yes, and this is a vulnerability in the authentication/session key service which is basically an invitation to exploit using a skeleton key.
Sounds to me like Kerberos is fatally flawed (as in, it was designed to prevent this exact thing from happening by whitelisting users on a per-case basis assigning temporary privileges according to their stored credentials), and this is a temporary fix.
This security update resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. # Source: https://technet.microsoft.com/...
it's called a 16GB usb flash drive (£8.99 at PC World! The hell happened to the price of flash memory??) with a bootable Debian derivative installed on it, plugged into $random_terminal and booted.
The ONLY prerequisites for such a system are the flash drive, the terminal being x86/32 compatible, having 512MB RAM or more and able to boot from USB.
don't take this the wrong way, but my database server works fine. It's not a Warcraft hub. It has a maximum of six concurrent ordinary users (all whitelisted with a denial-by-default access portal and localhost-only admin access). It doesn't need four cores or 16GB of RAM. It's future proofed for its purpose until the universe dies. Or it does. Or the database itself outlives its utility. Which is unlikely because I've been stress testing it for 5 weeks now and it hasn't even twitched through several million random string queries (as well as quite a few real queries which with the speed the results came back you wouldn't even think there was a stress test going on).
OSX is a Mach microkernel with bits of BSD bolted on. It's not a pure BSD. Neither is it a UNIX. And it'll run on x86/64 (I run it almost daily on my AMD E350).
There's also an open source variant called "Darwin".
Or hold Court under authority of the Crown, with a sworn Judge and a panel of jurors? Because if it doesn't then they have no legal authority to issue fines. In England this would be covered under Fraud Act 2006 sections 2, 4, 6 and 7 (that's 4 separate INDICTABLE criminal charges with a concurrent maximum sentence of ten years).
...is an offline app that compares two images, and if they scale-match, keep the higher resolution one and ditch the smaller one. And runs the comparison over several thousand files (or even hundreds of thousands, or millions) - time is not a factor.
Hi, is that Dave in Bangalore? That software you sold me isn't working as expected, in fact the mouse cursor seems to have taken on a life of its own and gone hunting for bear porn.
my database server is a VIA Epia M MiniITX with 512MB DDR and 1TB spinny SATA. Runs off a 35W solar pile. If you don't include the solar pile, the whole setup cost me change out of £140 (I bought the board in 2005).
Amnesty don't care about the fact that children are being trafficked by the British State under colour of Law. Amnesty don't care about the fact that the BBC not only covered up the fact that one of their most highly-paid employees was a paedophile, they ran the coverup for over fifty YEARS, they also ENABLED him by procuring children. Amnesty don't care about the fact that prominent members of Parliament, including inner Cabinet members, have been publicly implicated in child sexual abuse rings, child disappearances, child murders...
Where is their righteous indignation in these matters?? Nowhere to be fucking seen! They're clearly more interested in tracking cookies! I'm glad they've got their priorities right!
well, then yu'll be after a general purpose, platform agnostic appliance. Which, according to the summary, is what Intel are planning. Keep watching this story, you might be pleasantly surprised. I know I am. RasPi is great an' all, but I'm not a programmer, I'm not in it for the imagineering aspect of computing a la ZX81 Program-It-Yourself, I'm at that stage in my life where I want shit to just work. Hell, I have the same build image on my Win7 laptop I built in 2005 (updated for latest/last versions, obviously). I'm too old to be taught new tricks.
oh, you didn't spot the Grenadier Guard at the gates and patrolling the perimeter of Buckingham Palace 24/7, then? You know the ones, they're wondering around with fucking SA-80 rifles. There's the Household Cavalry just up the Mall there, too - 2400 men on horseback with some fucking big guns mounted on wagons. They have Royal Marines around Windsor Castle, and Royal Scots Dragoon Guards around Balmoral. They are all very visible, but you don't see all of them unless you really look - at which point, you become a person of interest to them. At any point of the day or night, at any time of the year, the heaviest concentration of small arms and artilliery fire in the world can be concentrated at any one spot in a thirty square mile area immediately around Buckingham Palace in less than fifteen minutes.
been here too. Someone walks in with a computer and a subscription to some nanny software (big name, can't remember it. Net Nanny? No, one of the other ones). Says it's riddled with pop ups. Five minutes in and I've isolated the problem to a redirect to a proxy (clearly in an attempt to get around the softwall), I tell her, "This should have been blocked by the software you've got installed." Asked ME for her money back, I'm like, "You didn't buy it off me, I'm not a software vendor for a start and for two, I don't have a support contract with these guys."
At which point, she takes her computer and leaves, comes back three hours later with a trading standards officer in tow. I tell him what I told her. Not my problem, she's trying to get her computer fixed for free after the software she paid for elsewhere failed to do what she expected.
Slashdot Mirror
only those that host Kerberos as part of the consolidated domain services.
yes, and this is a vulnerability in the authentication/session key service which is basically an invitation to exploit using a skeleton key.
Sounds to me like Kerberos is fatally flawed (as in, it was designed to prevent this exact thing from happening by whitelisting users on a per-case basis assigning temporary privileges according to their stored credentials), and this is a temporary fix.
This security update resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account.
#
Source: https://technet.microsoft.com/...
WAMP on xp does what I need.
I did say PC World, they're a brick-n-mortar store. I'm pretty sure I could get it for a quarter that at eBuyer, but I don't tend to shop online.
ooh, this looks like it might be just the ticket! Thanky! :D
it's called a 16GB usb flash drive (£8.99 at PC World! The hell happened to the price of flash memory??) with a bootable Debian derivative installed on it, plugged into $random_terminal and booted.
The ONLY prerequisites for such a system are the flash drive, the terminal being x86/32 compatible, having 512MB RAM or more and able to boot from USB.
don't take this the wrong way, but my database server works fine. It's not a Warcraft hub. It has a maximum of six concurrent ordinary users (all whitelisted with a denial-by-default access portal and localhost-only admin access). It doesn't need four cores or 16GB of RAM. It's future proofed for its purpose until the universe dies. Or it does. Or the database itself outlives its utility. Which is unlikely because I've been stress testing it for 5 weeks now and it hasn't even twitched through several million random string queries (as well as quite a few real queries which with the speed the results came back you wouldn't even think there was a stress test going on).
OSX is a Mach microkernel with bits of BSD bolted on. It's not a pure BSD. Neither is it a UNIX. And it'll run on x86/64 (I run it almost daily on my AMD E350).
There's also an open source variant called "Darwin".
OSX is XNU which is not UNIX.
Or hold Court under authority of the Crown, with a sworn Judge and a panel of jurors? Because if it doesn't then they have no legal authority to issue fines. In England this would be covered under Fraud Act 2006 sections 2, 4, 6 and 7 (that's 4 separate INDICTABLE criminal charges with a concurrent maximum sentence of ten years).
Boom, motherfuckers.
...is an offline app that compares two images, and if they scale-match, keep the higher resolution one and ditch the smaller one. And runs the comparison over several thousand files (or even hundreds of thousands, or millions) - time is not a factor.
(a scaling deduplicator, if you will).
Is there already such a beast? Anyone?
Hi, is that Dave in Bangalore? That software you sold me isn't working as expected, in fact the mouse cursor seems to have taken on a life of its own and gone hunting for bear porn.
my database server is a VIA Epia M MiniITX with 512MB DDR and 1TB spinny SATA. Runs off a 35W solar pile. If you don't include the solar pile, the whole setup cost me change out of £140 (I bought the board in 2005).
Amnesty don't care about the fact that children are being trafficked by the British State under colour of Law.
Amnesty don't care about the fact that the BBC not only covered up the fact that one of their most highly-paid employees was a paedophile, they ran the coverup for over fifty YEARS, they also ENABLED him by procuring children.
Amnesty don't care about the fact that prominent members of Parliament, including inner Cabinet members, have been publicly implicated in child sexual abuse rings, child disappearances, child murders...
Where is their righteous indignation in these matters?? Nowhere to be fucking seen! They're clearly more interested in tracking cookies! I'm glad they've got their priorities right!
well, then yu'll be after a general purpose, platform agnostic appliance. Which, according to the summary, is what Intel are planning.
Keep watching this story, you might be pleasantly surprised. I know I am. RasPi is great an' all, but I'm not a programmer, I'm not in it for the imagineering aspect of computing a la ZX81 Program-It-Yourself, I'm at that stage in my life where I want shit to just work. Hell, I have the same build image on my Win7 laptop I built in 2005 (updated for latest/last versions, obviously). I'm too old to be taught new tricks.
uh, the most secure facility on Earth is Mount Weather. If you're not cleared to enter, they will kill you if you approach it.
oh, you didn't spot the Grenadier Guard at the gates and patrolling the perimeter of Buckingham Palace 24/7, then? You know the ones, they're wondering around with fucking SA-80 rifles. There's the Household Cavalry just up the Mall there, too - 2400 men on horseback with some fucking big guns mounted on wagons. They have Royal Marines around Windsor Castle, and Royal Scots Dragoon Guards around Balmoral. They are all very visible, but you don't see all of them unless you really look - at which point, you become a person of interest to them. At any point of the day or night, at any time of the year, the heaviest concentration of small arms and artilliery fire in the world can be concentrated at any one spot in a thirty square mile area immediately around Buckingham Palace in less than fifteen minutes.
and immediately thought "Yeah, with sharks with fucking lasers mounted on their heads." ::Doctor_Evil_Laugh::
some of them might actually be certified experts.
been here too. Someone walks in with a computer and a subscription to some nanny software (big name, can't remember it. Net Nanny? No, one of the other ones). Says it's riddled with pop ups. Five minutes in and I've isolated the problem to a redirect to a proxy (clearly in an attempt to get around the softwall), I tell her, "This should have been blocked by the software you've got installed." Asked ME for her money back, I'm like, "You didn't buy it off me, I'm not a software vendor for a start and for two, I don't have a support contract with these guys."
At which point, she takes her computer and leaves, comes back three hours later with a trading standards officer in tow. I tell him what I told her. Not my problem, she's trying to get her computer fixed for free after the software she paid for elsewhere failed to do what she expected.
TSO leaves.
yep, and keep the bend radius over five inches.
freedom of speech does not extend to the right to commit fraud.
so many times I've had this happen... you're a milk bone to the telemarketing dogs if you run a small business.
so what you're saying is, the real value of SAP is $29 per site license?
(next dumb question: does SAP actually do what it says on the tin?)