Oh yeah, he missed the game flaw where the game FUCKING CRASHED ALL THE TIME. I didn't even get past the stupid first level, what with all of Black and White's stability problems. And don't give me crap about video drivers or Windows or whatever. That same system played other games like UT2003 or AAO just fine, thank you very much.
I'll do you one better: the original poster should RFTM on chkconfig, which can configure services from the command line on Red Hat Linux and its variants.
I limit my on-line activities on kiosks to anonymous surfing, though if I am travelling, I usually have my tablet PC and my cell phone with me, the combination of which can be used to browse the web.
But I admit to being more paranoid than the average bear.:)
You are changing the subject. Attacking the person's spelling (trying to impugn his intelligence) instead of logically countering his arguments is a great way to earn emotional points with the crowd, but whether the poster is good at spelling (or typing, for that matter) has nothing to do with his argument over how to get along with teachers and classmates.
And let met tentatively agree with that poster. I had the same problems with my teachers and classmates until I learned that school was not about gaining knowledge and wisdom, but about social conditioning. As in the rest of the Real World, human beings who rely too heavily on style over substance can be easily manipulated in ways that can benefit the manipulator. That it took me until after college to realize this is perhaps testament to the fact that I have a sometimes abrasive, sometimes attention-seeking personality and am only 1 standard deviation above the norm on the IQ scale. (Now, where is my tongue? Oh yes, there it is, firmly planted in my cheek.)
I can't believe I'm typing this, but I disagree with your specific assessment of Microsoft. From a user support and system administration perspective, Windows and Active Directory are the only way to go if you have more than a handful of workstations or servers. I wish things like browser security zones, roaming profiles, offline files, Group Policy, MSI, WSUS, and so forth were available in the Unix world, because those tools really make my life (both as a user and as an admin) a lot easier on the Windows side of the house. Just being able to push common browser settings out enterprise wide using GPO is a killer feature, though ironically, I use that feature to turn off ActiveX, JavaScript, and so forth...:)
In the computer security world, one immediate problem is getting patches out in a timely fashion. Nothing like SUS or WSUS exists for Mac OS X, Solaris, Linux, or FreeBSD. Unix patch management is my biggest headache because it is an entirely manual process (although tools like PatchPro can help a little, and there are some commercial products that provide this feature, e.g. Citadel's Hercules). If you think putting "up2date" into cron is superior to WSUS, send me an email some time and I will gladly show you how WSUS works.
I admit haven't been paying attention to this. What exactly is this 302 exploit? Is it just a matter of attackers spoofing referrer entries in their GET requests so the attacker's web site gets listed on the target's blogroll? Or is there more to it than that?
So true! This is probably why the initial confederation was so weak. They thought hierarchy was unnecessary, so they built a decentralized government to match that philosophy. Unfortunately, while the absence of hierarchy (i.e. anarchy) is attractive to free thinkers, some power organization is necessary to avoid tragedy-of-the-commons scenarios, e.g. the states' squabbles over inter-state commerce under both the Confederation (where no arbitration was possible) and under the Constitution (where the federal government had explicit jurisdiction). Some of the founders knew that the revised strong central government could be dangerous to individual freedoms, even though it was necessary: hence Jefferson's frantic efforts to get the Bill of Rights included.
Re:Broken, but not for everything...
on
SHA-1 Broken
·
· Score: 1
One-time pads aren't impractical. They are merely expensive.
You are wrong. There is at least one worm (though possibly a proof of concept) for Mac OS X, and there is at least one virus or worm discovered in the wild for Linux (in addition to the various proofs of concept). Search through my past Slashdot postings for a list, or site-search an anti-virus vendor's web site.
The series' first episode, "33", had me on the edge of my chair and biting my nails for the entire hour. Very well done, very suspenseful, a fantastic anteclimax. The other two episodes each ended without me realizing a full hour passed. I was so engrossed that I was surprised when the credits rolled (obviously, I was watching them in real time, don't have a DVR). I really hope they maintain this level of quality. The acting is good (as sci fi acting goes, it is great), and the story writing is solid (as sci fi TV writing goes, it is fantastic). If I could hook you up with downloads, I would. I enjoyed it that much.
For the record, I caught a few episodes of Enterprise. It was neat, liked the doctor (seems like a very knows-where-his-towel-is kind of guy), but couldn't get past the Star Trek conventions of "technobable of the week". Am I the only trekkie who really, really enjoyed the old school Star Trek, as in the first season's episodes where Kirk's best friend becoming God, or The Cage? To me, that's authentic sci fi, with the Captain Kirk "just-a-jigalo" season-three Trek or angsty "let's-make-love-not-war" TNG being poorly-written parables at best (and typically lousy "appeal-to-the-masses-by-showing-boobs-or-blowing- shit-up" stories). Ah well. I liked Doctor Who, so I guess that doesn't say much about my aesthetic tastes, so you should probably just ignore me.:)
Given that I'm getting lousy uptimes on my Linux servers because of the mandatory kernel upgrades, I certainly welcome a (constructive) critical look at Linux kernel security.
That's not the point. I am getting ready to force my Unix admins to patch their boxes on a more frequent basis than "yearly", and they are already screaming bloody murder. I am sick and tired of our Unix boxes getting rooted because some admin wants 365+ days of uptime and can't be bothered to test and install a kernel patch that fixes some important hole. That there is NO scheduled maintenance to start is an even larger problem that I'll rant about in a different post.
And by the way, other Unix systems have capabilities, MAC labels, etc., and you know how most admins implement security on their systems? Every one of the Unix support team knows the root password, and the application support people use setuid scripts to administer their software, like they were doing in 1985. Capabilities, labels, and friends are extremely difficult to implement, and these features cannot save you from the one time a tired kernel programmer accidentally performs an unbounded input or forgets to check a counter. You will always need to patch your kernel (and reboot) in order to maintain operational security. Period. End of discussion.
And if your only availability measurements are along the lines of
for i in `cat hosts`; do ssh root@"$i" uptime >> uptime.report; done
please get a clue: Availability doesn't include all of those times when your users tries to access a rooted system (even though the system is "up"), and it isn't a bad thing to schedule maintenance windows and notify the users and take the system down for patches or upgrades. In fact, I would much rather do so in a controlled fashion, as I can have backups made and documentation updated and I can take my time to do things correctly because I had time to test everything beforehand. Versus a 50+ hour nightmare/marathon starting with the pages from the instrusion detection system (or worse, from someone else's IT security department) at the wee hours of (if you are lucky) Saturday morning.
So don't complain to me about lousy uptimes. Because when your server gets hacked because of a kernel bug patched three months ago, and you didn't apply the update because "my uptime counter will get reset" (i.e. you are lazy), I have to clean up your mess: Investigating the attack, determining the extent of the intrusion, validating the backups, etc.
BAH. Rant mode off. I will spare you a discussion of the proper engineering processes that help to lessen (but not eliminate) the risk of security-related software flaws.
D00d, I would love to see FTP finally die. Unfortunately, FreeBSD's own file distribution mechanisms rely on FTP, e.g. "pkg_add -r", ports, etc. And just about every other piece of modern firewall software can proxy FTP in the kernel (ipfilter, iptables, FireWall-1, etc.). Don't get me wrong: "modulate state" and the scrub options are really cool, but they solve a theoretical problem. I, instead, have a real problem with not being able to easily make FTP through my firewall work. What sucks even more is that I prefer to do egress filtering. With an in-kernel proxy, everything works properly because the proxy will add the necessary ingress and egress rules to make the file transfers work. Not so with ftp-proxy(8). So I have to either do "pass out" in pf.conf or click the "pass all outgoing" option in fwbuilder. This missing feature violates my expectations and it unnecessarily complicates my firewall rules (and weakens them in a theoretical sense).
(Yes, I am a have-my-cake-and-eat-it-too kind of guy.)
The two work about the same, except PF doesn't support an in-kernel FTP proxy (had to hack up my firewall rules big time to make FTP work, and I still have to open up a bazillion ports for the dynamic connections). It has lots of other stuff I will never use, e.g. scrub and modulate state. I only use PF because fwbuilder's rule compiler for PF outputs correct code, as compared to its compiler for IPFILTER which outputs buggy NAT rules, and I really don't feel like wasting my time writing firewall rules manually.
I can directly attribute my interest in computers to video games. One path is:
Video games
Pirated video games
Bypassed copy protection
Reverse engineering
Assembly language programming
Buffer overflows
Computer Security Expert (present day)
Another is:
Video games
Multi-user video games
Create my own maps/skins/bots for multi-user video games
Create my own scripts for multi-user video games
Become a Programmer
Write my own video games
Software Engineer (present day)
Finally, for you hardware types:
Video games
Better video card
Faster RAM
Overclocked CPU
Chip design
Computer/electrical engineer
(We all know the real reason Intel creates faster computers: It's for better video games, stupid!)
Now the Internet, while that STARTED with video games (the whole "play against your buddies" concept), it only really started to take off with pron...which, strangely enough, also ties back to video games, e.g. Leisure Suit Larry.
LIKE THE TIMECUBE, NO ONE CAN RESIST MY LOGIC AND PROPERLY AUTHORED HTML!!!
What a spectaular waste of time. Oh well, I guess you could say the same thing about most of the stuff I do, so what ever floats their boat, I guess. Hopefully, there is at least some entertainment value to the ensuing flame fest.
I don't know about you, but the plant on which I live has an orbit that is 147.5 million km (~91.6 million miles) away from the sun at perihelion and 152.5 million km (94.7 million miles) away from the sun at aphelion, with an eccentricity of 0.017.
While I have a full time job in the Information Security field, I occasionally consult for government-funded international medical research projects (working on one of the big three: tuberculosis, malaria, or AIDS). Apparently, it is very difficult to find qualified people who are willing to travel. I enjoy it immensely: Brilliant people, fantastic new foods, beautiful scenery. But it is also a humbling experience. We are extremely wealthy, and I think few of us truly realize the margin by which we are separated from the truly destitute.
Slashdot Mirror
...is how to stop it from listening on port 123/UDP. Any suggestions? And yes, I did read the fine manual.
Oh yeah, he missed the game flaw where the game FUCKING CRASHED ALL THE TIME. I didn't even get past the stupid first level, what with all of Black and White's stability problems. And don't give me crap about video drivers or Windows or whatever. That same system played other games like UT2003 or AAO just fine, thank you very much.
I'll do you one better: the original poster should RFTM on chkconfig, which can configure services from the command line on Red Hat Linux and its variants.
The only way a company would respond (if they respond at all) is with a defamation lawsuit, not by editing a wiki.
I limit my on-line activities on kiosks to anonymous surfing, though if I am travelling, I usually have my tablet PC and my cell phone with me, the combination of which can be used to browse the web.
But I admit to being more paranoid than the average bear. :)
You are changing the subject. Attacking the person's spelling (trying to impugn his intelligence) instead of logically countering his arguments is a great way to earn emotional points with the crowd, but whether the poster is good at spelling (or typing, for that matter) has nothing to do with his argument over how to get along with teachers and classmates.
And let met tentatively agree with that poster. I had the same problems with my teachers and classmates until I learned that school was not about gaining knowledge and wisdom, but about social conditioning. As in the rest of the Real World, human beings who rely too heavily on style over substance can be easily manipulated in ways that can benefit the manipulator. That it took me until after college to realize this is perhaps testament to the fact that I have a sometimes abrasive, sometimes attention-seeking personality and am only 1 standard deviation above the norm on the IQ scale. (Now, where is my tongue? Oh yes, there it is, firmly planted in my cheek.)
I can't believe I'm typing this, but I disagree with your specific assessment of Microsoft. From a user support and system administration perspective, Windows and Active Directory are the only way to go if you have more than a handful of workstations or servers. I wish things like browser security zones, roaming profiles, offline files, Group Policy, MSI, WSUS, and so forth were available in the Unix world, because those tools really make my life (both as a user and as an admin) a lot easier on the Windows side of the house. Just being able to push common browser settings out enterprise wide using GPO is a killer feature, though ironically, I use that feature to turn off ActiveX, JavaScript, and so forth... :)
In the computer security world, one immediate problem is getting patches out in a timely fashion. Nothing like SUS or WSUS exists for Mac OS X, Solaris, Linux, or FreeBSD. Unix patch management is my biggest headache because it is an entirely manual process (although tools like PatchPro can help a little, and there are some commercial products that provide this feature, e.g. Citadel's Hercules). If you think putting "up2date" into cron is superior to WSUS, send me an email some time and I will gladly show you how WSUS works.
Anyway, rant mode off. Sorry about that.
*grumble* . . . get off my web site, you damn kids!
I should know: I've been running their betas for the last 10 years now, stuff like Windows Server 2003 and Internet Explorer 6.0.
And fresh doughnuts can be thought of as "torrid pieces of dough".
I admit haven't been paying attention to this. What exactly is this 302 exploit? Is it just a matter of attackers spoofing referrer entries in their GET requests so the attacker's web site gets listed on the target's blogroll? Or is there more to it than that?
Actually, hot dog buns are forbidden on every day of the week.
So true! This is probably why the initial confederation was so weak. They thought hierarchy was unnecessary, so they built a decentralized government to match that philosophy. Unfortunately, while the absence of hierarchy (i.e. anarchy) is attractive to free thinkers, some power organization is necessary to avoid tragedy-of-the-commons scenarios, e.g. the states' squabbles over inter-state commerce under both the Confederation (where no arbitration was possible) and under the Constitution (where the federal government had explicit jurisdiction). Some of the founders knew that the revised strong central government could be dangerous to individual freedoms, even though it was necessary: hence Jefferson's frantic efforts to get the Bill of Rights included.
One-time pads aren't impractical. They are merely expensive.
You are wrong. There is at least one worm (though possibly a proof of concept) for Mac OS X, and there is at least one virus or worm discovered in the wild for Linux (in addition to the various proofs of concept). Search through my past Slashdot postings for a list, or site-search an anti-virus vendor's web site.
The series' first episode, "33", had me on the edge of my chair and biting my nails for the entire hour. Very well done, very suspenseful, a fantastic anteclimax. The other two episodes each ended without me realizing a full hour passed. I was so engrossed that I was surprised when the credits rolled (obviously, I was watching them in real time, don't have a DVR). I really hope they maintain this level of quality. The acting is good (as sci fi acting goes, it is great), and the story writing is solid (as sci fi TV writing goes, it is fantastic). If I could hook you up with downloads, I would. I enjoyed it that much.
For the record, I caught a few episodes of Enterprise. It was neat, liked the doctor (seems like a very knows-where-his-towel-is kind of guy), but couldn't get past the Star Trek conventions of "technobable of the week". Am I the only trekkie who really, really enjoyed the old school Star Trek, as in the first season's episodes where Kirk's best friend becoming God, or The Cage? To me, that's authentic sci fi, with the Captain Kirk "just-a-jigalo" season-three Trek or angsty "let's-make-love-not-war" TNG being poorly-written parables at best (and typically lousy "appeal-to-the-masses-by-showing-boobs-or-blowing- shit-up" stories). Ah well. I liked Doctor Who, so I guess that doesn't say much about my aesthetic tastes, so you should probably just ignore me. :)
That's not the point. I am getting ready to force my Unix admins to patch their boxes on a more frequent basis than "yearly", and they are already screaming bloody murder. I am sick and tired of our Unix boxes getting rooted because some admin wants 365+ days of uptime and can't be bothered to test and install a kernel patch that fixes some important hole. That there is NO scheduled maintenance to start is an even larger problem that I'll rant about in a different post.
And by the way, other Unix systems have capabilities, MAC labels, etc., and you know how most admins implement security on their systems? Every one of the Unix support team knows the root password, and the application support people use setuid scripts to administer their software, like they were doing in 1985. Capabilities, labels, and friends are extremely difficult to implement, and these features cannot save you from the one time a tired kernel programmer accidentally performs an unbounded input or forgets to check a counter. You will always need to patch your kernel (and reboot) in order to maintain operational security. Period. End of discussion.
And if your only availability measurements are along the lines of
please get a clue: Availability doesn't include all of those times when your users tries to access a rooted system (even though the system is "up"), and it isn't a bad thing to schedule maintenance windows and notify the users and take the system down for patches or upgrades. In fact, I would much rather do so in a controlled fashion, as I can have backups made and documentation updated and I can take my time to do things correctly because I had time to test everything beforehand. Versus a 50+ hour nightmare/marathon starting with the pages from the instrusion detection system (or worse, from someone else's IT security department) at the wee hours of (if you are lucky) Saturday morning.So don't complain to me about lousy uptimes. Because when your server gets hacked because of a kernel bug patched three months ago, and you didn't apply the update because "my uptime counter will get reset" (i.e. you are lazy), I have to clean up your mess: Investigating the attack, determining the extent of the intrusion, validating the backups, etc.
BAH. Rant mode off. I will spare you a discussion of the proper engineering processes that help to lessen (but not eliminate) the risk of security-related software flaws.
In fact, most anti-virus/anti-spyware software requires a subscription in order to get updates. This is evil/bad how?
D00d, I would love to see FTP finally die. Unfortunately, FreeBSD's own file distribution mechanisms rely on FTP, e.g. "pkg_add -r", ports, etc. And just about every other piece of modern firewall software can proxy FTP in the kernel (ipfilter, iptables, FireWall-1, etc.). Don't get me wrong: "modulate state" and the scrub options are really cool, but they solve a theoretical problem. I, instead, have a real problem with not being able to easily make FTP through my firewall work. What sucks even more is that I prefer to do egress filtering. With an in-kernel proxy, everything works properly because the proxy will add the necessary ingress and egress rules to make the file transfers work. Not so with ftp-proxy(8). So I have to either do "pass out" in pf.conf or click the "pass all outgoing" option in fwbuilder. This missing feature violates my expectations and it unnecessarily complicates my firewall rules (and weakens them in a theoretical sense).
(Yes, I am a have-my-cake-and-eat-it-too kind of guy.)
The two work about the same, except PF doesn't support an in-kernel FTP proxy (had to hack up my firewall rules big time to make FTP work, and I still have to open up a bazillion ports for the dynamic connections). It has lots of other stuff I will never use, e.g. scrub and modulate state. I only use PF because fwbuilder's rule compiler for PF outputs correct code, as compared to its compiler for IPFILTER which outputs buggy NAT rules, and I really don't feel like wasting my time writing firewall rules manually.
Robot competition == gay and (worse) boring.
I can directly attribute my interest in computers to video games. One path is:
- Video games
- Pirated video games
- Bypassed copy protection
- Reverse engineering
- Assembly language programming
- Buffer overflows
- Computer Security Expert (present day)
Another is:- Video games
- Multi-user video games
- Create my own maps/skins/bots for multi-user video games
- Create my own scripts for multi-user video games
- Become a Programmer
- Write my own video games
- Software Engineer (present day)
Finally, for you hardware types:- Video games
- Better video card
- Faster RAM
- Overclocked CPU
- Chip design
- Computer/electrical engineer
(We all know the real reason Intel creates faster computers: It's for better video games, stupid!)Now the Internet, while that STARTED with video games (the whole "play against your buddies" concept), it only really started to take off with pron...which, strangely enough, also ties back to video games, e.g. Leisure Suit Larry.
LIKE THE TIMECUBE, NO ONE CAN RESIST MY LOGIC AND PROPERLY AUTHORED HTML!!!
Well, duh. Technology cannot change human nature. It acts only as a catalyst, speeding up or amplifying what is already there.
What a spectaular waste of time. Oh well, I guess you could say the same thing about most of the stuff I do, so what ever floats their boat, I guess. Hopefully, there is at least some entertainment value to the ensuing flame fest.
I don't know about you, but the plant on which I live has an orbit that is 147.5 million km (~91.6 million miles) away from the sun at perihelion and 152.5 million km (94.7 million miles) away from the sun at aphelion, with an eccentricity of 0.017.
While I have a full time job in the Information Security field, I occasionally consult for government-funded international medical research projects (working on one of the big three: tuberculosis, malaria, or AIDS). Apparently, it is very difficult to find qualified people who are willing to travel. I enjoy it immensely: Brilliant people, fantastic new foods, beautiful scenery. But it is also a humbling experience. We are extremely wealthy, and I think few of us truly realize the margin by which we are separated from the truly destitute.