Remotely control the machine once the rootkit is in place, yes, but it can't remotely install itself. The process requires booting off of a CD to modify the contents of the RAM while the OS is booting. So, if you disable booting from CD in the BIOS and require a supervisor password, then problem solved.
While the method you propose sounds plausible at first, I doubt it would work. I'm a student in a public high school which uses filtering (Deep Nines, specifically). It's hard enough to use the internet effectively for school-sanctioned, research-related activities with the blacklisting approach used right now. Whitelisting would make it nearly impossible. Our district has around 46,000 students over 100 schools, all supported by an IT department of only about 40 people. Considering the immense breadth of internet sites which students and teachers alike may need to access, it would be impractical to create exceptions for every use needed. My teachers regularly use the internet to show us interesting articles, science reports, historical documents, etc. Watching an NCAA tournament could be a viable use if you're doing a project about college sports. If an entire class needs to research a non-allowed resource, it's pretty darn impractical for them all to go to "starbucks or something" in the middle of class. The fact of the matter is that by over-restricting the internet, you would be taking away an invaluable resource from the students, which is simply impractical in today's technology-saturated world.
Microsoft has a tiny group of diehard fanboys and that's it?? What planet are you from... Microsoft has thousands of multimillion dollar corporate customers, and a near monopoly on the OS market. Linux has a tiny group of diehard fanboys which are gaining ground, but nothing near the size - nor popularity - of Microsoft.
Tip on the login screen: if you go into group policy, you can turn on the setting for "do not display last user name" and it will show a classic-style login.
One potential solution to that problem which a friend of mine suggested is that the labels be images as well. Then the bot would have to do OCR every single time on each label, which is doable, but would provide that much more of a time delay and require that much more processing for each page.
Good points. It might be necessary to implement a server-side mechanism to store a copy of the cookie's data, and only allow that set of fields to be submitted once, or only once in a given time period. This would prevent people from "reusing" cookies, so to speak.
As to the bot parsing the cookie - that's why the contents of the cookie are encrypted with a key that only the server knows. There is then no way for the bot to read which fields are which - all they will see is a long string of gibberish.
Better yet, when encrypting the data, a timestamp could be put in as well, and if when submitted the time stamp were more than, say, 30 minutes old, then the request would be invalidated, stopping bots from reusing the same cookie for too long.
There is no option for a "repair install", because there is a far superior feature. Remember how after a repair install a lot of things would be a bit wonky for a while, you would have to reinstall any microsoft updates, some registry settings would be lost, etc? With windows vista, and subsequently windows 7, when you make a backup of your computer using the built in backups feature, it creates a system image. If your computer can't be repaired, you can boot off of the installation disk, choose repair options, and from there restore the image from your backup. Your entire system is restored to exactly how it was when you made the backup - files, software, windows updates - anything. It even works when moving to a completely new hard drive. So yes, they took out the repair install, but they added the much better alternative of being able to restore your computer to exactly how it was before - like system restore on steroids.
True. What about generating a pseudo-random id for each element when the page loads, then saving those ID's in a cookie in an encrypted form.
User sends request to server
Server generates random ID's for each form element, then encrypts them with a key not publicly available. This encrypted string is saved in a cookie.
Page is displayed, with the random ID's. There is no way for a bot to know which ID goes with which form field.
Page is submitted. Server reads the cookie and decrypts it, which tells the server which fields do what. The cookie is then deleted, and if the user visits the form again, a new cookie with new form fields is created.
I'm sure there's some flaws in this idea, but something of that general idea could potentially work.
She's still playing the same music, she's just playing it backwards. Of course, that means the PRS has to be payed for the music backwards — and give her money.
This definitely reminds me of the vest that you wear in Half Life: Opposing Force, or Gordon Freeman's HEV. It can be run off of a power source, helps you lift things better, has optional attachments, cooling systems... huh. Does it come with a crowbar?
Are you kidding? When is the last time you were in a corporate environment with an exchange server? Also, have you even seen Office 2007? Some people may not like it, but I find it very intuitive and much prefer it over older versions of office, let alone open office. It seems that you still can't do trendlines in open office calc... come on, that's basic functionality. Inkscape? Believe me, Illustrator does waayyy more. I've tried Inkscape, and while it could end up being good some day, it doesn't cut it for now. Paint is, admittedly, a joke, but Visio does all sorts of fancy things. Scribus and publisher are both a joke, though publisher is a bit more polished.
I will say that for any sort of scientific, mathematical or other academic writing, LaTeX totally kills all the competition. I still use word sometimes because of the nice integration with excel, but I much prefer to use LaTeX for lab reports, math papers and so forth.
Amazingly, that now pretty much describes the bottom end Mac Pro...
...Except for the price tag.
Except for the price tag and the use of overpriced server-class components, yes. The really screwy thing, of course, is that the 24" iMacs all have 4GB of RAM, whereas the hideously expensive quad-core Mac Pro has only 3GB (and you can bet Apple will charge through the nose for more).
And you can bet that it has 3GB because it's using triple-channel DDR3, which is required with the latest Core i7 processors and boards.
...nevermind of course that they're not using a Core i7, they're using an LGA 771 Xeon.
My point is not that sickle-cell anemia is good. My point is that there are scenarios - I'm sure there are others - where a disease that is bad can have good things associated with it. There are probably other diseases like this, and the beneficial genes could possibly be separated out and used to help people.
Re:There's no stopping this
on
Designer Babies
·
· Score: 2, Informative
As an example, people with sickle-cell anemia tend to be resistant to malaria. So, there are bad diseases with potential benefits associated.
Word, Excel, Powerpoint and Outlook don't come with Windows, real games don't come with Windows, a C compiler, Python, and Java don't come with Windows, there's only one media player installed with Windows and only one browser as well.
And why is this? Because when MS even tries to include a web browser and a media player, they get their asses chewed out by the EU for anticompetitive behavior. You can't expect MS to provide nothing and everything at the same time...
No, it can't. It would pop up a UAC prompt when the installer or application tried to do that. With all UAC settings but the very lowest (OFF), you will get a prompt if it tries to make those sorts of changes. So it would prompt you for UAC rights before it could turn off UAC, hence rendering the scheme pointless.
It's actually controlled by just one registry setting in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System. ConsentPromptBehaviorAdmin sets the UAC behavior for administrators. ConsentPromptBehaviorUser sets the UAC behavior for users. If the entry (a DWORD value in case you were wondering) is set to 00000001, then it will prompt for a password. Even for administrators, which enables a functionality essentially like sudo. If set to 00000005 (the default), it will only prompt you when a program needs elevation. However, even when in the default setting to not prompt for system changes, it still prompts when you try to edit the registry, even with a.reg file, meaning you can't just add a reg file to disable the UAC. I haven't tested yet what happens when you try to change the UAC setting from a batch file using the reg command, or from a VBS script.
I devised a somewhat elaborate scheme for UAC which I am rather proud of. I created two registry files; one of them sets it to 00000001 (prompt for password for all system changes) and one sets it to 00000005 (only prompt for programs requiring elevation). I then created two scheduled tasks. One of them is triggered by disconnecting from a network, and it runs the registry file to put UAC into "password" mode. This way any time I leave my home network or am not on a network, it's in password mode so that someone can't just walk up and change my computer. The other task runs when I connect to a network, but under the conditions tab I specified that it should only run if I am connected to my home network. It sets it to less-annoying mode, so that at home I don't get bothered since I don't need to type my password to run the defragger thank you. (Both tasks are set to run with administrative privileges of course, so that they can successfully modify that reg entry) This has the advantage of putting it into an extra secure mode when I'm away from home and people might mess with my laptop, but being non-annoying when I'm at home, and resetting the UAC setting how I want it every time I disconnect from a network, meaning that even if a virus were to disable UAC, it would get turned right back on in short order.
Quite simply put, you are wrong. While you must reactivate your copy of windows if you move it to a new computer, it's quite possible to do so. You call the MS activation # and tell them you moved it to a new computer, they tell you a code, you put in the code, it works. OEM versions can't be moved, but OEM versions cost a fraction of the amount that retail versions do. A full retail copy of Windows Vista can be reused on as many new computers as you like, so long as you remove it from the old one. Also, upgrading just one component - such as adding more memory or a new graphics card - will not trigger a reactivation. A whole new computer will of course, and extreme changes, such as a new motherboard, will, but minor changes rarely ever require a call.
Who says you can't fight back in cyber-bullying too? Tell the bully you're sorry, and hey check out this link to a picture of me crying just to prove that you won, ok leave me a lone now. Except the link really goes to a trojan of your choice... and then you get to have fun!
I noticed this as well. I refreshed a few times, and got a total of 5 product keys, and after those 5 it would just repeat the same ones in random order each time I refreshed. I talked to some other people I know who have gotten the beta, and they noticed the same thing. We compared the first 5 and last 5 characters of the product keys and they were all the same, so we're assuming that there are 5 generic keys out there. This would mean that MS is no longer limiting it to 2.5 million keys, as they were going to. I do not know this for sure, but it seems to be what people are noticing...
Some OEM's are installing Vista x64 by default now. Dell does on laptops with 3 GB of RAM or more (which is most of them these days) and has it for many of their desktops, too. HP has it as an option, though I don't think it's default.
Slashdot Mirror
Remotely control the machine once the rootkit is in place, yes, but it can't remotely install itself. The process requires booting off of a CD to modify the contents of the RAM while the OS is booting. So, if you disable booting from CD in the BIOS and require a supervisor password, then problem solved.
While the method you propose sounds plausible at first, I doubt it would work. I'm a student in a public high school which uses filtering (Deep Nines, specifically). It's hard enough to use the internet effectively for school-sanctioned, research-related activities with the blacklisting approach used right now. Whitelisting would make it nearly impossible. Our district has around 46,000 students over 100 schools, all supported by an IT department of only about 40 people. Considering the immense breadth of internet sites which students and teachers alike may need to access, it would be impractical to create exceptions for every use needed. My teachers regularly use the internet to show us interesting articles, science reports, historical documents, etc. Watching an NCAA tournament could be a viable use if you're doing a project about college sports. If an entire class needs to research a non-allowed resource, it's pretty darn impractical for them all to go to "starbucks or something" in the middle of class. The fact of the matter is that by over-restricting the internet, you would be taking away an invaluable resource from the students, which is simply impractical in today's technology-saturated world.
Ah, I see. Well, redirect my comment at the parent to your post and let them feel the wrath! Muahahahah.
Microsoft has a tiny group of diehard fanboys and that's it?? What planet are you from... Microsoft has thousands of multimillion dollar corporate customers, and a near monopoly on the OS market. Linux has a tiny group of diehard fanboys which are gaining ground, but nothing near the size - nor popularity - of Microsoft.
Last I checked, you have to pay to download iPhone Beta 3.0.
Tip on the login screen: if you go into group policy, you can turn on the setting for "do not display last user name" and it will show a classic-style login.
One potential solution to that problem which a friend of mine suggested is that the labels be images as well. Then the bot would have to do OCR every single time on each label, which is doable, but would provide that much more of a time delay and require that much more processing for each page.
Good points. It might be necessary to implement a server-side mechanism to store a copy of the cookie's data, and only allow that set of fields to be submitted once, or only once in a given time period. This would prevent people from "reusing" cookies, so to speak. As to the bot parsing the cookie - that's why the contents of the cookie are encrypted with a key that only the server knows. There is then no way for the bot to read which fields are which - all they will see is a long string of gibberish. Better yet, when encrypting the data, a timestamp could be put in as well, and if when submitted the time stamp were more than, say, 30 minutes old, then the request would be invalidated, stopping bots from reusing the same cookie for too long.
There is no option for a "repair install", because there is a far superior feature. Remember how after a repair install a lot of things would be a bit wonky for a while, you would have to reinstall any microsoft updates, some registry settings would be lost, etc? With windows vista, and subsequently windows 7, when you make a backup of your computer using the built in backups feature, it creates a system image. If your computer can't be repaired, you can boot off of the installation disk, choose repair options, and from there restore the image from your backup. Your entire system is restored to exactly how it was when you made the backup - files, software, windows updates - anything. It even works when moving to a completely new hard drive. So yes, they took out the repair install, but they added the much better alternative of being able to restore your computer to exactly how it was before - like system restore on steroids.
I'm sure there's some flaws in this idea, but something of that general idea could potentially work.
She's still playing the same music, she's just playing it backwards. Of course, that means the PRS has to be payed for the music backwards — and give her money.
This definitely reminds me of the vest that you wear in Half Life: Opposing Force, or Gordon Freeman's HEV. It can be run off of a power source, helps you lift things better, has optional attachments, cooling systems... huh. Does it come with a crowbar?
Are you kidding? When is the last time you were in a corporate environment with an exchange server? Also, have you even seen Office 2007? Some people may not like it, but I find it very intuitive and much prefer it over older versions of office, let alone open office. It seems that you still can't do trendlines in open office calc... come on, that's basic functionality. Inkscape? Believe me, Illustrator does waayyy more. I've tried Inkscape, and while it could end up being good some day, it doesn't cut it for now. Paint is, admittedly, a joke, but Visio does all sorts of fancy things. Scribus and publisher are both a joke, though publisher is a bit more polished.
I will say that for any sort of scientific, mathematical or other academic writing, LaTeX totally kills all the competition. I still use word sometimes because of the nice integration with excel, but I much prefer to use LaTeX for lab reports, math papers and so forth.
Amazingly, that now pretty much describes the bottom end Mac Pro...
...Except for the price tag.
Except for the price tag and the use of overpriced server-class components, yes. The really screwy thing, of course, is that the 24" iMacs all have 4GB of RAM, whereas the hideously expensive quad-core Mac Pro has only 3GB (and you can bet Apple will charge through the nose for more).
And you can bet that it has 3GB because it's using triple-channel DDR3, which is required with the latest Core i7 processors and boards.
...nevermind of course that they're not using a Core i7, they're using an LGA 771 Xeon.
My point is not that sickle-cell anemia is good. My point is that there are scenarios - I'm sure there are others - where a disease that is bad can have good things associated with it. There are probably other diseases like this, and the beneficial genes could possibly be separated out and used to help people.
As an example, people with sickle-cell anemia tend to be resistant to malaria. So, there are bad diseases with potential benefits associated.
Hmm... nothing on their website about it. (I've got to say, it's a pretty crappy site they made. Pinehurst's is better.
And why is this? Because when MS even tries to include a web browser and a media player, they get their asses chewed out by the EU for anticompetitive behavior. You can't expect MS to provide nothing and everything at the same time...
No, it can't. It would pop up a UAC prompt when the installer or application tried to do that. With all UAC settings but the very lowest (OFF), you will get a prompt if it tries to make those sorts of changes. So it would prompt you for UAC rights before it could turn off UAC, hence rendering the scheme pointless.
It's actually controlled by just one registry setting in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System. ConsentPromptBehaviorAdmin sets the UAC behavior for administrators. ConsentPromptBehaviorUser sets the UAC behavior for users. If the entry (a DWORD value in case you were wondering) is set to 00000001, then it will prompt for a password. Even for administrators, which enables a functionality essentially like sudo. If set to 00000005 (the default), it will only prompt you when a program needs elevation. However, even when in the default setting to not prompt for system changes, it still prompts when you try to edit the registry, even with a .reg file, meaning you can't just add a reg file to disable the UAC. I haven't tested yet what happens when you try to change the UAC setting from a batch file using the reg command, or from a VBS script.
I devised a somewhat elaborate scheme for UAC which I am rather proud of. I created two registry files; one of them sets it to 00000001 (prompt for password for all system changes) and one sets it to 00000005 (only prompt for programs requiring elevation). I then created two scheduled tasks. One of them is triggered by disconnecting from a network, and it runs the registry file to put UAC into "password" mode. This way any time I leave my home network or am not on a network, it's in password mode so that someone can't just walk up and change my computer. The other task runs when I connect to a network, but under the conditions tab I specified that it should only run if I am connected to my home network. It sets it to less-annoying mode, so that at home I don't get bothered since I don't need to type my password to run the defragger thank you. (Both tasks are set to run with administrative privileges of course, so that they can successfully modify that reg entry) This has the advantage of putting it into an extra secure mode when I'm away from home and people might mess with my laptop, but being non-annoying when I'm at home, and resetting the UAC setting how I want it every time I disconnect from a network, meaning that even if a virus were to disable UAC, it would get turned right back on in short order.
Quite simply put, you are wrong. While you must reactivate your copy of windows if you move it to a new computer, it's quite possible to do so. You call the MS activation # and tell them you moved it to a new computer, they tell you a code, you put in the code, it works. OEM versions can't be moved, but OEM versions cost a fraction of the amount that retail versions do. A full retail copy of Windows Vista can be reused on as many new computers as you like, so long as you remove it from the old one. Also, upgrading just one component - such as adding more memory or a new graphics card - will not trigger a reactivation. A whole new computer will of course, and extreme changes, such as a new motherboard, will, but minor changes rarely ever require a call.
Wait... you really thought those ads were targeted at the women?
Who says you can't fight back in cyber-bullying too? Tell the bully you're sorry, and hey check out this link to a picture of me crying just to prove that you won, ok leave me a lone now. Except the link really goes to a trojan of your choice... and then you get to have fun!
I noticed this as well. I refreshed a few times, and got a total of 5 product keys, and after those 5 it would just repeat the same ones in random order each time I refreshed. I talked to some other people I know who have gotten the beta, and they noticed the same thing. We compared the first 5 and last 5 characters of the product keys and they were all the same, so we're assuming that there are 5 generic keys out there. This would mean that MS is no longer limiting it to 2.5 million keys, as they were going to. I do not know this for sure, but it seems to be what people are noticing...
Some OEM's are installing Vista x64 by default now. Dell does on laptops with 3 GB of RAM or more (which is most of them these days) and has it for many of their desktops, too. HP has it as an option, though I don't think it's default.