before the buffer is freed, it is memset to zero. Except that the buffer code updated the size of the buffer before reallocating. So the cleanup function zeros beyond the buffer boundary, into parts of the heap.
At this time it is not known if this is an exploitable condition. What is known is that it is DoSable.
Quantum encryption offers NO protection against man-in-the-middle at all! So people will still need to authenticate themselves using public key encryption. since you have to use public key encryption anyway (hope nobody finds a quick factoring trick;), why not just use Diffie-Hellman to get a session key???
Well, if nuclear power is finally accepted as being the one of the least polluting sources of energy, maybe we could start building nuclear rockets (nuclear reactor 'cooks' water to plasma, ejects it, byproduct: slighty radiated water vapour). With nuclear rockets, you could shoot your waste into the sun. (with conventional rockets as well, but at what price to the environment?).
So now it takes 13.600 seconds (4 hrs) instead of 100000 seconds (28 hrs) to crack a thousand passwords. This means I can crack most passwords of a medium sized company AND use them in one nightly cracking session. Which reduces the chance for that company to detect me in time and stop me;)
So where I could only 'harvest' data from small (less than 100 emp) companies, I can now 'harvest' lots more data and from bigger companies. More profit;)
Another way to look at this is I will only need about 30 seconds of unsupervised time to get into your workstations and your network if you invite me to visit your company. Better watch all visitors like a hawk;)
(this would be done using a bootable unix dvd with the hacking database on it as well)
Last time I checked the bogons list (bogons are networks that are reserved by IANA), more than ONE THIRD of all the IPv4 addresses are still reserved, eg: ready to be given out!
So that means there are still more than 1 billion IP's left, I think that's plenty to get to 2010
(And another thing, if IANA/RIPE/ARIN/whoever wanted us to use/test/play with IPv6, why are they killing off 6BONE?)
Luckily you didn't check out how the new Zaurusses work, you can rotate the screen, then close the unit and it looks and feels like a PDA, then if you need the keyboard again, open it and rotate the screen again.
Why do you say that the ISP doesn't pay a flat monthly rate???
I'm currently working at an ISP/ASP here in Holland, and we buy our bandwidth from a backbone provider.
The Mbits we buy off the backbone are flat fee. If we go over the Mbits we bought, we have to pay a fine. This is advantageous for the backboneproviders because we have to buy a margin of about 10% above our average usage to avoid the fine, and that margin is usually doing nothing.
Is your comment in any way related to Mainframes???
I just checked http://www.tpc.org, as you suggested, and to my dismay I couldn't find a single Mainframe in any of the benchmarks. Furthermore all the top-10 price/performance results are filled with single- and dualprocessor machines, with the really big machines at the bottom.
So yes, Mainframes are fast, but they are also incredibly expensive, multiprocessor machines are also fast, and also expensive, and single- and dualprocessor machines are quite fast, but cheap.
If you really need 24GB/sec IO, get a mainframe, otherwise, go for multiple cheap PC's/Suns/whatever, and build/buy redundancy into the network and applications.
Why would you want to have lots of money? Everything there is dirt-cheap anyway (as in your monthly IT income is more than enough for a year of doing nothing there). And anyways, you're not there for the money, but for the experience.
Slashdot Mirror
Ummmmmmmmmm, the Hoover dam?
Ummmmmmmmmm, a wind farm?
Ummmmmmmmmm, a geothermal plant?
Ummmmmmmmmm, a solar farm
and remember, in fifty years oil prices will soar due to scarcity
And what do you think will be the cheapest power source in fifty years??
Petrol??
or Hydro.
(In fifty years all the easily accessible oil is gone, so prices will soar...)
I don't know where you are from, but here in Europe we put about 4 liters into a gallon, not 2.
try this query in google:
how many liters in a gallon
HTH
(and petrol cost about 1.2 euro's a liter here, hardly 5 dollars, but that's another matter)
Because reiserfs is optimized for working with lots of small files...
But then according to the website of linuxbios, they boot linux in 3 seconds, and that is because they have to wait for the harddisks to spin up.
Linuxbios is not related to this project, but then they also get the quick boot times.
RTFWebsite
Why do you say this is not available for x86?
check out www.linuxbios.org for x86 details...
Flashing linux into BIOS:
www.linuxbios.org
current record: 3 seconds!
--Blerik
Bingo,
It's in the cleanup handlers, read the code...
before the buffer is freed, it is memset to zero. Except that the buffer code updated the size of the buffer before reallocating. So the cleanup function zeros beyond the buffer boundary, into parts of the heap.
At this time it is not known if this is an exploitable condition. What is known is that it is DoSable.
--Blerik
Sir, you are absolutely correct.
;), why not just use Diffie-Hellman to get a session key???
Quantum encryption offers NO protection against man-in-the-middle at all! So people will still need to authenticate themselves using public key encryption. since you have to use public key encryption anyway (hope nobody finds a quick factoring trick
I see no advantages in Quantum Encryption at all.
And then wait 6 months until you are removed from the blacklist...
Or go out of business before then.
Well, if nuclear power is finally accepted as being the one of the least polluting sources of energy, maybe we could start building nuclear rockets (nuclear reactor 'cooks' water to plasma, ejects it, byproduct: slighty radiated water vapour). With nuclear rockets, you could shoot your waste into the sun. (with conventional rockets as well, but at what price to the environment?).
And threfore they will now GPG sign the md5sums, problem solved!
--Blerik
So now it takes 13.600 seconds (4 hrs) instead of 100000 seconds (28 hrs) to crack a thousand passwords. This means I can crack most passwords of a medium sized company AND use them in one nightly cracking session. Which reduces the chance for that company to detect me in time and stop me ;)
;)
;)
So where I could only 'harvest' data from small (less than 100 emp) companies, I can now 'harvest' lots more data and from bigger companies. More profit
Another way to look at this is I will only need about 30 seconds of unsupervised time to get into your workstations and your network if you invite me to visit your company. Better watch all visitors like a hawk
(this would be done using a bootable unix dvd with the hacking database on it as well)
--Blerik
Who says we are about to run out of IP's???
Last time I checked the bogons list (bogons are networks that are reserved by IANA), more than ONE THIRD of all the IPv4 addresses are still reserved, eg: ready to be given out!
So that means there are still more than 1 billion IP's left, I think that's plenty to get to 2010
(And another thing, if IANA/RIPE/ARIN/whoever wanted us to use/test/play with IPv6, why are they killing off 6BONE?)
--Blerik
Until they hack the switch, and switch of the power!
(check out the docs for these switches, you can switch the power per port)
--Blerik
Search the internet!
A nice site to start with is:
http://www.terraserver.microsoft.com/
(Hey mom, I can see my house from here)
There is no way to flash the BIOS without soldering, so there is also no way to fix the dashboard without some kind of physical upgrade...
So Micro$oft could fix all new Xboxen, but they cannot fix the Xboxen that are already sold.
--Blerik
But then in the second run, the mail will hit your blacklist, since the blacklist operators had 1 hour of time to add the devious spammer!
The greylist method is specifically designed to work with other methods.
--Blerik
Luckily you didn't check out how the new Zaurusses work, you can rotate the screen, then close the unit and it looks and feels like a PDA, then if you need the keyboard again, open it and rotate the screen again.
It can do 30Mhz to 2.5Ghz center frequency, and then sideband from that center up to a couple Mhz.
This means you cannot simultaneously recieve from 30Mhz band and 2.5Ghz band.
scalability of mesh networks?
a tion s/lee.pdf
try google aodv scalability, or
http://moment.cs.ucsb.edu/AODV/AODVng_Present
latency a problem?
use a big tcp window, and throughput is fine.
maybe not so good for ssh, but definately bandwidth for the masses.
--Blerik
Why do you say that the ISP doesn't pay a flat monthly rate???
I'm currently working at an ISP/ASP here in Holland, and we buy our bandwidth from a backbone provider.
The Mbits we buy off the backbone are flat fee. If we go over the Mbits we bought, we have to pay a fine. This is advantageous for the backboneproviders because we have to buy a margin of about 10% above our average usage to avoid the fine, and that margin is usually doing nothing.
--Blerik
Is your comment in any way related to Mainframes???
I just checked http://www.tpc.org, as you suggested, and to my dismay I couldn't find a single Mainframe in any of the benchmarks. Furthermore all the top-10 price/performance results are filled with single- and dualprocessor machines, with the really big machines at the bottom.
So yes, Mainframes are fast, but they are also incredibly expensive, multiprocessor machines are also fast, and also expensive, and single- and dualprocessor machines are quite fast, but cheap.
If you really need 24GB/sec IO, get a mainframe, otherwise, go for multiple cheap PC's/Suns/whatever, and build/buy redundancy into the network and applications.
--Blerik
Saw this one when mucking about with an Oracle DB:
Error 43256: Error table not found.
Why would you want to have lots of money? Everything there is dirt-cheap anyway (as in your monthly IT income is more than enough for a year of doing nothing there). And anyways, you're not there for the money, but for the experience.