Computers have been getting "slightly better than last year" for a few decades now.
Because of that, I'm now running a Quad i7 with a Geforce and a couple terabytes of SSD+HDD rather than a IBM PC with a monochrome adapter and two floppies.
Sorry—busted. After in-depth analysis, I determined that Jesus is a poor lifting body and, indeed, aerodynamically unstable. It would have been difficult for him to maintain altitude, much less ascend to heaven.
The most likely explanation is mistaken identity; perhaps the crowd saw Mecha-Jesus, who, as is commonly known, possesses greek fire rocket boots and a deployable rogallo wing.
Alternatively, if Jesus was still crucified, it would have been possible to construct a simple (albeit extremely large) diamond kite—possibly from high-strength silk fabric imported from the orient. This would still, however, not meet the requirement of powered, controlled flight.
They were serving mixed content. As a result, the unsecured content was vulnerable to a MITM attack and could be replaced by whatever the hacker wanted—even javascript that pops up a fake password prompt.
But the login was definitely secured; you couldn't get someone's username and password just from captured packets. You could, however, gather certain less-sensitive information, most notably a list of installed apps used for update checks.
It was a big vulnerability, and it's good they fixed it. If only more sites would stop including unsecure content on "secure" pages.
One third is a surprisingly low percentage. The number of manned small plane crashes caused by human error is probably close to two thirds.
So while I'm sure lot could be done to improve the ergonomics of the pilot, it sounds like the drones' mechanical failure rate is a more worrying problem.
I firmly believe that the US military's focus on monotheistic cultures, coupled with the USMC and DARPA's involvement in Boston Dynamics, points to a vast and intricate conspiracy, facilitated by the US government, to engineer a scenario where CNN will one day show people running through the streets amidst screams of "Oh My God! Ponies!"
Honestly, it's a textbook Illuminati hazing ritual.
A sealed case isn't a huge deal in the case of the iPad or decent Android tablets, since there are no moving parts, no particularly hot-running components, and a top quality battery that should last for several years.
But the Surface Pro isn't like that. It's a notebook, complete with full OS, SSD, fans, and a powerful CPU, crammed into a tablet form factor.
What happens when that SSD starts failing from the heavy IO load of desktop software? Or one of the fans blows a bearing?
First, the very tool you link says it can attack machines running Windows, OS X, or Linux.
Second, here's the "mitigation" section from your link:
Attack mitigation To stay safe and protect against FireWire DMA attacks, here’s a couple of suggestions:
Windows * Block the SBP-2 driver * Remove FireWire drivers from your system if you don’t need to use FireWire OS X * Don’t panic – if you are using FileVault2 and OS X Lion (10.7.2) and higher, the OS will automatically turn off DMA when locked – you’re still vulnerable to attacks when unlocked, though * Set a firmware password Linux * Disable DMA or remove the 1394 drivers (see the ‘Mitigation: Linux’ section)
On a Mac, the normal steps to protect your machine from unauthorized access (even just setting a firmware password) also blocks the attack vector. And on Windows or Linux, you have to manually break Firewire and Thunderbolt entirely to work around the problem.
Macs do have security flaws, but this is about the worst example you could possibly give.
I'd imagine it's "banned" for the same reason as wardriving apps: because they use undocumented calls to get low level info from the radios. It sounds like they appealed to Jobs himself, but he turned them down. I can't really blame him, as the app's two functions seem to be (a) scare you with BS and (b) spy on you.
App Store restrictions are a bit annoying, but less annoying than having to run an antivirus program on your phone. Power users can, at least, jailbreak.
Bingo. If a company is desperate, sleazy, and stupid enough to use job applicants for free consulting, they're (a) not about to hire you as a full-time employee and (b) not somewhere you'd want to work anyway.
If it's pertinent to your job, do what the interviewer asks. If they treat you like this, consider yourself lucky you learned about their methods before you accepted the job. Meanwhile, you won't ruin genuine job offers with your paranoia.
Meh. All we need is a cable of sufficient length and tensile strength, two exceptionally strong anchors, and a mars rocket. Let angular momentum take care of the rest.
They had been offering them to schools for 75% off at the end of last year, and there seems to be no minimum number of Chromebooks for them to count a school amongst their number, so any school that bought one as a bonus for the gym teacher could potentially be among the 2,000.
Best of luck to Google, but I can't help but think if Apple or Dell or HP had offered a 75% discount they would have found a lot more than 1,000 buyers in three months.
Technically, any capitalization other than 'file:///' will do it. File, fILE, or FILE all have the same effect. The problem is the code compares the string to 'file://' without converting to lower case first...oops.
It's not a buffer overflow or anything like that. Some address-reading library happens to have a sanity test that makes a naive assumption; when it catches a file URL, it tests the prefix against the string 'file://'. When the strings don't match (because of a simple case difference) the sanity test fails and the program is shut down. Oops.
It *is* a dumb bug (aren't they all?), but I doubt it could anyone could make a remote code exploit out of that.
(a) We can't be sure the attack originated in China, it could have simply been proxied through there (there are plenty of vulnerable Chinese systems). (b) Even if it was, we can't prove it was organized by the Chinese government (there are plenty of non-state hackers in plenty of countries). (c) Even if it was, lots of governments engage in low-level espionage (including your own) without significant diplomatic repercussions.
Gathering intelligence isn't typically considered an "act of war" unless it is seen as a prelude to invasion or otherwise causes physical harm. If it was, intelligence agencies would have started World Wars 3 through 17 by now.
Slashdot Mirror
Computers have been getting "slightly better than last year" for a few decades now.
Because of that, I'm now running a Quad i7 with a Geforce and a couple terabytes of SSD+HDD rather than a IBM PC with a monochrome adapter and two floppies.
I'm not complaining.
Sorry—busted. After in-depth analysis, I determined that Jesus is a poor lifting body and, indeed, aerodynamically unstable. It would have been difficult for him to maintain altitude, much less ascend to heaven.
The most likely explanation is mistaken identity; perhaps the crowd saw Mecha-Jesus, who, as is commonly known, possesses greek fire rocket boots and a deployable rogallo wing.
Alternatively, if Jesus was still crucified, it would have been possible to construct a simple (albeit extremely large) diamond kite—possibly from high-strength silk fabric imported from the orient. This would still, however, not meet the requirement of powered, controlled flight.
Yep, they were sending login information over plain http.
Uh, no they weren't.
They were serving mixed content. As a result, the unsecured content was vulnerable to a MITM attack and could be replaced by whatever the hacker wanted—even javascript that pops up a fake password prompt.
But the login was definitely secured; you couldn't get someone's username and password just from captured packets. You could, however, gather certain less-sensitive information, most notably a list of installed apps used for update checks.
It was a big vulnerability, and it's good they fixed it. If only more sites would stop including unsecure content on "secure" pages.
Be careful. That typo set Microsoft's Surface tablet project back several years.
One third is a surprisingly low percentage. The number of manned small plane crashes caused by human error is probably close to two thirds.
So while I'm sure lot could be done to improve the ergonomics of the pilot, it sounds like the drones' mechanical failure rate is a more worrying problem.
And a Rick Astley video, well just because it was tempting....
http://www.youtube.com/watch?v=lyViVmaBQDg
Wow. That actually DID lead to Rick Astley.
Few have ever achieved the legendary Reverse-Reverse Rickroll. I bow before your masterful trolling skill.
I firmly believe that the US military's focus on monotheistic cultures, coupled with the USMC and DARPA's involvement in Boston Dynamics, points to a vast and intricate conspiracy, facilitated by the US government, to engineer a scenario where CNN will one day show people running through the streets amidst screams of "Oh My God! Ponies!"
Honestly, it's a textbook Illuminati hazing ritual.
Mod This Plaid.
A sealed case isn't a huge deal in the case of the iPad or decent Android tablets, since there are no moving parts, no particularly hot-running components, and a top quality battery that should last for several years.
But the Surface Pro isn't like that. It's a notebook, complete with full OS, SSD, fans, and a powerful CPU, crammed into a tablet form factor.
What happens when that SSD starts failing from the heavy IO load of desktop software? Or one of the fans blows a bearing?
Darn it, I was going to use that for my XBL indie game, but apparently it's internally reserved.
Say what you will, but I think the recipients will consider it an Achievement.
Nice troll.
First, the very tool you link says it can attack machines running Windows, OS X, or Linux.
Second, here's the "mitigation" section from your link:
Attack mitigation
To stay safe and protect against FireWire DMA attacks, here’s a couple of suggestions:
Windows
* Block the SBP-2 driver
* Remove FireWire drivers from your system if you don’t need to use FireWire
OS X
* Don’t panic – if you are using FileVault2 and OS X Lion (10.7.2) and higher, the OS will automatically turn off DMA when locked – you’re still vulnerable to attacks when unlocked, though
* Set a firmware password
Linux
* Disable DMA or remove the 1394 drivers (see the ‘Mitigation: Linux’ section)
On a Mac, the normal steps to protect your machine from unauthorized access (even just setting a firmware password) also blocks the attack vector.
And on Windows or Linux, you have to manually break Firewire and Thunderbolt entirely to work around the problem.
Macs do have security flaws, but this is about the worst example you could possibly give.
I might be confused, but don't kernel devs normally destroy their instruments at the end of each show?
There's always Auxo.
I'd imagine it's "banned" for the same reason as wardriving apps: because they use undocumented calls to get low level info from the radios. It sounds like they appealed to Jobs himself, but he turned them down. I can't really blame him, as the app's two functions seem to be (a) scare you with BS and (b) spy on you.
App Store restrictions are a bit annoying, but less annoying than having to run an antivirus program on your phone. Power users can, at least, jailbreak.
Bingo. If a company is desperate, sleazy, and stupid enough to use job applicants for free consulting, they're (a) not about to hire you as a full-time employee and (b) not somewhere you'd want to work anyway.
If it's pertinent to your job, do what the interviewer asks. If they treat you like this, consider yourself lucky you learned about their methods before you accepted the job. Meanwhile, you won't ruin genuine job offers with your paranoia.
In a decade or two, most of them will be flying drones anyway.
Meh. All we need is a cable of sufficient length and tensile strength, two exceptionally strong anchors, and a mars rocket. Let angular momentum take care of the rest.
They adjust the "habitable zone" for each star already.
They had been offering them to schools for 75% off at the end of last year, and there seems to be no minimum number of Chromebooks for them to count a school amongst their number, so any school that bought one as a bonus for the gym teacher could potentially be among the 2,000.
Best of luck to Google, but I can't help but think if Apple or Dell or HP had offered a 75% discount they would have found a lot more than 1,000 buyers in three months.
Yeah, Slashdot Grammar Nazi! Whose awesome? Your awesome!
Though the headline made sense to me; I just assumed the punctuation was lost:
Fight—You Own Muscles!—To Create Force-Feedback On Smartphones
Technically, any capitalization other than 'file:///' will do it. File, fILE, or FILE all have the same effect. The problem is the code compares the string to 'file://' without converting to lower case first...oops.
It's not a buffer overflow or anything like that. Some address-reading library happens to have a sanity test that makes a naive assumption; when it catches a file URL, it tests the prefix against the string 'file://'. When the strings don't match (because of a simple case difference) the sanity test fails and the program is shut down. Oops.
It *is* a dumb bug (aren't they all?), but I doubt it could anyone could make a remote code exploit out of that.
Because...
(a) We can't be sure the attack originated in China, it could have simply been proxied through there (there are plenty of vulnerable Chinese systems).
(b) Even if it was, we can't prove it was organized by the Chinese government (there are plenty of non-state hackers in plenty of countries).
(c) Even if it was, lots of governments engage in low-level espionage (including your own) without significant diplomatic repercussions.
Gathering intelligence isn't typically considered an "act of war" unless it is seen as a prelude to invasion or otherwise causes physical harm.
If it was, intelligence agencies would have started World Wars 3 through 17 by now.
You might want to read that again.