Well, your OS likes to think of the harddrive size as a power of two... therefore, my 6.4Gb disk (according to the manufacturer) is only 6183Mb when fdisk looks at it
I wonder when Microsoft is going to sue over X's use of the word "Windows."
IIRC, most docs on X are pretty stuffed with how "this should be called either X or X Window System. There is no such thing as X Windows"... so I don't see how that could be a problem... but then, I don't know the US legal system (hmm... I doubt anyone does... including judges... )
unfortunately, HD manufacturers want to impress us with how big their drives are, so it's really 1000 bytes/kilobyte for them, and so on. It didn't make much of a difference back when 1Gb was huge for a HD, but on the terabyte scale, those dropped bytes add up...
OK, I've read the cnet article, I'm _not_ subscribing to bugtraq or anything similar, but my guess as a C programmer is as follows:
Buffer overflows work by sending more data than expected to a function than it expects, which can (if you do it correct) let you decide what adress the program should jump to when it leaves the function. The obvious way this would work in, for example, an error report stating the name of the program, the name of the function, and a short description of the error. That is 3 string variables that should be printed. If the attacker is able to send any format string he likes, he can make printf use only two of those strings - the adress of the third string will then be pulled off the stack into the PC, and program execution will resume at the beginning of the third string.
Since the attacker was able to change the format string, he will probably be able to change that string as well.
In a sensible (or paranoid) system, this would not be a problem - the strings would reside in a data segment, and the program would segfault when it tried to resume execution there. I assume this vulnerability comes from the program being allowed to execute instructions in the data area, just as the buffer overflow problems arise from storing the stack in executable pages.
I know that gas (GNU assembler) stores constant data together with the program code. Guess that makes it difficult to separate them when they are loaded into memory...
I know there are holes in this (for example, the strings are supposed to be write-protected - not even supervisor processes should be allowed to write to them without segfaulting), but perhaps someone who knows more can fill them in.
Anyway, this is (in my view) not so distant from buffer overflows.
FYI: (At least here in Sweden, and probably in other countries as well) The phone companies subsidize the cell phones, provided you sign up with them for 12,18 or 24 months.
My cell phone cost me 1 SEK (about 12 cents), but I then had to pay the phone company ~100 SEK ($12) per month, plus per minute charges, for 12 months (which means that I still get the phone for ~$150, about half of the actual cost...).
...but since the rate of technological advance is accelerating, we'd have to shrink the "kill-off" intervals continously (sorry, don't know how it's spelled...).... for today, I'd say an interval o f 10 years should be fine....
OTOH, I'm in favor of starting wars to kill 4.5 billions of humans... then (most of) humanity could have good living conditions
ehm... nope, when you make it 10,000 times smaller, it's the same as multiplying with 1/10,000, or 0.0001.
What you do is remove 10,000 times the original, not reduce the original 10,000 times.
1 time smaller is a "nop", it leaves you with exactly what you had from the beginning
Sure, nuclear power is solar power... uranium is created in solar cores, then it's spread when the sun goes nova... but wind power being due to gravity? I thought it was temperature diffs between the air in different locations....
You make it sound as if, every week, God sent a giant pie down to the surface of the Earth with the intention that everyone share equally in the pie, and the first world greedily consumed 95% of it and then left some crumbs over for the 3rd World. This is not the case.
Actually, I'd say that pretty much is the case - although i don't believe in a God. Farming land in the third world that could be used to produce food for the people is used instead to grow tobacco and other drugs, which are then exported to West. Natural resources are harvested by large corporations, with a small percentage of the profit ending up in the pockets of the leaders of that country, and nothing adding to the benefit of the people. The European Union throws away several thousand tons of vegetables and fruits every year, just to make the prices higher.
The resources for material production (clothes, shoes, computers, food...) are limited, they are a pie I believe we were meant to share equally, but is being consumed by 95% in the West.
associating IP with the exploitation of the 3rd World? Pretty big logical leap.
Not a big leap at all. As he points out in the text, companies have patented the genetic make-up of several types of base food used in by farmers world-wide, thereby forcing the farmers to pay the company if they want to keep using the grains they have used for generations.
Slashdot Mirror
cute sig :)
no, I missed the dept .... thx for pointing it out :)
cool, man .... can you do a dog? :)
What else would you expect from the people who brought you Lenin, Communism,
Correct me if I'm wrong, but didn't communism start in Germany, with Marx and Engels?
Well, your OS likes to think of the harddrive size as a power of two ... therefore, my 6.4Gb disk (according to the manufacturer) is only 6183Mb when fdisk looks at it
I wonder when Microsoft is going to sue over X's use of the word "Windows."
... so I don't see how that could be a problem ... but then, I don't know the US legal system (hmm ... I doubt anyone does ... including judges ... )
IIRC, most docs on X are pretty stuffed with how "this should be called either X or X Window System. There is no such thing as X Windows"
unfortunately, HD manufacturers want to impress us with how big their drives are, so it's really 1000 bytes/kilobyte for them, and so on. It didn't make much of a difference back when 1Gb was huge for a HD, but on the terabyte scale, those dropped bytes add up ...
OK, I've read the cnet article, I'm _not_ subscribing to bugtraq or anything similar, but my guess as a C programmer is as follows: ...
Buffer overflows work by sending more data than expected to a function than it expects, which can (if you do it correct) let you decide what adress the program should jump to when it leaves the function.
The obvious way this would work in, for example, an error report stating the name of the program, the name of the function, and a short description of the error. That is 3 string variables that should be printed. If the attacker is able to send any format string he likes, he can make printf use only two of those strings - the adress of the third string will then be pulled off the stack into the PC, and program execution will resume at the beginning of the third string.
Since the attacker was able to change the format string, he will probably be able to change that string as well.
In a sensible (or paranoid) system, this would not be a problem - the strings would reside in a data segment, and the program would segfault when it tried to resume execution there. I assume this vulnerability comes from the program being allowed to execute instructions in the data area, just as the buffer overflow problems arise from storing the stack in executable pages.
I know that gas (GNU assembler) stores constant data together with the program code. Guess that makes it difficult to separate them when they are loaded into memory
I know there are holes in this (for example, the strings are supposed to be write-protected - not even supervisor processes should be allowed to write to them without segfaulting), but perhaps someone who knows more can fill them in.
Anyway, this is (in my view) not so distant from buffer overflows.
Judging by Jon Erikson, it seems to affect some Christians as well ...
You were using those analog phones when we had GSM here for years.
I understand this will probably hurt you in your We-Domminate-The-World instinct, but US in *not* leading the mobile market.
FYI: (At least here in Sweden, and probably in other countries as well) The phone companies subsidize the cell phones, provided you sign up with them for 12,18 or 24 months. ...).
My cell phone cost me 1 SEK (about 12 cents), but I then had to pay the phone company ~100 SEK ($12) per month, plus per minute charges, for 12 months (which means that I still get the phone for ~$150, about half of the actual cost
...but since the rate of technological advance is accelerating, we'd have to shrink the "kill-off" intervals continously (sorry, don't know how it's spelled ...) .... for today, I'd say an interval o f 10 years should be fine ....
... then (most of) humanity could have good living conditions
OTOH, I'm in favor of starting wars to kill 4.5 billions of humans
actually, the DNSes for 'anydomain.com' (which probably covers 'www.anydomain.com' as well) are 207.8.152.2 and 207.8.152.3
actually, that post is too long for me to bother to read ...
What you do is remove 10,000 times the original, not reduce the original 10,000 times.
1 time smaller is a "nop", it leaves you with exactly what you had from the beginning
No pics available, sorry .... but I've seen it in more than a few computer stores ... nothing they're selling, though ... just for show :)
...or maybe they're patenting it so everyone can use it for free, instead of some other company filing the patent and then charging ofr its use ... ?
Sure, nuclear power is solar power ... uranium is created in solar cores, then it's spread when the sun goes nova ... but wind power being due to gravity? I thought it was temperature diffs between the air in different locations ....
I think they meant Watt-hours ....
This sounds wonderful! I want it *drool*
lots of believe, but I'm a believer
You make it sound as if, every week, God sent a giant pie down to the surface of the Earth with the intention that everyone share equally in the pie, and the first world greedily consumed 95% of it and then left some crumbs over for the 3rd World. This is not the case.
Actually, I'd say that pretty much is the case - although i don't believe in a God.
Farming land in the third world that could be used to produce food for the people is used instead to grow tobacco and other drugs, which are then exported to West.
Natural resources are harvested by large corporations, with a small percentage of the profit ending up in the pockets of the leaders of that country, and nothing adding to the benefit of the people.
The European Union throws away several thousand tons of vegetables and fruits every year, just to make the prices higher.
The resources for material production (clothes, shoes, computers, food...) are limited, they are a pie I believe we were meant to share equally, but is being consumed by 95% in the West.
associating IP with the exploitation of the 3rd World? Pretty big logical leap.
Not a big leap at all. As he points out in the text, companies have patented the genetic make-up of several types of base food used in by farmers world-wide, thereby forcing the farmers to pay the company if they want to keep using the grains they have used for generations.
From what I gathered, he wasn't opposing property rights for physical products ...