The list of open-source projects that Stanford and Coverity plan to check for security bugs includes Apache, BIND, Ethereal, KDE, Linux, Firefox, FreeBSD, OpenBSD, OpenSSL and MySQL, Coverity said.
It's like making friends with addicts, bikers or mafia members. It's best to avoid contact altogether, or the next thing you know, you'll have crack deals going down in your living room.
Or worse, the entire Tour de France might stop by for dinner!
I believe CUPS was present in Red Hat 8.0 (September 2002) and the default printing system in RH9 (March 2003), which would make it roughly contemporary with Mandrake 9.1 (I don't remember which came out first).
But out-of-the-box CUPS definitely extends further back than that: Mac OS X has used CUPS as the basis for its print services since Jaguar (10.2), which was released in August 2002.
OK, so their test programs implemented interactivity badly. Therefore, interactivity is bad.
Of course, given that people often judge video games, comics, genre fiction, etc. only by their worst examples, why should anyone be surprised by this conclusion?
Whether the other movies were made by Boll is irrelevant.
After a movie is adapted from any work (be it a game, a novel, a short story, or a comic book), it will be a long time -- often 20 years or more -- before someone else in the same film market attempts another adaptation. If the first version is crap, it'll be a decade or two before you have a chance of someone coming along and doing a good movie. If there's no current adaptation, then there's still room for someone to step up to the plate and make one -- and a chance that it could be done well.
"With Hubble, we've pulled the North Star's companion out of the shadows and into the spotlight."
Of course, stars are easier to see surrounded by shadow than in the glare of a spotlight. Shouldn't this say, "We've pulled the North Star's companion out of the spotlight and into the shadows?"
Given the number of annoying sites that open links in separate windows (you can prevent that in FF, but every time I enable it I immediately run into the one site in a million where I actually want the link to open in a new window), combined with my habit of opening multiple links in tabs simultaneously, I can't see a reliable approach that would work for this.
Comparison-shop on eBay and have to log in separately each time? No thanks!
I have friends who have successfully used DDR as a workout regimen. If you get the home edition and the dance pads, you can play as long as you want, and it's exercise. If you have friends or roommates who like to play, it's competitive. And if you actually like the game, it's a heck of a lot more fun than riding a stationary bike, or running on a treadmill, or whatever else you might do at the gym.
Seriously, I've never heard someone say, "Hey, let's go to the gym and work out!" But "Hey, let's go play DDR" works mentally like "Hey, let's go shoot some hoops" and gets you more physical activity than, say, World of Warcraft.
I'm sure I'll hear the standard arguments about how speech can be regulated and I repudiate all of them. Crying fire in a theatre is private property -- the Constitution protects nothing on private property and the theatre owner is responsible for setting the standards of speech. Telling someone how to make a bomb is also free expression/speech -- you're not making the bomb.
Just curious: how do you take "Inciting to riot?" Assuming it's applied properly (i.e. to someone who really is whipping a crowd into a frenzy with the intent of starting a riot, not just as an excuse to punish the protesters), is this justifiable as a criminal charge, or is the guy just exercising his right to free speech?
Sounds like a distributed denial of service attack. He just left out the automation.
Logically, the only thing that distinguishes a DoS from the Slashdot Effect is intent. If your intent is to spread awareness of the material that appears on a server, and the server can't handle it, well, that's tough for the server, but that's how the Internet works. If your intent is to take the server down, that's illegal.
Up until now, most deliberate attacks were automated, making it easy to separate overwhelming legit traffic from attacks -- but that's only really as accurate as trying to separate legitimate city traffic from criminals by assuming that anyone on foot is a burglar.
Of course, when you get down to the level of intent, you get to his contention that "Help me crash my school's server" was a joke, and that he wasn't actually trying to get people to follow through. And things get murky.
one vulnerability is listed 5 times, making the total of 2328 meaningless unless you carefully comb through it to weed out duplications.
They could have cut it down to a more manageable list by piping it through "grep -vF '(Updated)' | sort -u".
That brings it down to just 871, which is much easier to comb for further duplicates.
The same process on Windows vulnerabilities brings it down from 831 to 659. Both lists still need to be checked for duplicates with different names (say, "Apache HTTP Request Smuggling" and "Apache HTTP Request Smuggling Vulnerability"), but we're now looking at a much more comparable set of numbers.
Well, you won't get wireless networking with any of 'em (since there aren't any open-source drivers for the Airport Extreme), but YDL 4.0 does fairly well otherwise with the 2004 model 12" PowerBook. I believe there may have been an issue with sound, but to be honest, it's so long since I rebooted the laptop into Linux, so it may have been fixed ages ago.
Not to mention IBM's own PowerPC line. There are other sources for PowerPC computers, and I believe TerraSoft has deals with all of them. It seems like every other week they put out a press release about some new YDL/PowerPC system that doesn't have the name Apple involved.
It's not up to Yellow Dog, or else they would have had drivers a long time ago -- Broadcom will neither write an open-source driver nor release the specs to let anyone else write one.
Slashdot Mirror
So you're saying that even if the games were intelligently designed, they haven't evolved in all this time?
1.2M for a program that scans the codebase for the words "bomb", "terrorism" and "Al Quaeda"...
Is that before or after the spell check?
Hmm... last I looked, atheists didn't believe in Satan either, and Satan sort of requires a God to have rebelled against. So applying logic analysis:
!Bible --> !Satan
Satan --> Bible
So actually, Satan would support the Bible. He'd just tell you to root for the adversary.
MySQL was a mistake and PostgreSQL should have been chosen.
Are you saying PostgreSQL is in greater need of security scanning than MySQL is?
From TFA:
It's like making friends with addicts, bikers or mafia members. It's best to avoid contact altogether, or the next thing you know, you'll have crack deals going down in your living room.
Or worse, the entire Tour de France might stop by for dinner!
Increased security on apps and servers that they can use?
Last I looked, the NSA hadn't hardened the apps, just the OS.
I believe CUPS was present in Red Hat 8.0 (September 2002) and the default printing system in RH9 (March 2003), which would make it roughly contemporary with Mandrake 9.1 (I don't remember which came out first).
But out-of-the-box CUPS definitely extends further back than that: Mac OS X has used CUPS as the basis for its print services since Jaguar (10.2), which was released in August 2002.
OK, so their test programs implemented interactivity badly. Therefore, interactivity is bad.
Of course, given that people often judge video games, comics, genre fiction, etc. only by their worst examples, why should anyone be surprised by this conclusion?
Whether the other movies were made by Boll is irrelevant.
After a movie is adapted from any work (be it a game, a novel, a short story, or a comic book), it will be a long time -- often 20 years or more -- before someone else in the same film market attempts another adaptation. If the first version is crap, it'll be a decade or two before you have a chance of someone coming along and doing a good movie. If there's no current adaptation, then there's still room for someone to step up to the plate and make one -- and a chance that it could be done well.
The proper term is Undead-American.
...and they don't get the joke? Please, someone rent these people a copy of Shaun of the Dead .
"With Hubble, we've pulled the North Star's companion out of the shadows and into the spotlight."
Of course, stars are easier to see surrounded by shadow than in the glare of a spotlight. Shouldn't this say, "We've pulled the North Star's companion out of the spotlight and into the shadows?"
Given the number of annoying sites that open links in separate windows (you can prevent that in FF, but every time I enable it I immediately run into the one site in a million where I actually want the link to open in a new window), combined with my habit of opening multiple links in tabs simultaneously, I can't see a reliable approach that would work for this.
Comparison-shop on eBay and have to log in separately each time? No thanks!
I have friends who have successfully used DDR as a workout regimen. If you get the home edition and the dance pads, you can play as long as you want, and it's exercise. If you have friends or roommates who like to play, it's competitive. And if you actually like the game, it's a heck of a lot more fun than riding a stationary bike, or running on a treadmill, or whatever else you might do at the gym.
Seriously, I've never heard someone say, "Hey, let's go to the gym and work out!" But "Hey, let's go play DDR" works mentally like "Hey, let's go shoot some hoops" and gets you more physical activity than, say, World of Warcraft.
Here, it's quite legal :) Though so is shooting your wife and lover if you catch them in bed together
Wait... if you catch your wife and your lover in bed together, why would you want to shoot them? Or is this some sort of euphemism?
I'm sure I'll hear the standard arguments about how speech can be regulated and I repudiate all of them. Crying fire in a theatre is private property -- the Constitution protects nothing on private property and the theatre owner is responsible for setting the standards of speech. Telling someone how to make a bomb is also free expression/speech -- you're not making the bomb.
Just curious: how do you take "Inciting to riot?" Assuming it's applied properly (i.e. to someone who really is whipping a crowd into a frenzy with the intent of starting a riot, not just as an excuse to punish the protesters), is this justifiable as a criminal charge, or is the guy just exercising his right to free speech?
Sounds like a distributed denial of service attack. He just left out the automation.
Logically, the only thing that distinguishes a DoS from the Slashdot Effect is intent. If your intent is to spread awareness of the material that appears on a server, and the server can't handle it, well, that's tough for the server, but that's how the Internet works. If your intent is to take the server down, that's illegal.
Up until now, most deliberate attacks were automated, making it easy to separate overwhelming legit traffic from attacks -- but that's only really as accurate as trying to separate legitimate city traffic from criminals by assuming that anyone on foot is a burglar.
Of course, when you get down to the level of intent, you get to his contention that "Help me crash my school's server" was a joke, and that he wasn't actually trying to get people to follow through. And things get murky.
I'm more shocked that someone's actually putting out Mission: Impossible 3
I mean, I'd heard the phrase bandied about, but it looks like WINE actually achieved it with its WMF functions!
one vulnerability is listed 5 times, making the total of 2328 meaningless unless you carefully comb through it to weed out duplications.
They could have cut it down to a more manageable list by piping it through "grep -vF '(Updated)' | sort -u".
That brings it down to just 871, which is much easier to comb for further duplicates.
The same process on Windows vulnerabilities brings it down from 831 to 659. Both lists still need to be checked for duplicates with different names (say, "Apache HTTP Request Smuggling" and "Apache HTTP Request Smuggling Vulnerability"), but we're now looking at a much more comparable set of numbers.
Well, you won't get wireless networking with any of 'em (since there aren't any open-source drivers for the Airport Extreme), but YDL 4.0 does fairly well otherwise with the 2004 model 12" PowerBook. I believe there may have been an issue with sound, but to be honest, it's so long since I rebooted the laptop into Linux, so it may have been fixed ages ago.
Not to mention IBM's own PowerPC line. There are other sources for PowerPC computers, and I believe TerraSoft has deals with all of them. It seems like every other week they put out a press release about some new YDL/PowerPC system that doesn't have the name Apple involved.
It's not up to Yellow Dog, or else they would have had drivers a long time ago -- Broadcom will neither write an open-source driver nor release the specs to let anyone else write one.