Windows generates and stores user account passwords by using two different password representations, generally known as "hashes." When you set or change the password for a user account to a password that contains fewer than 15 characters, Windows generates both a LAN Manager hash (LM hash) and a Windows NT hash (NT hash) of the password. These hashes are stored in the local Security Accounts Manager (SAM) database or in Active Directory.
The LM hash is relatively weak compared to the NT hash, and it is therefore prone to fast brute force attack.
Microsoft will not license the technology to Linux under the excuse that it is an insecure platform.
Microsoft will not license anything to Linux because Linux will not pay the license fee. If a company wants to make a Linux-based product and pay the fee, then why should they refuse? If Microsoft feels that Linux should not be allowed to play the game, they can set the price so high that nobody will pay. They might not choose to do it, because it would be anti-competitive behavior.
We're talking about a low-speed embedded device here
No, we're talking about a Lego toy. It ships with an interpreter in the firmware. The kiddies aren't writing optimized assembly code, they drag and drop GUI lego bricks that say "If" and "While" on the bricks.
Sheesh. It's not like giving it.NET is going to make it Enterprise-ready. Who cares if it's slow?
ISPs make some good money (hell mine gets $5/mo more out of me for an additional IP) selling off static/dynamic IP space. You think Comcast is going to move for a switch when they make $10/mo per extra IP?
Don't worry, they will still charge $5/mo for an additional IP, no matter what kind of IP it is. They don't charge because of the lack of addresses, it's because you're willing to pay and they're willing to take that money.
less(1) already does this! Check out the $LESSOPEN variable on your Linux system, it points to a shell script that detects what type of file you are viewing, and runs a filter on it to get plain text from it.
The kernel is the core of the operating system - it handles memory, files on disk, decides when a process will execute on the CPU, and provides standard interfaces from the software to the hardware (device drivers). That's really not that big of a deal.
All operating systems have to do these basic functions, and most do them in just about the same way.
The difference is that Windows NT/2000 has more device drivers, and it does graphics. That means the video driver is part of the kernel. With Linux, the video driver is not - at least, not most of it.
The Linux kernel supports more filesystems.
That's about it. Most software that runs on one kernel can be easily modified to run on the other, especially software that does not use graphics. For example, Apache runs on Windows.
From the point of view of a programmer, Windows and Linux are really not fundamentally different.
Self-modifying code is a thing of the past, a hack to try deal with not having virtual memory. There is no reason to modify code in memory anymore. The read-only bit and the no-execute bit are two separate bits; one does not imply the other.
In fact, self-modifying code isn't always allowed, or if it is, then then processor has to reload the i-cache. Some CPUs have an instruction cache separate from the data cache, and self-modifying code complicates this situation.
The compiler knows what is code simply because it is the job of the compiler to create that code. That's what compilers do. The executable file format (on Linux it is called ELF, for Win32 it is COFF) has sections that are marked code or data (along with other types for debugging, linking, or other information). These have always been there, it has nothing to do with the NX flag.
For things like the JVM or.NET runtime, where code is generated on-the-fly, the memory can be specifically marked by the JIT as execute-allowed. On unix, this is done by calling mprotect() and on Win32 by calling VirtualProtect()
If a data buffer overflows, it is unlikely that it would overwrite the code, as they are separated in memory. The way a buffer overflow attack works is that machine code is input into a buffer, which is located on the stack. Also on the stack is the return address, which is supposed to be the address of the code that called the currently running code. By writing past the end of the buffer, this address can be changed to the address of the code in that buffer. When the code returns, it goes to that address and executes code in that buffer. If the stack is marked NX, then the code doesn't execute, and the program crashes. It is better to have a crash than to run the bad guys' code.
Granted, I haven't really paid much attention or done any research on this no-execute flag, but it seems to operate within the data structures of a program such that you can flag a structure, memory block or references to it as non-executable.
No.
All memory with data is marked as NX automatically by the compiler. The programmer does not do a thing. Only memory with actual code is executable, and it is marked as read-only so it won't be corrupted. This guarantees that the CPU will only execute code that is legitmately part of the program, and never code that is part of a buffer overflow attack.
Slashdot Mirror
Video over IP has been reality for years, with its more commonly used name, "pr0n."
The Japanese have done this for various operating systems: behold the OS-tan!
Windows generates and stores user account passwords by using two different password representations, generally known as "hashes." When you set or change the password for a user account to a password that contains fewer than 15 characters, Windows generates both a LAN Manager hash (LM hash) and a Windows NT hash (NT hash) of the password. These hashes are stored in the local Security Accounts Manager (SAM) database or in Active Directory.
; EN-US;q299656
The LM hash is relatively weak compared to the NT hash, and it is therefore prone to fast brute force attack.
Source: http://support.microsoft.com/default.aspx?scid=KB
Since puberty.
Microsoft will not license anything to Linux because Linux will not pay the license fee. If a company wants to make a Linux-based product and pay the fee, then why should they refuse? If Microsoft feels that Linux should not be allowed to play the game, they can set the price so high that nobody will pay. They might not choose to do it, because it would be anti-competitive behavior.
Insecure platform? Please.
No, we're talking about a Lego toy. It ships with an interpreter in the firmware. The kiddies aren't writing optimized assembly code, they drag and drop GUI lego bricks that say "If" and "While" on the bricks.
Sheesh. It's not like giving it .NET is going to make it Enterprise-ready. Who cares if it's slow?
Already beendone.
1) Point out that IE is not standards compliant.
2) Submit story.
3) Allow web server to bake until golden brown.
4) Enjoy!
Don't worry, they will still charge $5/mo for an additional IP, no matter what kind of IP it is. They don't charge because of the lack of addresses, it's because you're willing to pay and they're willing to take that money.
less(1) already does this! Check out the $LESSOPEN variable on your Linux system, it points to a shell script that detects what type of file you are viewing, and runs a filter on it to get plain text from it.
Also useful for Martian triple-breasted hookers!
Firesomething - Run Mozilla Spacemoose one day, Mozilla Mooncow the next!
The kernel is the core of the operating system - it handles memory, files on disk, decides when a process will execute on the CPU, and provides standard interfaces from the software to the hardware (device drivers). That's really not that big of a deal.
All operating systems have to do these basic functions, and most do them in just about the same way.
The difference is that Windows NT/2000 has more device drivers, and it does graphics. That means the video driver is part of the kernel. With Linux, the video driver is not - at least, not most of it.
The Linux kernel supports more filesystems.
That's about it. Most software that runs on one kernel can be easily modified to run on the other, especially software that does not use graphics. For example, Apache runs on Windows.
From the point of view of a programmer, Windows and Linux are really not fundamentally different.
Isn't that called "Perl?"
The Todo list that Microsoft patented of course!
Google is telling spyware companies that Google will not partner with them.
Either you uphold these principles, or Google will ignore you. Sounds fair to me.
Self-modifying code is a thing of the past, a hack to try deal with not having virtual memory. There is no reason to modify code in memory anymore. The read-only bit and the no-execute bit are two separate bits; one does not imply the other.
In fact, self-modifying code isn't always allowed, or if it is, then then processor has to reload the i-cache. Some CPUs have an instruction cache separate from the data cache, and self-modifying code complicates this situation.
The compiler knows what is code simply because it is the job of the compiler to create that code. That's what compilers do. The executable file format (on Linux it is called ELF, for Win32 it is COFF) has sections that are marked code or data (along with other types for debugging, linking, or other information). These have always been there, it has nothing to do with the NX flag.
For things like the JVM or .NET runtime, where code is generated on-the-fly, the memory can be specifically marked by the JIT as execute-allowed. On unix, this is done by calling mprotect() and on Win32 by calling VirtualProtect()
If a data buffer overflows, it is unlikely that it would overwrite the code, as they are separated in memory. The way a buffer overflow attack works is that machine code is input into a buffer, which is located on the stack. Also on the stack is the return address, which is supposed to be the address of the code that called the currently running code. By writing past the end of the buffer, this address can be changed to the address of the code in that buffer. When the code returns, it goes to that address and executes code in that buffer. If the stack is marked NX, then the code doesn't execute, and the program crashes. It is better to have a crash than to run the bad guys' code.
No.
All memory with data is marked as NX automatically by the compiler. The programmer does not do a thing. Only memory with actual code is executable, and it is marked as read-only so it won't be corrupted. This guarantees that the CPU will only execute code that is legitmately part of the program, and never code that is part of a buffer overflow attack.
Just like mod points!
I want mod points for everything in life.
Then don't play games as root, dumbass!
In Perl, the airbag is off by default. You have to type "use Airbag;" at the top of the code to activate it.
The infinite is attainable at zombo com!
STFU. kthx bye.
-----Original Message-----
> Nooooo! Argh, this will only encourage top-posting.
-----Original Message-----
> > Another frequently requested MailNews feature,
> > a preference for placing the user's signature
> > above the quoted text, has been added.
Yes, but until it can post duplicate articles with slightly different phrases, it will never replace CowboyNeal!
Just what does this have to do with TCP?