You can choose the GDI ending too. If you destroy everything in the last GDI mission but the Temple of NOD and then raze it with an ion cannon strike, you get the secret "canonical" ending. Otherwise you get the boring ending.
This type of bug relies on "glitches" in the memory management (simplifying it a bit...) of the program, not on any high-level misses in the actual mechanisms of the code. Any program written in a programming language without automatic memory management can be exploited in this way, if the programmer "misses his step" somewhere. They can also be devilishly hard to find, because data can be structured and handled in memory in very complex and abstract ways.
The source is right there for you to read. Also, he's not the only guy working on the project, lots of other people have reviewed the code. Anything fishy would have been caught a long time ago.
Re:It's not just miles ahead of the competition...
on
Nmap Network Scanning
·
· Score: 1
A point is that one of the more useful basic features of NMap, the SYN partial-handshake scan (default when run as root) can't be replicated by nc. It always leaves marks in connect logs. Hping can replicate that feature though: "hping -8 -S known host.com" will SYN scan all ports listed in/etc/services on host.com
That's really one of those one-in-a-million things. Getting trolled like that, Yahoo vuln, open X server on a home *nix box. The stars really aligned.
It's not just miles ahead of the competition...
on
Nmap Network Scanning
·
· Score: 2, Informative
NMap is the best there is, period. There's not even specialist scanners that can up it's features, especially since you can set packet flags manually in the more recent versions. It really, really fills it's niche. I use it all the time in my daily life just for benign remote service discovery, and I assume many people do too. I've never had anyone complain about it either.
Okay, i stand corrected. The attack described in that article is obviously a professional targeted heist, especially considering the 0day. Just out of curiosity, how was the attack discovered? It should be quite possible to pull off that kind of attack without discovery even considering the spamming (injecting rookits with steganographic connect-back using dual-stage shellcode and making the website look like harmless viagra spam, assuming that the "unknown vulnerability" is a normal client memory corruption class of vuln). How do you know more subtle attacks aren't passing under your radar?
This and it's descendants is going to be really useful for hacking/pen testing. It's the perfect platform model for wireless attacks. Imagine walking through a crowd with one of these in your pocket, compromising computers and phones as people stream around you. Or, you could use it as a deniable relay, penetrating a 802.11 network via a cell connection to the phone. Or as a http://en.wikipedia.org/wiki/Jack_Box, enabling control of a rootkited server via a cell connection. That kind of stuff will be a lot easier to pull off with this kind of platform. Yes, i have a perverted mind. *sigh* But i think people with similiar minds will put this one to some real clever uses. I mean, all the heavy computing can be moved to a host behind TOR hidden service, or in a "bulletproof" country.
The "masses of probes" are just normal automated botnet attacks, and the "unidentified attacks" are probably just unwashed masses of skiddies. If you want me to believe that a real cyberwar (in this case more aptly named "computer espionage") is up and going you better give me or assure me that you have some sort of evidence (like captured transmissions showing that the attackers know what they are looking for in terms of intercepted/exfiltrated data) showing that you're actually being attacked by foreign governments or skilled people with an actual terrorist agenda. There is nothing in TFA except buzzwords, hyperbole and "x declined to comment".
In the TV series, she gets her first body at the hospital as a child after a plane crash. Swapping her cyborg body gender in that situation seems unlikely.
Well, it won't change much will it? The DDOS will just follow the DNS update? You probably should invest in load-balancing across multiple connections instead. Or Akamai.
Note however that it's possible to detect contemporary rootkits in situ on a live system, even if any process that runs in ring0 obviously has the upper hand in a pure theoretical sense. One technique for this is to compare data returned from API calls with raw reads of the data (this is the technique used by "RootkitRevealer".)
Take a look at Schneier's arguments against this: http://www.schneier.com/blog/archives/2008/02/benevolent_worm_1.html. One additional point is that stack/heap overflows and other memory-corrupting vulnerabilities often can't be made to be 100% reliable, and can be difficult to code for different service packs and such. This can be, and is, coded around as a matter of course, but a bug in the exploitation process can have disastrous and unpredictable results (in this case, interruption of a large swath of critical internal office file sharing networks.) This doesn't matter to the criminals, but it presumably matters to any prospective "grey hat" worm authors.
Every time i see one of these high-yield Windows remote execution holes, I'm tempted to couple a timed network-stack-erasing payload to it (24 hours should be enough for it to be able to infect through vpn-connected laptops and such) and send it cracking. Then i always begin to wonder why this hasn't been done already; is the combination of narcissistic recklessness and technical competence really that rare? It could be argued that it's more fun to play pranks and infiltrate corporate and government networks, but we don't even see things like that (I know it was more common up to the early 90s, when the "criminal prankster hacker scene" still existed outside of small tight groups...)? Or do people just cover it up? You sysadmins out there, have you ever had anything like that happen to you, or anyone you know?
The whole point of this new method is that you can cauterize a wound without charring the flesh, instead just melting it. The optimal temperature for this is, apparently, 60-70 deg. C., and this is maintained using feedback from an infrared sensor on the "soldering pen". They apparently also use a water soluble protein as "solder". The scars on in the TFA pictures look real nice. Wonder if the wound will hurt more or less than a conventionally sealed wound?
No, sorry. I am however quite certain that it is *much smaller* relative to the population (It's difficult to be homeless if you don't fit into one of the categories above), but saying that it is *nonexistent* would be an outright lie. Remember, Sweden has a large "problem" with our illegal immigrants, in that we deport women and children back to warzones, so they're forced to go underground and cut all ties with society, living on the mercy of underground humanitarian networks. Our immigration policy is a disaster that US leftists tend to be ignorant of.
Re:Segregated pools...
on
Houses With Tails
·
· Score: 2, Informative
I live in Sweden, and we have a non-insignificant population of homeless people in the major cities, mainly consisting of uneducated immigrants, druggies and runaway kids. A few "normal" citizens down on their luck too. You get an apartment from the social services if you are drug-free, but some people just can't quit, and i guess some people are too sane to be in an asylum but too insane to live on their own. Remember, illegal immigrants don't get those benefits, if they don't manage to find hostpital staff willing to look the other way.
Slashdot Mirror
You can choose the GDI ending too. If you destroy everything in the last GDI mission but the Temple of NOD and then raze it with an ion cannon strike, you get the secret "canonical" ending. Otherwise you get the boring ending.
It seems this has been going on forever now. The most high-profile cases where the excel bugs a while back.
1. Fuzz MS file format handling code until bug is found.
2. Develop exploit, and mail infected files to high-profile targets.
3. ???
4. Profit!
This type of bug relies on "glitches" in the memory management (simplifying it a bit...) of the program, not on any high-level misses in the actual mechanisms of the code. Any program written in a programming language without automatic memory management can be exploited in this way, if the programmer "misses his step" somewhere. They can also be devilishly hard to find, because data can be structured and handled in memory in very complex and abstract ways.
In my university (LinkÃping university, Sweden) the intro programming course is lisp, interwoven with the calculus courses.
The source is right there for you to read. Also, he's not the only guy working on the project, lots of other people have reviewed the code. Anything fishy would have been caught a long time ago.
A point is that one of the more useful basic features of NMap, the SYN partial-handshake scan (default when run as root) can't be replicated by nc. It always leaves marks in connect logs. Hping can replicate that feature though: "hping -8 -S known host.com" will SYN scan all ports listed in /etc/services on host.com
That's really one of those one-in-a-million things. Getting trolled like that, Yahoo vuln, open X server on a home *nix box. The stars really aligned.
NMap is the best there is, period. There's not even specialist scanners that can up it's features, especially since you can set packet flags manually in the more recent versions. It really, really fills it's niche. I use it all the time in my daily life just for benign remote service discovery, and I assume many people do too. I've never had anyone complain about it either.
Okay, i stand corrected. The attack described in that article is obviously a professional targeted heist, especially considering the 0day. Just out of curiosity, how was the attack discovered? It should be quite possible to pull off that kind of attack without discovery even considering the spamming (injecting rookits with steganographic connect-back using dual-stage shellcode and making the website look like harmless viagra spam, assuming that the "unknown vulnerability" is a normal client memory corruption class of vuln). How do you know more subtle attacks aren't passing under your radar?
This and it's descendants is going to be really useful for hacking/pen testing. It's the perfect platform model for wireless attacks. Imagine walking through a crowd with one of these in your pocket, compromising computers and phones as people stream around you. Or, you could use it as a deniable relay, penetrating a 802.11 network via a cell connection to the phone. Or as a http://en.wikipedia.org/wiki/Jack_Box, enabling control of a rootkited server via a cell connection. That kind of stuff will be a lot easier to pull off with this kind of platform. Yes, i have a perverted mind. *sigh* But i think people with similiar minds will put this one to some real clever uses. I mean, all the heavy computing can be moved to a host behind TOR hidden service, or in a "bulletproof" country.
Whoopsie, I posted anonymous for some reason?
The "masses of probes" are just normal automated botnet attacks, and the "unidentified attacks" are probably just unwashed masses of skiddies. If you want me to believe that a real cyberwar (in this case more aptly named "computer espionage") is up and going you better give me or assure me that you have some sort of evidence (like captured transmissions showing that the attackers know what they are looking for in terms of intercepted/exfiltrated data) showing that you're actually being attacked by foreign governments or skilled people with an actual terrorist agenda. There is nothing in TFA except buzzwords, hyperbole and "x declined to comment".
Yay, the headline quotes one of my favorite poems: http://poetry.poetryx.com/poems/784/
In the TV series, she gets her first body at the hospital as a child after a plane crash. Swapping her cyborg body gender in that situation seems unlikely.
I agree. However, the name of the song is indeed "Aerith's Theme".
Well, it won't change much will it? The DDOS will just follow the DNS update? You probably should invest in load-balancing across multiple connections instead. Or Akamai.
Note however that it's possible to detect contemporary rootkits in situ on a live system, even if any process that runs in ring0 obviously has the upper hand in a pure theoretical sense. One technique for this is to compare data returned from API calls with raw reads of the data (this is the technique used by "RootkitRevealer".)
Yeah, that's all true, but the point is you'd think *someone* should have done it by now. It only takes one person and one worm.
Many (most) bot servers include standalone mail/web server code, usually ripped from sendmail and the like.
Take a look at Schneier's arguments against this: http://www.schneier.com/blog/archives/2008/02/benevolent_worm_1.html. One additional point is that stack/heap overflows and other memory-corrupting vulnerabilities often can't be made to be 100% reliable, and can be difficult to code for different service packs and such. This can be, and is, coded around as a matter of course, but a bug in the exploitation process can have disastrous and unpredictable results (in this case, interruption of a large swath of critical internal office file sharing networks.) This doesn't matter to the criminals, but it presumably matters to any prospective "grey hat" worm authors.
Every time i see one of these high-yield Windows remote execution holes, I'm tempted to couple a timed network-stack-erasing payload to it (24 hours should be enough for it to be able to infect through vpn-connected laptops and such) and send it cracking. Then i always begin to wonder why this hasn't been done already; is the combination of narcissistic recklessness and technical competence really that rare? It could be argued that it's more fun to play pranks and infiltrate corporate and government networks, but we don't even see things like that (I know it was more common up to the early 90s, when the "criminal prankster hacker scene" still existed outside of small tight groups...)? Or do people just cover it up? You sysadmins out there, have you ever had anything like that happen to you, or anyone you know?
Aerith's Theme from FFVII. To think that something so simple on a grand scale can lodge itself so deeply in the soul.
The whole point of this new method is that you can cauterize a wound without charring the flesh, instead just melting it. The optimal temperature for this is, apparently, 60-70 deg. C., and this is maintained using feedback from an infrared sensor on the "soldering pen". They apparently also use a water soluble protein as "solder". The scars on in the TFA pictures look real nice. Wonder if the wound will hurt more or less than a conventionally sealed wound?
You can hate and love something at the same time, for different reasons.
No, sorry. I am however quite certain that it is *much smaller* relative to the population (It's difficult to be homeless if you don't fit into one of the categories above), but saying that it is *nonexistent* would be an outright lie. Remember, Sweden has a large "problem" with our illegal immigrants, in that we deport women and children back to warzones, so they're forced to go underground and cut all ties with society, living on the mercy of underground humanitarian networks. Our immigration policy is a disaster that US leftists tend to be ignorant of.
I live in Sweden, and we have a non-insignificant population of homeless people in the major cities, mainly consisting of uneducated immigrants, druggies and runaway kids. A few "normal" citizens down on their luck too. You get an apartment from the social services if you are drug-free, but some people just can't quit, and i guess some people are too sane to be in an asylum but too insane to live on their own. Remember, illegal immigrants don't get those benefits, if they don't manage to find hostpital staff willing to look the other way.