but then you just need a buffer overflow that allows you execute code, which can kill the process of su...which is why i said linux is less secure.. if all you need to do is kill a single process to get back to root... thats a hell of a lot easier than permisions escelations etc etc..
see the problem is, su just needs you to type 'exit' to revert you to the shell and login you had before, unless you have a different version than me, hense the lack of security, when chroot does it it terminates the previous shell, leaving you no easy route to privaledge escaltion. of course buffer overflows in the kernel are always gonna nail you... that's why HURD has the microkernel architecture, why linux uses loadble modules as much as possible..
if you can disable/remove the portion of the kernel that has the vulnerability without rebooting it's vastly superior to a system where you have to 'reboot the server' to apply a kernel security patch, if one even exists..
i meant a 'secure' chroot jail. sorry you can make an 'insecure chroot jail' on linux that is vulnerable to buffer overflow bugs in the os what not... because the chroot jail still leaves you as root, even if you have no access to a shell or a directory tree.. you're connected to the machine via a connection protocol, that may have a remote vulnerability in it as root access. if chroot can switch you to user none, or guest or something else locked down even if they exploit the jail, they still end up as a user who doesn't have permission to read/write anything, so ot doesn't matter if the code they exploited you with is a small installer that would download a backdoor to your system, because it doesn't have permisssion to do any of that. It's called Security through Security.
Do people buy Xserves so that they can use the OS X command line?
Yes, powerful Command lines are more than 'just' for end use, they open up the entire core functionality of the OS to non-interactive scripting. By having a powerful, flexible shell you can have powerful scripts that run fast, do everything you want, and can be quickly edited, they run as fast as compliled code, but since they're just a text file that gives comands to a precomplied binary you can modify them much more easily than a full fledged program.
System administrators need a powerful command line interface, and while standard 'unix' tools sometimes have areas that need improvment. for instance chroot on BSD require the setting of a shell variable to change shell, but linux chroot which accepts it on command line, but can't change the user or group(s) that you're chrooting them to. That means you can't create a chroot jail to disable (remote) root access on linux (that allows remote logins)... but you can on FreeBSD/MacOSX
oh wait you're wrong, It is a Full Fledged object Oriented langauge. They have OSes, written entirely in java, and since java is the native bytecode the code runs a lot better on an OS written in java. Like in the cellphone in TFA linked above.
I'm high energy, I can't stop to revise my posts unless i'm tired, it's early morning and I just woke up from my 4 hrs of sleep..
Also, my english doesn't follow 'proper' grammar, because i prefer to write something normal people can figure out without needing a 6th grade diploma.
although i probably suck at that... I shoulda asked someone if they thought it was legible, and I probabbly woulda posted it anon/as a je, but I kinda wanted a lot of people to see it.. I even skipped googling for the linus article to double check if this was the CVS porgram that screwed over linux..
heh I didn't see how high the post got modded, (I have notifications off) but i'm assuming it was in the +3 to +4 range.. which means quite a few people saw it oh well I guess i'm down to 47 karma now;) math genius == know my karma at all times.
A white hat would have 1. reported the vulnerability, 2. prepared a Proof-of-concept to send to them, and then 3.(optionally)threatened to release the P-o-C unless action was taken to remove the vulnerability in a timely manner.
A black hat would just publish the information as soon as he got pissed off at said company.
See blackhats don't care if they're hurting people, they have their own selfish motivations. A White hat wants to make the internet a better place. That's the difference.
Firefox uses more resources than IE, but if you want 'fast' you should be going to Opera, because they are the fastest, most feature rich browser.
IE uses less RAM than firefox because it's already running when windows loads, and also they use a few patented coding methods to further reduce memory footprint.
Also, beta 7.0 is 'faster' than normal IE because it has so many features turned off (haven't been coded into it yet)
well we could make pickup lines for our new, hot sex android overlord masters.. whom I for one welcome.
So, your mount point or mine?
When was the last time you had a 3 hour Fscking?
You're such a bad daemon, fork me you apache babe.
Can we be descrete about this transaction? i don't want a trace of it in the syslog -- if the wife finds out i've been cheating on her with the/dev/null i'll be in a chroot -u none jail!
so when do we get the followup of a guy who built his own with $50-500 worth of 'off the shelf' parts he scavanged from other junk? I mean cmon, some of us want to BUILD the girl of our dreams... Buying one is so uncool... Any REAL geek would want to Build her to his own specs!
Well what do you expect when VCs give a billion dollars to a guy with a porn site...
scene: 'one rack' porn site operation era, pre dotcom...
Business owner: Remember when i said i was going to see some VCs the other day? Admin: yeah, how'd it go? Business owner: you sitting down, you won't believe this.. Admin: Alright i'm ready.. Business owner: They just cut me a check for 1 BILLION DOLLARS both: Holy S%*T!! Admin:... so now what? Business owner: *thinks for a minute, trailer of star wars prequel comes on and sees c3p0* SEX ANDROIDS!! Admin: *spits out coffee* OMG how to people like you get that kinda cash...
Well, I do owe an appology to karl, because while he does need a new porche, and more developers, and such, I did confuse his product with Bitkeeper.
But He was asking for it, It's funny, Laugh.. I managed to pick apart the doublespeak and write a very clean, easy to read (if wrong) (and very funny) translation.
oh yeah doh but it's still funny;) and it's like he was ASKING for a 'translation' like that, writing a 6 page text that said 2 things. 'i need money, pay me' and 'i need coders write code for me!!! (for free 1! !1!)'
People get punished for suggesting slashvertisments exist?
you should read my 'translation' of the article text;) it's not just a slashvertisment, it's a desperate bid to rake in cash from VCs and con open source developers to write a 'pay to use it' CVS system...
instead of you know, improving another CVS to the point where it could be used by say Linus Iorvalds
my translation is a little 'fast' and loose to make it funnier, but there is a grain of truth in it. This companies CVS product was an open source 'free as in beer' project for a while, they basically forked CVS and then improved on it.. until everyone, even linus torvalds was using it, then bam in came the license changes and now they're nailing everyone they can for cash...but alot of people got upset, and torvalds was even considering switching to a FLOSS based CVS program... i can't rmeember what happened there though ^^;
http://developers.slashdot.org/comments.pl?sid=157 196&cid=13183601
partial translation, and it has nothing to do with being 'geeky' this is written in a language you don't understand. Often called 'marketdroid' or 'doublespeak' this language is entirely derived by complicating the way you write things so that people are so busy scratching their heads they dont notice your hands in thier pockets.
flaimbait by Karl Fogel, internet troll location:Chalifour - July 27, 2005 1. Bragging rights 2. Bend over developers 3. programmers have no Social life
Part I | Part II | Part III | Part IV
Related Book
Introduction
Karl Fogel made up a dot com, and got VC to pay his salary. Karl need more cash for his next porche^H^H^H^H^HSubversion project, what does it take to get VCs money now? How to keep the cash coming -- submit article to slashdot. Karl sees a lot of dough coming his way conning such a community of suckers, Noobs can't use a command prompt, so shell out the dough to buy our shit.
Subversion is rip off of CVS, which you can download free. It's important you buy subversion, cause daddy needs a new porche. Subversion is part of the 2005 dot com bubble. CollabNet screws corporate clients to install their CVS. Suckers include Sun Microsystems, HP, and Barclays Global Investors But that's not good enough, we need to scre the whole world over, that means You Linus Torvalds!
Part III of the Concerted Disruption, Climb Aboard the take it up the ass series.
We started Subversion about five years ago, by stealing the CVS source tree, obfuscating it, and patenting crap related to it.
it felt good.
our first release was a total knock off, we didn't even code it. Since we stole the codebase, we only had the features of cvs, and we couldn't implement anything new. people on the internet got mad--until we ofuscated the code. We silenced/paid off anyone concerend. they're sleeping with the fishes or will never work in this town again.
We gots us 60 suckers who do all the programming for free, plus a few fly by nights, all from trolling slashduh and boy will we make money off this.
We suckered the open source community, they thought we weren't gonna patent their code hahah suckers. The suckers brought in more suckers. We actually let the sucker VCs and some of the sucker code monkeys visit us in San Francisco. Some of them still don't have a clue about how hard we assraped them. Our code has a backdoor installed by a Slovenian coder sho does the bulk of the work 'for free'.
---
This is too damn long, but this is a pretty damn good translation... cuts straight through the bull.
see that spike? that's the visible spectrum that gets through a 500 nm coating of tranparent silver coating...
yup, all you need is to wear some cool looking silver shades, and make a helmet plated with silver, and wear it all the time, and use a remote earpiece/mic..
Remember we're already being bombarded by microwave energy every day, from satelites, and wifi, and long range telelcomunications arrays, not to mention aircraft radar systems...the cell phone just brings the transmitter a lot closer to where damage can occur..
by the deadless did you mean the wraith? since they never die? wtf why would they bring a ZPM to atlantis? The Daedalus is already damaged, they barely kept it outa wraith hands.. does anyone else find it +10 'ironic' that the Daedalus can travel from one galalxy to another using just a naquadah reactor. While Atlantis needs a signifigantly charged ZPM to send people... (albeit muich faster)
Ah typical of slashdot ^_- the ggggp knew that intel had scrapped a plant in colorado but didn't know they had another plant there, and the people who worked at the plant there didn't know they had bought and scrapped plans to use a different plant there...
those of you wondering, yes, if you work at fab 23 it's still there... unless of course someone did something like... this!
although googling for 'mole' on image search (have safe search Off) brought up a really disgusting picture that i'll leave to the reader to find on their own... it's sure to bring nightmares to just about anyone *shudders*
Slashdot Mirror
but then you just need a buffer overflow that allows you execute code, which can kill the process of su...which is why i said linux is less secure.. if all you need to do is kill a single process to get back to root... thats a hell of a lot easier than permisions escelations etc etc..
see the problem is, su just needs you to type 'exit' to revert you to the shell and login you had before, unless you have a different version than me, hense the lack of security, when chroot does it it terminates the previous shell, leaving you no easy route to privaledge escaltion. of course buffer overflows in the kernel are always gonna nail you...
that's why HURD has the microkernel architecture, why linux uses loadble modules as much as possible..
if you can disable/remove the portion of the kernel that has the vulnerability without rebooting it's vastly superior to a system where you have to 'reboot the server' to apply a kernel security patch, if one even exists..
i meant a 'secure' chroot jail. sorry
you can make an 'insecure chroot jail' on linux that is vulnerable to buffer overflow bugs in the os what not... because the chroot jail still leaves you as root, even if you have no access to a shell or a directory tree.. you're connected to the machine via a connection protocol, that may have a remote vulnerability in it as root access. if chroot can switch you to user none, or guest or something else locked down even if they exploit the jail, they still end up as a user who doesn't have permission to read/write anything, so ot doesn't matter if the code they exploited you with is a small installer that would download a backdoor to your system, because it doesn't have permisssion to do any of that. It's called Security through Security.
Do people buy Xserves so that they can use the OS X command line?
Yes, powerful Command lines are more than 'just' for end use, they open up the entire core functionality of the OS to non-interactive scripting. By having a powerful, flexible shell you can have powerful scripts that run fast, do everything you want, and can be quickly edited, they run as fast as compliled code, but since they're just a text file that gives comands to a precomplied binary you can modify them much more easily than a full fledged program.
System administrators need a powerful command line interface, and while standard 'unix' tools sometimes have areas that need improvment. for instance chroot on BSD require the setting of a shell variable to change shell, but linux chroot which accepts it on command line, but can't change the user or group(s) that you're chrooting them to. That means you can't create a chroot jail to disable (remote) root access on linux (that allows remote logins)... but you can on FreeBSD/MacOSX
Java needs C? http://www.embedded.com/showArticle.jhtml?articleI D=10700608
news to those guys a I guess...
oh wait you're wrong, It is a Full Fledged object Oriented langauge. They have OSes, written entirely in java, and since java is the native bytecode the code runs a lot better on an OS written in java. Like in the cellphone in TFA linked above.
Here's the JAVA FAQ also, it might help you learn what Java is, and isn't.
http://www.ibiblio.org/javafaq/javafaq.html
I'm high energy, I can't stop to revise my posts unless i'm tired, it's early morning and I just woke up from my 4 hrs of sleep..
;) math genius == know my karma at all times.
Also, my english doesn't follow 'proper' grammar, because i prefer to write something normal people can figure out without needing a 6th grade diploma.
although i probably suck at that... I shoulda asked someone if they thought it was legible, and I probabbly woulda posted it anon/as a je, but I kinda wanted a lot of people to see it.. I even skipped googling for the linus article to double check if this was the CVS porgram that screwed over linux..
heh I didn't see how high the post got modded, (I have notifications off) but i'm assuming it was in the +3 to +4 range.. which means quite a few people saw it oh well I guess i'm down to 47 karma now
He's a black hat...
A white hat would have 1. reported the vulnerability, 2. prepared a Proof-of-concept to send to them, and then 3.(optionally)threatened to release the P-o-C unless action was taken to remove the vulnerability in a timely manner.
A black hat would just publish the information as soon as he got pissed off at said company.
See blackhats don't care if they're hurting people, they have their own selfish motivations. A White hat wants to make the internet a better place. That's the difference.
Firefox uses more resources than IE, but if you want 'fast' you should be going to Opera, because they are the fastest, most feature rich browser.
IE uses less RAM than firefox because it's already running when windows loads, and also they use a few patented coding methods to further reduce memory footprint.
Also, beta 7.0 is 'faster' than normal IE because it has so many features turned off (haven't been coded into it yet)
ask if she runs Linux?
/dev/null i'll be in a chroot -u none jail!
well we could make pickup lines for our new, hot sex android overlord masters.. whom I for one welcome.
So, your mount point or mine?
When was the last time you had a 3 hour Fscking?
You're such a bad daemon, fork me you apache babe.
Can we be descrete about this transaction? i don't want a trace of it in the syslog -- if the wife finds out i've been cheating on her with the
you know that one guy who has 7 PCs
I have 11 You insensitive clod the Z80 still counts!
so when do we get the followup of a guy who built his own with $50-500 worth of 'off the shelf' parts he scavanged from other junk? I mean cmon, some of us want to BUILD the girl of our dreams... Buying one is so uncool... Any REAL geek would want to Build her to his own specs!
Well what do you expect when VCs give a billion dollars to a guy with a porn site...
... so now what?
scene: 'one rack' porn site operation era, pre dotcom...
Business owner: Remember when i said i was going to see some VCs the other day?
Admin: yeah, how'd it go?
Business owner: you sitting down, you won't believe this..
Admin: Alright i'm ready..
Business owner: They just cut me a check for 1 BILLION DOLLARS
both: Holy S%*T!!
Admin:
Business owner: *thinks for a minute, trailer of star wars prequel comes on and sees c3p0* SEX ANDROIDS!!
Admin: *spits out coffee* OMG how to people like you get that kinda cash...
Well, I do owe an appology to karl, because while he does need a new porche, and more developers, and such, I did confuse his product with Bitkeeper.
But He was asking for it, It's funny, Laugh..
I managed to pick apart the doublespeak and
write a very clean, easy to read (if wrong)
(and very funny) translation.
oh yeah doh but it's still funny ;) and it's like he was ASKING for a 'translation' like that, writing a 6 page text that said 2 things. 'i need money, pay me' and 'i need coders write code for me!!! (for free 1! !1!)'
People get punished for suggesting slashvertisments exist?
;) it's not just a slashvertisment, it's a desperate bid to rake in cash from VCs and con open source developers to write a 'pay to use it' CVS system...
you should read my 'translation' of the article text
instead of you know, improving another CVS to the point where it could be used by say Linus Iorvalds
my translation is a little 'fast' and loose to make it funnier, but there is a grain of truth in it. This companies CVS product was an open source 'free as in beer' project for a while, they basically forked CVS and then improved on it.. until everyone, even linus torvalds was using it, then bam in came the license changes and now they're nailing everyone they can for cash...but alot of people got upset, and torvalds was even considering switching to a FLOSS based CVS program... i can't rmeember what happened there though ^^;
http://developers.slashdot.org/comments.pl?sid=157 196&cid=13183601
partial translation, and it has nothing to do with being 'geeky' this is written in a language you don't understand. Often called 'marketdroid' or 'doublespeak' this language is entirely derived by complicating the way you write things so that people are so busy scratching their heads they dont notice your hands in thier pockets.
flaimbait by Karl Fogel, internet troll
location:Chalifour - July 27, 2005
1. Bragging rights
2. Bend over developers
3. programmers have no Social life
Part I | Part II | Part III | Part IV
Related Book
Introduction
Karl Fogel made up a dot com, and got VC to pay his salary. Karl need more cash for his next porche^H^H^H^H^HSubversion project, what does it take to get VCs money now? How to keep the cash coming -- submit article to slashdot. Karl sees a lot of dough coming his way conning such a community of suckers, Noobs can't use a command prompt, so shell out the dough to buy our shit.
Subversion is rip off of CVS, which you can download free. It's important you buy subversion, cause daddy needs a new porche. Subversion is part of the 2005 dot com bubble. CollabNet screws corporate clients to install their CVS. Suckers include Sun Microsystems, HP, and Barclays Global Investors But that's not good enough, we need to scre the whole world over, that means You Linus Torvalds!
Part III of the Concerted Disruption, Climb Aboard the take it up the ass series.
We started Subversion about five years ago, by stealing the CVS source tree, obfuscating it, and patenting crap related to it.
it felt good.
our first release was a total knock off, we didn't even code it. Since we stole the codebase, we only had the features of cvs, and we couldn't implement anything new. people on the internet got mad--until we ofuscated the code. We silenced/paid off anyone concerend. they're sleeping with the fishes or will never work in this town again.
We gots us 60 suckers who do all the programming for free, plus a few fly by nights, all from trolling slashduh and boy will we make money off this.
We suckered the open source community, they thought we weren't gonna patent their code hahah suckers. The suckers brought in more suckers. We actually let the sucker VCs and some of the sucker code monkeys visit us in San Francisco. Some of them still don't have a clue about how hard we assraped them. Our code has a backdoor installed by a Slovenian coder sho does the bulk of the work 'for free'.
---
This is too damn long, but this is a pretty damn good translation... cuts straight through the bull.
No, I read slashdot for the Pictures.
Tinfoil hat, and Silver shades http://www.sspectra.com/designs/TransMetal.html
see that spike? that's the visible spectrum that gets through a 500 nm coating of tranparent silver coating...
yup, all you need is to wear some cool looking silver shades, and make a helmet plated with silver, and wear it all the time, and use a remote earpiece/mic..
Remember we're already being bombarded by microwave energy every day, from satelites, and wifi, and long range telelcomunications arrays, not to mention aircraft radar systems...the cell phone just brings the transmitter a lot closer to where damage can occur..
this will make you need to gouge your eyes out
;)
just ask him
I guess he was lucky in that he had a sharpened pencil ready
what were you expecting when I warned you 'search safe off' and 'disgusting picture' ;)
I guess curiosity not only kills cats, but also causes severe pencil impact trauma on innocent cornea.
The Daedalus already brought a ZPM to Atlantis..
by the deadless did you mean the wraith? since they never die? wtf why would they bring a ZPM to atlantis? The Daedalus is already damaged, they barely kept it outa wraith hands.. does anyone else find it +10 'ironic' that the Daedalus can travel from one galalxy to another using just a naquadah reactor. While Atlantis needs a signifigantly charged ZPM to send people... (albeit muich faster)
Ah typical of slashdot ^_- the ggggp knew that intel had scrapped a plant in colorado but didn't know they had another plant there, and the people who worked at the plant there didn't know they had bought and scrapped plans to use a different plant there...
those of you wondering, yes, if you work at fab 23 it's still there... unless of course someone did something like... this!
someone just re/watched ghost busters ;)
hopefully they were thinking of this kinda mole
although googling for 'mole' on image search (have safe search Off) brought up a really disgusting picture that i'll leave to the reader to find on their own... it's sure to bring nightmares to just about anyone *shudders*
Actually it translates to I teh leet-eth ;)