Hypertext even goes back to the sixties, where I've seen machines from that era utilize a primitive form of hypertext, even going so far as using a lightpen in conjunction with hypertext on a screen for somewhat graphically highlighting text, before the personal computer was even thought of. So yes, hypertext goes waaay back.
I've written plenty of assembly for a variety of processor architectures, and almost all OS's I've dealt with at the assembly level, including my own, have used 0/NULL as the string terminator (higher-level languages just "hide" this). I've also seen and debugged many overflow problems, but much of this has become a thing of the past due to GCC and other compilers having built in stack smashing/overflow protection, implemented by IBM's ProPolice in GCC.
I know fully what your comment meant, and yes - the way the strings are terminated/accounted for length-wise vary from implementation (e.g. Pascal vs. C), but the bounds checking is where most either don't enforce enough, or leave plenty of room for the programmer to "shoot themselves in the foot", as Bjarne Stroustrup said.
And while I like the idea of immutable strings in some languages, sometimes it tends to get in the way of solving some problems, at least from a lower-level perspective. That, or I'm just way too set in my ways with C and other unchecked languages but who cares, as long as I check my bounds which seems to be a huge problem for many these days.
Null-terminated strings. The bane of modern computing.
Maybe I'm feeding a troll, but what else would you terminate it with without using something the string may contain? Keep in mind that null-terminated strings were, err, "invented" around the time ASCII was really the only fully widespread character standard, and something was needed to mark the end of a string for detection by software.
The mistakes you speak of are made by programmers that don't know how to securely utilize this in certain environments. Mainly in buffers, but recall the lkml thread about the license macro in kernel modules being abused with '\0'.
Nevermind, it seems that the lovable DRM within the raw video file ties the video to the player. Oh well, on to other solutions...
Scratch that too, TPB is as of this writing being dealt a DDoS attack and is offline. Man, every suggested solution is just getting pummeled. Wonder when/. will post the TPB DDoS story, anyway?
The same company willing to advertise via popup ads, mind you. It's the principle of the thing, and yes the popups still get through even modern popup blockers usually in response to clicking the background page. It tends to just turn me off with the company given the lack of business ethics as opposed to blatant (and paid for) spamming.
I tinkered with Silverlight some back when it first came out (before it was even.NET integrated), and I wonder if someone using a utility such as wget could simply retrieve the Silverlight XAML file, view the source and then retrieve the video file from the URL shown in the source. Unless the newer silverlight is compiled or something, it theoretically should work since, unlike trying this with PHP or ASP.NET code, it is up to the browser/plugin to interpret the XAML not unlike regular JavaScript.
And if the Silverlight app is embedded within another (binary) app for display or some other means of obfuscating the location of the XAML file, couldn't Ethereal/Wireshark simply reveal the location of it granted the traffic is not encrypted? Anything can theoretically be cracked.
...of the family guy episode where they captured Adam West in a box by luring him with candy? After reading this story, the only thing I could think of was Adam West's voice saying "ooh, a piece of candy! ooh, a piece of candy" over and over...
I was just playing Halo 3 today on Xbox Live(hey, I get bored too), and I'd say 92% of the people I played were what sounded like 10-12 year-olds. One pronounced another person's gamertag, XdamnedsoldierX, "ecks damm-ed soul-digger"[sic], and after reading TFA I could only think: "So, the new conductors of DDoS attacks these days are no longer the smart, possibly disgruntled computer engineering majors of the 80's and 90's, but prepubescent kids who can't even pronounce words like 'damned' (despite using it online since mommy's not home) and 'soldier".
But from what this says, they can still be considered "script kiddies", since they still seem to be relying on the work of others to accomplish these misdeeds. Whatever happened to the good 'ole 80's and 90's when you had to actually know something about the trade in order to accomplish something like this? I'm not justifying it, but come on, whatever happened to working towards something? I don't remember the movie "WarGames"'s plot including the act of downloading some program to do his work.
No, the leaks where like 2 or 3 betas were seeded on the pirate bay months before the public beta you are referring to. These were highly publicized too, in the right communities, but although microsoft.com didn't advertise it they did little to stop those that were running the leak (I accidentally let it connect to Windows Update a few times too many back in even August of last year, but nothing ever happened). Ran fine in a VM, but the display drivers haven't improved with Vista compatibility even since then.
Reminds me of the South Park episode where they were trying to figure out who was behind 9/11 (started with Cartman saying the Jews did it), and towards the end President Bush said "Ha! and all along the plans were right here in my hands, and you'll never get them!" - then he turns around and yawns while looking over his shoulder and dropping the "secret plans" on the floor.
Yeah, I could see this being something like that, and if so then they learned from their "leaks" of Windows 7. But that's just me.
Know what I use? It makes the code an absolute living breathing hell to read sometimes (unless you get creative with it), but just sniff the HTTP user-agent on the server-side, and serve up differing HTML based on it. It is an ancient trick indeed, but these days with all of the broken IE versions out in the wild mis-rendering my pages, it becomes more and more of a must, and certainly comes in handy. My favorite is to use PHP with it, since its fairly painless to sniff the user agent ($HTTP_USER_AGENT) and serve up some browser-dependent hacks to it (include(), etc.).
Bad practice? Technically not as bad as the CDATA or JavaScript-sniffing tactics, but still not the best despite the fact we're trying to fix a bad set of browsers anyways (and I don't mess with CSS quirks, I find it annoying). Just don't get too crazy with it, and you'll be fine. Sniffing every type of browser will just turn into a major headache, trust me I was there once during the original browser wars. *shudders*
Oh, and if the user doesn't mind changing the user agent for IE (this is common in FF, deal with it), then they won't mind a broken site, now will they?
Yes they are, you just dislike them to the point where you want to run around screaming to the top of your lungs and hitting everything with your fists till they turn bloody, then you fall down and whimper yourself to sleep while murmuring "damn proprietary standards... I hate you!"
IANAL either, but wouldn't his blog post (a public statement) alone be at least some good faith towards disproving that the attacks were not by them? Even if the jury would not regard any counter-argument as highly as the original argument (and the "we're winning" part might just piss them off, frankly), it would at least look good on their part for not being the hackers in question, err, possible question (?).
Here's the thing - I've always known that you can find any song you want on youtube, right? So I'd just look up a song, loop an audio cable from my output to input, and receive the audio in audacity as I play the song in youtube. Now, it seems somebody has caught on to this as Windows 7 is degrading the audio quality through the input. wasn't planning on running 7 outside of a VM anyways, but it just pisses me off after I've told my friends how to do this (yes I have friends although this is/., yes I've told them about Linux many times).
In addition to that, Youtube is now killing the sound on "violation" videos like I mentioned, and I soon won't be able to even do this in Ubuntu, since it's being killed at the source, unless I just use up my Rhapsody trials. I know I'm kind of milking th system, and this is just what DRM/RIAA is out to stop, but come on - I have stacks and stacks of legitimately bought CDs and LPs (from back in the day) of most of the songs I'm recording like this, so its not like its 100% bad, right? If it keeps up I might just have to start loading up all those CDs one-by-one (don't ask about the cassettes, 8-tracks, LPs and few laserdiscs I own).
I take it you haven't seen the alternatives to exchange either, eh? And given the exchange license fiasco (every client needs a license), they look mighty attractive right now in this economy.
Slashdot Mirror
Hypertext even goes back to the sixties, where I've seen machines from that era utilize a primitive form of hypertext, even going so far as using a lightpen in conjunction with hypertext on a screen for somewhat graphically highlighting text, before the personal computer was even thought of. So yes, hypertext goes waaay back.
I've written plenty of assembly for a variety of processor architectures, and almost all OS's I've dealt with at the assembly level, including my own, have used 0/NULL as the string terminator (higher-level languages just "hide" this). I've also seen and debugged many overflow problems, but much of this has become a thing of the past due to GCC and other compilers having built in stack smashing/overflow protection, implemented by IBM's ProPolice in GCC.
I know fully what your comment meant, and yes - the way the strings are terminated/accounted for length-wise vary from implementation (e.g. Pascal vs. C), but the bounds checking is where most either don't enforce enough, or leave plenty of room for the programmer to "shoot themselves in the foot", as Bjarne Stroustrup said.
And while I like the idea of immutable strings in some languages, sometimes it tends to get in the way of solving some problems, at least from a lower-level perspective. That, or I'm just way too set in my ways with C and other unchecked languages but who cares, as long as I check my bounds which seems to be a huge problem for many these days.
Null-terminated strings. The bane of modern computing.
Maybe I'm feeding a troll, but what else would you terminate it with without using something the string may contain? Keep in mind that null-terminated strings were, err, "invented" around the time ASCII was really the only fully widespread character standard, and something was needed to mark the end of a string for detection by software.
The mistakes you speak of are made by programmers that don't know how to securely utilize this in certain environments. Mainly in buffers, but recall the lkml thread about the license macro in kernel modules being abused with '\0'.
Nevermind, it seems that the lovable DRM within the raw video file ties the video to the player. Oh well, on to other solutions...
Scratch that too, TPB is as of this writing being dealt a DDoS attack and is offline. Man, every suggested solution is just getting pummeled. Wonder when /. will post the TPB DDoS story, anyway?
Quit trolling Slashdot
You must be new here.
Nevermind, it seems that the lovable DRM within the raw video file ties the video to the player. Oh well, on to other solutions...
We are talking about Netflix
The same company willing to advertise via popup ads, mind you. It's the principle of the thing, and yes the popups still get through even modern popup blockers usually in response to clicking the background page. It tends to just turn me off with the company given the lack of business ethics as opposed to blatant (and paid for) spamming.
I tinkered with Silverlight some back when it first came out (before it was even .NET integrated), and I wonder if someone using a utility such as wget could simply retrieve the Silverlight XAML file, view the source and then retrieve the video file from the URL shown in the source. Unless the newer silverlight is compiled or something, it theoretically should work since, unlike trying this with PHP or ASP.NET code, it is up to the browser/plugin to interpret the XAML not unlike regular JavaScript.
And if the Silverlight app is embedded within another (binary) app for display or some other means of obfuscating the location of the XAML file, couldn't Ethereal/Wireshark simply reveal the location of it granted the traffic is not encrypted? Anything can theoretically be cracked.
poll on the internet
I caught myself looking for the CowboyNeal option too, I'm afraid.
It just amazes me how differently presented this story is compared with the previous.
Previous story: kdawson. Current story: Timothy. Do you need any more explanation than that?
You know, it's where you fuck up on the Internet and the entire fucking Internet takes a moment to let you know about it.... lol
I think you're getting the effect mixed up with every South Park episode (the whole town comes to a halt, etc.), because I always thought the streisand effect (also a SP episode) was where either an event would snowball as other catch on, or if after one entity does it then others catch on and it starts to mess things up.
Then again, we could be saying the same thing, and in a way I think we are.
require home routers to maintain logs
Link/care to elaborate on that?
...of the family guy episode where they captured Adam West in a box by luring him with candy? After reading this story, the only thing I could think of was Adam West's voice saying "ooh, a piece of candy! ooh, a piece of candy" over and over...
...beaten 1337d00d94 so badly...
Yep, I'd say that sounds about right.
...What? I get bored too!
I was just playing Halo 3 today on Xbox Live(hey, I get bored too), and I'd say 92% of the people I played were what sounded like 10-12 year-olds. One pronounced another person's gamertag, XdamnedsoldierX, "ecks damm-ed soul-digger"[sic], and after reading TFA I could only think: "So, the new conductors of DDoS attacks these days are no longer the smart, possibly disgruntled computer engineering majors of the 80's and 90's, but prepubescent kids who can't even pronounce words like 'damned' (despite using it online since mommy's not home) and 'soldier".
But from what this says, they can still be considered "script kiddies", since they still seem to be relying on the work of others to accomplish these misdeeds. Whatever happened to the good 'ole 80's and 90's when you had to actually know something about the trade in order to accomplish something like this? I'm not justifying it, but come on, whatever happened to working towards something? I don't remember the movie "WarGames"'s plot including the act of downloading some program to do his work.
...apparently "in the hope of" getting the fire started B-) ).
My friend, I believe you may have just unveiled the best solution to a known problem that I have ever seen.
No, the leaks where like 2 or 3 betas were seeded on the pirate bay months before the public beta you are referring to. These were highly publicized too, in the right communities, but although microsoft.com didn't advertise it they did little to stop those that were running the leak (I accidentally let it connect to Windows Update a few times too many back in even August of last year, but nothing ever happened). Ran fine in a VM, but the display drivers haven't improved with Vista compatibility even since then.
The real edge is that the Exchange client actually works on Windows Mobile.
You're talking about Exchange, and you think it's just the client that doesn't work?
Or was this just a way to generate hype?
Reminds me of the South Park episode where they were trying to figure out who was behind 9/11 (started with Cartman saying the Jews did it), and towards the end President Bush said "Ha! and all along the plans were right here in my hands, and you'll never get them!" - then he turns around and yawns while looking over his shoulder and dropping the "secret plans" on the floor.
Yeah, I could see this being something like that, and if so then they learned from their "leaks" of Windows 7. But that's just me.
Know what I use? It makes the code an absolute living breathing hell to read sometimes (unless you get creative with it), but just sniff the HTTP user-agent on the server-side, and serve up differing HTML based on it. It is an ancient trick indeed, but these days with all of the broken IE versions out in the wild mis-rendering my pages, it becomes more and more of a must, and certainly comes in handy. My favorite is to use PHP with it, since its fairly painless to sniff the user agent ($HTTP_USER_AGENT) and serve up some browser-dependent hacks to it (include(), etc.).
Bad practice? Technically not as bad as the CDATA or JavaScript-sniffing tactics, but still not the best despite the fact we're trying to fix a bad set of browsers anyways (and I don't mess with CSS quirks, I find it annoying). Just don't get too crazy with it, and you'll be fine. Sniffing every type of browser will just turn into a major headache, trust me I was there once during the original browser wars. *shudders*
Oh, and if the user doesn't mind changing the user agent for IE (this is common in FF, deal with it), then they won't mind a broken site, now will they?
Yes they are, you just dislike them to the point where you want to run around screaming to the top of your lungs and hitting everything with your fists till they turn bloody, then you fall down and whimper yourself to sleep while murmuring "damn proprietary standards... I hate you!"
There, fixed that for you.
IANAL either, but wouldn't his blog post (a public statement) alone be at least some good faith towards disproving that the attacks were not by them? Even if the jury would not regard any counter-argument as highly as the original argument (and the "we're winning" part might just piss them off, frankly), it would at least look good on their part for not being the hackers in question, err, possible question (?).
Hmm, nice tip, and seems DRM-proof as far as TFA is concerned, too. Could easily be blocked by MS, I'm sure, but hey.
Here's the thing - I've always known that you can find any song you want on youtube, right? So I'd just look up a song, loop an audio cable from my output to input, and receive the audio in audacity as I play the song in youtube. Now, it seems somebody has caught on to this as Windows 7 is degrading the audio quality through the input. wasn't planning on running 7 outside of a VM anyways, but it just pisses me off after I've told my friends how to do this (yes I have friends although this is /., yes I've told them about Linux many times).
In addition to that, Youtube is now killing the sound on "violation" videos like I mentioned, and I soon won't be able to even do this in Ubuntu, since it's being killed at the source, unless I just use up my Rhapsody trials. I know I'm kind of milking th system, and this is just what DRM/RIAA is out to stop, but come on - I have stacks and stacks of legitimately bought CDs and LPs (from back in the day) of most of the songs I'm recording like this, so its not like its 100% bad, right? If it keeps up I might just have to start loading up all those CDs one-by-one (don't ask about the cassettes, 8-tracks, LPs and few laserdiscs I own).
I take it you haven't seen the alternatives to exchange either, eh? And given the exchange license fiasco (every client needs a license), they look mighty attractive right now in this economy.