Wow, some state legislature actually drafted and voted in a law that makes it legal for your 14-year-old to have sex, as long as they have a note from home!
Like I said in another comment, sounds like an exception for marriages involving close relations. I know I've heard that in some states you have to be 18 to get married, unless you have permission from your parents and then it's 16. 14 - wow, that seems seriously messed up to me.
Google, the company? Yeah. Maybe lost a little goodwill/investor confidence, but not like they went to the bank and THIRTEEN BILLION was missing.
GOOG the stock lost $13B in market value. That's real. Of course, unless you're one of the geniuses that bought at $432.66 and then sold at $388.66, it's only on paper anyways.
You don't -- there isn't one. This does not exploit a vulnerability in the OS. It exploits a vulnerability in those willing to click email attachments.
There has to be someone there willing to sell when you think it's low, and to buy when you think it's high. Someone who has a different expectation of low/high than you do. If everyone had the same expectations of the market, no one would want to trade.
No, I get what you're saying. I was responding to the OP that it was Microsoft's fault that there was not OS patch available and that this left users vulnerable.
I guess if I had a chance to edit my post, I would have worded it a bit differently.
There isn't anything you^H^H^HMicrosoft can do to protect your system from this worm
Indeed -- I was about to post the same thing having seen this in the linked article:
By the time trading resumed yesterday morning, Google's stock price had plummeted from $432.66 to $388.66, erasing $16bn in market value. The price recovered, as traders realised Google was also announcing a doubled net profit for the fourth quarter and an 86 per cent hike in advertising revenue, stellar achievements by any standard.
So, the story isn't that $12B was wiped out, but that it dropped (significantly, no doubt), a bunch of analysts and reporters freaked out, but the price recovered by the time they went to press, but they had already spent so much time beating their chests about it that it seemed a shame not to just go with the original take?
Unlike a lot of malware that exploits vulnerabilities in the Windows operating system, there is no "patch" that can be downloaded to ward off Kama Sutra.
"This is something that is not inherent in the operating system," Sergile said.
"Unfortunately, there is no way to patch user ignorance, and the way this virus propagates is through user ignorance," he said.
I like to jump all over Microsoft for their lax security and gaping vulnerabilites as the next guy, but this time it isn't an unpatched hole in office or RPC or something causing this.
There isn't anything you can do to protect your system from this worm, aside from not being dumb enough to click on an email attachment that says "free nekkid pikturs".
>Hopefully this worm will cause a bunch of monetary damage to some corporations
Apparently not, just horny/stupid military and home users:
Furst says the worm has spread to a lot of military addresses on the Internet (.mil), but mostly to ISPs (Internet Service Providers), meaning most of those infected are probably home users.
1UP: You know, that's something you guys have gotten good at now, and that's kind of cool, because like you mentioned earlier, there's Rise of the Triad, and I remember that well--there's a lot of people who, even if they don't know the game, know the personality or know the franchise by name, right?
One other notable payment was the renegotiation of a $6 million charge due upon delivery of the final PC version of Duke Nukem Forever back in March 2005. The epic delay of 3D Realms' shooter has meant that $4.25 million of the final milestone payment has already been paid, alongside the promise of a final $500,000 upon the commercial release of Duke Nukem Forever prior to December 31, 2006.
They've elevated the others on the show this season. They used to be referred to as "the build team" or "Myth-terns", but they get billing as "MythBusters" the same as Adam and Jamie this season.
I don't think you're going to get Kari to crawl inside an animal carcas (she's a veggie). She could hardly stand it when they brought back a pig neck/spine with meat still on it to use inside a ballistics gel model.
The other thing is they seem to do is go out of their way to get animals that have died on the farm of "natural causes" as opposed to going to a slaughterhouse and carting away a freshly-killed carcass. I kind of doubt they are going to go get a horse or cow and kill it for a myth like this.
On the one hand I blindly hate Microsoft, and cheer for anything that impacts them negatively. On the other I blindly hate software patents, and boo whenever one is upheld or someone takes someone else to court over one.
Represented as existing or as being as described but not so proved; supposed.
Being that this is civil vs criminal court, there may be a difference (IANAL). Criminal court the prosecution "proves" the allegations. Once the Judge/Jury find that there is sufficient evidence to hand down a verdict, using the word "Allegedly" to describe the actions seems incorrect.
Civil court, don't know if you've "proved" your allegations, or if the "preponderance of evidence" by the Judge to render a decision counts as the same thing.
In any case, saying "allegedly infringing code" implies that there is still some question that the infringement really exists, and seems "weasily" to me also. A court ruled that the code infringes the patent, and has ordered a remedy. Seems like you don't get to say "allegedly" anymore.
Wilkins was right to be concerned about a possible smear campaign against Rustin. Edgar Hoover, head of the Federal Bureau of Investigations, had been keeping a file on Bayard Rustin for many years. An FBI undercover agent managed to take a photograph of Rustin talking to King while he was having a bath. This photograph was then used to support false stories being circulated that Rustin was having a homosexual relationship with King.
This information was now passed on to white politicians in the Deep South who feared that a successful march on Washington would persuade President Lyndon B. Johnson to sponsor a proposed new civil rights act. Strom Thurmond led the campaign against Rustin making several speeches where he described him as a "communist, draft dodger and homosexual".
... J. Edgar Hoover became concerned about King's political development, especially when in 1966 he became a strong opponent of the Vietnam War. Hoover arranged for Federal Bureau of Investigation (FBI) agents to bug the telephones and hotel rooms where King stayed. Details of his private life was leaked to the press and the FBI sent King an anonymous blackmail letter in an attempt to force him to retire from political life.
I didn't see a detail of the exploit, but I did see a detail workaround:
The workaround is trivial; using mod_rewrite, which is compiled into Oracle's Apache distribution it is possible to stop the attack. The workaround checks a user's web request for the presence of a right facing bracket, ')'.
Add the following four lines to your http.conf file then stop and restart the web server
but a hole in OHS (Oracle's distributed Apache server).
There's a critical flaw in the Oracle PLSQL Gateway, a component of iAS, OAS and the Oracle HTTP Server, that allows attackers to bypass the PLSQLExclusion list and gain access to "excluded" packages and procedures. This can be exploited by an attacker to gain full DBA control of the backend database server through the web server.
This flaw was reported to Oracle on the 26th of October 2005. On November the 7th NGS alerted NISCC (http://www.niscc.gov.uk/ to the problem. It was hoped that due to the severity of the problem that Oracle would release a fix or a workaround for this in the January 2006 Critical Patch Update. They failed to do so.
There is even a simple workaround:
The workaround is trivial; using mod_rewrite, which is compiled into Oracle's Apache distribution it is possible to stop the attack. The workaround checks a user's web request for the presence of a right facing bracket, ')'.
Add the following four lines to your http.conf file then stop and restart the web server
I've already applied this on my OAS install on by development box and I'm ready to spend the next couple hours testing before recommending that we do this on our production box.
I don't think leaving their customers vulnerable for another 3 months (or perhaps even longer) until the next CPU is reasonable especially when this bug is so easy to fix and easy to workaround. Again, I urge all Oracle customers to get on the 'phone to Oracle and demand the respect you paid for
I couldn't agree more. Can't fathom why they couldn't have notified customers (even if they couldn't have fixed mod_plsql through the CPU), or why they are going after the guy when he told them about this 3 months ago and waited for the January update before getting impatient and going public.
Slashdot Mirror
> Before you get too excited about low ages of consent
excited? no
revolted? sorta
suprised? not really
up in arms? hardly
Wow, some state legislature actually drafted and voted in a law that makes it legal for your 14-year-old to have sex, as long as they have a note from home!
Like I said in another comment, sounds like an exception for marriages involving close relations. I know I've heard that in some states you have to be 18 to get married, unless you have permission from your parents and then it's 16. 14 - wow, that seems seriously messed up to me.
Thank you, no. The universe I'm already using is unstable enough, thank you. :-)
Ok, I screwed up (no pun intended)
;-)
The great states of Iowa an Misouri also have 14, and where there are two different numbers for the same state it means
the law within that country or state varies according to region or circumstances.
So, I'm guessing 14 is legal if you are married (preferrably to a close relative),
Funny, but a nit-pick, if I may...
* At least 18 - 5 = 13 years of training required by U.S. law.
take a look a this: http://www.avert.org/aofconsent.htm
the age of consent in the US differs from state to state, 18 in (quick count) only 13 states (most 16, 17)
and the US State with the lowest AoC goes to... (drumroll)
South Carolina @ 14!
They should adopt "Lowest age of consent law in the union!" as their new state motto and put it on license plates.
I heard google is in talks to create their own universe.
>Google didn't lose anything
Google, the company? Yeah. Maybe lost a little goodwill/investor confidence, but not like they went to the bank and THIRTEEN BILLION was missing.
GOOG the stock lost $13B in market value. That's real. Of course, unless you're one of the geniuses that bought at $432.66 and then sold at $388.66, it's only on paper anyways.
>where do i download the patch
You don't -- there isn't one. This does not exploit a vulnerability in the OS. It exploits a vulnerability in those willing to click email attachments.
Exactly. Buy low, sell high.
There has to be someone there willing to sell when you think it's low, and to buy when you think it's high. Someone who has a different expectation of low/high than you do. If everyone had the same expectations of the market, no one would want to trade.
No, I get what you're saying. I was responding to the OP that it was Microsoft's fault that there was not OS patch available and that this left users vulnerable.
I guess if I had a chance to edit my post, I would have worded it a bit differently.
Indeed -- I was about to post the same thing having seen this in the linked article:
By the time trading resumed yesterday morning, Google's stock price had plummeted from $432.66 to $388.66, erasing $16bn in market value. The price recovered, as traders realised Google was also announcing a doubled net profit for the fourth quarter and an 86 per cent hike in advertising revenue, stellar achievements by any standard.
So, the story isn't that $12B was wiped out, but that it dropped (significantly, no doubt), a bunch of analysts and reporters freaked out, but the price recovered by the time they went to press, but they had already spent so much time beating their chests about it that it seemed a shame not to just go with the original take?
Sheesh
Try and get your knee to settle down and RTFA
Unlike a lot of malware that exploits vulnerabilities in the Windows operating system, there is no "patch" that can be downloaded to ward off Kama Sutra.
"This is something that is not inherent in the operating system," Sergile said.
"Unfortunately, there is no way to patch user ignorance, and the way this virus propagates is through user ignorance," he said.
I like to jump all over Microsoft for their lax security and gaping vulnerabilites as the next guy, but this time it isn't an unpatched hole in office or RPC or something causing this.
There isn't anything you can do to protect your system from this worm, aside from not being dumb enough to click on an email attachment that says "free nekkid pikturs".
>Hopefully this worm will cause a bunch of monetary damage to some corporations
Apparently not, just horny/stupid military and home users:
Furst says the worm has spread to a lot of military addresses on the Internet (.mil), but mostly to ISPs (Internet Service Providers), meaning most of those infected are probably home users.
whew -- I was getting worried there for a minute that I might actually have to go out and buy this at some point.
god I love this
1UP: You know, that's something you guys have gotten good at now, and that's kind of cool, because like you mentioned earlier, there's Rise of the Triad, and I remember that well--there's a lot of people who, even if they don't know the game, know the personality or know the franchise by name, right?
um... what was the question?
>Just because they're saying it's being worked on doesn't mean that it'll ever be released.
t ory=7993/
Whatever has been going on all this time, it appears that now there is a 12/31/06 date with money attached, with millions already being paid.
http://www.gamasutra.com/php-bin/news_index.php?s
One other notable payment was the renegotiation of a $6 million charge due upon delivery of the final PC version of Duke Nukem Forever back in March 2005. The epic delay of 3D Realms' shooter has meant that $4.25 million of the final milestone payment has already been paid, alongside the promise of a final $500,000 upon the commercial release of Duke Nukem Forever prior to December 31, 2006.
from the previous story about Take Two's SEC 10K filing
maybe not worth the paper it's printed on, but this is way more detail than I've seen on this in years
But hadn't the thing just fallen over dead anyway?
>those are just interns
They've elevated the others on the show this season. They used to be referred to as "the build team" or "Myth-terns", but they get billing as "MythBusters" the same as Adam and Jamie this season.
I don't think you're going to get Kari to crawl inside an animal carcas (she's a veggie). She could hardly stand it when they brought back a pig neck/spine with meat still on it to use inside a ballistics gel model.
The other thing is they seem to do is go out of their way to get animals that have died on the farm of "natural causes" as opposed to going to a slaughterhouse and carting away a freshly-killed carcass. I kind of doubt they are going to go get a horse or cow and kill it for a myth like this.
Oh, my head was about to esplode.
On the one hand I blindly hate Microsoft, and cheer for anything that impacts them negatively. On the other I blindly hate software patents, and boo whenever one is upheld or someone takes someone else to court over one.
So, I say "splonge"!
I saw that and thought the same thing.
http://dictionary.reference.com/search?q=Allegedl
Being that this is civil vs criminal court, there may be a difference (IANAL). Criminal court the prosecution "proves" the allegations. Once the Judge/Jury find that there is sufficient evidence to hand down a verdict, using the word "Allegedly" to describe the actions seems incorrect.
Civil court, don't know if you've "proved" your allegations, or if the "preponderance of evidence" by the Judge to render a decision counts as the same thing.
In any case, saying "allegedly infringing code" implies that there is still some question that the infringement really exists, and seems "weasily" to me also. A court ruled that the code infringes the patent, and has ordered a remedy. Seems like you don't get to say "allegedly" anymore.
>the vast majority of the public who might actually try it once would run into one piece of hardware
Unless they partner with someone to build, install and sell/support complete systems (where the hardware is a uniform, known quantity).
Wonder how people would react to a Google PC at WalMart/Target for like $199 (Linspire flop aside).
I hadn't heard!
Is it _statue_ of limitations, or "statute"?
I'm sure there is a legal president for this statue of limitations.
does this count?
m
...
http://www.spartacus.schoolnet.co.uk/USAkingML.ht
Wilkins was right to be concerned about a possible smear campaign against Rustin. Edgar Hoover, head of the Federal Bureau of Investigations, had been keeping a file on Bayard Rustin for many years. An FBI undercover agent managed to take a photograph of Rustin talking to King while he was having a bath. This photograph was then used to support false stories being circulated that Rustin was having a homosexual relationship with King.
This information was now passed on to white politicians in the Deep South who feared that a successful march on Washington would persuade President Lyndon B. Johnson to sponsor a proposed new civil rights act. Strom Thurmond led the campaign against Rustin making several speeches where he described him as a "communist, draft dodger and homosexual".
J. Edgar Hoover became concerned about King's political development, especially when in 1966 he became a strong opponent of the Vietnam War. Hoover arranged for Federal Bureau of Investigation (FBI) agents to bug the telephones and hotel rooms where King stayed. Details of his private life was leaked to the press and the FBI sent King an anonymous blackmail letter in an attempt to force him to retire from political life.
I didn't see a detail of the exploit, but I did see a detail workaround:
The workaround is trivial; using mod_rewrite, which is compiled into
Oracle's Apache distribution it is possible to stop the attack. The
workaround checks a user's web request for the presence of a right facing
bracket, ')'.
Add the following four lines to your http.conf file then stop and restart
the web server
RewriteEngine on
RewriteCond %{QUERY_STRING} ^.*\).*|.*%29.*$
RewriteRule ^.*$ http://127.0.0.1/denied.htm?attempted-attack
RewriteRule ^.*\).*|.*%29.*$ http://127.0.0.1/denied.htm?attempted-attack
There's a critical flaw in the Oracle PLSQL Gateway, a component of iAS, OAS
and the Oracle HTTP Server, that allows attackers to bypass the
PLSQLExclusion list and gain access to "excluded" packages and procedures.
This can be exploited by an attacker to gain full DBA control of the backend
database server through the web server.
This flaw was reported to Oracle on the 26th of October 2005. On November
the 7th NGS alerted NISCC (http://www.niscc.gov.uk/ to the problem. It was
hoped that due to the severity of the problem that Oracle would release a
fix or a workaround for this in the January 2006 Critical Patch Update. They
failed to do so.
There is even a simple workaround:
I've already applied this on my OAS install on by development box and I'm ready to spend the next couple hours testing before recommending that we do this on our production box.
I don't think leaving their customers vulnerable for another 3 months (or
perhaps even longer) until the next CPU is reasonable especially when this
bug is so easy to fix and easy to workaround. Again, I urge all Oracle
customers to get on the 'phone to Oracle and demand the respect you paid
for
I couldn't agree more. Can't fathom why they couldn't have notified customers (even if they couldn't have fixed mod_plsql through the CPU), or why they are going after the guy when he told them about this 3 months ago and waited for the January update before getting impatient and going public.