no - now you have to confirm you are not a script - which blind people cannot do.
Bologna. What do you think email address "spamblock" is? What about a noisy/distorted audio clip instead of an image? Non-visual captcha variants can work.
I've tried HT on both the 3.0c [Northwood, 512k L2] and 2.8e [Prescott, 1M L2] P4 models, both with identical hardware otherwise [1Gb dual channel DDR400, 875P chipset, nvidia fx5200, 120Gb 7200RPM ATA133 WD disc]. It's really nice on the 2.8e, but you fall in the cache miss tar pit on the 3.0c. With HT turned on the 2.8e actually feels faster than the 3.0c ever did, especially under heavy load, and is nearly impossible to bring to its knees whatever I throw at it.
Back on topic: This attack doesn't really shock me that much; covert channels are a fact of life in any multi-user machine, and anything that needs bulletproof security should be on isolated hardware. Attacking an RSA implementation by analyzing cache performance is a truly sweet hack though... my propeller-beanie spins in admiration.:)
\w is especially handy when you're working in nested directory structures that contain multiple similarly named directories. Java projects are notorious for this.
There have been some very good research projects done on how to build a more secure system, and some of the most amazingly effective ones have been the ones that challenge the basic assumptions of "best practice".
MIT Kerberos takes the view that no machine on the network can be implicitly trusted; access to network services is controlled by tickets, mediated by a ticket distribution service with which each user and service has a pre-shared key. This works even for systems in which the local operating systems have no internal access control mechanisms whatsoever.
Capability-based systems essentially throw out the classic security model of users, roles and permissions, replacing them with a system of nonforgeable references by means of a combination of memory protection and cryptographically strong naming.
Finally, people need to come to terms with the fundamental fact that content-based security schemes are a losing proposition (1, 2). Virus scanners, adware scanners, porn blockers, spam filters, and even national customs departments all face the same problem: they can only inspect what goes by and apply a list of tests to winnow bad items. There is strong economic pressure to find ways to bypass these types of checkpoints, so new tricks are constantly being invented, only to be compensated for by the guardians; thus the guardians are always a step behind.
With the leakage current of 65nm MOSFETs, combined with the expected high power draw (and thus Joule heat) of workstation processors, wouldn't it start making sense to build processing logic out of regular bipolar transistors again? Heck, some old number-crunchers like the Cray YMP really went over the top and built the CPU out of ECL gates. So what if you have to liquid- or even vapor-cool it, it'd be liquid fast. You'd never get an Energy Star seal though.:-)
if you're that confident and/or well-heeled, you can self-insure. Stash away $40,000 or so you're not otherwise using in a designated account and let the Department of Motor Vehicles know about it, and you won't have to put up with insurance company bloodsucking. In other jurisdictions your mileage may vary.
Actually, 3DES uses encrypt with A, decrypt with B, encrypt with A. This makes the degenerate case where A equals B backwards-compatible to single-key DES, and is why 3DES is also called DES-EDE.
However, using 3 keys with any cipher only squares the time to key recovery, regardless of whether the first key and the last key are equal. Assuming you know both the plaintext P and ciphertext C for a given message, compute a table of all possible results of encrypting P with keys 1 and 2, and a table of all possible results of decrypting C with key 3, then join on the intermediate ciphertext. If only 2 keys were used, computing and joining two single-key tables would bring the time cost down to only 1 additional bit of key strength.
I've actually had the data cable fall out of the back of a PATA drive running software RAID-5, and the whole works stayed up. Of course, I went off on the guy who put the drives in for making me think we had a bad drive...
If you don't have SQL syntax highlighting, the more complex the SQL statement is the more it benefits from the all-cap keywords.
I've found SQL to be just as readable if you make keywords all-lower, proper-case table names, and either proper- or camel-case field names. That worked for a statement that amounted to a 17-way join if you include all the exists subclauses. (It wouldn't have been 17 ways if it wasn't for severe, nay, terminal featuritis... whoever specified some of the features needed to be hit over the head with a clue-by-four!)
why not tap into the vast nets of compromised machines yourself, to distributedly spam the spammers' order forms with false orders? The spammers' own weapons turned against them... there's something fitting about that.
Unfortunately, that way lies madness, federal marshals, and another spiraling arms race -- and in any arms race worthy of the title, the only winners are the arms dealers.
and two-level, even. Every object has an associated user as well as a database. If you just look for database.object, it looks for database.yourlogin.object, and if that isn't there it uses database.dbo.object. For that matter, you can also just qualify it outright.
The market seems to have tried and given up on a simple solution for this one: caddies. Even Plextor at one time proclaimed in an old FAQ that storing discs long-term in caddies rather than jewel cases and installing caddy-load drives with nonmotorized, floppylike load/eject mechanisms represented the best approach for protecting both discs and drives from user-inflicted damage. I imagine they've taken this down since they no longer manufacture caddy-load drives.
Instead, the market is considering a new monster: slot-load drives. Maybe the drives have fewer problems, but discs get thrashed even more since they're not handled at the hub, and these drives usually don't support 3.5-inch or business-card discs.
but don't you think that if someone is readily duped into running a Trojan, they'd also likely have overlooked patching their system? Remember, I'm talking about Joe iSixpack here.
Warning, this attachment is an application. since applications can contain viruses or be harmful to your computer, be sure this attachment is from a trustworhty sender before saving or opening it.
Umm... that won't do you a lot of good if the e-mail really did come from a trusted friend who was likewise duped into clicking the shiny, red, candy-like attachment.
even after all this, the most viruses on os x can do is wipe files you own.
I have 3 words for you: local root exploit. Just about every UNIX system has at least one of these lurking, and OS X is no exception.
mean quicker loading pages, less time spent hunting around for that obscure link in the corner of the page buried under a floating Flash ad, and a non-sellout image.
([P]rerecorded video tapes rented from Blockbuster) [don't] have an established usage pattern (fast-forwarding through commercials) that conflicts with the behavior of the DVDs.
Really? So how many people don't fast-forward through the FBI warning and the trailers on US VHS tapes? I think the issue here is that the DVD Video restrictions are annoying, but not annoying enough to be a medium-killer the way Circuit City's DIVX license-managed DVD format was.
It also appears that DUcrete was originally conceived as a means of stopping uncharged radiation-- neutrons, high-energy photons, that sort of beast. With neutrons, wouldn't there be a problem with the progressive conversion of DU to plutonium and subsequent fission of the plutonium if the material is under constant neutron abuse?
Slashdot Mirror
Bologna. What do you think email address "spamblock" is? What about a noisy/distorted audio clip instead of an image? Non-visual captcha variants can work.
Hello??? Egypt? Pyramids? Slaves?
which requires any relevant "phat props" be kept around in a notices file.
I've tried HT on both the 3.0c [Northwood, 512k L2] and 2.8e [Prescott, 1M L2] P4 models, both with identical hardware otherwise [1Gb dual channel DDR400, 875P chipset, nvidia fx5200, 120Gb 7200RPM ATA133 WD disc]. It's really nice on the 2.8e, but you fall in the cache miss tar pit on the 3.0c. With HT turned on the 2.8e actually feels faster than the 3.0c ever did, especially under heavy load, and is nearly impossible to bring to its knees whatever I throw at it.
:)
Back on topic: This attack doesn't really shock me that much; covert channels are a fact of life in any multi-user machine, and anything that needs bulletproof security should be on isolated hardware. Attacking an RSA implementation by analyzing cache performance is a truly sweet hack though... my propeller-beanie spins in admiration.
They did have cache, it was only L1 though.
Um, so did 486s, so the GP stands...
Taking legal action well after you presumably should have known and been able to is called laches, and may weigh against Tiger Direct in this case.
ObDisclaimer: IANAL
As I recall seeing on a tombstone somewhere in the game:
Certainly more creative than Ascension, with many a tombstone reading simply "Mao" (and predictably, its left neighbor "Rofl").
"Ewe herd it here first"
Oh. That's just baaaaad.
Time to get back on topic, that's enough subversion of this thread.
There have been some very good research projects done on how to build a more secure system, and some of the most amazingly effective ones have been the ones that challenge the basic assumptions of "best practice".
MIT Kerberos takes the view that no machine on the network can be implicitly trusted; access to network services is controlled by tickets, mediated by a ticket distribution service with which each user and service has a pre-shared key. This works even for systems in which the local operating systems have no internal access control mechanisms whatsoever.
Capability-based systems essentially throw out the classic security model of users, roles and permissions, replacing them with a system of nonforgeable references by means of a combination of memory protection and cryptographically strong naming.
Finally, people need to come to terms with the fundamental fact that content-based security schemes are a losing proposition (1, 2). Virus scanners, adware scanners, porn blockers, spam filters, and even national customs departments all face the same problem: they can only inspect what goes by and apply a list of tests to winnow bad items. There is strong economic pressure to find ways to bypass these types of checkpoints, so new tricks are constantly being invented, only to be compensated for by the guardians; thus the guardians are always a step behind.
With the leakage current of 65nm MOSFETs, combined with the expected high power draw (and thus Joule heat) of workstation processors, wouldn't it start making sense to build processing logic out of regular bipolar transistors again? Heck, some old number-crunchers like the Cray YMP really went over the top and built the CPU out of ECL gates. So what if you have to liquid- or even vapor-cool it, it'd be liquid fast. You'd never get an Energy Star seal though. :-)
if you're that confident and/or well-heeled, you can self-insure. Stash away $40,000 or so you're not otherwise using in a designated account and let the Department of Motor Vehicles know about it, and you won't have to put up with insurance company bloodsucking. In other jurisdictions your mileage may vary.
Actually, 3DES uses encrypt with A, decrypt with B, encrypt with A. This makes the degenerate case where A equals B backwards-compatible to single-key DES, and is why 3DES is also called DES-EDE.
However, using 3 keys with any cipher only squares the time to key recovery, regardless of whether the first key and the last key are equal. Assuming you know both the plaintext P and ciphertext C for a given message, compute a table of all possible results of encrypting P with keys 1 and 2, and a table of all possible results of decrypting C with key 3, then join on the intermediate ciphertext. If only 2 keys were used, computing and joining two single-key tables would bring the time cost down to only 1 additional bit of key strength.
I've actually had the data cable fall out of the back of a PATA drive running software RAID-5, and the whole works stayed up. Of course, I went off on the guy who put the drives in for making me think we had a bad drive ...
If you don't have SQL syntax highlighting, the more complex the SQL statement is the more it benefits from the all-cap keywords.
... whoever specified some of the features needed to be hit over the head with a clue-by-four!)
I've found SQL to be just as readable if you make keywords all-lower, proper-case table names, and either proper- or camel-case field names. That worked for a statement that amounted to a 17-way join if you include all the exists subclauses. (It wouldn't have been 17 ways if it wasn't for severe, nay, terminal featuritis
the compromised machines are civilian casualties, and the arms dealers are the suppliers of malware, spamware, anti-malware, and anti-spamware.
why not tap into the vast nets of compromised machines yourself, to distributedly spam the spammers' order forms with false orders? The spammers' own weapons turned against them... there's something fitting about that.
Unfortunately, that way lies madness, federal marshals, and another spiraling arms race -- and in any arms race worthy of the title, the only winners are the arms dealers.
and two-level, even. Every object has an associated user as well as a database. If you just look for database.object, it looks for database.yourlogin.object, and if that isn't there it uses database.dbo.object. For that matter, you can also just qualify it outright.
The market seems to have tried and given up on a simple solution for this one: caddies. Even Plextor at one time proclaimed in an old FAQ that storing discs long-term in caddies rather than jewel cases and installing caddy-load drives with nonmotorized, floppylike load/eject mechanisms represented the best approach for protecting both discs and drives from user-inflicted damage. I imagine they've taken this down since they no longer manufacture caddy-load drives.
Instead, the market is considering a new monster: slot-load drives. Maybe the drives have fewer problems, but discs get thrashed even more since they're not handled at the hub, and these drives usually don't support 3.5-inch or business-card discs.
but don't you think that if someone is readily duped into running a Trojan, they'd also likely have overlooked patching their system? Remember, I'm talking about Joe iSixpack here.
mean quicker loading pages, less time spent hunting around for that obscure link in the corner of the page buried under a floating Flash ad, and a non-sellout image.
([P]rerecorded video tapes rented from Blockbuster) [don't] have an established usage pattern (fast-forwarding through commercials) that conflicts with the behavior of the DVDs.
Really? So how many people don't fast-forward through the FBI warning and the trailers on US VHS tapes? I think the issue here is that the DVD Video restrictions are annoying, but not annoying enough to be a medium-killer the way Circuit City's DIVX license-managed DVD format was.
It also appears that DUcrete was originally conceived as a means of stopping uncharged radiation-- neutrons, high-energy photons, that sort of beast. With neutrons, wouldn't there be a problem with the progressive conversion of DU to plutonium and subsequent fission of the plutonium if the material is under constant neutron abuse?