...either a troll or a really incompetent programmer. Expect your job being shipped to India, where somebody with a functionning brain will take over....
Care to name that 1.3 only IDE and those numerous API changes?
In France I've seen traffic where the slowest lane was 150km/h (speed limit is 130km/h).
Europeans drive way faster, period.
Plenty of reasons to that one is that average age of vehicule is lower and that periodic mandatory inspection keeps moving piles of rust out of the roads.
The other reason is that European drive better, because driver license is actually hard to get, usually taking a few dozen hours of lessons before being able to pass the exam, compare that to America... (I know only about California driver licenses in fact, maybe some other state has something closer to the European system).
I'd like to know the percentage of American able to handle a manual gearing car...
He did not write it alone, one must not forget the work of Tatu Ylonen but singlehandledly wrote the SSH2 support integrated in the same daemon (ssh.com one forks a different daemon based on the protocol) in a very short time, making it the best SSH implementation around.
Each time some BSD code is incorporated in a proprietary product the world is likely a better place, you don't want everyone and his dog coding an IP stack, if it was the case it would not be some unpatched windows boxes that would be used as attack launch points, the would be everything from your fridge to your car...
BTW the license does not discourage anything, it just does not make it mandatory. Common sense makes contributing back a good thing, as maintaining a fork is likely more expensive that contributing back your valuable intellectual property would cost you.
Cracking RC5 has nothing to do with factorization.
RC5 is a symetric crypto algorithm and winning the challenge is not a matter of smart algorithms like in the factorization case but of brute force, because one "just gave to" try all keys (statistically speaking you're likely to try about half of them, i.e. 2^71 keys) until one decipher the challenge in something meaningful. (in the case at hand recognizing something meaningful is easy as part of the text in the message is already known, in the real world it is not always the case). This is a really easy problem to distribute (just allocate some key space to each volunteer and have them report back once they're done if they found it or not), unlike the GNFS algorithm where you must have a big computer with very fast RAM to hold a giant matrix in the last phase, something you can't get at Best Buy.
Please go chase some car on the highway, it'll clean the gene pool.
Cisco PIXes are configured the old way thru SSH (ok, there's a Web interface, never heard of anyone using it) and they sell pretty well. Cisco do have a (laughable) management solution that includes a GUI but almost nobody use it as it plain sucks (simply installing it is a nightmare, plen,ty of dependencies...). The nice thing is that it provides a nice market for third party solutions to do that job...
So having a GUI is not a prerequisite for enterprise acceptance. Even if being Cisco sure helps...
Rarely the level of features and performances that people are used too... Find me something with the level of functionality of bind and that scale, i'm interrested...
I'm all for fixing the roots of the problem but it takes time and before it's ready some simple things can plug numerous holes...
The other meaning is not exactly prince (that in French is prince too) but French royal crown inheritor. And that word had no meaning for a while as France is a republic...
...but there is one (from the same manufacturer, Eurocopter...)
Here's the Panther helicopter. It's a militarized Dauphin (dolphin in French). Anyway those are not kraut helo but really European ones even if Germany and France are the most involved...
To have the code jump at some unintended place, like that $HOME environment variable where you conveniently put your shellcode. What happens when the section where environment variables are is not executable as it should be? Program segfaults instead of the machine being owned...
It'd be nice to prevent buffer overflows in the first place, but errors do happen and having a single line of defense is a really bad idea if it is ever breached...
The good attitude is do the most you can to prevent buffer overflows (by any means necessary, code reviews, replacing unsafe APIs like OpenBSD did replacing all occurences of strcpy(), strcat(3) and sprintf(3) by safer counterparts) and having tight memory protection. Add to that some privilege separation work, chroot(2) anything chrootable and you have way better sleep...
BTW, reading on PaX you'll probably stumble on them badmouthing OpenBSD ("them" most likely being fanboys than developpers), this childish attitude from a certain base of users do them nothing but harm...
OpenBSD's W^X (magicpoint slides) and Linux grsecurity PaX both use that on x386 but it has its limitations, think for example that every shared library has its own code and data section (to oversimplify) and you have to do heavy manipulation to cram each part in the right segment... Having a per page protection is way better, more convenient and do not sacrifice usability for security (forget Java with PaX, OpenBSD gets by being slighly less secure, but at least not breaking well known Unix semantics like PaX...).
This syscall exists since about forever and is pretty standard on *nix platforms. Any well written on the fly code generating code is already relying on it.
It's not exactly like you are the first to foresee the problem...
This syscall exists since about forever and is pretty standard on *nix platforms. Any well written on the fly code generating code is already relying on it.
It's not exactly like you are the first to foresee the problem...
Slashdot Mirror
Care to name that 1.3 only IDE and those numerous API changes?
In France I've seen traffic where the slowest lane was 150km/h (speed limit is 130km/h).
Europeans drive way faster, period.
Plenty of reasons to that one is that average age of vehicule is lower and that periodic mandatory inspection keeps moving piles of rust out of the roads.
The other reason is that European drive better, because driver license is actually hard to get, usually taking a few dozen hours of lessons before being able to pass the exam, compare that to America... (I know only about California driver licenses in fact, maybe some other state has something closer to the European system).
I'd like to know the percentage of American able to handle a manual gearing car...
On word: OpenSSH.
He did not write it alone, one must not forget the work of Tatu Ylonen but singlehandledly wrote the SSH2 support integrated in the same daemon (ssh.com one forks a different daemon based on the protocol) in a very short time, making it the best SSH implementation around.
Well, where have you been...
Ferrari has 13 constructor championship titles and 9 Ferrari driving pilots won the drivers championship...
Should know that underscores are forbidden in hostnames...
This post by Marius Amodt Eriksen is most insightful.
K5 or any other scoop based site for that matter. Community edited is the keyword you're looking for.
Spreading technology, not ideology...
Each time some BSD code is incorporated in a proprietary product the world is likely a better place, you don't want everyone and his dog coding an IP stack, if it was the case it would not be some unpatched windows boxes that would be used as attack launch points, the would be everything from your fridge to your car...
BTW the license does not discourage anything, it just does not make it mandatory. Common sense makes contributing back a good thing, as maintaining a fork is likely more expensive that contributing back your valuable intellectual property would cost you.
It just took some time to get to the marketoid...
Factorization of RSA-576
Cracking RC5 has nothing to do with factorization.
RC5 is a symetric crypto algorithm and winning the challenge is not a matter of smart algorithms like in the factorization case but of brute force, because one "just gave to" try all keys (statistically speaking you're likely to try about half of them, i.e. 2^71 keys) until one decipher the challenge in something meaningful. (in the case at hand recognizing something meaningful is easy as part of the text in the message is already known, in the real world it is not always the case). This is a really easy problem to distribute (just allocate some key space to each volunteer and have them report back once they're done if they found it or not), unlike the GNFS algorithm where you must have a big computer with very fast RAM to hold a giant matrix in the last phase, something you can't get at Best Buy.
Please go chase some car on the highway, it'll clean the gene pool.
How appropriate...
Cisco PIXes are configured the old way thru SSH (ok, there's a Web interface, never heard of anyone using it) and they sell pretty well. Cisco do have a (laughable) management solution that includes a GUI but almost nobody use it as it plain sucks (simply installing it is a nightmare, plen,ty of dependencies...). The nice thing is that it provides a nice market for third party solutions to do that job...
So having a GUI is not a prerequisite for enterprise acceptance. Even if being Cisco sure helps...
Because if any free Unix (sue me SCO!) will do OpenBSD already supports that (since 3.4, and way faster support coming in 3.5).
Rarely the level of features and performances that people are used too... Find me something with the level of functionality of bind and that scale, i'm interrested...
I'm all for fixing the roots of the problem but it takes time and before it's ready some simple things can plug numerous holes...
Start by rewriting bind in the safe language of your choice...
In the meantime, people are working at making current code that people are relying on more secure...
Until you have something to show, STFU...
I am French.
The most common meaning for dauphin is dolphin.
The other meaning is not exactly prince (that in French is prince too) but French royal crown inheritor. And that word had no meaning for a while as France is a republic...
Here's the Panther helicopter. It's a militarized Dauphin (dolphin in French). Anyway those are not kraut helo but really European ones even if Germany and France are the most involved...
The Tiger attack helicopter.
The Tiger may well be the last manned combat helo, the battlefield of the future belongs to drones it seems...
To have the code jump at some unintended place, like that $HOME environment variable where you conveniently put your shellcode. What happens when the section where environment variables are is not executable as it should be? Program segfaults instead of the machine being owned...
It'd be nice to prevent buffer overflows in the first place, but errors do happen and having a single line of defense is a really bad idea if it is ever breached...
The good attitude is do the most you can to prevent buffer overflows (by any means necessary, code reviews, replacing unsafe APIs like OpenBSD did replacing all occurences of strcpy(), strcat(3) and sprintf(3) by safer counterparts) and having tight memory protection. Add to that some privilege separation work, chroot(2) anything chrootable and you have way better sleep...
With some documentation here: http://pax.grsecurity.net/.
BTW, reading on PaX you'll probably stumble on them badmouthing OpenBSD ("them" most likely being fanboys than developpers), this childish attitude from a certain base of users do them nothing but harm...
OpenBSD's W^X (magicpoint slides) and Linux grsecurity PaX both use that on x386 but it has its limitations, think for example that every shared library has its own code and data section (to oversimplify) and you have to do heavy manipulation to cram each part in the right segment... Having a per page protection is way better, more convenient and do not sacrifice usability for security (forget Java with PaX, OpenBSD gets by being slighly less secure, but at least not breaking well known Unix semantics like PaX...).
By the way... What is (or is there) the Windows equivalent?
See mprotect(2).
This syscall exists since about forever and is pretty standard on *nix platforms. Any well written on the fly code generating code is already relying on it.
It's not exactly like you are the first to foresee the problem...
I think I just made a dupe comment...
mprotect(2).
This syscall exists since about forever and is pretty standard on *nix platforms. Any well written on the fly code generating code is already relying on it.
It's not exactly like you are the first to foresee the problem...