correct. a hosts file (or even better a proxying dnsmasq running on your home router) won't block malicious traffic. but, in this case at least, it will stop the malicious scripts from being delivered to you in the first place. it also has the added benefit that you don't see any ads.
the networks agree to charge each other peering fees. those fees are passed on to their customers.
for example (apropos to me right now): O2 has an agreement with AT&T to handle internet traffic from AT&T phones when connected to the O2 network. there's really no technical reason O2 needs to charge more to AT&T connections than it does to its own connections - it's just a different sim, after all. in order for this to work (from a business standpoint), AT&T and O2 sign a peering agreement where they both agree to handle each other's traffic and they specify a price (along with various restrictions - including a cheaper rate for flat-rate roaming plans) - which is arbitrary. they then pass that cost directly onto the customers.
actually, a 30% tariff on an internet connection wouldn't account for these extravagant charges. these are hundreds or thousands of percent increases due to intentionally inflated peering agreements between the phone networks.
i think you're right: you can't replay the hashes. but the point of the video is that it's now almost trivial to brute-force the cleartext passwords from the hashes, especially if you have a huge corpus of harvested hashes. actually, the main point of the video is that generally people think their passwords are much more secure than they actually are.
here's an amusing video showing how simple it is to crack password hashes. teh NTLMv2 hash is only about 4 times slower than the hash he uses in the video.
what is the purpose of JNI? it's to call out to native code. what does native code tend to do? it makes calls to the fucking OPERATING SYSTEM! native code is generally NOT CROSS-PLATFORM code. seriously, what's the difference between me using JNI to call into system32.dll, or using J/Direct? none of that is cross-platform.
i know you have to connect the dots a little here, but claiming that microsoft broke cross-platform compatibility by creating a different (read: significantly better) way of calling code that is by definition not cross-platform is a stretch - you're already distributing a.dll, a.so and/or a MacOS8 shared library.
and by "weird proprietary", presumably you're referring to J/Direct which used an attribute syntax not dissimilar to what java has now calling out to COM/OLE which at the time was the interface to the largest existing library of 3-rd party commercial software components available for any platform anywhere: VB, access, office and a huge ecosystem of ISVs . microsoft was tasked by sun to write the reference implementation of java on windows. COM/OLE was THE API for writing software components on windows. if java hadn't included COM support it would have been dead on arrival. no windows dev would have touched it - they would have just stuck with VB which nobody (especially the java team inside MS) wanted - java was seen inside MS as the best way to replace the hugely popular (or, in your words, "weird proprietary") VB.
Yeah and JNI is a terrible interface. Microsoft added a different way to do platform-specific stuff that integrated smoothly into existing Windows component interfaces. They didn't remove anything in the non-platform-specific Java stuff. They didn't break any platform-agnostic code.
Slashdot Mirror
sls '<regex>' <files>
correct. a hosts file (or even better a proxying dnsmasq running on your home router) won't block malicious traffic. but, in this case at least, it will stop the malicious scripts from being delivered to you in the first place.
it also has the added benefit that you don't see any ads.
Yes! This is how you catch the terrorists. That's what this law was all about, right?
Try again.
actually, try reading again. that's what i said.
the networks agree to charge each other peering fees. those fees are passed on to their customers.
for example (apropos to me right now): O2 has an agreement with AT&T to handle internet traffic from AT&T phones when connected to the O2 network. there's really no technical reason O2 needs to charge more to AT&T connections than it does to its own connections - it's just a different sim, after all. in order for this to work (from a business standpoint), AT&T and O2 sign a peering agreement where they both agree to handle each other's traffic and they specify a price (along with various restrictions - including a cheaper rate for flat-rate roaming plans) - which is arbitrary. they then pass that cost directly onto the customers.
or just google peering agreement...
actually, a 30% tariff on an internet connection wouldn't account for these extravagant charges. these are hundreds or thousands of percent increases due to intentionally inflated peering agreements between the phone networks.
Read Jefferson's Virginia declaration of religious freedom which definitely influenced Madison's first amendment separation clause.
Bulkshit. The charges are due to the peering fees the networks agree to charge each other. The tariffs are insignificant.
i think you're right: you can't replay the hashes. but the point of the video is that it's now almost trivial to brute-force the cleartext passwords from the hashes, especially if you have a huge corpus of harvested hashes. actually, the main point of the video is that generally people think their passwords are much more secure than they actually are.
here's an amusing video showing how simple it is to crack password hashes. teh NTLMv2 hash is only about 4 times slower than the hash he uses in the video.
right, because improving things is obviously bad.
oh. my. fucking. christ!
what is the purpose of JNI? it's to call out to native code. what does native code tend to do? it makes calls to the fucking OPERATING SYSTEM! native code is generally NOT CROSS-PLATFORM code. seriously, what's the difference between me using JNI to call into system32.dll, or using J/Direct? none of that is cross-platform.
i know you have to connect the dots a little here, but claiming that microsoft broke cross-platform compatibility by creating a different (read: significantly better) way of calling code that is by definition not cross-platform is a stretch - you're already distributing a .dll, a .so and/or a MacOS8 shared library.
and by "weird proprietary", presumably you're referring to J/Direct which used an attribute syntax not dissimilar to what java has now calling out to COM/OLE which at the time was the interface to the largest existing library of 3-rd party commercial software components available for any platform anywhere: VB, access, office and a huge ecosystem of ISVs . microsoft was tasked by sun to write the reference implementation of java on windows. COM/OLE was THE API for writing software components on windows. if java hadn't included COM support it would have been dead on arrival. no windows dev would have touched it - they would have just stuck with VB which nobody (especially the java team inside MS) wanted - java was seen inside MS as the best way to replace the hugely popular (or, in your words, "weird proprietary") VB.
no, but if you used JNI to call out to a library that made linux syscalls, would that work on windows or the mac?
seriously, some people...
Yeah and JNI is a terrible interface. Microsoft added a different way to do platform-specific stuff that integrated smoothly into existing Windows component interfaces. They didn't remove anything in the non-platform-specific Java stuff. They didn't break any platform-agnostic code.
You're only supposed to blow the bloody doors off!
but i'm with Gopman.
$241,000,000 for 6,000 homeless.
do the freaking math.
my computer's over 12 years old. it's not out of date because i have updated many parts of it over the years.
what's really sad is that Apple users can't upgrade ANYTHING on their shiny new computers.
If she wins the primary and this blows open then Trump's gonna be president.
this will end in congress banning all non-backdoored encryption.
No, the decryption key is based off the passcode in combination with a secret stored in the SoC. You need both.
After 10 retries the keys in the SoC are wiped (not the flash). Without those the flash is just noise.
Blah, blah, bollocks.
Diffie-Hellman.
so? facebook could just close its french office, do business in another currency, and nothing else would change.
french advertisers should pay for their ads in a different country, then. and forgo french taxes, too.
tether?
IE on XP doesn't support secure HTTPS, either.