI Billing its not. as per the refund request I sent them, and this email I received: http://pastebin.com/89jGXvFg

Re:Here's a link to the crasher string in question by Anonymous Coward · 2013-08-29 06:14 · Score: 0 · on CoreText Font Rendering Bug Leads To iOS, OS X Exploit

Here's a link to the crasher string in question:

here

(warning: will crash Safari on OS X 10.8. Firefox doesn't crash.)

Fixed the link and...
It's just a mash of Arabic? Wow, that's anticlimactic. I was expecting something to actually employ the weird characters, but Apple has left itself vulnerable to random plaintext in a foreign character set.

How? by lvxferre · 2013-07-30 03:00 · Score: 2 · on Russia Proposes Banning Foul Language On the Internet

So, let's pretend for a moment that banning foul language isn't completely ridiculous, but a worthy goal from Russian government. There's still a practical problem... how?

First of all, the censorsh... (oops, "child protection") department will need to monitor consistently all sites in the Russosphere, and maybe some in the Anglosphere. Some of those won't reside in Russian Federation, and RF's gov asking the responsible countries' govs for info about the criminal swearing scum will at least result in a "lolshto" (lol, what?) from the other govs.

Second, does Mizulina really think this is feasible? How? Censors? Well, good luck, they would need all Russian tech-savvy population for that... (exactly the ones they want to control).

Filters? Hell, it's hard to make those for Latin-based languages, but almost impossible for Cyrillic-based ones! Let's say you ban a swear word in Russian (I would use examples, but /. filters all Cyrillic letters). They would need to filter the word itself, anny misspell (intentional or not), different transliterations to Latin, Volapük encoding (a leetspeak-like transliteration using Latin letters that resemble Cyrillic ones), plus, any tactics the internet use regardless of language to avoid filters (like writing pr0n, FML, phuck...).

To show the infeasibility of that, I used a three-letters swearing, khuj ("dick") as example. Just on top of my mind, I got twelve variations - you can bet any Russian native can bring a dozen more. (Here: http://pastebin.com/bcH2bg2S ).

Third and last: if they do manage to make a comprehensible list of swear words with all the variations, just imagine the amount of false positives on an international scale - like Russian gov annoying Brazilian one because someone wrote "curva" in a fucking blog! (just "curve" in Portuguese, but an acceptable transliteration for kurva ["whore"] in Russian).

Frankly... I'm not worried with this censorship being implemented at all, but rather, the intentions behind it.

Re:The summary is wrong again... by Maestro485 · 2013-07-21 13:32 · Score: 4, Informative · on Apple: Developer Site Targeted In Security Attack, Still Down

Actually the source of information was an email that Apple sent out earlier today regarding the situation. I have an iOS developer license so I got the email.

Here's a pastebin dump: http://pastebin.com/4dCWge1s

Text based HTTP debugging by CadentOrange · 2013-07-09 08:41 · Score: 1 · on HTTP 2.0 Will Be a Binary Protocol

There seems to be a lot of posters on Slashdot who do not get just how useful it is that HTTP is text based. I rarely ever need to look at the raw TCP dumps. With the prevalence of REST APIs these days, viewing TCP dumps is overkill. You could argue that REST is a fad and we should all go back to binary RPC protocols, but HTTP is very nice because it allows you to debug so easily. Other posters have mentioned this ease of debugging only to be countered by the binary is just as easy crowd, so I'll go further and provide a worked example.

I use the following code snippet to debug HTTP. It's not the best example of code, but I use it regularly and it works. With it, I can write up the HTTP request in any text editor and shove it up the network and have the response printed out to console for inspection. An example of a HTTP request is like so. This returns a response that's human readable.

It's all nice and human readable. Could I do the same with a raw TCP frame? Sure. I could download it to disk and fire up some viewer like wireshark. Text is far more convenient as I could view it right in my terminal.