I believe that promotion is now over. Going to the paypal site gives the error 'The Security Key is currently not available. Please try again later.' - and has done for the last week.
It's changed its logo.. it's no longer 'news for nerds' and the look of the entire story has changed. Just seemed to happen with this story - previous ones come up normal.
You're not up to date. The US no longer has to apply for extradition.. in fact it's perfectly legal for them to send bounty hunters over here, grab who they want, and ship them back to the US for tort.. err, sorry.. humane treatment. (Source).
It is of course not legal for the UK to reciprocate.
Rereading your post you say you've seen free wifi? Wow.. that's a rarity. None at all within about 10 miles of here that I've ever seen. McDonalds is free but also crap (it throws adverts at you), so nobody uses it. Starbucks of course is the usual £5 per hour fare.
It doesn't make the same inroads because it doesn't get used the same.. you can pick up a 3G dongle for your laptop for next to nothing (£10 a throw in the UK) and have internet wherever you are, so Wifi really isn't seen as being needed, as it's way more expensive than mobile data. Starbucks and McDonalds do it (never seen anyone using the McDonalds one though) but for smaller shops it's not worth the hassle.
I wonder what starbucks in europe will do now? OK in many of their shops their advertised wifi doesn't in fact work.. but in those that it does, it's all T-mobile and there's no AT&T to take over.
'tis true.. we are all freaks in our own way. The more realize that the less we'll have people thinking there's something bad about them simply because they like to enjoy life.
Which probably means 'normal' isn't what the press would like you to think it is.
I've never heard of anyone installing vista on a mac to use as the primary OS.. maybe under vmware fusion to play a couple of games.. but as the primary OS? Willingly? When you have OSX already? Doubt it.
In fact there's been quite an accelerated mac migration around these parts.. it's a combination of lots of things - they're familiar with ipods (know the brand), vista is a trainwreck and comes preinstalled on new PCs so puts them off (It's hassle to get a geek to install XP, and this geek in particular isn't keen on spending half his life downgrading machines), and inertia - once a few started going mac then it seems to have snowballed - it's starting to be that you're not 'cool' unless your laptop is some brand of apple.
Re:Yes, but it's not always simple
on
Ethics In IT
·
· Score: 1
I've always seen dogmatism as a teenagers response.. the "I know everything therefore you must be wrong" gambit.
As you mature you realize you *don't* know everything (or even very much at all) and dogmatism tends to fade into the background.
The problem is it's unrelated to age.. there are 60 year olds out there still behaving like teenagers (and equally I've had some great discussions with teenagers who've already got over that stage) - something is wrong with a society that breeds people like that.
The worse problem is it seems to be the majority of the population (if the tabloid press are anything to measure by).
Re:ethics require education
on
Ethics In IT
·
· Score: 1
People just use incrementing numbers.
If you do it every month half your passwords will be the month name. And they'll leave their machines logged in overnight anyway.
Basically you can be BOFHish as you like and you still won't get around the fact that non-IT people see passwords as a roadblock. SecurID is about the closest you can get to enforcement.. and you can bet even then you'd get a steady stream of people who'd lost their keys...
Re:ethics require education
on
Ethics In IT
·
· Score: 1
You can force that with a group policy. Put a password history on there too.
Of course most people will just stick a '1' after their name or change it to their wife's name or something.. but at least you tried.
Re:You need to clarify your question
on
Ethics In IT
·
· Score: 5, Interesting
That's where we go wrong (it appears to be a very US centric view also - I've never heard that from a european company & I've spoken to more than a few over the years).
A company is part of the social fabric.. it doesn't stand alone. It provides employment, which gives its employees a certain standard of living. It also generates wealth that improves the economy. The employees use their pay to give money to other companies, thus helping them also.
If a company mistreats its employees it breaks part of that. It may make more profit, but at a cost to the rest of society. That's why most countries have strict employment laws.
I had one on XP just this week. Started up a machine that hadn't been booted for a while.. it deregistered itself, told me too much hardware had been changed (no hardware had been changed - the layer of dust on it proved that), then refused point blank to use the perfectly valid key that it had.
Then it gave me a week to sort it out. Sorting it out apparently involves a transatlantic call to the US (gonna be fun sorting out the timezone issues there).
What we actually did was retrieve the useful data and junk it (it was an old machine).
I'm moving to apple stuff.. still closed vendor lockin etc. but they don't pull tricks like that and TBH vista was the last straw. Got my eye on a tricked up macbook pro with VMWare Fusion on it so I can still do the windows reliant stuff.
Interestingly most of my friends already made the switch.. I was one of the last one with a windows laptop. OTOH half of them get the apple stuff cheap on a student discount.. I pay full price (albeit slowly, with business finance).
Yeah CS3 is pretty insane. My wife wanted photoshop, flash and dreamweaver for christmas. I figured about £300 the lot.
Only one with both in them is 'design premium' which has a load of crap she won't use. That's $1800. Bad enough.. £925 - I really wasn't prepared to swallow that in one lump but could learn to live with it. Then I realized they'd carved up the market and you couldn't legally import it. They want £1,700 ($3,300). Nearly double. My car didn't cost that!
Now photoshop is probably good.. but FFS do they actually sell any at that price?
If you can execute code on it you can run the exploit. That's why it's so serious and why any admin worth their pay is either fixing it right now or will have it fixed by 9.05am Monday Morning.
%lx is 8 bytes in 64bit too. Your solution is technically correct but TBH I really don't think the coder was trying to produce a commercial quality piece of code here.. he was trying to prove the kernel is vulnerable.
It runs absolutely fine on x86-64 (if you can call giving a normal user root 'fine').
Slashdot Mirror
Btw. the verisign link doesn't work. pip.verisign.com doesn't appear to be a hardware based solution, merely an extra username.
I believe SecurID tokens are getting fairly cheap though.. wonder if it'll work with them.
I believe that promotion is now over. Going to the paypal site gives the error 'The Security Key is currently not available. Please try again later.' - and has done for the last week.
Unfortunately exposure to its fumes makes all women appear in soft focus.
It's changed its logo.. it's no longer 'news for nerds' and the look of the entire story has changed. Just seemed to happen with this story - previous ones come up normal.
You're not up to date. The US no longer has to apply for extradition.. in fact it's perfectly legal for them to send bounty hunters over here, grab who they want, and ship them back to the US for tort.. err, sorry.. humane treatment. (Source).
It is of course not legal for the UK to reciprocate.
That's just flat out wrong. rsyncd has its own, unenctypted, protocol.
You can run it from inetd or as a daemon, but it's unrelated to rsh.
That connection may or may not be encrypted depending on the route it takes.. VPNs tend to be encrypted for example, but LAN connections not.
90% of the market doesn't know what facebook is? what???
Even my mother knows what facebook is and she hasn't even got internet!
Best kind of consumer.
Rereading your post you say you've seen free wifi? Wow.. that's a rarity. None at all within about 10 miles of here that I've ever seen. McDonalds is free but also crap (it throws adverts at you), so nobody uses it. Starbucks of course is the usual £5 per hour fare.
It doesn't make the same inroads because it doesn't get used the same.. you can pick up a 3G dongle for your laptop for next to nothing (£10 a throw in the UK) and have internet wherever you are, so Wifi really isn't seen as being needed, as it's way more expensive than mobile data. Starbucks and McDonalds do it (never seen anyone using the McDonalds one though) but for smaller shops it's not worth the hassle.
I wonder what starbucks in europe will do now? OK in many of their shops their advertised wifi doesn't in fact work.. but in those that it does, it's all T-mobile and there's no AT&T to take over.
Vista is the best advert Apple ever made!
'tis true.. we are all freaks in our own way. The more realize that the less we'll have people thinking there's something bad about them simply because they like to enjoy life.
Which probably means 'normal' isn't what the press would like you to think it is.
I've never heard of anyone installing vista on a mac to use as the primary OS.. maybe under vmware fusion to play a couple of games.. but as the primary OS? Willingly? When you have OSX already? Doubt it.
In fact there's been quite an accelerated mac migration around these parts.. it's a combination of lots of things - they're familiar with ipods (know the brand), vista is a trainwreck and comes preinstalled on new PCs so puts them off (It's hassle to get a geek to install XP, and this geek in particular isn't keen on spending half his life downgrading machines), and inertia - once a few started going mac then it seems to have snowballed - it's starting to be that you're not 'cool' unless your laptop is some brand of apple.
I've always seen dogmatism as a teenagers response.. the "I know everything therefore you must be wrong" gambit.
As you mature you realize you *don't* know everything (or even very much at all) and dogmatism tends to fade into the background.
The problem is it's unrelated to age.. there are 60 year olds out there still behaving like teenagers (and equally I've had some great discussions with teenagers who've already got over that stage) - something is wrong with a society that breeds people like that.
The worse problem is it seems to be the majority of the population (if the tabloid press are anything to measure by).
People just use incrementing numbers.
If you do it every month half your passwords will be the month name. And they'll leave their machines logged in overnight anyway.
Basically you can be BOFHish as you like and you still won't get around the fact that non-IT people see passwords as a roadblock.
SecurID is about the closest you can get to enforcement.. and you can bet even then you'd get a steady stream of people who'd lost their keys...
You can force that with a group policy. Put a password history on there too.
Of course most people will just stick a '1' after their name or change it to their wife's name or something.. but at least you tried.
That's where we go wrong (it appears to be a very US centric view also - I've never heard that from a european company & I've spoken to more than a few over the years).
A company is part of the social fabric.. it doesn't stand alone. It provides employment, which gives its employees a certain standard of living. It also generates wealth that improves the economy. The employees use their pay to give money to other companies, thus helping them also.
If a company mistreats its employees it breaks part of that. It may make more profit, but at a cost to the rest of society. That's why most countries have strict employment laws.
But my vista always has a black desktop. And it's legit (MSDN).
Black screens aint gonna work.
Damn.. thought that would be about cats. I like cats.
I had one on XP just this week. Started up a machine that hadn't been booted for a while.. it deregistered itself, told me too much hardware had been changed (no hardware had been changed - the layer of dust on it proved that), then refused point blank to use the perfectly valid key that it had.
Then it gave me a week to sort it out. Sorting it out apparently involves a transatlantic call to the US (gonna be fun sorting out the timezone issues there).
What we actually did was retrieve the useful data and junk it (it was an old machine).
I'm moving to apple stuff.. still closed vendor lockin etc. but they don't pull tricks like that and TBH vista was the last straw. Got my eye on a tricked up macbook pro with VMWare Fusion on it so I can still do the windows reliant stuff.
Interestingly most of my friends already made the switch.. I was one of the last one with a windows laptop. OTOH half of them get the apple stuff cheap on a student discount.. I pay full price (albeit slowly, with business finance).
Yeah CS3 is pretty insane. My wife wanted photoshop, flash and dreamweaver for christmas. I figured about £300 the lot.
Only one with both in them is 'design premium' which has a load of crap she won't use. That's $1800. Bad enough.. £925 - I really wasn't prepared to swallow that in one lump but could learn to live with it. Then I realized they'd carved up the market and you couldn't legally import it. They want £1,700 ($3,300). Nearly double. My car didn't cost that!
Now photoshop is probably good.. but FFS do they actually sell any at that price?
Every now and then a store will forget to remove a tag. The alarm goes off, nobody cares.
I then go in and out of various stores.. in about half the alarm goes off both in and out. nobody cares.
The tagging system just seems to be unenforced these days.. like car alarms - people are so used to hearing them they blank them out.
Yes.
If you can execute code on it you can run the exploit. That's why it's so serious and why any admin worth their pay is either fixing it right now or will have it fixed by 9.05am Monday Morning.
Use the fix-sploit that's been posted here when you log on next.
Your documents are then safe.
%lx is 8 bytes in 64bit too. Your solution is technically correct but TBH I really don't think the coder was trying to produce a commercial quality piece of code here.. he was trying to prove the kernel is vulnerable.
It runs absolutely fine on x86-64 (if you can call giving a normal user root 'fine').