The mostly likely one is that exploits are intentionally broken when released. The reasons why are numerous and have been discussed before. But it's common to find exploits that have intentional programming errors. Every so often, an exploit author will release a "working" exploit on BugTraq. When this happens, the author is typically flammed because he didn't break the exploit.
Another common cause is the author didn't design the exploit to be portable. If the author returned to libc in the exploit and they wrote it on say a Slackware system, the exploit probably will not work as written on FC2.
There are times when vulnerabilities exist only when a complex list of environmental conditions are met. A certain kernel version, using a certain version of libc, compiled with a certain version of gcc with a particular compiler option, on a particular filesystem.....
The use of the Check Engine light is not new. I had an 86 Nissan pickup that would turn on the check engine light every 50,000 miles. At the time, there wasn't any publically available information on how to turn the light off. So you had to take it down to the local Nissan dealer and pay them $50 or so to turn it off. The hard part was telling them "No" to all the additional work they insisted was necessary. The first time it happened, they paraded 4 different people in front of me threatening everything from they wouldn't give me back the vehicle since it was unsafe to drive to they were going to cancel the warrenty. Social engineering at it's best....
Having taught a few Linux based courses at a community college, I can tell you that finding a good text book is not easy. I don't have my masters yet, so they following is just from personal experience.
Start by making an outline for the class. How many class meeting will you have? What to want to teach? What do you think is important? Then break up what you want to do into subjects that can be taught individually. Use your own opinion as to how the course should flow and what seems logical to you. You are teaching the course. Trying to teach a subject out-of-order (in your opinion) will not only confuse the students but it will also frustrate you.
After you have an outline of how you are going to teach the course, try to find a book that closely follows your outline. This is the hard part. You are rarely going to find a book that presents a subject the way you would like it to be presented. This is the reason why some of the best books on a subject are not the best ones to teach from. This is also why instructors write their own books, so that they can follow how they think the subject should be taught.
If all else fails, pick a good book that the student can use as a reference after the course. What you will end up with is a good book, but you'll be jumping around within the book like a lot of instructors end up doing.
One of the problems I've seen are when a certain subject gets taught by multiple instructors. Then the department has to pick one book that everyone will use. This book usually ends up being a compromise that noone likes. There's not much you can do in this situation other than try to influence the choice of the text book in the future. If you are only teaching part time, don't be surprised if you are ignored.
Get a couple of books that discuss how to teach. Some of the better ones are actually short in length. One of the most important things I learned from one is that students will do most of their learning on their own. You are just there to present the information and to guide them.
You also need to know the subject well enough to give intelligent sounding answers to off the wall questions. Don't say you don't know. Instead, tell the students that you can't remember the answer off the of your head and that you'll get back to them (or some other excuse).
The books on how to be an instructor will give you some good advice on how to handle situations you are going to be unprepared for.
Isn't generally available yet?
on
SHA-1 Broken
·
· Score: 1
If your passwords are less than 14 characters in length, periodically changing them will not improve security. It only takes 64GBs to hold every possible combination of password up to 14 characters using the following (include the space as part of the character set):
He monitored 60 channels for 36 hours for only 4 words - Norton, Symantec, Jasc, and Microsoft.
He then determines that out of 10588 instances of those words, they were only used 10 times legally. Based on this, he concludes that 99.9% of all IRC traffic is illegal. But he doesn't define what is illegal (other then mention that he's monitoring for warez). He doesn't mention what percentage of these "key words" were in relation to the rest of the conversations. He also doesn't take into account what percentage of the traffic these 60 channels make up out of all of the IRC traffic.
And this study was for his Ph.D. thesis. I really hope he fails. We don't need Ph.D's that come to wild conclusions based off of the poor analysis of data.
As someone else mentioned, he went looking for warez and found it.
Maybe the real result is just scattering radiation from the Air Force's airborne laser test fires...
The conspiracy theorists are simply amazing. So a test of an airborne laser over the Pacific is "scattering" into the cockpits of airplanes near Cleveland and Colorado Springs? The last test in December was aborted before the missle even got off of the ground.
Dude, you need to pass around whatever it is that you are smoking....
any laser that the general public can get their hands on will DO NO DAMAGE to a pilot or even distract them.
There's already one report of a pilot having his eyesight damaged because of a laser being shined into the cockpit of an airplane that he was flying.
this is nothing but a bunch of people freaking out about isolated incidents.
Tom Clancy used the idea of blinding pilots in his book "Debt of Honor". However, high powered strobe lights was used instead of lasers. A number of news reports picked up on this when it first become public in the beginning of December.
While your average laser pointer couldn't do much, it's not hard to get higher powered lasers for educational or commercial purposes.
if I was able to get my hands on a targeting laser, Yes, that MIGHT be able to hit the cockpit window because of the gyro stablization of the optics and laser, but then it's infrared so NOBODY would know it was hitting it!
I guess you never tried to shine sunlight into someones eyes with a mirror as a kid. It's not as hard as you think, even with a moving target. No, it wouldn't be a steady beam shining into the cockpit. But with a stong enough laser, the beam wouldn't need to be steady.
Do you really think that a terrorist organization that is determined and resourced enough to pull off 9/11 couldn't get ahold of a few high powered lasers?
Yeah, stupid rate limiter made your post come up before mine. I'm just waiting for the -1 Redundant now....
That's not always the case. If a moderator has his setting to read "Newest First", then the moderator will see your post first. I've had a few posts moderated as redundant because I was the first one to make an obvious comment.
anet Ruhl's Answers for Computer Contractors: How to Get the Highest Rates and the Fairest Deals from Consulting Firms, Agencies, and Clients
ISBN: 0964711621
Buy it from your favorite online bookstore and have them overnight it to you!!
You are on unfamiliar territory and can very easily be taken advantage of. There are a lot of pitfulls with computer consulting/contracting. However, the rewards are well worth it if you know what you are doing.
For someone who didn't start posting until the 6th of September of this year, all of your posts are very anti-Bush, anti-Republican, and anti-government (blame the Republicans).
One potential problem is that samples taken from people with short hair will only give a limited history of very recent movements - leading to the suggestion that criminals or asylum seekers may shave their heads to destroy information on their past whereabouts.
That's it, I'm going to shave my head and be bald from now on.
... someone breaks the encryption or guesses the correct key? Since they will probably allow for seperate keys for each person who purchases a key, the number of valid keys should be fairly large.
http://www.gobpl.com/ - This site makes it sound like there is not much future in BPL.
http://vhfgroup.rochesterny.org/downloads/ - A couple of MP3's of the interference.
http://iwce-mrt.com/ar/radio_bpl_deployments_fir e/ - FEMA, which has a lot more influence that the ARRL, is siding againt BPL.
Any wire can act as antenna. Power lines by themselves give off a signal. But because power lines are not perfect antennas, efforts to limit any interference caused by BPL will not be 100% effective. What will kill BPL is if it's starts interfering with emergancy services (FEMA) or consumer products.
Personally, I'd be more concerned about the privacy issues. Any data on the power lines is essentially being transmitted to anyone with a radio who happens to be able to pick up the signal. Spread spectrum technology would help with privacy concerns.
This sounds like a fun project, sniffing traffic from power lines....
From the Forward of Know Your Enemy, Second Edition:
A random computer on the Internet is scanned dozens of times a day. The life expectancy, or the time before someone successfully hacks, a default installation of Red Hat 6.2 is less than 72 hours. A common home user setup, with Windows 98 and file sharing enabled, was hacked five times in four days. Systems are subject to NetBIOS scans an average of 17 times a day. And the fatest time for a server being hacked: 15 mintues after plugging it into the network.
If you use the default install of an old, vulnerable OS install without patching it or disabling unneeded services, the average attacker will know more about your system than you. Nice to see the media is finally catching on. Hopefully the unwashed masses will follow suit.
It can take less than a minute to obtain an individual student's email password. A student at College B whose password was compromised told The OxStu: "It's absolutely ridiculous that security could be so light. I'll certainly be changing my password regularly in the future."
I should come up with a "Security Advisory" that discusses how insecure email passwords are. How many reporters do you think I could fool with it?
"A major security flaw was found in email today. Your email client may be leaking your password out onto the internet for hackers to see. Users should change their password on a weekly basis to protect themselves. People are also being told that they should stop using the words 'Love, Secret, Sex, and God' as their passwords. More at 11."
Slashdot Mirror
There are several possible causes for this.
The mostly likely one is that exploits are intentionally broken when released. The reasons why are numerous and have been discussed before. But it's common to find exploits that have intentional programming errors. Every so often, an exploit author will release a "working" exploit on BugTraq. When this happens, the author is typically flammed because he didn't break the exploit.
Another common cause is the author didn't design the exploit to be portable. If the author returned to libc in the exploit and they wrote it on say a Slackware system, the exploit probably will not work as written on FC2.
There are times when vulnerabilities exist only when a complex list of environmental conditions are met. A certain kernel version, using a certain version of libc, compiled with a certain version of gcc with a particular compiler option, on a particular filesystem.....
http://www.gao.gov/new.items/d05471.pdf
"As a region, Asia controls only about 9 percent of the allocated IPv4 addresses, and yet has more than half of the world's population."
The use of the Check Engine light is not new. I had an 86 Nissan pickup that would turn on the check engine light every 50,000 miles. At the time, there wasn't any publically available information on how to turn the light off. So you had to take it down to the local Nissan dealer and pay them $50 or so to turn it off. The hard part was telling them "No" to all the additional work they insisted was necessary. The first time it happened, they paraded 4 different people in front of me threatening everything from they wouldn't give me back the vehicle since it was unsafe to drive to they were going to cancel the warrenty. Social engineering at it's best....
Having taught a few Linux based courses at a community college, I can tell you that finding a good text book is not easy. I don't have my masters yet, so they following is just from personal experience.
Start by making an outline for the class. How many class meeting will you have? What to want to teach? What do you think is important? Then break up what you want to do into subjects that can be taught individually. Use your own opinion as to how the course should flow and what seems logical to you. You are teaching the course. Trying to teach a subject out-of-order (in your opinion) will not only confuse the students but it will also frustrate you.
After you have an outline of how you are going to teach the course, try to find a book that closely follows your outline. This is the hard part. You are rarely going to find a book that presents a subject the way you would like it to be presented. This is the reason why some of the best books on a subject are not the best ones to teach from. This is also why instructors write their own books, so that they can follow how they think the subject should be taught.
If all else fails, pick a good book that the student can use as a reference after the course. What you will end up with is a good book, but you'll be jumping around within the book like a lot of instructors end up doing.
One of the problems I've seen are when a certain subject gets taught by multiple instructors. Then the department has to pick one book that everyone will use. This book usually ends up being a compromise that noone likes. There's not much you can do in this situation other than try to influence the choice of the text book in the future. If you are only teaching part time, don't be surprised if you are ignored.
Get a couple of books that discuss how to teach. Some of the better ones are actually short in length. One of the most important things I learned from one is that students will do most of their learning on their own. You are just there to present the information and to guide them.
You also need to know the subject well enough to give intelligent sounding answers to off the wall questions. Don't say you don't know. Instead, tell the students that you can't remember the answer off the of your head and that you'll get back to them (or some other excuse).
The books on how to be an instructor will give you some good advice on how to handle situations you are going to be unprepared for.
You can either spend a few months creating your own Rainbow Tables http://www.antsight.com/zsl/rainbowcrack/, or you can buy the 64GB tables for $640, http://www.antsight.com/zsl/rainbowcrack/rt_price. txt.
He monitored 60 channels for 36 hours for only 4 words - Norton, Symantec, Jasc, and Microsoft.
He then determines that out of 10588 instances of those words, they were only used 10 times legally. Based on this, he concludes that 99.9% of all IRC traffic is illegal. But he doesn't define what is illegal (other then mention that he's monitoring for warez). He doesn't mention what percentage of these "key words" were in relation to the rest of the conversations. He also doesn't take into account what percentage of the traffic these 60 channels make up out of all of the IRC traffic.
And this study was for his Ph.D. thesis. I really hope he fails. We don't need Ph.D's that come to wild conclusions based off of the poor analysis of data.
As someone else mentioned, he went looking for warez and found it.
Dude, you need to pass around whatever it is that you are smoking....
While your average laser pointer couldn't do much, it's not hard to get higher powered lasers for educational or commercial purposes.
I guess you never tried to shine sunlight into someones eyes with a mirror as a kid. It's not as hard as you think, even with a moving target. No, it wouldn't be a steady beam shining into the cockpit. But with a stong enough laser, the beam wouldn't need to be steady.Do you really think that a terrorist organization that is determined and resourced enough to pull off 9/11 couldn't get ahold of a few high powered lasers?
No g-news is good g-news unless its Gary Gnu's.
anet Ruhl's Answers for Computer Contractors: How to Get the Highest Rates and the Fairest Deals from Consulting Firms, Agencies, and Clients ISBN: 0964711621 Buy it from your favorite online bookstore and have them overnight it to you!! You are on unfamiliar territory and can very easily be taken advantage of. There are a lot of pitfulls with computer consulting/contracting. However, the rewards are well worth it if you know what you are doing.
I got over Slackware dropping Enlightenment. Getting over Gnome being dropped from the distro should be easy.
http://cryptome.org/fbi-imc.htm
http://cryptome.org/fbi-imc/fbi-imc-doc.htm
http://cryptome.org/rackspace-axe.htm
http://slashdot.org/~Futurepower(R)
For someone who didn't start posting until the 6th of September of this year, all of your posts are very anti-Bush, anti-Republican, and anti-government (blame the Republicans).
You are nothing more than a troll.
... someone breaks the encryption or guesses the correct key? Since they will probably allow for seperate keys for each person who purchases a key, the number of valid keys should be fairly large.
http://www.gobpl.com/ - This site makes it sound like there is not much future in BPL.
r e/ - FEMA, which has a lot more influence that the ARRL, is siding againt BPL.
http://vhfgroup.rochesterny.org/downloads/ - A couple of MP3's of the interference.
http://iwce-mrt.com/ar/radio_bpl_deployments_fi
Any wire can act as antenna. Power lines by themselves give off a signal. But because power lines are not perfect antennas, efforts to limit any interference caused by BPL will not be 100% effective. What will kill BPL is if it's starts interfering with emergancy services (FEMA) or consumer products.
Personally, I'd be more concerned about the privacy issues. Any data on the power lines is essentially being transmitted to anyone with a radio who happens to be able to pick up the signal. Spread spectrum technology would help with privacy concerns.
This sounds like a fun project, sniffing traffic from power lines....
Someone must be going though withdrawls over Jennicam shutting down.
Which operating system was being used?
"A major security flaw was found in email today. Your email client may be leaking your password out onto the internet for hackers to see. Users should change their password on a weekly basis to protect themselves. People are also being told that they should stop using the words 'Love, Secret, Sex, and God' as their passwords. More at 11."