Are you kidding? Strong AI [NSFW] driving around is the damn status quo, and it doesn't work very well. We're trying to replace that error-prone system with something autonomous yet reasonably predictable here, strong AI needs to stay the hell out of it.
Government takes out my brakes? No problem, shift into first and engine-brake going 10 mph down the hill.
Good luck with that at any speed which would have the potential to kill you
Stuck accelerator? Put 'er in neutral.
Or turn off the ignition.
Get caught in a storm or drive into a lake? I can simply unlock the door or roll down my windows and swim out, no power components to sieze up or go inactive.
Car doors can usually be opened from the inside even when locked. An exception are back doors with stupid-child protection engaged
Starter or battery dead? Push-start the car.
Yep. But not relevant to the point being discussed. It's about gov't being out to kill you, remember?
Save gas? Coast in neutral down large hills.
No, you're wasting gas that way, since you still need some to keep the idle rev. Non-ancient cars will actually shut off fuel injection when gravity happens to temporarily become 'fuel'
It will take nothing short of a remote-controlled bomb or gunfire or a chase ram car to assassinate somebody driving an all-manual car.
And that is why your whole paranoia is even more ridiculous.
Disclaimer: i drive manual transmission too, but for none of the reasons you mention. My reasons are: a) simpler/more robust design (i.e. one less part which can fail fail), b) more control, c) avoid ridicule
Your point being? Where's the 'moderately complex system'? Or are you going to tell me that two opamps now do the whole job of the MCU? If so, using an MCU there was probably a failure to begin with.
It really isn't feasible for even moderately complex systems. Or you seem to be ignoring that most 'hardware' does pretty much nothing without.... software (i.e. firmware).
Doesn't sound to me like they were going to implement it themselves. But then again, you are frist post so you presumably didn't read TFS properly, in order to get your awsm frist post.
I don't know why it matters to you, but no, terminology didn't change. The X server is what does the actual displaying, X clients are GUI-programs [which need not run on the same host]
Teeny versions released later than the fix date will contain the fix.
Please note that NetBSD releases prior to 5.1 are no longer supported. It is recommended that all users upgrade to a supported release.
Abstract
A stack buffer overflow in parsing of BDF font files in libXfont was found that can easily be used to crash X programs using libXfont, and likely could be exploited to run code with the privileges of the X program (most nostably, the X server, commonly running as root).
This vulnerability has been assigned CVE-2013-6462
Technical Details
- From the X.org advisory:
Scanning of the libXfont sources with the cppcheck static analyzer included a report of:
[lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this report by X.Org developers concluded that a BDF font file containing a longer than expected string could overflow the buffer on the stack. Testing in X servers built with Stack Protector resulted in an immediate crash when reading a user-provided specially crafted font.
As libXfont is used to read user-specified font files in all X servers distributed by X.Org, including the Xorg server which is often run with root privileges or as setuid-root in order to access hardware, this bug may lead to an unprivileged user acquiring root privileges in some systems.
This bug appears to have been introduced in the initial RCS version 1.1 checked in on 1991/05/10, and is thus believed to be present in every X11 release starting with X11R5 up to the current libXfont 1.4.6. (Manual inspection shows it is present in the sources from the X11R5
tarballs, but not in those from the X11R4 tarballs.)
Solutions and Workarounds
Workaround: restrict access to the X server.
Solutions: a fix is included in the following versions:
To obtain fixed binaries, fetch the appropriate xbase.tgz from a daily build later than the fix dates, i.e. http://nyftp.netbsd.org/pub/NetBSD-daily////binary/sets/xbase.tgz with a date 20
Your post gave me a very hilarious picture of someone entering a bank and, when asked for the deposit number, pulling a chopped-off arm out of their backpack just to read off the number tattoo'd on it. Smarter criminals, might just, you know, cut out the patch of skin containing the number.....;)
Unless you're the sysadmin (and actually even then), your boss does not need to retrieve your password from a piece of paper, they can just have it reset (by the sysadmin. if that's who you were, setting a new root password isn't difficult either, given physical access to the servers)
it would measure a positive acceleration towards the center. if it wasn't for that acceleration, the object would go straight and hence move away from earth on a tangential path
And how do you know if your equations are correct?
Anyone could easily write an equation that equates the living hell out of the three bodies, putting them in some absurd relation to each other. Does it say anything about reality? Nah.
Slashdot Mirror
As per common English operator precedence, the hyphen-operator binds tighter than the space operator.
see man 5 english for further information
Are you kidding? Strong AI [NSFW] driving around is the damn status quo, and it doesn't work very well.
We're trying to replace that error-prone system with something autonomous yet reasonably predictable here, strong AI needs to stay the hell out of it.
Well, I'll bite.
Government takes out my brakes? No problem, shift into first and engine-brake going 10 mph down the hill.
Good luck with that at any speed which would have the potential to kill you
Stuck accelerator? Put 'er in neutral.
Or turn off the ignition.
Get caught in a storm or drive into a lake? I can simply unlock the door or roll down my windows and swim out, no power components to sieze up or go inactive.
Car doors can usually be opened from the inside even when locked. An exception are back doors with stupid-child protection engaged
Starter or battery dead? Push-start the car.
Yep. But not relevant to the point being discussed. It's about gov't being out to kill you, remember?
Save gas? Coast in neutral down large hills.
No, you're wasting gas that way, since you still need some to keep the idle rev. Non-ancient cars will actually shut off fuel injection when gravity happens to temporarily become 'fuel'
It will take nothing short of a remote-controlled bomb or gunfire or a chase ram car to assassinate somebody driving an all-manual car.
And that is why your whole paranoia is even more ridiculous.
Disclaimer: i drive manual transmission too, but for none of the reasons you mention. My reasons are: a) simpler/more robust design (i.e. one less part which can fail fail), b) more control, c) avoid ridicule
4chan run's it'self.
FTFY
well you see, in soviet russia telephone have you
what part of "meltdown" don't you understand, or where do you pull an implicit 'uncontrolled' from?
guess that means we can blame chernobyl and fukushima on the damn environmentalists
combined solar mass
Ehhhhhhhm.
Your point being? Where's the 'moderately complex system'? Or are you going to tell me that two opamps now do the whole job of the MCU? If so, using an MCU there was probably a failure to begin with.
It really isn't feasible for even moderately complex systems. .... software (i.e. firmware).
Or you seem to be ignoring that most 'hardware' does pretty much nothing without
Doesn't sound to me like they were going to implement it themselves. But then again, you are frist post so you presumably didn't read TFS properly, in order to get your awsm frist post.
I don't know why it matters to you, but no, terminology didn't change. The X server is what does the actual displaying, X clients are GUI-programs [which need not run on the same host]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NetBSD Security Advisory 2014-001
Topic: Stack buffer overflow in libXfont
Version: NetBSD-current: source prior to Tue 7th, 2014
NetBSD 6.1: affected
NetBSD 6.0 - 6.0.2: affected
NetBSD 5.1 - 5.1.2: affected
NetBSD 5.2: affected
Severity: privilege escalation
Fixed: NetBSD-current: Tue 7th, 2014
NetBSD-6-0 branch: Tue 7th, 2014
NetBSD-6-1 branch: Tue 7th, 2014
NetBSD-6 branch: Tue 7th, 2014
NetBSD-5-2 branch: Tue 7th, 2014
NetBSD-5-1 branch: Tue 7th, 2014
NetBSD-5 branch: Tue 7th, 2014
Teeny versions released later than the fix date will contain the fix.
Please note that NetBSD releases prior to 5.1 are no longer supported.
It is recommended that all users upgrade to a supported release.
Abstract
A stack buffer overflow in parsing of BDF font files in libXfont was
found that can easily be used to crash X programs using libXfont,
and likely could be exploited to run code with the privileges of
the X program (most nostably, the X server, commonly running as root).
This vulnerability has been assigned CVE-2013-6462
Technical Details
- From the X.org advisory:
Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
[lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this report by X.Org developers concluded that a BDF font
file containing a longer than expected string could overflow the buffer
on the stack. Testing in X servers built with Stack Protector resulted
in an immediate crash when reading a user-provided specially crafted font.
As libXfont is used to read user-specified font files in all X servers
distributed by X.Org, including the Xorg server which is often run with
root privileges or as setuid-root in order to access hardware, this bug
may lead to an unprivileged user acquiring root privileges in some systems.
This bug appears to have been introduced in the initial RCS version 1.1
checked in on 1991/05/10, and is thus believed to be present in every X11
release starting with X11R5 up to the current libXfont 1.4.6.
(Manual inspection shows it is present in the sources from the X11R5
tarballs, but not in those from the X11R4 tarballs.)
Solutions and Workarounds
Workaround: restrict access to the X server.
Solutions: a fix is included in the following versions:
xorg: xsrc/external/mit/libXfont/dist/src/bitmap/bdfread.c
HEAD 1.3
netbsd-6 1.1.1.2.2.1
netbsd-6-1 1.1.1.2.6.1
netbsd-6-0 1.1.1.2.4.1
netbsd-5 1.1.1.1.2.2
netbsd-5-2 1.1.1.1.2.1.4.1
netbsd-5-1 1.1.1.1.2.1.2.1
xfree: xsrc/xfree/xc/lib/font/bitmap/bdfread.c
HEAD 1.4
netbsd-6 1.2.8.1
netbsd-6-1 1.2.14.1
netbsd-6-0 1.2.10.1
netbsd-5 1.2.2.1
netbsd-5-2 1.2.12.1
netbsd-5-1 1.2.6.1
To obtain fixed binaries, fetch the appropriate xbase.tgz from a daily
build later than the fix dates, i.e.
http://nyftp.netbsd.org/pub/NetBSD-daily////binary/sets/xbase.tgz
with a date 20
Your post gave me a very hilarious picture of someone entering a bank and, when asked for the deposit number, pulling a chopped-off arm out of their backpack just to read off the number tattoo'd on it. ;)
Smarter criminals, might just, you know, cut out the patch of skin containing the number.....
Unless you're the sysadmin (and actually even then), your boss does not need to retrieve your password from a piece of paper, they can just have it reset (by the sysadmin. if that's who you were, setting a new root password isn't difficult either, given physical access to the servers)
i just threw up a bit in my mouth
so if you're too stupid to keep your login data private, say goodbye.
FTFY, and yes.
the problem with very long passwords is that typing them in gets tedious when you have to do it all the time
on your phone.
at -40 degC.
it would measure a positive acceleration towards the center. if it wasn't for that acceleration, the object would go straight and hence move away from earth on a tangential path
so 'lower' is 'higher' than 'low'?
Ehm, that's probably because gps does not work by measuring gravitational pull. Instead, differences in signal run time are considered
How does that not apply to simulation? Or didn't you bother to read the thread?
And how do you know if your equations are correct?
Anyone could easily write an equation that equates the living hell out of the three bodies, putting them in some absurd relation to each other. Does it say anything about reality? Nah.
am glad Snoden didn't release mdash;
C [...] has the moronic assumption that functions should be on the stack and not the heap
Dear Mr. experienced C programmer,
There is no such assumption in C.