Mod parent up! (Funny)
However juvenile as the whole discussion of romanized foreign words that sound/look like something inappropriate is,
Parent's double-play with the typo-dong was a masterstroke!
I applaud their efforts, even though I'm a little horrified at the lengths to which we'll go in our quest to remove anonymity.
While I'm sure there are good uses this can be put to, I wonder if any of the researchers questioned whether this was really a good idea...
Now, if this system was capable of identifying the person responsible for {insert bad corporate act(s)} through the corporate veil well enough for them to be meaningfully punished, that would be incredible!
The Server Application in Windows 10 isn't running inside of a hypervisor; it's "running on the OS, getting all the benefits of performance and system access, as well as expanding the potential attack surface." eWeek reports on a new threat discovered by Alex Ionescu, the chief architect at cybersecurity company Crowdstrike, which begins with the fact that "The Windows file system is also mapped to the Server Application, such that the Server Application will get access to [...] files and directories."
Ionescu says "There are a number of ways that Windows applications could inject code, modify memory and add new threats to the Server Application running on Windows." According to eWeek, "The modified Server Application code in turn could then call Windows APIs and get access to system calls to perform malicious actions that might not be mitigated."
I'll Tell you what else increase your attack surface: Turning the computer on.
Didn't RTFA (naturally!), but the summary fails to convince me that this is more than incrementally worse than running...well...MOST applications that do anything useful on Windows.
That is the sound of Apple taking away your guns! If Apple deprecates that emoji, lawful users of iOS will no longer be able to defend themselves against Android users that are still permitted the use of guns! *snicker*
Oh? So more/better qualified candidates have become available to apply for positions at Apple? Great! Although, I'm not entirely convinced that Apple had anything to do with that...
err..or were you saying that Apple has become a little better at hiring people that will make it look more Politically Correct?
I think GP was perhaps alluding the Gutmann method (35-pass) of sanitizing data on a hard-drive. Which method has been obsolete since the late 90s, as it was specifically designed to wipe HDDs using MFM/RLL (how magnetic signals detected on the hard-drive were interpreted). With newer magnetic media, one pass is honestly "good enough". Three passes using a well-known standard can afford you better peace of mind while also allowing you to comply with most official "secure wipe" requirements.
Unless GP specifically meant Flash/chip-based storage, in which case, your best bet may be a drive that destroys its media if the drive's enclosure is compromised.
Might as well check this box off on the "obvious points to cover" list:
* Without considering whether or not Valve is reasonably at fault, I'm going to go ahead and say that the man who filed the first suit indicated above wasn't winning. Gee whiz, Mom! I didn't know that actions have consequences, and that sometimes, you lose! Again, regardless of whether Valve should be on the hook or not, I doubt he'd have filed suit if he was a better bettor.
* For the second lawsuit, where the supposed victim is/was a minor, same question: Was he winning? I imagine that to be slightly less a factor, as his parent(s) might be aware that winning streaks can end in tears. However, WHERE WAS HE GETTING THE MONEY? How was he spending it online? Not so hard as it once was, but perhaps they figure that their perfect little angel would never have engaged in such mischief if hadn't corrupted hi pure, innocent heart.
Sometimes this stuff gets under my skin. I understand that demonstrating you've been harmed by another party is an important step to convincing the courts to intercede (and/or convince another party to make changes BEFORE it goes to court), but that doesn't mean it can't piss me off.
More seriously, though, I'm torn on whether I support this or not (like my opinion on the subject matters, haha). If they're going to turn Unicode into AOL Instant Messaging or w/e, I guess they may as well strive to be politically correct about it?
AhX87P! is far more secure than "Little jack horner played in the corner eating his" will ever be, even if the second one is much longer.
I disagree with you on that point, AC.
In the almost worst case, "Little jack horner..." (where the attacker had a LOT of specific information about how you selected your password), figure something like 30k possibilities. Again, I'm talking about your roommate or family member; someone who knows you very well.
Truly, that's a poor contrast with the ~22 trillion possibilities of an 7-printable-characters-long password.
On the other hand, if we're just doing a dictionary attack based on a 2,000 word (assume that manages to include the word "horner") dictionary (Oxford estimates something around 170k English words that are in use) and the attacker "knows" that the phrase is 9 words long. Then, take the ROOT of the resultant possibilities (attacker has a method that is able to cull a shit-ton of unlikely word combinations, such that phrase can be considered as having only half as many words) while IGNORING capitalization and punctuation:
I still get 715 trillion possibilities. I could be completely wrong here, but that seems a lot better than a 7-character password.
No; It's the difference between gagging you to prevent you from releasing sensitive information and forcing you to explicitly state an untruth.
I let you figure out which is which. Consider also the phrase "No comment" in response to certain pointed kinds of questions.
decrease recidivism. In which case free phone service for prisoners would pay for itself
And where is the incentive for the prison industry to decrease recidivism? I don't refer to the people "in charge". Politically, there are points to be scored by underlining successful reformations; however, there are so many more points to be scored through PROFITS.
older titles will remain compatible with the new machines
Well, 99% compatible; but, really, is anyone worried about the occasional game-breaking glitch in older software titles?
Nobody replays those. Even if someone discovers a classic for the first time, I'm sure the developer will keep up with fixing any bugs introduced!
[end sarcasm]
Slashdot Mirror
Comprising the root/admin account is sometimes overrated.
One congressional official, who has been briefed recently on the matter, said
I first read this as "bribed". Not sure if that says more about me or my perception of members of the U.S. Congress.
into the same premier league of public corporations as U.S. tech giants Apple, Alphabet, Microsoft, Amazon and Facebook.
In before "How is Google not on that list??"
Oddly, 40 Mega-dollars and 40 million-dollars works out the same! ;-P
Goddamn Marketing, always ruining our maths
Hmm. Guess that was too much lead in for the "double-play/typo-dong/masterstroke" joke. Oh, well!
Mod parent up! (Funny)
However juvenile as the whole discussion of romanized foreign words that sound/look like something inappropriate is,
Parent's double-play with the typo-dong was a masterstroke!
I applaud their efforts, even though I'm a little horrified at the lengths to which we'll go in our quest to remove anonymity.
While I'm sure there are good uses this can be put to, I wonder if any of the researchers questioned whether this was really a good idea...
Now, if this system was capable of identifying the person responsible for {insert bad corporate act(s)} through the corporate veil well enough for them to be meaningfully punished, that would be incredible!
The Server Application in Windows 10 isn't running inside of a hypervisor; it's "running on the OS, getting all the benefits of performance and system access, as well as expanding the potential attack surface." eWeek reports on a new threat discovered by Alex Ionescu, the chief architect at cybersecurity company Crowdstrike, which begins with the fact that "The Windows file system is also mapped to the Server Application, such that the Server Application will get access to [...] files and directories."
Ionescu says "There are a number of ways that Windows applications could inject code, modify memory and add new threats to the Server Application running on Windows." According to eWeek, "The modified Server Application code in turn could then call Windows APIs and get access to system calls to perform malicious actions that might not be mitigated."
I'll Tell you what else increase your attack surface: Turning the computer on.
Didn't RTFA (naturally!), but the summary fails to convince me that this is more than incrementally worse than running...well...MOST applications that do anything useful on Windows.
That is the sound of Apple taking away your guns! If Apple deprecates that emoji, lawful users of iOS will no longer be able to defend themselves against Android users that are still permitted the use of guns!
*snicker*
Oh? So more/better qualified candidates have become available to apply for positions at Apple? Great! Although, I'm not entirely convinced that Apple had anything to do with that...
err..or were you saying that Apple has become a little better at hiring people that will make it look more Politically Correct?
I think GP was perhaps alluding the Gutmann method (35-pass) of sanitizing data on a hard-drive. Which method has been obsolete since the late 90s, as it was specifically designed to wipe HDDs using MFM/RLL (how magnetic signals detected on the hard-drive were interpreted). With newer magnetic media, one pass is honestly "good enough". Three passes using a well-known standard can afford you better peace of mind while also allowing you to comply with most official "secure wipe" requirements.
Unless GP specifically meant Flash/chip-based storage, in which case, your best bet may be a drive that destroys its media if the drive's enclosure is compromised.
Might as well check this box off on the "obvious points to cover" list:
* Without considering whether or not Valve is reasonably at fault, I'm going to go ahead and say that the man who filed the first suit indicated above wasn't winning. Gee whiz, Mom! I didn't know that actions have consequences, and that sometimes, you lose! Again, regardless of whether Valve should be on the hook or not, I doubt he'd have filed suit if he was a better bettor.
* For the second lawsuit, where the supposed victim is/was a minor, same question: Was he winning? I imagine that to be slightly less a factor, as his parent(s) might be aware that winning streaks can end in tears. However, WHERE WAS HE GETTING THE MONEY? How was he spending it online? Not so hard as it once was, but perhaps they figure that their perfect little angel would never have engaged in such mischief if hadn't corrupted hi pure, innocent heart.
Sometimes this stuff gets under my skin. I understand that demonstrating you've been harmed by another party is an important step to convincing the courts to intercede (and/or convince another party to make changes BEFORE it goes to court), but that doesn't mean it can't piss me off.
More seriously, though, I'm torn on whether I support this or not (like my opinion on the subject matters, haha). If they're going to turn Unicode into AOL Instant Messaging or w/e, I guess they may as well strive to be politically correct about it?
Meh.
After all, these ships are too big to fail.
/sunglasses
Strange. Given the cost of buying an iPhone, I've known for years that the people wearing the Apple T-Shirts were thieves.
#can't-take-a-joke
AhX87P! is far more secure than "Little jack horner played in the corner eating his" will ever be, even if the second one is much longer.
I disagree with you on that point, AC.
In the almost worst case, "Little jack horner..." (where the attacker had a LOT of specific information about how you selected your password), figure something like 30k possibilities. Again, I'm talking about your roommate or family member; someone who knows you very well.
Truly, that's a poor contrast with the ~22 trillion possibilities of an 7-printable-characters-long password.
On the other hand, if we're just doing a dictionary attack based on a 2,000 word (assume that manages to include the word "horner") dictionary (Oxford estimates something around 170k English words that are in use) and the attacker "knows" that the phrase is 9 words long. Then, take the ROOT of the resultant possibilities (attacker has a method that is able to cull a shit-ton of unlikely word combinations, such that phrase can be considered as having only half as many words) while IGNORING capitalization and punctuation:
I still get 715 trillion possibilities. I could be completely wrong here, but that seems a lot better than a 7-character password.
The company insists that it won't use this information against you.
Ahahahahahahahahahaha! Ha!
"I don't report vulnerabilities anymore; go underground or go home."
Perfect opportunity for a semicolon, imo. Such a waste of an opportunity!
/grin
No; It's the difference between gagging you to prevent you from releasing sensitive information and forcing you to explicitly state an untruth.
I let you figure out which is which. Consider also the phrase "No comment" in response to certain pointed kinds of questions.
"Why won't you DIE?"
I've got that already:
"Nope."
decrease recidivism. In which case free phone service for prisoners would pay for itself
And where is the incentive for the prison industry to decrease recidivism? I don't refer to the people "in charge". Politically, there are points to be scored by underlining successful reformations; however, there are so many more points to be scored through PROFITS.
I should think not! They paid good money for that award!
This just is: not everything is great for everybody!
News at eleven.
older titles will remain compatible with the new machines
Well, 99% compatible; but, really, is anyone worried about the occasional game-breaking glitch in older software titles?
Nobody replays those. Even if someone discovers a classic for the first time, I'm sure the developer will keep up with fixing any bugs introduced!
[end sarcasm]