Slashdot Mirror


User: julesh

julesh's activity in the archive.

Stories
0
Comments
8,446
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,446

  1. Re:32 gigabit on World's Thinnest Flash Memory Cell Unveiled · · Score: 1

    is 4 294 967 296 bytes or about 4.3GB

    I think you'll find that's actuall 4GB. Unless you're one of these new-fangled-power-of-10-unit people. ;)

  2. Re:Third-party modules? on PHP Vulnerabilities Announced · · Score: 1

    actually, mysql doesn't have a binding API and doesn't support prepared statements

    http://dev.mysql.com/doc/mysql/en/C_API_Prepared _s tatements.html

    "As of MySQL 4.1, the client/server protocol provides for the use of prepared statements. This capability uses the MYSQL_STMT statement handler data structure returned by the mysql_stmt_init() initialization function. Prepared execution is an efficient way to execute a statement more than once. The statement is first parsed to prepare it for execution. Then it is executed one or more times at a later time, using the statement handle returned by the initialization function."

  3. Re:PHP needs CFQUERYPARAM on PHP Vulnerabilities Announced · · Score: 1

    In coldfusion we have a tag when building dynamic SQL statements called CFQUERYPARAM. Basically what it does is allow you to say that this parameter is this type and what not. You can also assign a max value to the tag. So you can tell the SQL engine that this variable is a VARCHAR of 255 maxlength. The beauty about this is that if the variable doesn't meet the criteria, it throws an error. This is another step in preventing SQL injections.

    Well, it isn't exactly hard to do input validation in PHP, either. You just put a set of rules at the top of your script somewhat like this:

    <php
    function err ($msg) { /* code to display error message and abort */ }
    if (!is_numeric($HTTP_GET_VARS['foo'])) err ('foo must be a number');
    if (strlen($HTTP_GET_VARS['bar']) > 255) err ('bar must be 255 characters or less');
    ?>

    I tend to use regular expressions to validate input, as they're quite handy for doing so, and there's just about nothing that can't be appropriately validated with them.

    The other thing that has ALWAYS bothered me about PHP is the error handling. I can't tell you how many sites I have gone to and seen just page of php error throughout the entire page.

    PHP error handling is highly configurable. This is just a case of lazy application authors leaving the default error handling in action. The same capability as your <cferror> example can be achieved with the following (untested, so may need a little debugging, but I doubt it) php code:

    <php
    function mail_error($errno, $errstr, $errfile, $errline, $errcontext) {
    mail ("address@wherever", "Error $errno in $errfile", "$errno: $errstr in $errfile at $errline $errcontext");
    }
    set_error_handler ("mail_error");
    ?>

  4. Re:parent is not troll--mod up pls on PHP Vulnerabilities Announced · · Score: 1

    Note that PHPNuke is widely known to have terrible security. With most of the other packages out there, you'd have had fewer problems.

  5. Re:8 cores, next year? i think not! on Intel Expands Core Concept for Chips · · Score: 1

    Note that (if my understanding is correct) the cache is shared between all the cores (as this solves cache coherence problems). As the cache actually takes up the majority of the transistor count on most modern processors, doubling the number of cores is nothing like doubling the number of transistors.

  6. Re:Wafer computing at last? on Intel Expands Core Concept for Chips · · Score: 1

    Ah, yes, Wafer Scale Integration.

    IIRC, the main problem that was encountered is that it is extremely unusual to produce an entire wafer of defect free components. While some work was done on producing wafers that were able to route around damaged sections, I don't think it ever got very far.

    I'm sure we'll see it return at some point, though.

  7. Re:Great! on Astronaut: 'Single-Planet Species Don't Last' · · Score: 1

    I don't think it's scaremongering, because I really believe that the people saying it believe that we need to have manned space exploration in order to enable us to survive such events. There is no ulterior motive. It is why many of them got involved in the first place.

  8. Re:How long until they charge for Service Packs? on Microsoft May Charge for Security Tools · · Score: 1

    Open Source vendors such as Red Hat and Novell/SuSE are selling "cheap" software, built by the Open Source community, and charging a premium for patches. It is a "new business model".

    I don't know about RedHat, but Novell/SuSE are _NOT_ charging for patches. I used YOU (the automatic update service for SuSE Linux) only a couple of days ago to download patched versions of a few packages I had installed, and haven't paid them a penny for the privelege.

  9. Re:Mod parent asinine on Microsoft May Charge for Security Tools · · Score: 1

    So to this day, many programs, including some of MS's own applications do not run right (or at all) unless you are Administrator.

    Which of MS's applications need you to run as Administrator, other than during installation, a function which should be performed by your network administrator, and applications intended for use only for systems administration purposes, e.g. Windows Update?

  10. Re:Even Encryption won't help in the UK on EU Moves Forward with Data Retention · · Score: 1

    Exactly. See, for instance, this project (google cache as the original server seems to be down at the moment) which provides an implementation of this idea as a Linux filesystem.

  11. Re:Even Encryption won't help in the UK on EU Moves Forward with Data Retention · · Score: 1

    If you could prove you'd done so, yes.

  12. Re:not to take the thunder on DJB Announces 44 Security Holes In *nix Software · · Score: 1

    True. However I wouldn't usually consider the kind of applications that an assembler would be used in as "security critical". It's a bug, but I don't really see it as a big deal.

  13. How about giving people a chance to fix? on DJB Announces 44 Security Holes In *nix Software · · Score: 1

    I posted this in reply to another comment, but I don't think it's getting the attention it deserves there, so I'm going to post it here in the hope more people see it.

    How come details of these exploits have been released to the public (and heavily publicised on slashdot, no less) the day after notifications of the problems were sent to package maintainers.

    This is, I think, a serious breach of correct security flaw reporting protocol. While many of these bugs are unlikely to affect many users (most of them only show up if you process files from untrusted sources through applications that you would not normally do so with), some of them are exploitable in situations that occur commonly (e.g. this one) and publicising the existence of the problems so quickly after the maintainers became aware of them merely servers to put the users of these software packages at greater risk.

    So why was it handled this way?

  14. Re:Software company, not bozos on IT Practice Within Microsoft · · Score: 1

    Sure it does. Certain operating systems, that need not be named, require anyone to have what would be at least a subset of root-style priveledges just to be usable.

    No amount of Wizardry can make up for pisspoor tools.


    Well, I'm sitting here using Windows 2000 from a non-administrator account, and haven't needed to log in as administator for over 6 months. And I consider myself a power user. So obviously that isn't the system that you're talking about?

  15. Re:not to take the thunder on DJB Announces 44 Security Holes In *nix Software · · Score: 1

    but have you read the reports? ... uses strcat ... ... uses scanf ...

    The only report I've read is the one for nasm, which was due to using vsprintf. While this wasn't in code that I wrote, I'll defend it by saying that when it was written (probably some time around '95), there was no such function as vsnprintf, which was introduced in the C99 standard.

  16. Re:Even Encryption won't help in the UK on EU Moves Forward with Data Retention · · Score: 4, Informative

    All it takes is one high court case, observed by our sensationalistic media, and that law will be consigned to the gutter.

    The law includes secrecy provisions. Anyone charged under it will have their hearing in a closed session, and are strictly prohibited (penalty of 5 years imprisonment) from informing anyone other than their lawyer, so media coverage seems unlikely.

    (4) A person who makes a disclosure to any other person of anything that he is required by a section 49 notice to keep secret shall be guilty of an offence and liable-

    (a) on conviction on indictment, to imprisonment for a term not exceeding five years or to a fine, or to both;

    (b) on summary conviction, to imprisonment for a term not exceeding six months or to a fine not exceeding the statutory maximum, or to both.

  17. Re:Probable Cause on EU Moves Forward with Data Retention · · Score: 1

    From the article you posted it looks like the legislation is intended to give the police the right to decrypt communications they've already intercepted as part of an investigation. Can they do this without a warrant? If they can't, what's the problem?

    They're allowed to issue their own orders. There is no judicial oversight of the process. The requirement for evidence that you actually can comply with the order is that they show reasonable grounds to believe it, not that they prove it beyond reasonable doubt.

  18. Re:Even Encryption won't help in the UK on EU Moves Forward with Data Retention · · Score: 3, Informative

    Yeah, and according to the law, unless you can _prove_ you've forgotten it when there's _reasonable evidence to suggest_ that you know it, you're still going to go to prison.

  19. Re:Strange definition of 'remote exploit' on DJB Announces 44 Security Holes In *nix Software · · Score: 1

    As a (not very active) nasm developer, I feel I ought to respond to this. First of all, thanks for providing us with an accurate and useful bug report. I have often wished more of our users would put as much effort into working out what's wrong with nasm as you did. :)

    Here's the scenario: You are the TA for a CS course. You have 700 NASM programs to grade. What do you do? Compile them and see if they run and return the expected results. Well by doing that, I just compromised your entire account. From the comfort of my own home.

    OK, first of all, in your scenario, what's to stop a student just submitting some malicious code that doesn't depend on a nasm bug?

    Anybody who is taking code from somebody else and executing it is already trusting that person.

    This is not a remotely exploitable security hole, because there is no realistic scenario in which it can be exploited remotely that doesn't already imply some kind of pre-existing vulnerability.

    If you describe this as a remotely exploitable security hole, perhaps you'd describe the existence of shell scripts as one too. After all, I could send you a shell script as an attachment to an e-mail that, if you executed it, would delete all your files, and you might decide to run it to see what it did?

    So yes, it's a remote exploit. And not the only one in NASM (There are a few other exploitable buffers, but I couldn't shove a return address over the saved EIP.)

    You'll have to forgive my lack of knowledge of exploit development, but surely if you couldn't do this, it _isn't_ exploitable (except perhaps as a DoS, which as nasm is not a network server providing a critical service is hardly a huge problem)?

    As a final question, more related to the other bugs that were found as I consider it likely that at least some of them are more serious than the nasm problem: if these bugs are remotely exploitable, what's the deal with publicising them this widely the day after the notification was sent to the project maintainers? Standard notification procedure is to at least allow the maintainers a few weeks to fix an issue and release a patch before going public with it, so why has this not been followed in this case?

  20. Re:It's just an assignment - Did you even go to un on DJB Announces 44 Security Holes In *nix Software · · Score: 2, Informative

    ...all of the methods attributed to Bohr are more accurate than the method the professor considered to be the 'right' solution.


    I'd expect the error on making a measurement of gravity by the period of a pendulum swing and comparing the change over altitude to be _much_ less accurate, myself.

  21. Re:This is for the best, really on Illegal File Trading Draws Two P2P Raids In Europe · · Score: 0, Redundant

    A definition:

    theft
    n. the generic term for all crimes in which a person intentionally and fraudulently takes personal property of another without permission or consent and with the intent to convert it to the taker's use (including potential sale).

    [source: dictionary.law.com]

    The relevant phrase here is "takes personal property [...] without permission or consent". Nothing has been taken, only an additional copy has been made.

    Also note "convert it to the taker's use". When copyright is infringed, the original copy still remains, and therefore its use is not in way converted.

    It is _NOT_ theft.

    Or, if you prefer a non-legal definition (despite the fact that we're talking about legal matters here), try this one:

    theft // n.
    1 the act or an instance of stealing.
    2 dishonest appropriation of another's property with intent to deprive him or her of it permanently.

    [concise oxford english dictionary, 9th ed]

    Nobody is deprived of the original copy of the work, so making a copy of it is not theft. Nor is it stealing, which is to "take (property etc.) without right or permission, esp. in secret with the intention of not returning it" as nothing has been taken that could be returned.

  22. Re:that certainly answers one question on Illegal File Trading Draws Two P2P Raids In Europe · · Score: 2, Insightful

    I have to ask, since the article points out that police are also striking at eDonkey servers, when the cops are going to be knocking on my door. My son and half the kids in his dorm are swapping/swiping movies like crazy with eDonkey.

    File swapping on eDonkey is not the same thing as running an eDonkey server. The network uses an architecture similar to napster, where there are numerous central servers that hold a cache of the list of files their clients are sharing and send back IPs that match any request they receive. There's about 1 server to every 10,000 or so users. I doubt you have much to worry about until they start prosecuting the sharers (as they have been doing for kazaa users in the past).

  23. Re:There's definite pockets of non-Microsoft use.. on IT Practice Within Microsoft · · Score: 1

    which includes the "viral" GCC.

    What, exactly, about GCC is "viral"?

  24. Re:There's definite pockets of non-Microsoft use.. on IT Practice Within Microsoft · · Score: 1

    GCC is included in Interix because it's the only compiler that can make UNIX-style executables in PE/COFF format

    Bollocks. I used to be a regular use of a compiler called LCC which can target any platform supported by the NASM assembler, which does support PE as its output format.

  25. Re:Software company, not bozos on IT Practice Within Microsoft · · Score: 1

    There's quite a difference between having a key to the gun cabinet and constantly having a double action 357 magnum pointed at your foot.

    There's quite a difference between "being the administrator of your own machine" and "being logged in as Administrator all the time rather than using a regular user account". While the latter implies the former, the former does _not_ imply the latter.