Remember when you used to be able to just shoot a squirrel in your yard and cook it for dinner? Now you are stuck buying steak at a grocery store or having someone bringing food to your front door, and a lot of times it's already cooked. Damn this new fangled technology. I so long for the days when we weren't dependant upon it!
You just contradicted yourself. Java can't beat C for portability, and be unavailable on a vast number of systems. C is FAR more portable than Java. The Linux kernel supports more than 30 hardware architectures, for example. What you mean is that Java ships with Middleware (i.e. the JVM) that makes it run unmodified on a few different Operating Systems. It isn't more portable by any stretch of the imagination.
OK. Reality check time. First, the following: "It is said that the attack vector could place all 400 million computers running Windows 10 at risk." So we immediately know that these people are disingenuous at best, since no 32 bit system can even run WSL, most 64 bit systems won't have it, and detecting attempts to install it outside the normal manual channel is trivial.
Next, the exploit example requires you to install WINE, (which they misspell as Wine), so suddenly they sound quite foolish indeed don't they?
Finally, we get to the real reason they are sounding alarms so loudly when it is much ado about nothing: "Following this discovery, we updated our SandBlast Threat Prevention solutions, to protect our customers from Bashware."
As to your remark that it May as well be running in a virtual machine, that is simply wrong. In order for the malware to infect the system it has to pass through the Windows system in order to get to the WSL subsystem, at which point it could be detected. They say they created examples that weren't detected. No shit Sherlock. New viruses aren't detected all the time that don't use the WSL. That's why they have definition updates. This is much ado about nothing, designed to leverage ignorance and sell a product. Nothing more.
The WSL must be installed. It does not exist in a default install. For 32 bit systems it isn't available at all. In the end though this is not a vulnerability any more than most of the "vulnerabilities" you see these "researchers" finding on Linux systems. It is the classic "OMFG if you have admin / root / ring0 privs then you can do things!" Chicken Little cry.
If you want to argue the importance of college degrees, you should probably at least get through the second sentence without misusing a word completely.
Atoms don't follow the law's of Physics, as the term is a misnomer. Physics and math attempt to understand the behavior of atoms. It is much like trying to understand a woman with logic. The moment we think we have it figured it out is the moment we become complete fools:-)
I assure you that when you have little internal storage and can't get rid of dropbox, Uber, and other apps, it is a problem. You may not be forced to use them, but you are forced to let them eat up your valuable available storage. This problem is real, and I have had to deal with it. Since even you didn't understand the problem, I think I've made my point, and thanks for helping drive that point home:-)
99% of the people who buy phones are not technically savvy enough to even understand that there is a problem, never mind find the phones that solve it, so there really is (almost) no phone that you can buy, when the collective you refers to the masses and not a small subset that frequents Slashdot.
If you aren't googling for answers about using C you probably don't understand the language. Or more accurately, how to use it to do anything useful. Try using the OpenSSL API without searching online for example. Of course your question likely has already been answered both correctly and incorrectly.:-)
The funny thing is that he didn't even invent the "pretend to work on it and steal ideas instead" approach. He stole THAT from Bill Gates, who intentionally dragged feet on Word for Mac while he developed his own competing GUI.
I agree. The hand signals are an encryption scheme with much greater entropy than the Cesar Cipher. But again, you can "break" it if you have the plaintext. Each signal is an encrypted semaphore. Really, it is very strong encryption, as given the encrypted content you couldn't derive the plaintext in a million lifetimes. So again, it's encryption, not just encoding.
Slashdot Mirror
Ask a homeless person to borrow theirs.
Remember when you used to be able to just shoot a squirrel in your yard and cook it for dinner? Now you are stuck buying steak at a grocery store or having someone bringing food to your front door, and a lot of times it's already cooked. Damn this new fangled technology. I so long for the days when we weren't dependant upon it!
Windows has always been one big exploit waiting to be used. Ones that require admin access are NOT the low hanging fruit.
You spelled disadvantage wrong.
You just contradicted yourself. Java can't beat C for portability, and be unavailable on a vast number of systems. C is FAR more portable than Java. The Linux kernel supports more than 30 hardware architectures, for example. What you mean is that Java ships with Middleware (i.e. the JVM) that makes it run unmodified on a few different Operating Systems. It isn't more portable by any stretch of the imagination.
I'm OK with you thinking it is a major issue. Everybody has the right to be wrong :-)
OK. Reality check time. First, the following: "It is said that the attack vector could place all 400 million computers running Windows 10 at risk." So we immediately know that these people are disingenuous at best, since no 32 bit system can even run WSL, most 64 bit systems won't have it, and detecting attempts to install it outside the normal manual channel is trivial.
Next, the exploit example requires you to install WINE, (which they misspell as Wine), so suddenly they sound quite foolish indeed don't they?
Finally, we get to the real reason they are sounding alarms so loudly when it is much ado about nothing: "Following this discovery, we updated our SandBlast Threat Prevention solutions, to protect our customers from Bashware."
As to your remark that it May as well be running in a virtual machine, that is simply wrong. In order for the malware to infect the system it has to pass through the Windows system in order to get to the WSL subsystem, at which point it could be detected. They say they created examples that weren't detected. No shit Sherlock. New viruses aren't detected all the time that don't use the WSL. That's why they have definition updates. This is much ado about nothing, designed to leverage ignorance and sell a product. Nothing more.
Why wouldn't they be able to catch it? Surely you don't think they work by waiting until the virus runs and has already done its damage?
The WSL must be installed. It does not exist in a default install. For 32 bit systems it isn't available at all. In the end though this is not a vulnerability any more than most of the "vulnerabilities" you see these "researchers" finding on Linux systems. It is the classic "OMFG if you have admin / root / ring0 privs then you can do things!" Chicken Little cry.
Shouldn't there be a !DONTHACKMEBRO! directive?
If you want to argue the importance of college degrees, you should probably at least get through the second sentence without misusing a word completely.
That is a ridiculous claim. Unicode is an encoding scheme. It is no more of a language than the alphabet is a language, to wit, not in any way.
There was no reason to use the "Turing Complete" qualifier. You could have just said it isn't a language.
Atoms don't follow the law's of Physics, as the term is a misnomer. Physics and math attempt to understand the behavior of atoms. It is much like trying to understand a woman with logic. The moment we think we have it figured it out is the moment we become complete fools :-)
For those who are as clueless as the AC noob above you can read PEP8.
I assure you that when you have little internal storage and can't get rid of dropbox, Uber, and other apps, it is a problem. You may not be forced to use them, but you are forced to let them eat up your valuable available storage. This problem is real, and I have had to deal with it. Since even you didn't understand the problem, I think I've made my point, and thanks for helping drive that point home :-)
99% of the people who buy phones are not technically savvy enough to even understand that there is a problem, never mind find the phones that solve it, so there really is (almost) no phone that you can buy, when the collective you refers to the masses and not a small subset that frequents Slashdot.
If you aren't googling for answers about using C you probably don't understand the language. Or more accurately, how to use it to do anything useful. Try using the OpenSSL API without searching online for example. Of course your question likely has already been answered both correctly and incorrectly. :-)
Please tell me you aren't a Python programmer. (Using spaces and never tabs is the right way to do it.)
When compared to You? Absolutely a goldfish is a relative genius.
Smartphones can do math and make decisions, so not really similar at all actually.
Yes, a contemporary well known Schmuckerberg is sure to keep that still held belief to himself.
The funny thing is that he didn't even invent the "pretend to work on it and steal ideas instead" approach. He stole THAT from Bill Gates, who intentionally dragged feet on Word for Mac while he developed his own competing GUI.
2600 Hz is well within audio range, and the systems were supposed to respond to said frequency, so basically nothing like this at all.
I agree. The hand signals are an encryption scheme with much greater entropy than the Cesar Cipher. But again, you can "break" it if you have the plaintext. Each signal is an encrypted semaphore. Really, it is very strong encryption, as given the encrypted content you couldn't derive the plaintext in a million lifetimes. So again, it's encryption, not just encoding.