I just had to have a look at a instant soup package. In Finnish they apparently are "Krutoneita". Which, by some quick reverse logic would translate to crutons:P
(Oh lord, now I will remember this factoid for the rest of my life. I probably forgot how to tie my shoelaces to make room for that.)
Ooooh... This reminds me of a neat little hapstentance while I was in vocational school. We were experimenting with high power vacuum relays. I think they were of a sort which were actually filled with some protective gas instead of...nothing. Some seal was apparently broken in one of the relays we tested and got quite a neat arc. Managed to burn the whole casing while we were attempting to cut power from the mains. Thank god everyone immediately knew NOT to try and pull the plugs.
Actually, now that I think of the teacher I had, it might have been that the broken relay was planted on purpose to demostrate what will happen with a broken one =)
It seems that they are trying to prevent spin-offs, where employer gets a clever idea and starts competing directly with the previous employee. The wording of the contract is so draconian thou, that I wouldn't sign that.
And was the "threat" video really something one should be serious about? If I had seen the video the day before the shootings, I would have dismissed the lunatic as a nutcase with twisted sense of humour. If you haven't seen the video, here's what happens:
1. Picture of the school is shown with next days date on top. 2. Ominous song plays 3. Video changes to a picture of the shooter pointing a gun at the camera. The picture is tinted red. 4. Another picture of the killer with similiar tinting. 5. Video ends.
On a different note. It is surprising the killer managed to take so many people with him, with such a low power weapon. The shots must have been from very close range and straight to the head. The.22 sig sauer mosquito shouldn't be fit for even shooting down birds from 20 meters away. I know of a case where someone accidentally (empty clip, bullet in chamber) shot himself in the forehead with similiar gun and the projectile just disintegrated on the skull. He was released from hospital in matter of hours.
I'd love to have some kind of "Web 2.0" piece of shit right now... Actually I have, but they are in Finnish and no-one is interested about 5M potential customers.^W^Wadd viewers.
I live in EU and buy products from USA quite frequently. The story is pointless and you are right. It's easy to "self import" stuff from anywhere in the world. Sure, you should pay toll and whatnot, but they are not concerned about individual purchases.
Many of you may feel angry for this, but I just uttered this to a friend of mine after ordering something from US: "Shit, with the current state of Euro value buying shit from Amazon feels like visiting liethuania to buy cheap booze and cigarettes" (Damn, now you know my country exactly)
If I had a momentary control of one of Storms C&C servers, I'd do something more productive than pit it against another C&C. (I could also mention that it would be impossible to quickly identify another C&C node.)
I would probably just figure out how to tell it to self destruct. Or even better, send gabillionzillion spam mails so I, too, could own a ferrari and a mansion.
Actually, the GP's point wasn't what I was thinking but that is even better point.
With a known protocol and incremental sequence numbers you could forge quite a long discussion with a remote host. Enough to exploit a buffer overrun even. If the sequence numbers would be predictable, you could blindly send the packets in 200ms delays just assuming how the conversation should go with the host, setting the sequence numbers to what would be predicted. Limiting factor is how the stack would behave if it gets out-of-sync HOST_UNREACHABLE or PORT_UNREACHABLE in middle of conversation it thinks is just dandy.
You can send a forged tcp/udp/icmp packet over ip with forged source ip-address easily. But how in the hell is the receiver goig to send a packet back to you if only thing it knows is the forged source address? I could make a silly analogy here but I refrain.
I was fishing for +5 insightfull from other smug bastard who have a clue how ip based networks work.
The command and control system is rather clever. Some machines of the botnet itself are the C&C servers. They are rotated at random. One server remains a C&C node for only days or hours at a time. I have no idea how the botnet owner figures out how to connect...
I see that you are heard the word "spoofing". Now go learn what it means. No, you cannot establish a tcp or any other connection masquerading as someone else. Care to guess why?
Ah, yes. That would be called "trolling" I guess, no? Trolling slashdot is one of my favourite pass times when having a particularly terrible hangover, feel cranky and like to share the experience.
Slashdot Mirror
I just had to have a look at a instant soup package. In Finnish they apparently are "Krutoneita". :P
Which, by some quick reverse logic would translate to crutons
(Oh lord, now I will remember this factoid for the rest of my life. I probably forgot how to tie my shoelaces to make room for that.)
Ooooh... This reminds me of a neat little hapstentance while I was in vocational school. ...nothing. Some seal was apparently broken in one of the relays we tested and got quite a neat arc. Managed to burn the whole casing while we were attempting to cut power from the mains. Thank god everyone immediately knew NOT to try and pull the plugs.
We were experimenting with high power vacuum relays. I think they were of a sort which were actually filled with some protective gas instead of
Actually, now that I think of the teacher I had, it might have been that the broken relay was planted on purpose to demostrate what will happen with a broken one =)
That would be crutons
It seems that they are trying to prevent spin-offs, where employer gets a clever idea and starts competing directly with the previous employee.
The wording of the contract is so draconian thou, that I wouldn't sign that.
And was the "threat" video really something one should be serious about? If I had seen the video the day before the shootings, I would have dismissed the lunatic as a nutcase with twisted sense of humour.
.22 sig sauer mosquito shouldn't be fit for even shooting down birds from 20 meters away. I know of a case where someone accidentally (empty clip, bullet in chamber) shot himself in the forehead with similiar gun and the projectile just disintegrated on the skull. He was released from hospital in matter of hours.
If you haven't seen the video, here's what happens:
1. Picture of the school is shown with next days date on top.
2. Ominous song plays
3. Video changes to a picture of the shooter pointing a gun at the camera. The picture is tinted red.
4. Another picture of the killer with similiar tinting.
5. Video ends.
On a different note. It is surprising the killer managed to take so many people with him, with such a low power weapon. The shots must have been from very close range and straight to the head. The
Yes I can. And this is not merely contradiction!
And 97% better chance to getting convicted becuse there is clear evidence available.
I'd love to have some kind of "Web 2.0" piece of shit right now...
Actually I have, but they are in Finnish and no-one is interested about 5M potential customers.^W^Wadd viewers.
Best retort ever...
I live in EU and buy products from USA quite frequently. The story is pointless and you are right. It's easy to "self import" stuff from anywhere in the world. Sure, you should pay toll and whatnot, but they are not concerned about individual purchases.
Many of you may feel angry for this, but I just uttered this to a friend of mine after ordering something from US:
"Shit, with the current state of Euro value buying shit from Amazon feels like visiting liethuania to buy cheap booze and cigarettes" (Damn, now you know my country exactly)
Damn, you'r good!
s/hard/impossible/
or perhaps
s/hard/impractical for any real world use/
If I had a momentary control of one of Storms C&C servers, I'd do something more productive than pit it against another C&C. (I could also mention that it would be impossible to quickly identify another C&C node.)
I would probably just figure out how to tell it to self destruct.
Or even better, send gabillionzillion spam mails so I, too, could own a ferrari and a mansion.
Again: "It just doesn't work that way grandma"
As I tell many of my computer illiterate friends: "It just doesn't work that way"
Actually, the GP's point wasn't what I was thinking but that is even better point.
With a known protocol and incremental sequence numbers you could forge quite a long discussion with a remote host. Enough to exploit a buffer overrun even. If the sequence numbers would be predictable, you could blindly send the packets in 200ms delays just assuming how the conversation should go with the host, setting the sequence numbers to what would be predicted. Limiting factor is how the stack would behave if it gets out-of-sync HOST_UNREACHABLE or PORT_UNREACHABLE in middle of conversation it thinks is just dandy.
It won't work against unknown protocol ofcourse.
Oops, hehe. I thought I was replying to another thread by me. Disregard the previous post.
You can send a forged tcp/udp/icmp packet over ip with forged source ip-address easily. But how in the hell is the receiver goig to send a packet back to you if only thing it knows is the forged source address? I could make a silly analogy here but I refrain.
I was fishing for +5 insightfull from other smug bastard who have a clue how ip based networks work.
I could be polite and specify my question in more novel manner, but:
What the fuck are you talking about?
The command and control system is rather clever. Some machines of the botnet itself are the C&C servers. They are rotated at random. One server remains a C&C node for only days or hours at a time. I have no idea how the botnet owner figures out how to connect...
I see that you are heard the word "spoofing". Now go learn what it means.
No, you cannot establish a tcp or any other connection masquerading as someone else. Care to guess why?
Now seriously. Would you consider a dektop instead of a laptop a security feature?
I even tried tagging the article as "mod_rewrite", because before I had read the headline completelly that word came to mind.
Or as we in the trade call it, the design patterns.
(Sorry DFly, I stole that from you.)
Ah, yes. That would be called "trolling" I guess, no?
Trolling slashdot is one of my favourite pass times when having a particularly terrible hangover, feel cranky and like to share the experience.
I'll just eat beef and butter thank you.