There are plenty of purely civilian sorts of places that require amed guards and precautions. Why should we feel that only the military should be well protected?
As I type this there are a TON of pretty pissed off Postal workers who're finding out that they've just been chalked up as collateral damage. Sux huh? A gun at the gate or added search wouldn't have helped them in this case but I'll bet that if it could have they'd be mad it didn't happen, no?
I'll grant that as a civilian he doesn't have to subject himself to a search, certainly not without having been warned beforehand, but geez it's NOT just the military that's under attack now - it's you and me! Bin Laden thinks that all US taxpayers are as guilty as the armed forces - that's a threat and the US populace needs to wake up to this fact. They don't call this a WAR for kicks....
As much as I've always DESPISED airport security as being a joke (my Father worked for the airlines, I've got lot's of stories) I did have one encounter that surprised me a great deal.
Flying from the East coast to 'Vegas I had boarded the plane and was awaiting the gate push back. Suddenly they're announcing my name over the PA asking me to come up front. Puzzled I walked on up and was told that I had to go down to the jetway and open my bag. Puzzled I went back to my seat to recover the keys from my girlfriend and headed down the steps to the ground.
Seems my bag was "vibrating" and they were a bit *concerned* by this. Sure enough, over the noise of the jets, I could feel some slight vibration. How the baggage handler had noticed this is beyond me but there it was - and I had NO idea what the heck was buzzing in there. I thought at first that it was my girlfriend's bag and that perhaps she had put something "extra" inside but the bag had MY tags not hers. I told the security guy point blank that I didn't know what was vibrating and he proceeded to list of a slew of things that "commonly" cause this problem! One of them is electric razors and sure enough I'd packed mine in there. Digging around in the bag I dug up my razor buried in the clothes buzzing away (sigh). No harm, no foul, apparently this occurs pretty often but I was shocked they noticed it. Made me feel a little better about security - until 9/11 that is:-(
Embarrassed I climbed back up the stairs an announced to the plane's occupants who were staring at me that it was my girlfriend's bag not mine and just grinned. Problem solved, they pushed us back from the gate and we were on our way:-) Will be a long while before my office let's me forget the vibrating bag check...
First, is that good enough? I'd think it would require more than a simple wash, no?
Anyway, a friend of mine actually uses the same bag that he carries his guns to the range with as his carry on when he flies! When he told me this I was shocked as my bags have been "sniffed" more than once. He claims he's NEVER had a problem doing this in the past but that he won't be doing it in the future after we chatted about it. He wasn't aware of the chemical sniffers being used having never had to submit to one of those checks (sigh).
Yes, our airports have MUCH to learn about security. Creating a device that looks like it works but contains most anything you want would be pretty trivial for anyone with a modest amount of electronics knowledge. I've always laughed at the "power on" requirements as have friends. Just how stupid are these security people? That's a silly feel good for the bystanders, it provides zip in the way of real security!
For a real bit of fun try setting up a screen saver that "counts down" when the machine is powered up. Think you'd get some sort of reaction?:-)
Yeah, prior to 9/11 you could take over a plane with a "box cutter" and hold a group at bay telling them you were "going back to the airport" but I'd hazard to guess that if you did that today you'd be attacked pretty quick. Would YOU sit still and believe them if they told you they weren't going to kill you? For that matter even if they claimed to have a bomb, as one group apparently did, would you sit still?
Personally I'd prefer to take my chances and try to take the plane back as chances of them not killing me anyway don't seem terribly high. That trick worked once, I doubt it'll work again. As we saw in PA it IS possible to stop a hijacking even if it's at th eexpense of our own lives. Given th ealternative of losing our lives AND having thousands of others killed at the same time I'd think that many people would prefer to take their chances...
National Institute of Health, not 7-11 right? It would be one thing if the material and information you were handling were non-threatening and your place of "business" didn't provide a nice ripe target but... it DOES! Frankly, if I worked in such a place and they DIDN'T have such searches I'd be unhappy.
We're presently living in a time where folks think it's funny to grind up Life Savers and leave them on desks to see the reaction. We're living in a time when sicko' mislead idiots send postmarked mail purporting to be from 4th Grade Elementary schools with ANTHRAX in it! We're living in a time where perfectly innocent people floating down a river minding their own business are getting buzzed by crop sprayers squirting only God knows what on them. And you're upset because someone is asking to poke through your things?! You're serious?
The place where you work is supposed to be concerned with public health, yes? What better place to spread something nasty to scare the public you're supposed to be worried about? It's quite possible that this has occured to your management and rather than sitting on their hands waiting to see if it occurs to someone else when employees start dropping dead they've chosen to take steps to protect both themselves and YOU. I'm surprised that yu're not just a little bit more appreciative of that fact. While they may be simply trying to cover their butts and protect themselves thay ARE also protecting you and making it that much harder for someone to commit some sicko' act. Perhaps six months ago when a few thousand other folks were still breathing and the idea of a plane crashing into a tall building was a Hollywood fantasy I'd have had some sympathy but right now I'm having a pretty tough time generating much of it. Believe it or not we're all in this together and it's not just about YOU. Bend a little and realize that what you give up in comfort provides a little comfort to your co-workers! I face shotguns and worse coming in the gate, while that would obviously freak you out I am happy that those folks are looking out for myself and my coworkers. I can only hope that they won't be needed!
Don't like it? Then quit and go work someplace that's a less interesting target like 7-11. There you've only got to worry about a gun in your face and a demand for mere money....
There are laws all over the place that would restrict you in other countries!:-) Unfortunatly in the case of the DMCA it's occuring in a ocuntry that's supposed to be "free" which makes it mighty ironic doesn't it? Travel to some of the armpits of the world and you'll see just how unjust some laws can be. Some countries will limit your education based upon gender for instance - not cool...
Microsoft, especially after some of the recent comments concerning publishing exploit code, would be about the LAST person to go against the DMCA. Give them a chance to go after folks publishing exploit code to demonstrate vulnerabilities and I'll bet they go after them. (sigh)
Microsoft doesn't appear to want good (secure) code, they appear to want to go after folks writing the demonstraiton code to cover up their mistakes....
Read it all - Microsoft used SHA-1, Eliptical Curve Encryption, a bastardized version of Base64 encoding, and I think even the kitchen sink to try and keep this from being reversed. They encrypted the comms between DLLs (!) to prevent anyone from being able to get anything from the calls going back and forth must have added a ton of overhead with all of this encryption. They even move the location of the key pairs on each machine that this junk is installed upon in order to prevent the keys from being easily extracted. Kripes, Microsoft went so far as to build in the capability to REVOKE the keys if they were ever published - this hack must be killing them:-)
All of that would've worked except that the code that actually USES the keys has to know where they're located and THAT code's location is static (lol). The author simply used THAT code to pull the keys for the decryption - I love it. I'll bet some poor schmuck MSFT techie is smacking his head going "Dammit!" right about now.
I'm not sure how Microsoft could've stopped this - obviously their bulletproof EULA didn't work (lol). At some point in the code something has to know how to pull the needed keys and I cannot imagine how they would've been able to shift the code that does the calling in every copy of Windows - something has to be static somewhere or at least the code to find the location does:-)
Since Microsoft used code to detect debuggers I have to wonder how he did this - hacked the debugger too? Hack the code to stop the detection of the debugger? Or decompile the code in some fashion and step through it? (shiver)
If this was the creation of a single individual or even a team it's damned impressive! I hope that The Reg gets it's wish for some sort of an interview granted and that this person or team of persons releases more insightful cracks. This was pretty sweet IMO, my hat's off to this effort!
I know of a particular piece of mission critical software that a major vendor produces and that my customer uses. At least two individuals have commented on two seperate methods to compromise this piece of software using some valid but somewhat complex methods that required reverse engineering the product. The vendor has blown both of them off.
I have seen, in one case, a code demo that exploits this vulnerability according to the author. However due to a particular Russian hacker having been arested at DEFCON9 this year both authors have placed on hold plans to release these exploits. without that code I cannot prove to my customer, who doubts this will work, or to the vendor who's blown both of them off, that this is a problem. Both authors have published enough data on the issues that I firmly believe that they are correct but without "proof" neither my customer nor the vendor will do anything about it. Oddly enough it's NOT Microsoft that's got their head in the sand but IBM which is truly sad.
Attempts to get the code backdoored to me with a promise not to publicly release it have fallen on deaf ears so I can only hope that at some point the authors will feel able to release the code without being arrested the next time they set foot in the United States.
Such is the effect of the DMCA and believe me it REALLY sux!
I DO security work for a living and value the exploit code that's released a great deal. Tell a customer or admin that if they don't make some obscure Registry change to their system or stop using those damned stupid ODBC interfaces in IIS (Thank you RFP!) that "someone" will hack them they often give you this blank look. Or better yet they think that what you're saying is "purely theoretical" and could never happen to them. On the other hand when I hand them the list of passwords from their domain controller and explain to them it was all because they didn't bother to keep up with patches and setup things securely they tend to pay attention. If the admin doesn't pay attention to THAT then their management certainly does:-)
Anyone but me recall when L0PHT told Microsoft their VPN code was crap? Microsoft's response was something along the lines of "that vulnerability is purely theoretical and we have no evidence of anyone having used it in the 'real world'". The next version of L0PHTCrack proved that the vulnerability wasn't simply a mind excercise:-) Hence L0PHT's catchy byline about making the theoretical a reality or somesuch. I'm surprised that someonein this man's position appears to have forgotten the previous arrogance shown by his employer that got them into the situation they're in now. Microsoft fixed that particular VPN issue shortly after the code was released - a shame they were so arrogant in the first place.
As an aside - is it just me or has the number of files\exploits posted to PacketStorm dropped a great deal in recent past? Where has all the code gone? BugTraq it is then:-)
Ya', if you push a rotary into detonation then you do indeed run into reliablity "issues". However if you do not abuse it and stay within it's design it runs just fine for MANY miles. How many 1st gen RX7 do you see on the road? How about on the track? SCCA has an entire racing series dedicated to the little buggers! They're not perfect, they lack torque, but kripes they spin to 8K easily and if correctly geared make for a really wild ride. I worry that mine will blow but it just keeps going and I AM outside it's original design parameters:-) I worry that my other vehicles will blow too for that matter (lol). A shame they didn't turbo this new one - 10K redline is cool and all but imagine the difference it was forced induction!
Perhaps a little experience is in order for the original poster or he's abused one - been bitten - and is just upset about it? At least they don't cost a mint to replace, I could build two rotaries for what one decently built V8 runs...
Heh, and if you look at the animations of this new guy's engine it's obviously not a Wankel. I DO wonder where the heck the exhaust goes though. He claims no exhaust but I find that a bit hard to believe. In addition, if it's got anywhere near the temps that a Wankel has, due to the way it dumps damn near straight out of the cylinder, then the exhaust is going to be pretty hot. I'd like to see\hear one of those running. Wankels are pretty darned LOUD (exhaust) too!
As soon as I saw that I wondered how they were going to do that. Topical gel on what - half of their bodies tops? And notice that the guy does his legs and whatnot and that she ends up doing it over? Going to have to watch it again just to get a laugh...
Yeah, I guess his Dad could've been an engineer on the project and that now makes much more sense, thanks. Was buggin' me! I'll watch it a second time anyway just to try and get it all straight and I enjoyed it the first time. Besides, I didn't get the "shower scene" on tape (lol)! Sure was jarring and weird the way they did that but what the heck - it sets up some nice tension for later episodes...
You got the point. I've not got her pin-up over my bed. I enjoyed her role and even though she knew exactly why they had chosen her she still did a good job. We'll see how the new one works out, so far I've liked the show but the Maxim shoot made her out to be a bit trashy IMO.
Oh, and to the AC who says she's not really like that - how the heck would ya' know?! Do tell....:-)
Who the heck wants to jump a pile of coat hangers anyway? Gimme' just a little bit of weight please! Who the heck wants these women who are so thin you could tie a string to that thing they call a bra and fly them like a kite?!
Having said that this one didn't look like her ribs were sticking out as badly as some others. Giver her a Big Mac or two and she might pass:-)
I tought she was looking pretty sweet on the show but watching the Maxim photo shoot and reading some of the quotes attributed to her on that page I find her much LESS impressive now. I'd prefer to think she might have a brain between her ears but instead it seems she's into drugs. I'm not sure Maxim is doing her any favors with their article. I guess I'll have to look for it on the newstand and see if what was on the WEB was out of context. The video of her primping and having photos taken makes her look more like a street walker than a woman I could stand to be around. They ever do that with Jerry Rice?
I DO think she did a pretty good job on the show and I actually think I'll watch the series - it's a good premise. The soft p0rn was a little out of place but I'm not 12 and can deal. Some of the techno babble mighthave been a bit weak, it was hard catching much of it, but I can ignore some that and enjoy the plot. I htink doing this as a prequal is a good idea. I was interested to see how they would make this jive with the theater movie too - I'm not sure I lined up real well at all. I guess a few more flashbacks and it'll make more sense? Sure didn't see the guy's Dad as a booze swilling rebel type looking to crank up Steppenwolf!
These were burned on the A03 Pioneer writer. They were 4gig DVD and both DVD-R and RW played fine. My player is also a Pioneer unit but was more than a year old. We were surprised that it worked but both being Pioneer may have had somehting to do with it (shrug).
Isn't a lawyer that's trying to get him OUT of jail?
Want some cheese with that whine?
on
Dorm Storm?
·
· Score: 3, Insightful
Come 'on - you can get pretty decent laptops for UNDER a grand now! Thousands more?! I'm sorry that you can't afford the Cadillac, try this Hyundai model - it works just fine.
500mhz or higher laptops are in the $900-$1000 range from HP and others. Sure, the screen isn't 16inches, the HD not 20gig, and the RAM a little low (upgrades cheaply though) but this whine is just pathetic. Kripes, mine even had a silly DVD player in it. Get your head out of the sand and shop around a little and stop talking out of your ass.
Watch your WalMart ads, that's what I did and I've got a servicable laptop without having to get a loan. They sell off last years models at fire sale prices and they work fine.
There was another one in a recent sales ad too, an HP model think, that now sells for LESS than what I paid for mine, has 200mhz more CPU, a faster DVD, and a drive double the size of the one I bought! Heck, I just took the online sales-ad into my local store, had them match the price, and walked out with my new toy....
This is an investment in YOUR future, don't be penny wise and pound foolish!
I'm trying to get hold of "Noise" who runs an anonymous remailer (and spoke about it at DECON 8)- I've got a pic from DEFCON 9 for her and have lost her E-mail. Some help please?
Thanks!
P.S. Yes h ee-mail address above works but I dump SPAM like mad.
Okay, I'm responding to a Troll and I know it but...
SPAM is NOT free speech! If I stand outside your door at 3AM with a bullhorn and "tell you about my issue" is that okay?! It shouldn't be but by your standards it would be - no thanks!
Try running a mail server these days. I've got a friend with a small business who's mail server has to withstand brute force password attacks, folks who send mail to any address they think MIGHT exist on the server, and a whole host of other dirty tricks being done by the idiots who want to "tell me about their issue". Why don't these idiots put up their own mail server and send ATTRIBUTED mail? I'll tell you why - it's because people like ME would put them in their SPAM filters and NEVER see the mail after that first one that's why! Should that not give them a clue that their message is one I don't wish to hear? Apparently not becasue they'll resort to any tricks they can think of to sneak their message into my mailbox - even though they KNOW I don't want it! They troll through sites like this one with their bots, through sites like E-Bay, and through all sorts of other sneaky means to include putting cookies in their crap so they know if I've looked at it in order to get valid E-mail addresses.
If these jerks have to goto those lengths to figure out who's reading their junk and to hide from those of us who wish to tell them to stick their message up their ass then it's not free speech anymore than yellig FIRE! in a crowded theater is. Why should I as an end-user be forced to go through mail address after mail address to avoid these folks, why should I endure that burden and make MY life harder as a result?
FWIW - my friend's mail server has been using the various black hole lists forever and he's had to resort to literally blocking out entire IP blocks at his router too. These are the only things that keeps his mail SPAM free, if you think that the cost of doing this is nearly zero you need to get a clue. SPAM is NOT free by any means, not when it's in the volumes that it is and not when these people have to hack servers to disguise their origins.
I'm thinking it's time we hung a few of these more prolific SPAM mongers as an example to all of the others:-)
We have the right to face our accusors (sp?) in this country. When a mechanical device is used to "accuse" you there's no ability for you to "face" that and dispute the accusation.
Sadly, I'm actually finding myself warming up to red light cameras. I don't know why so many people have begun to think it's okay to run red lights, I used to think it was just in my area. I took a long trip by car recently and found that this wasn't so - I was shocked!
What's happened that has allowed everyone to think it's okay to run red lights? It wasn't this bad 10 years ago I'm sure. What has changed? Is it the youth of today or the general feelings of the country? I'm truly puzzled but I DO try my best not to run them - it's just stupid. Speeding on the other hand, I drive what's comfortable and prudent and pay little if any attention to the posted limits.
I HAVE found the new popularity in my area of signs on speed limit posts that say "additional $200 fine for speeding" to be a bit disturbing though. Who makes these decisions and why is the public so shortsighted as to allow it?!
Oh, so we should all drive to the lowest common denominator?! I'd like to get out of first gear thanks. If the other folks on the road don't have the skill to drive or can't bother to pay enough attention then GET OFF THE ROAD. Driving isn't a god given right, it's a privilage (sp?). Let's up the driver's skill tests, make people really renew licenses, and get the morons off the road! I may not hit 90 all that often around here but I sure as heck hit 75 on a regular basis and 100 occasionally. 90mph is no big deal so long as traffic and road conditions permit. Nothing scary or magical about it, if you can drive 55 or 60 85 or 90 isn't that big a deal unless oyu're driving a piece of junk. In which case please stay to the right.
I hate the idea of red light cameras but with as many fools as we've to running lights here I'm starting to warm up to them. Funny though, if an officer was standing there manning the camera or pulling poeple over not only would they get enough revenue to pay his salary but they would help solve ht problem - why isn't this being done?
What burns ME the most is the "aggresive driver imaging in use" crap. Since when is a driver going 10mph over the limit "aggresive". That's a PC term for photo radar and the general public is too stupid to realize it and owuld go apeshit if they knew what it was. How nice of them to come up with a PC name for it to make us all feel warm and fuzzy...
You mean it's not legal to hook a VCR to the DirecTV boxes either?! Come on, the only difference here is quality!
Why is it such a big deal that we be allowed to record things we've paid for? I pay DISH a shitload of money per month for those channels and they in turn pay HBO and others - why can I not record that in digital quality legally? Yeah, if I DISTRIBUTE it I'm a dirtbag, fine. Why are YOU and the MPAA and the RIAA all ASSuming that I'll do this? What crap.
I see NOTHING illegal about this and if it'llsupport DISH I want one NOW. I wasn't aware that the Betamax timeshifting lawsuit specified that the consumer must put up with crap quality if they want to record. Did I miss that?!
Slashdot Mirror
There are plenty of purely civilian sorts of places that require amed guards and precautions. Why should we feel that only the military should be well protected?
As I type this there are a TON of pretty pissed off Postal workers who're finding out that they've just been chalked up as collateral damage. Sux huh? A gun at the gate or added search wouldn't have helped them in this case but I'll bet that if it could have they'd be mad it didn't happen, no?
I'll grant that as a civilian he doesn't have to subject himself to a search, certainly not without having been warned beforehand, but geez it's NOT just the military that's under attack now - it's you and me! Bin Laden thinks that all US taxpayers are as guilty as the armed forces - that's a threat and the US populace needs to wake up to this fact. They don't call this a WAR for kicks....
As much as I've always DESPISED airport security as being a joke (my Father worked for the airlines, I've got lot's of stories) I did have one encounter that surprised me a great deal.
:-(
:-) Will be a long while before my office let's me forget the vibrating bag check...
Flying from the East coast to 'Vegas I had boarded the plane and was awaiting the gate push back. Suddenly they're announcing my name over the PA asking me to come up front. Puzzled I walked on up and was told that I had to go down to the jetway and open my bag. Puzzled I went back to my seat to recover the keys from my girlfriend and headed down the steps to the ground.
Seems my bag was "vibrating" and they were a bit *concerned* by this. Sure enough, over the noise of the jets, I could feel some slight vibration. How the baggage handler had noticed this is beyond me but there it was - and I had NO idea what the heck was buzzing in there. I thought at first that it was my girlfriend's bag and that perhaps she had put something "extra" inside but the bag had MY tags not hers. I told the security guy point blank that I didn't know what was vibrating and he proceeded to list of a slew of things that "commonly" cause this problem! One of them is electric razors and sure enough I'd packed mine in there. Digging around in the bag I dug up my razor buried in the clothes buzzing away (sigh). No harm, no foul, apparently this occurs pretty often but I was shocked they noticed it. Made me feel a little better about security - until 9/11 that is
Embarrassed I climbed back up the stairs an announced to the plane's occupants who were staring at me that it was my girlfriend's bag not mine and just grinned. Problem solved, they pushed us back from the gate and we were on our way
First, is that good enough? I'd think it would require more than a simple wash, no?
:-)
Anyway, a friend of mine actually uses the same bag that he carries his guns to the range with as his carry on when he flies! When he told me this I was shocked as my bags have been "sniffed" more than once. He claims he's NEVER had a problem doing this in the past but that he won't be doing it in the future after we chatted about it. He wasn't aware of the chemical sniffers being used having never had to submit to one of those checks (sigh).
Yes, our airports have MUCH to learn about security. Creating a device that looks like it works but contains most anything you want would be pretty trivial for anyone with a modest amount of electronics knowledge. I've always laughed at the "power on" requirements as have friends. Just how stupid are these security people? That's a silly feel good for the bystanders, it provides zip in the way of real security!
For a real bit of fun try setting up a screen saver that "counts down" when the machine is powered up. Think you'd get some sort of reaction?
Yeah, prior to 9/11 you could take over a plane with a "box cutter" and hold a group at bay telling them you were "going back to the airport" but I'd hazard to guess that if you did that today you'd be attacked pretty quick. Would YOU sit still and believe them if they told you they weren't going to kill you? For that matter even if they claimed to have a bomb, as one group apparently did, would you sit still?
Personally I'd prefer to take my chances and try to take the plane back as chances of them not killing me anyway don't seem terribly high. That trick worked once, I doubt it'll work again. As we saw in PA it IS possible to stop a hijacking even if it's at th eexpense of our own lives. Given th ealternative of losing our lives AND having thousands of others killed at the same time I'd think that many people would prefer to take their chances...
National Institute of Health, not 7-11 right? It would be one thing if the material and information you were handling were non-threatening and your place of "business" didn't provide a nice ripe target but... it DOES! Frankly, if I worked in such a place and they DIDN'T have such searches I'd be unhappy.
We're presently living in a time where folks think it's funny to grind up Life Savers and leave them on desks to see the reaction. We're living in a time when sicko' mislead idiots send postmarked mail purporting to be from 4th Grade Elementary schools with ANTHRAX in it! We're living in a time where perfectly innocent people floating down a river minding their own business are getting buzzed by crop sprayers squirting only God knows what on them. And you're upset because someone is asking to poke through your things?! You're serious?
The place where you work is supposed to be concerned with public health, yes? What better place to spread something nasty to scare the public you're supposed to be worried about? It's quite possible that this has occured to your management and rather than sitting on their hands waiting to see if it occurs to someone else when employees start dropping dead they've chosen to take steps to protect both themselves and YOU. I'm surprised that yu're not just a little bit more appreciative of that fact. While they may be simply trying to cover their butts and protect themselves thay ARE also protecting you and making it that much harder for someone to commit some sicko' act. Perhaps six months ago when a few thousand other folks were still breathing and the idea of a plane crashing into a tall building was a Hollywood fantasy I'd have had some sympathy but right now I'm having a pretty tough time generating much of it. Believe it or not we're all in this together and it's not just about YOU. Bend a little and realize that what you give up in comfort provides a little comfort to your co-workers! I face shotguns and worse coming in the gate, while that would obviously freak you out I am happy that those folks are looking out for myself and my coworkers. I can only hope that they won't be needed!
Don't like it? Then quit and go work someplace that's a less interesting target like 7-11. There you've only got to worry about a gun in your face and a demand for mere money....
There are laws all over the place that would restrict you in other countries! :-) Unfortunatly in the case of the DMCA it's occuring in a ocuntry that's supposed to be "free" which makes it mighty ironic doesn't it? Travel to some of the armpits of the world and you'll see just how unjust some laws can be. Some countries will limit your education based upon gender for instance - not cool...
Microsoft, especially after some of the recent comments concerning publishing exploit code, would be about the LAST person to go against the DMCA. Give them a chance to go after folks publishing exploit code to demonstrate vulnerabilities and I'll bet they go after them. (sigh)
Microsoft doesn't appear to want good (secure) code, they appear to want to go after folks writing the demonstraiton code to cover up their mistakes....
Read it all - Microsoft used SHA-1, Eliptical Curve Encryption, a bastardized version of Base64 encoding, and I think even the kitchen sink to try and keep this from being reversed. They encrypted the comms between DLLs (!) to prevent anyone from being able to get anything from the calls going back and forth must have added a ton of overhead with all of this encryption. They even move the location of the key pairs on each machine that this junk is installed upon in order to prevent the keys from being easily extracted. Kripes, Microsoft went so far as to build in the capability to REVOKE the keys if they were ever published - this hack must be killing them :-)
:-)
All of that would've worked except that the code that actually USES the keys has to know where they're located and THAT code's location is static (lol). The author simply used THAT code to pull the keys for the decryption - I love it. I'll bet some poor schmuck MSFT techie is smacking his head going "Dammit!" right about now.
I'm not sure how Microsoft could've stopped this - obviously their bulletproof EULA didn't work (lol). At some point in the code something has to know how to pull the needed keys and I cannot imagine how they would've been able to shift the code that does the calling in every copy of Windows - something has to be static somewhere or at least the code to find the location does
Since Microsoft used code to detect debuggers I have to wonder how he did this - hacked the debugger too? Hack the code to stop the detection of the debugger? Or decompile the code in some fashion and step through it? (shiver)
If this was the creation of a single individual or even a team it's damned impressive! I hope that The Reg gets it's wish for some sort of an interview granted and that this person or team of persons releases more insightful cracks. This was pretty sweet IMO, my hat's off to this effort!
I know of a particular piece of mission critical software that a major vendor produces and that my customer uses. At least two individuals have commented on two seperate methods to compromise this piece of software using some valid but somewhat complex methods that required reverse engineering the product. The vendor has blown both of them off.
I have seen, in one case, a code demo that exploits this vulnerability according to the author. However due to a particular Russian hacker having been arested at DEFCON9 this year both authors have placed on hold plans to release these exploits. without that code I cannot prove to my customer, who doubts this will work, or to the vendor who's blown both of them off, that this is a problem. Both authors have published enough data on the issues that I firmly believe that they are correct but without "proof" neither my customer nor the vendor will do anything about it. Oddly enough it's NOT Microsoft that's got their head in the sand but IBM which is truly sad.
Attempts to get the code backdoored to me with a promise not to publicly release it have fallen on deaf ears so I can only hope that at some point the authors will feel able to release the code without being arrested the next time they set foot in the United States.
Such is the effect of the DMCA and believe me it REALLY sux!
I DO security work for a living and value the exploit code that's released a great deal. Tell a customer or admin that if they don't make some obscure Registry change to their system or stop using those damned stupid ODBC interfaces in IIS (Thank you RFP!) that "someone" will hack them they often give you this blank look. Or better yet they think that what you're saying is "purely theoretical" and could never happen to them. On the other hand when I hand them the list of passwords from their domain controller and explain to them it was all because they didn't bother to keep up with patches and setup things securely they tend to pay attention. If the admin doesn't pay attention to THAT then their management certainly does :-)
:-) Hence L0PHT's catchy byline about making the theoretical a reality or somesuch. I'm surprised that someonein this man's position appears to have forgotten the previous arrogance shown by his employer that got them into the situation they're in now. Microsoft fixed that particular VPN issue shortly after the code was released - a shame they were so arrogant in the first place.
:-)
Anyone but me recall when L0PHT told Microsoft their VPN code was crap? Microsoft's response was something along the lines of "that vulnerability is purely theoretical and we have no evidence of anyone having used it in the 'real world'". The next version of L0PHTCrack proved that the vulnerability wasn't simply a mind excercise
As an aside - is it just me or has the number of files\exploits posted to PacketStorm dropped a great deal in recent past? Where has all the code gone? BugTraq it is then
Ya', if you push a rotary into detonation then you do indeed run into reliablity "issues". However if you do not abuse it and stay within it's design it runs just fine for MANY miles. How many 1st gen RX7 do you see on the road? How about on the track? SCCA has an entire racing series dedicated to the little buggers! They're not perfect, they lack torque, but kripes they spin to 8K easily and if correctly geared make for a really wild ride. I worry that mine will blow but it just keeps going and I AM outside it's original design parameters :-) I worry that my other vehicles will blow too for that matter (lol). A shame they didn't turbo this new one - 10K redline is cool and all but imagine the difference it was forced induction!
Perhaps a little experience is in order for the original poster or he's abused one - been bitten - and is just upset about it? At least they don't cost a mint to replace, I could build two rotaries for what one decently built V8 runs...
Heh, and if you look at the animations of this new guy's engine it's obviously not a Wankel. I DO wonder where the heck the exhaust goes though. He claims no exhaust but I find that a bit hard to believe. In addition, if it's got anywhere near the temps that a Wankel has, due to the way it dumps damn near straight out of the cylinder, then the exhaust is going to be pretty hot. I'd like to see\hear one of those running. Wankels are pretty darned LOUD (exhaust) too!
www.tinysoftware.com It's not got the whistles that ZA has but it's a pretty darned nice personal firewall and it's free too.
As soon as I saw that I wondered how they were going to do that. Topical gel on what - half of their bodies tops? And notice that the guy does his legs and whatnot and that she ends up doing it over? Going to have to watch it again just to get a laugh...
Yeah, I guess his Dad could've been an engineer on the project and that now makes much more sense, thanks. Was buggin' me! I'll watch it a second time anyway just to try and get it all straight and I enjoyed it the first time. Besides, I didn't get the "shower scene" on tape (lol)! Sure was jarring and weird the way they did that but what the heck - it sets up some nice tension for later episodes...
You got the point. I've not got her pin-up over my bed. I enjoyed her role and even though she knew exactly why they had chosen her she still did a good job. We'll see how the new one works out, so far I've liked the show but the Maxim shoot made her out to be a bit trashy IMO.
:-)
Oh, and to the AC who says she's not really like that - how the heck would ya' know?! Do tell....
Who the heck wants to jump a pile of coat hangers anyway? Gimme' just a little bit of weight please! Who the heck wants these women who are so thin you could tie a string to that thing they call a bra and fly them like a kite?!
:-)
Having said that this one didn't look like her ribs were sticking out as badly as some others. Giver her a Big Mac or two and she might pass
I tought she was looking pretty sweet on the show but watching the Maxim photo shoot and reading some of the quotes attributed to her on that page I find her much LESS impressive now. I'd prefer to think she might have a brain between her ears but instead it seems she's into drugs. I'm not sure Maxim is doing her any favors with their article. I guess I'll have to look for it on the newstand and see if what was on the WEB was out of context. The video of her primping and having photos taken makes her look more like a street walker than a woman I could stand to be around. They ever do that with Jerry Rice?
I DO think she did a pretty good job on the show and I actually think I'll watch the series - it's a good premise. The soft p0rn was a little out of place but I'm not 12 and can deal. Some of the techno babble mighthave been a bit weak, it was hard catching much of it, but I can ignore some that and enjoy the plot. I htink doing this as a prequal is a good idea. I was interested to see how they would make this jive with the theater movie too - I'm not sure I lined up real well at all. I guess a few more flashbacks and it'll make more sense? Sure didn't see the guy's Dad as a booze swilling rebel type looking to crank up Steppenwolf!
We'll see, I'll watch it again on Saturday maybe.
These were burned on the A03 Pioneer writer. They were 4gig DVD and both DVD-R and RW played fine. My player is also a Pioneer unit but was more than a year old. We were surprised that it worked but both being Pioneer may have had somehting to do with it (shrug).
Isn't a lawyer that's trying to get him OUT of jail?
Come 'on - you can get pretty decent laptops for UNDER a grand now! Thousands more?! I'm sorry that you can't afford the Cadillac, try this Hyundai model - it works just fine.
3 95 1&product_id=1242616&path=0:3944:3951:4070:56812&d ept=3944
500mhz or higher laptops are in the $900-$1000 range from HP and others. Sure, the screen isn't 16inches, the HD not 20gig, and the RAM a little low (upgrades cheaply though) but this whine is just pathetic. Kripes, mine even had a silly DVD player in it. Get your head out of the sand and shop around a little and stop talking out of your ass.
Watch your WalMart ads, that's what I did and I've got a servicable laptop without having to get a loan. They sell off last years models at fire sale prices and they work fine.
http://www.walmart.com/catalog/product.gsp?cat=
There was another one in a recent sales ad too, an HP model think, that now sells for LESS than what I paid for mine, has 200mhz more CPU, a faster DVD, and a drive double the size of the one I bought! Heck, I just took the online sales-ad into my local store, had them match the price, and walked out with my new toy....
This is an investment in YOUR future, don't be penny wise and pound foolish!
I'm trying to get hold of "Noise" who runs an anonymous remailer (and spoke about it at DECON 8)- I've got a pic from DEFCON 9 for her and have lost her E-mail. Some help please?
Thanks!
P.S. Yes h ee-mail address above works but I dump SPAM like mad.
Okay, I'm responding to a Troll and I know it but...
:-)
SPAM is NOT free speech! If I stand outside your door at 3AM with a bullhorn and "tell you about my issue" is that okay?! It shouldn't be but by your standards it would be - no thanks!
Try running a mail server these days. I've got a friend with a small business who's mail server has to withstand brute force password attacks, folks who send mail to any address they think MIGHT exist on the server, and a whole host of other dirty tricks being done by the idiots who want to "tell me about their issue". Why don't these idiots put up their own mail server and send ATTRIBUTED mail? I'll tell you why - it's because people like ME would put them in their SPAM filters and NEVER see the mail after that first one that's why! Should that not give them a clue that their message is one I don't wish to hear? Apparently not becasue they'll resort to any tricks they can think of to sneak their message into my mailbox - even though they KNOW I don't want it! They troll through sites like this one with their bots, through sites like E-Bay, and through all sorts of other sneaky means to include putting cookies in their crap so they know if I've looked at it in order to get valid E-mail addresses.
If these jerks have to goto those lengths to figure out who's reading their junk and to hide from those of us who wish to tell them to stick their message up their ass then it's not free speech anymore than yellig FIRE! in a crowded theater is. Why should I as an end-user be forced to go through mail address after mail address to avoid these folks, why should I endure that burden and make MY life harder as a result?
FWIW - my friend's mail server has been using the various black hole lists forever and he's had to resort to literally blocking out entire IP blocks at his router too. These are the only things that keeps his mail SPAM free, if you think that the cost of doing this is nearly zero you need to get a clue. SPAM is NOT free by any means, not when it's in the volumes that it is and not when these people have to hack servers to disguise their origins.
I'm thinking it's time we hung a few of these more prolific SPAM mongers as an example to all of the others
We have the right to face our accusors (sp?) in this country. When a mechanical device is used to "accuse" you there's no ability for you to "face" that and dispute the accusation.
Sadly, I'm actually finding myself warming up to red light cameras. I don't know why so many people have begun to think it's okay to run red lights, I used to think it was just in my area. I took a long trip by car recently and found that this wasn't so - I was shocked!
What's happened that has allowed everyone to think it's okay to run red lights? It wasn't this bad 10 years ago I'm sure. What has changed? Is it the youth of today or the general feelings of the country? I'm truly puzzled but I DO try my best not to run them - it's just stupid. Speeding on the other hand, I drive what's comfortable and prudent and pay little if any attention to the posted limits.
I HAVE found the new popularity in my area of signs on speed limit posts that say "additional $200 fine for speeding" to be a bit disturbing though. Who makes these decisions and why is the public so shortsighted as to allow it?!
Oh, so we should all drive to the lowest common denominator?! I'd like to get out of first gear thanks. If the other folks on the road don't have the skill to drive or can't bother to pay enough attention then GET OFF THE ROAD. Driving isn't a god given right, it's a privilage (sp?). Let's up the driver's skill tests, make people really renew licenses, and get the morons off the road! I may not hit 90 all that often around here but I sure as heck hit 75 on a regular basis and 100 occasionally. 90mph is no big deal so long as traffic and road conditions permit. Nothing scary or magical about it, if you can drive 55 or 60 85 or 90 isn't that big a deal unless oyu're driving a piece of junk. In which case please stay to the right.
I hate the idea of red light cameras but with as many fools as we've to running lights here I'm starting to warm up to them. Funny though, if an officer was standing there manning the camera or pulling poeple over not only would they get enough revenue to pay his salary but they would help solve ht problem - why isn't this being done?
What burns ME the most is the "aggresive driver imaging in use" crap. Since when is a driver going 10mph over the limit "aggresive". That's a PC term for photo radar and the general public is too stupid to realize it and owuld go apeshit if they knew what it was. How nice of them to come up with a PC name for it to make us all feel warm and fuzzy...
You mean it's not legal to hook a VCR to the DirecTV boxes either?! Come on, the only difference here is quality!
Why is it such a big deal that we be allowed to record things we've paid for? I pay DISH a shitload of money per month for those channels and they in turn pay HBO and others - why can I not record that in digital quality legally? Yeah, if I DISTRIBUTE it I'm a dirtbag, fine. Why are YOU and the MPAA and the RIAA all ASSuming that I'll do this? What crap.
I see NOTHING illegal about this and if it'llsupport DISH I want one NOW. I wasn't aware that the Betamax timeshifting lawsuit specified that the consumer must put up with crap quality if they want to record. Did I miss that?!