A buffer overflow attack through the radar/sigint aperture into a Mig-29 is rather a stretch.
My guess is that they will first focus on taking down UAVs made by terrorists. Those types of aircrafts will most likley use the public part of GPS. That signal is *easy* to overpower and/or fake. Same for control signals used by ordinary radio controlled crafts.
Reminds me of the swedish transport agency. It has several publications on its website describing, in great detail, how a terrorist may steal and release dangerous goods from vehicles. Counties is Sweden also have more localized publications describing where to find the dangerous goods and vunerable sites.
Still no-one is putting the information to terror use. Seems there is other ways of protecting the homeland...
Your comment is very true but you are thinking like a good engineer. To the sales department every released patch is a liability. Releasing patches without proper verification is neglecting "due diligence" (spelling?) and is a cause of getting you're ass sued to kingdom come. Pardon my french.
The true cost of releasing a patch is not in compiling and distributing the fix. The money is spent on verification. By not releasing the patch to XP and w2k my estimates are that Microsoft is saving man-years in verification.
How about not making the feedback linear? I.e let the soldier hold 80% of the weight for small loads and 20% for heavier loads.
Sure it would make it more difficult to differentiate the real mass of things you lift but its a small price compared to the problem you described.
Makes me remember Bono's famous statement on stage -"Every time I clap my hands - a child dies". Followed by someone in the audience screaming -"Then stop clapping you sick f*ck!".
Happened to me in 1986. A spring rain containing 200k bequerel per square meter...
But you got to remember that was from a reactor that had worked for five years straight. A freshly loaded reactor blowing up would only cause heavy-metal contamination like those tanks blown up by US forces all over the world (depleted uranium).
The 50's promise of a reactor in your basement to power those nifty gadgets are finally here!
I'm going to celebrate with some burgers in non-degradable styrofoam containers while driving my three ton car (with wings!) down a twenty lane highway.
I've just finished evaluating approximatley 500kloc code using Coverity Prevent and Klocwork Insight (Static analysis tools). Together they found around 250 issues with the code. Null pointer dereferences, array boundary violations and a bunch of other nasty stuff.
How many of these do you think involved memcpy? - Nil, Zip, Nada.
If you want to make a difference in the US, support EFF (www.eff.com)
I live in Sweden and support EFF because looking at track records show that Electronic Frontier Foundation has done a heck of a lot more for freedom of speech in my home country than the Pirate Party. Swedish judges rely heavily on examples from the US (just look at the TPB trial).
I couldn't agree with you more. Did I mention that not all projects even have unit-tests? *sigh*
Problem is that we're just using intra-procedural static code checks on code modules used by many projects. That implies that any tainted data or call outside your module should be checked.
We're currently evaluating programs to try to find more elaborate problems using flow-sensitive static analysis etc. Got any tips?
The funny thing is that the function is violating at least two MISRA C rules and don't even check for null-pointer argument:)
Sorry if I come across as an asshole. I'm currently working to raise the code quality at my company and see similar code every day. It gives me the itch...
Got this when I tried to surf the apply for a ETA:
You are about to access a Department of Homeland Security computer system. This computer system and data therein are property of the U.S. Government and provided for official U.S. Government information and use. There is no expectation of privacy when you use this computer system. The use of a password or any other security measure does not establish an expectation of privacy. By using this system, you consent to the terms set forth in this notice. You may not process classified national security information on this computer system. Access to this system is restricted to authorized users only. Unauthorized access, use, or modification of this system or of data contained herein, or in transit to/from this system, may constitute a violation of section 1030 of title 18 of the U.S. Code and other criminal laws. Anyone who accesses a Federal computer system without authorization or exceeds access authority, or obtains, alters, damages, destroys, or discloses information, or prevents authorized use of information on the computer system, may be subject to penalties, fines or imprisonment. This computer system and any related equipment is subject to monitoring for administrative oversight, law enforcement, criminal investigative purposes, inquiries into alleged wrongdoing or misuse, and to ensure proper performance of applicable security features and procedures. DHS may conduct monitoring activities without further notice.
Does this mean that they are implying that I'm hacking a DHS server just by following a link to it?
Slashdot Mirror
Wow - it's a good thing he wasn't caught releasing internally produced methane and igniting it. Mom could have been charged with feeding him beans.
This is ok as long as you carbon compensate.
I have to admit, the moon is a harsh mistress. Especially if she is comming down on you like a ton of bricks...
A buffer overflow attack through the radar/sigint aperture into a Mig-29 is rather a stretch.
My guess is that they will first focus on taking down UAVs made by terrorists. Those types of aircrafts will most likley use the public part of GPS. That signal is *easy* to overpower and/or fake. Same for control signals used by ordinary radio controlled crafts.
Reminds me of the swedish transport agency. It has several publications on its website describing, in great detail, how a terrorist may steal and release dangerous goods from vehicles.
Counties is Sweden also have more localized publications describing where to find the dangerous goods and vunerable sites.
Still no-one is putting the information to terror use. Seems there is other ways of protecting the homeland...
Your comment is very true but you are thinking like a good engineer. To the sales department every released patch is a liability. Releasing patches without proper verification is neglecting "due diligence" (spelling?) and is a cause of getting you're ass sued to kingdom come. Pardon my french.
The true cost of releasing a patch is not in compiling and distributing the fix. The money is spent on verification. By not releasing the patch to XP and w2k my estimates are that Microsoft is saving man-years in verification.
You just made me think of Aliens and that lovley MG-42 strapped to steadycam harness *sight*.
Think having a GE 7.62 mm minigun connected to this exoskeleton with proper regulating loops handling the spinup yaw and recoil. Strap the new ipod nano to it for the terminator-view http://www.youtube.com/watch?v=rUtC0OWhfEU&eurl=http%3A%2F%2Fgizmodo.com%2F5355921%2Fvideo-shot-with-ipod-nano-our-first-clips%2Fgallery%2F&feature=player_embedded and play Rammstein. *fap* *fap* *fap*
The windows client works great with crossover. Even got the toolbar icon in ubuntu.
How about not making the feedback linear? I.e let the soldier hold 80% of the weight for small loads and 20% for heavier loads.
Sure it would make it more difficult to differentiate the real mass of things you lift but its a small price compared to the problem you described.
Makes me remember Bono's famous statement on stage -"Every time I clap my hands - a child dies". Followed by someone in the audience screaming -"Then stop clapping you sick f*ck!".
You just have to think about marvin the paranoid android...
Si has a atomic radi of 1,17 Angstrom, so thats 1,17e-10 meters or 0,17 nm.
;)
You got to give it to the metric system
"Terminal Automation" sounds more like you put robots in a retirement home...
Happened to me in 1986. A spring rain containing 200k bequerel per square meter...
But you got to remember that was from a reactor that had worked for five years straight. A freshly loaded reactor blowing up would only cause heavy-metal contamination like those tanks blown up by US forces all over the world (depleted uranium).
cheers!
The 50's promise of a reactor in your basement to power those nifty gadgets are finally here!
I'm going to celebrate with some burgers in non-degradable styrofoam containers while driving my three ton car (with wings!) down a twenty lane highway.
Thank you Gernsback! *shudder*
First things first. Top priority for the pirate party should be to make speak-like-a-pirate-day a national holiday.
I've just finished evaluating approximatley 500kloc code using Coverity Prevent and Klocwork Insight (Static analysis tools). Together they found around 250 issues with the code. Null pointer dereferences, array boundary violations and a bunch of other nasty stuff.
How many of these do you think involved memcpy? - Nil, Zip, Nada.
You're doing it wrong!
http://xkcd.com/463/
If you want to make a difference in the US, support EFF (www.eff.com)
I live in Sweden and support EFF because looking at track records show that Electronic Frontier Foundation has done a heck of a lot more for freedom of speech in my home country than the Pirate Party. Swedish judges rely heavily on examples from the US (just look at the TPB trial).
I couldn't agree with you more. Did I mention that not all projects even have unit-tests? *sigh*
Problem is that we're just using intra-procedural static code checks on code modules used by many projects. That implies that any tainted data or call outside your module should be checked.
We're currently evaluating programs to try to find more elaborate problems using flow-sensitive static analysis etc. Got any tips?
I guess the new legislation requires all cars to be primly washed every day? Any speck of dust are going to ruin the paints reflective properties...
The funny thing is that the function is violating at least two MISRA C rules and don't even check for null-pointer argument :)
Sorry if I come across as an asshole. I'm currently working to raise the code quality at my company and see similar code every day. It gives me the itch...
You are about to access a Department of Homeland Security computer system. This computer system and data therein are property of the U.S. Government and provided for official U.S. Government information and use. There is no expectation of privacy when you use this computer system. The use of a password or any other security measure does not establish an expectation of privacy. By using this system, you consent to the terms set forth in this notice. You may not process classified national security information on this computer system. Access to this system is restricted to authorized users only. Unauthorized access, use, or modification of this system or of data contained herein, or in transit to/from this system, may constitute a violation of section 1030 of title 18 of the U.S. Code and other criminal laws. Anyone who accesses a Federal computer system without authorization or exceeds access authority, or obtains, alters, damages, destroys, or discloses information, or prevents authorized use of information on the computer system, may be subject to penalties, fines or imprisonment. This computer system and any related equipment is subject to monitoring for administrative oversight, law enforcement, criminal investigative purposes, inquiries into alleged wrongdoing or misuse, and to ensure proper performance of applicable security features and procedures. DHS may conduct monitoring activities without further notice.
Does this mean that they are implying that I'm hacking a DHS server just by following a link to it?
If you suspend yourself for more than six months a year in, lets say, isle of man, would you be able to evade tax?
Huge profits to be made!