You just have to explicitly mprotect(2) the memory where it happen with PROT_EXEC|PROT_WRITE. The fact that on some OSes it can work without doing that is actually a bug in these OSes.
What the change is doing is the right thing, using a minimum privilege way to achieve more security. If some static code actually contain data that look like machine code it could be executed this wont be possible anymore.
Non executable stack by itself was far from enough as most program have some way of putting things on the heap or elsewere for an attacker and he could jump there instead of jumping on the stack. Coding an exploit for OpenBSD will get real tough now, even if there's an actual buffer overflow.
Most of my non techie friends greatly enjoy sending HTML mail, wether using Outlook or sendmail, but they sure never promise me a bigger penis or firmer breast using 100% natural herbal pills.
HTML is definitely not a classifier of spam, at most one of computer illiteracy.
The idea is to have a corpus of spam and a corpus of ham, to append the new message to it and to see in which case the message to test compresses best to classify it.
/. journalism at its best, now people have neurons in their feet. The morinic submitter meant nerve I think...
CRCs detect errors, don't correct them
on
Fields Medals awarded
·
· Score: 2, Informative
And that do no good if you can't retransmit the information, eitheir because impractical (e.g. space probe really far away) or because you're reading from some damaged media (e.g. scratched CD). That's where error correcting code are used. You usually design you code to withstand some kind of error rate (e.g. 1% of the bits are reversed) and the right code can ensure by encoding data with some redundancy that your data comes intact.
Old one used where things inspired by the work of guis like Hamming, Berlekamp, Massey, Reed and Solomon (used in satelite transmissions and CD reading). Sundan's work should be an improvement over that and will be used everywhere.
I'd recommend at least 4096 bits for new keypairs. It may or may not be overkill, but modern computers are fast enough that the time it takes to cipher with a longer key is still insignificant in the course of normal usage.
This may be true for something like PGP because you only send that many email a day, but for a https server it will make a huge difference in the connection rate that you'll be able to sustain, RSA computation being by far where most of the CPU is spent. 4096 keys are not viable in a web context. By the way many toolkits support RSA keysize only up to 2048 bits.
Most bugs are found by the developers themselve while doing code review, this help if their schedule have time geared toward review and not only coding.
Then using the right programming langage and the right engineering practice help.
Most modern langages don't suffer from buffer overflow and have eliminated most memory leaks. Increased support by tools af design by contract and the like will help.
Good testing practices like those used in JUnit (unit testing) help tremendously too.
The bulb glows because the buld is hot. The bulb don't have the time to become cold in only 1/60th of second. Common lights are not blinking, it takes a few sine wave for them to be hot enough and a few ms for them to become so cold taht they don't glow.
Since strncpy() does exactly the same thing, just don't bothering always NUL terminating the resulting string.
Data discarding can be detected by checking return values, you can't do much against people not checking the result of their call. The question is, what API is the less troubling ? strncpy() or strlcpy() ?
Should you have any questions, please contact Nintendo of America Inc. at the following address, telephone and fax numbers, and/or e-mail address:
Nintendo of America Inc.
Attn: Anti-Piracy Group
4820 150th Ave. NE
Redmond, WA 98052
Telephone: 425-861-2187
Fax: 425-882-3585
E-mail: Noalegal@noa.nintendo.com
Is Redmond, WA really the source of all the evil in the world ?
<TROLL>Osama, if you're still alive and still want to play with bioweapon, start there !</TROLL>
The whole point of OpenBSD being permitting any derivative work, something that the IPFilter licence don't provide (anti-GPL clause, not necessary a bad thing but not as free as the BSD licence).
It seems that it's a plain OpenBSD 3.0 with IPFilter
integrated, somethin that you could do yourself but Darren is nice enough to provide a compiled version.
No worry there, it's still OpenBSD, the whole point of the OpenBSD philosophy is to permit derivative works.
Any online references for your numbers ?
on
The Euro
·
· Score: 1
Have you any references for your numbers not coming from a tory newspaper ?
From a look at this page the only thing better than France that you have is lower unemployement rate, but you are poorer, have more inflation and less growth...
Interesting that Loft Story is the more popular TV request. For those who don't know Loft Story was the French version of Big Brother, with only a few variation.
The funny thing is that we actually got a couple fucking (there was a hottie stripper among the candidate, she eventually won, search for Loana), and if it was not shown on TV, the whole thing eventually leaked as MPEGs on the Internet (filmed in infrared:-)), so all those Loft Story request where really people looking for pr0n...
First off, you don't even need to own ANY ip addressed to do multihoming. You could NAT all of you LAN boxes up into the single/30 advertisement that your ISP(s) are going to give you for the serial interface on your router
Yeah, and you'll enjoy full IP so much. There's more to the Internet than just Web, plenty of protocols can't be NATted easily, ftp and H323 (Netmeeting) come to mind.
What you are promoting is not Internet access, it's AOL for everyone. NAT is the problem, not the solution.
Many Cisco boxes will die in the near future if not upgraded, as their old routing engines run out of memory, and despite the fact that PC memory is cheap, router memory often is not. Especially when you have to install it on the tens of thousands of routers any decently sized ISP will have.
Yeah, like router obsolescence is not made even faster by bandwidth requirement increase than by routing table growth.
And show me an ISP with tens of thousands of border routers. You know than you run BGP only or border routers little wanabee ? You run OSPF inside your network and don't encounter the same set of problems at all.
I really hope that everyone will have the right to get its own IPv6 block.
Slashdot Mirror
You just have to explicitly mprotect(2) the memory where it happen with PROT_EXEC|PROT_WRITE. The fact that on some OSes it can work without doing that is actually a bug in these OSes.
What the change is doing is the right thing, using a minimum privilege way to achieve more security. If some static code actually contain data that look like machine code it could be executed this wont be possible anymore.
Non executable stack by itself was far from enough as most program have some way of putting things on the heap or elsewere for an attacker and he could jump there instead of jumping on the stack. Coding an exploit for OpenBSD will get real tough now, even if there's an actual buffer overflow.
Is thinking Hotmail then writing sendmail a precursor sign for some mental desease?
Most of my non techie friends greatly enjoy sending HTML mail, wether using Outlook or sendmail, but they sure never promise me a bigger penis or firmer breast using 100% natural herbal pills.
HTML is definitely not a classifier of spam, at most one of computer illiteracy.
This is exactly the point that it makes.
Another moron the tdisn't read the article.
The proposal is not to see how compressible is the message but to use a compression tool to see how lookalike the message is to a corpus of spam.
You're a moron that didn't read the article.
The idea is to have a corpus of spam and a corpus of ham, to append the new message to it and to see in which case the message to test compresses best to classify it.
Repeat after me: Seymour Cray
I think you were thinking of Seymore Butt.
Yeah
And that do no good if you can't retransmit the information, eitheir because impractical (e.g. space probe really far away) or because you're reading from some damaged media (e.g. scratched CD). That's where error correcting code are used.
You usually design you code to withstand some kind of error rate (e.g. 1% of the bits are reversed) and the right code can ensure by encoding data with some redundancy that your data comes intact.
Old one used where things inspired by the work of guis like Hamming, Berlekamp, Massey, Reed and Solomon (used in satelite transmissions and CD reading). Sundan's work should be an improvement over that and will be used everywhere.
And so does Java, so does C++ with Doc++....
Yes Subversion is a Tigris project, as the poster or at least the editor should have checked.
Most bugs are found by the developers themselve while doing code review, this help if their schedule have time geared toward review and not only coding.
Then using the right programming langage and the right engineering practice help.
Most modern langages don't suffer from buffer overflow and have eliminated most memory leaks. Increased support by tools af design by contract and the like will help.
Good testing practices like those used in JUnit (unit testing) help tremendously too.
The bulb glows because the buld is hot. The bulb don't have the time to become cold in only 1/60th of second. Common lights are not blinking, it takes a few sine wave for them to be hot enough and a few ms for them to become so cold taht they don't glow.
Since strncpy() does exactly the same thing, just don't bothering always NUL terminating the resulting string.
Data discarding can be detected by checking return values, you can't do much against people not checking the result of their call. The question is, what API is the less troubling ? strncpy() or strlcpy() ?
Oh my God they're after me !
Attn: Anti-Piracy Group
4820 150th Ave. NE
Redmond, WA 98052
Telephone: 425-861-2187
Fax: 425-882-3585
E-mail: Noalegal@noa.nintendo.com
Is Redmond, WA really the source of all the evil in the world ?
<TROLL>Osama, if you're still alive and still want to play with bioweapon, start there !</TROLL>
I am a confirmed cynic and still enjoyed it, you can always go see it only for the really strange visuals.
The whole point of OpenBSD being permitting any derivative work, something that the IPFilter licence don't provide (anti-GPL clause, not necessary a bad thing but not as free as the BSD licence).
It seems that it's a plain OpenBSD 3.0 with IPFilter integrated, somethin that you could do yourself but Darren is nice enough to provide a compiled version.
No worry there, it's still OpenBSD, the whole point of the OpenBSD philosophy is to permit derivative works.
Have you any references for your numbers not coming from a tory newspaper ?
From a look at this page the only thing better than France that you have is lower unemployement rate, but you are poorer, have more inflation and less growth...
Interesting that Loft Story is the more popular TV request. For those who don't know Loft Story was the French version of Big Brother, with only a few variation.
The funny thing is that we actually got a couple fucking (there was a hottie stripper among the candidate, she eventually won, search for Loana), and if it was not shown on TV, the whole thing eventually leaked as MPEGs on the Internet (filmed in infrared :-)), so all those Loft Story request where really people looking for pr0n...
Or an orange that is...
Or we free European supposed to eat those pesticid infested fruit skins..
Most people have dozen of knives in their house that they don't consider a weapon, why being in the street would make the same object different ?
Yeah, and you'll enjoy full IP so much. There's more to the Internet than just Web, plenty of protocols can't be NATted easily, ftp and H323 (Netmeeting) come to mind.
What you are promoting is not Internet access, it's AOL for everyone. NAT is the problem, not the solution.
Yeah, like router obsolescence is not made even faster by bandwidth requirement increase than by routing table growth.
And show me an ISP with tens of thousands of border routers. You know than you run BGP only or border routers little wanabee ? You run OSPF inside your network and don't encounter the same set of problems at all.
I really hope that everyone will have the right to get its own IPv6 block.
By setting just one sysctl (vm.swapencrypt.enable=1)OpenBSD encrypt its swap using AES.
You just have to uncomment one line in /etc/sysctl.conf to activate it permanently.