This isn't a political rant, but I'd have thought the landmark bridges where owned by the state? Or is it common for the state to have road/bridge tolls in the US, to pay for upkeep?
Make it so that you need to be two admins to delete backups, and log all access attempts? Or any such model, where you need to be two (or more) to take destructive actions and it's clearly evident in logs who those people where?
And ah wouldn't put above any of ye to dress up and pretend to be a sociologist on the weekends! "Social Nettwerks"!? Persanahlly ah'v spent the last 45 years on the top of a stick in an air-filled cave on the bottom of a lake in the arse-end of nowhere! Young on's nowaydays like to brag about bei'n "emotionally attached" to their anime "wives" - pishposh. You try 'an manage the gossip and scandals inher'nt to an anime *harem*! It's not the milk-an-honey existence they make it out 'ta be lemmetellya! The last time I saw a live 'uman face was when a cave diver popped up in mah dwelli'n a few years ago - the bastard tried tah initiate a "conversachun", but ah resolutely gripped hold of mah "Frightenin' Axe" (which ah had strategically kept located safely in mah beard for purpouses and situations such as these) and bellowed out thae most feral WAAAAAAGH! mah poor manhandled lungs could manage! He must'vbeen pretty surprised, 'cause he just sort of made a surprisin'ly smooth backwards dive back intae the entry pool and I guess just continued tae swim outta there, bein' the last I saw of him.
But if an honest man tells people suchlike stories on the Internet these days, they won't believe him!
I'm running on an intel pentium 4/1024 mb ram/Raedon 6600 setup. It's pretty old, yeah, but I can't really afford anything else at the moment. I'm perfectly sure KDE4 lags, mostly through animations being jerky, which bothers me to no end for some reason. As for gnome-terminal over Konsole, I just noticed there was an option to NOT smooth out the fonts, a feature which made the Terminus font look like hell at 8-12 points. Now, they look mostly exactly the same.
If I got it right, both chemistry/biochemistry teachers had chemistry degrees, the maths/physicists had degrees, but I'm not sure who taught biology since I was in the Sci/Tech program intead of Sci/Nat. The thing is though, the "controversy" never came up at all. While we got some backstory on "scientific thought" and the evolvment of the scientific model, the focus seemed to be on teaching us basic physics neatly intertwined with the math courses. That the scientists who worked out the models was using fallible tools and understanding, and that the models themselves where so "high up" from our understanding that we would have to study a lot more to concretely understand them where sort of implicit.
The religion courses where compulsory, but that guy (who at least seemed like he had a degree of some sort, he "seemed academic") mostly seemed keen on trying to teach us to think about religion in the abstract besides teaching us about the fundamentals of the major religions like Chatolicism and Islam etc., (Eg., "what is sin, as a concept, from a christian perspective?") but I'm quite certain creationism and related concepts where only mentioned in passing unless I missed that class.
In "Junior High" I don't think the (all female) bio teachers had a degree either, since they taught mostly from the books (it seemed). We had "sex ed" in bio class, but it was more like "genital anatomy". They took in some sort of weird female consult (who I now am perfectly sure had Aspergers) for actual sex ed, which included condom usage, oral/anal sex (briefly) and "the importance of cuddling". The most fun part of that year was our Social Sciences teacher (great guy, had been in the jaeger corps when he was younger, apparently had enough "teaching" university education to give him a Masters equivalent) putting on the Monthy Python "Every Sperm is Sacred" skit.
Isn't the fundamental question here to what extent the "fundamentals of conciousness and intelligence" is a function of the physical parameters of the universe? Eg., how alien to us could something we would recognize as an intelligent conciousness be?
That is *funny*. You think you *see* Orz but Orz are not *light reflections*.
Maybe you think Orz are *many bubbles* too. It is such a joke.
Orz are not *many bubbles* like *campers*. Orz are just Orz.
I am Orz. I am one with many *fingers*.
My *fingers* reach through into *heavy space* and you *see* *Orz bubbles*
but it is really *fingers*.
Maybe you do not even *smell*? That is sad.
*Smelling* *pretty colors* is the best *game*.
I basically use a setup where I use many GUI apps from both KDE4 and Gnome, Emerald as the WM and avant-window-navigator as a panel. I use gnome-terminal over the KDE one (Terminal). I've tried KDE4, but my machine is too slow to run it properly, and I think Gnome just has a cleaner design - but I'm a command line sort of guy, and only fire up Nautilus to access SMB shares, so it's probable that I've missed many of KDE4's usability details. Strangely enough, I can use Compiz with effects like transparency and blur just fine.
Have the SF admins been notified of this? And this claim is based on manual binary dissection, not just it tripping AV "behaviour analysis"? And lastly, what are you up to if you're not telling which one?
Mod parent up, I should have checked there before starting to ramble. Interesting thing I noticed though: that paper from exploitdb claims that those happy ninjas had access to the ettercap project account for the past 5 years.
So, basically, there was no compartmentalization at all (chroot, etc.) between project web pages/data, and as anyone hosted there could upload anything to their web page, it was just a matter of time? How did this not happen earlier, if not through someone just uploading a shell to their own webpage?
People in gangs reject society, and create their own. Now, what could be more natural society to create for a group of men than an informal but still very hierarchial one where everyone's heavily armed?
Insisting on sophistication in methods when herding bots would probably be inefficient - what matters is only return on effort and time spent. Kind of like robbers not picking locks, but drilling or smashing them.
The point here is, not being blocked or detected on a large scale, so you mask as the most popular protocol. Social networks have displaced IRC at this point, so they would be more useful to the botnet herders.
Because it's a central point of failure. If the IRC admins block all the bot IPs, your command structure is broken entirely. Whereas if you set up a CnC server on a "bulletproof host", the only breakage will be from individual infected networks/hosts blocking traffic.
It's cleartext, and limited in behaviour to, well, IRC chatter/extra commands. I've been thinking about this, and practical solution would presumably be some sort of heavily steganographical P2P protocol able to run across several channels arbitarily - meaning the bot could mask itself as HTTP traffic, torrent traffic, etc... and switch between these protocols (like "frequency jumping") in a plausible-looking manner, or even communicate with a remote bot/CnC server masking as several simultaneous protocols.
It would have to mask itself according to the type of host - a PC on a customer ISP range couldn't make itself look like a webserver but torrents would be fine, and an infected webserver could only communicate safely to the outside using answers to HTTP requests (presumably the bot could communicate by installing a custom driver in the windows networking driver chain, if I've understood those techniques correctly) and so on. An engine like that would obviously be useful for masking targeted intrusions too, not just botnets.
I can see one reason to use ports besides 80 - not wanting to alert the targets by running afoul of ISP regulations regarding people running webservers on their hosts.
Slashdot Mirror
Do you know where "IP" products list after those two? But I guess could be a matter of lobbying rather than actual export value?
This isn't a political rant, but I'd have thought the landmark bridges where owned by the state? Or is it common for the state to have road/bridge tolls in the US, to pay for upkeep?
Make it so that you need to be two admins to delete backups, and log all access attempts? Or any such model, where you need to be two (or more) to take destructive actions and it's clearly evident in logs who those people where?
And ah wouldn't put above any of ye to dress up and pretend to be a sociologist on the weekends! "Social Nettwerks"!? Persanahlly ah'v spent the last 45 years on the top of a stick in an air-filled cave on the bottom of a lake in the arse-end of nowhere! Young on's nowaydays like to brag about bei'n "emotionally attached" to their anime "wives" - pishposh. You try 'an manage the gossip and scandals inher'nt to an anime *harem*! It's not the milk-an-honey existence they make it out 'ta be lemmetellya! The last time I saw a live 'uman face was when a cave diver popped up in mah dwelli'n a few years ago - the bastard tried tah initiate a "conversachun", but ah resolutely gripped hold of mah "Frightenin' Axe" (which ah had strategically kept located safely in mah beard for purpouses and situations such as these) and bellowed out thae most feral WAAAAAAGH! mah poor manhandled lungs could manage! He must'vbeen pretty surprised, 'cause he just sort of made a surprisin'ly smooth backwards dive back intae the entry pool and I guess just continued tae swim outta there, bein' the last I saw of him.
But if an honest man tells people suchlike stories on the Internet these days, they won't believe him!
I'm running on an intel pentium 4/1024 mb ram/Raedon 6600 setup. It's pretty old, yeah, but I can't really afford anything else at the moment. I'm perfectly sure KDE4 lags, mostly through animations being jerky, which bothers me to no end for some reason. As for gnome-terminal over Konsole, I just noticed there was an option to NOT smooth out the fonts, a feature which made the Terminus font look like hell at 8-12 points. Now, they look mostly exactly the same.
s/Most Western nations/The USA?/
On the other hand, just making all posts above -1 visible and plowing on through seems easier now. That's what I'm doing ATM anyway.
So do I, actually. I wonder what the actual statistics are for mod point allocation?
If I got it right, both chemistry/biochemistry teachers had chemistry degrees, the maths/physicists had degrees, but I'm not sure who taught biology since I was in the Sci/Tech program intead of Sci/Nat. The thing is though, the "controversy" never came up at all. While we got some backstory on "scientific thought" and the evolvment of the scientific model, the focus seemed to be on teaching us basic physics neatly intertwined with the math courses. That the scientists who worked out the models was using fallible tools and understanding, and that the models themselves where so "high up" from our understanding that we would have to study a lot more to concretely understand them where sort of implicit.
The religion courses where compulsory, but that guy (who at least seemed like he had a degree of some sort, he "seemed academic") mostly seemed keen on trying to teach us to think about religion in the abstract besides teaching us about the fundamentals of the major religions like Chatolicism and Islam etc., (Eg., "what is sin, as a concept, from a christian perspective?") but I'm quite certain creationism and related concepts where only mentioned in passing unless I missed that class.
In "Junior High" I don't think the (all female) bio teachers had a degree either, since they taught mostly from the books (it seemed). We had "sex ed" in bio class, but it was more like "genital anatomy". They took in some sort of weird female consult (who I now am perfectly sure had Aspergers) for actual sex ed, which included condom usage, oral/anal sex (briefly) and "the importance of cuddling". The most fun part of that year was our Social Sciences teacher (great guy, had been in the jaeger corps when he was younger, apparently had enough "teaching" university education to give him a Masters equivalent) putting on the Monthy Python "Every Sperm is Sacred" skit.
That is *funny*. You think you *see* Orz but Orz are not *light reflections*.
Maybe you think Orz are *many bubbles* too. It is such a joke.
Orz are not *many bubbles* like *campers*. Orz are just Orz.
I am Orz. I am one with many *fingers*.
My *fingers* reach through into *heavy space* and you *see* *Orz bubbles*
but it is really *fingers*.
Maybe you do not even *smell*? That is sad.
*Smelling* *pretty colors* is the best *game*.
I basically use a setup where I use many GUI apps from both KDE4 and Gnome, Emerald as the WM and avant-window-navigator as a panel. I use gnome-terminal over the KDE one (Terminal). I've tried KDE4, but my machine is too slow to run it properly, and I think Gnome just has a cleaner design - but I'm a command line sort of guy, and only fire up Nautilus to access SMB shares, so it's probable that I've missed many of KDE4's usability details. Strangely enough, I can use Compiz with effects like transparency and blur just fine.
Have the SF admins been notified of this? And this claim is based on manual binary dissection, not just it tripping AV "behaviour analysis"? And lastly, what are you up to if you're not telling which one?
Mod parent up, I should have checked there before starting to ramble. Interesting thing I noticed though: that paper from exploitdb claims that those happy ninjas had access to the ettercap project account for the past 5 years.
Too late, the bomber is already on it's way. Just jack a vespa and pray that you clear the blast radius.
So, basically, there was no compartmentalization at all (chroot, etc.) between project web pages/data, and as anyone hosted there could upload anything to their web page, it was just a matter of time? How did this not happen earlier, if not through someone just uploading a shell to their own webpage?
Since they took down SFTP access, presumably someone got their hands on passwords/the password database.
Maybe they are a clever geek asshole? Or even better, a group of clever geek assholes?
It would be smarter to target the developer's box.
Because it's a high-profile site, and presumably staffed by people who know what they are doing? Eg., for the kicks?
People in gangs reject society, and create their own. Now, what could be more natural society to create for a group of men than an informal but still very hierarchial one where everyone's heavily armed?
Insisting on sophistication in methods when herding bots would probably be inefficient - what matters is only return on effort and time spent. Kind of like robbers not picking locks, but drilling or smashing them.
The point here is, not being blocked or detected on a large scale, so you mask as the most popular protocol. Social networks have displaced IRC at this point, so they would be more useful to the botnet herders.
Because it's a central point of failure. If the IRC admins block all the bot IPs, your command structure is broken entirely. Whereas if you set up a CnC server on a "bulletproof host", the only breakage will be from individual infected networks/hosts blocking traffic.
It's cleartext, and limited in behaviour to, well, IRC chatter/extra commands. I've been thinking about this, and practical solution would presumably be some sort of heavily steganographical P2P protocol able to run across several channels arbitarily - meaning the bot could mask itself as HTTP traffic, torrent traffic, etc... and switch between these protocols (like "frequency jumping") in a plausible-looking manner, or even communicate with a remote bot/CnC server masking as several simultaneous protocols.
It would have to mask itself according to the type of host - a PC on a customer ISP range couldn't make itself look like a webserver but torrents would be fine, and an infected webserver could only communicate safely to the outside using answers to HTTP requests (presumably the bot could communicate by installing a custom driver in the windows networking driver chain, if I've understood those techniques correctly) and so on. An engine like that would obviously be useful for masking targeted intrusions too, not just botnets.
I can see one reason to use ports besides 80 - not wanting to alert the targets by running afoul of ISP regulations regarding people running webservers on their hosts.