Slashdot Mirror


User: tomstdenis

tomstdenis's activity in the archive.

Stories
0
Comments
6,870
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,870

  1. Re:No Way? on Microsoft Code in Every HD-DVD Player · · Score: -1, Flamebait

    Shut up. You can't make money off that wicked left wing commie line of thinking!!!

    That and the cat is out of the bag. Free high quality video codecs already exist in the wild [re: oss].

    Of course this won't stop people from trying to make a quick buck. Heck just do a google for commercial general purpose compression, crypto, etc libraries [many based off OSS libraries!!!!].

    The phrase "dime a dozen" seems appropriate.

    Tom

  2. Re:Conflicting Feelings on Jail Time for Misleading Domain Names · · Score: 1, Insightful

    I know you think that sounds funny. But I bet if some dude came after you and "tried" to kill you you would think twice about saying "attempted murder is not a crime". :-)

    Tom

  3. Re:Old news on AMD Could Profit from Buffer-Overflow Protection · · Score: 4, Informative

    Except you could write/read from the CODE segment and you could far jump into the data/extra/stack segment registers.

    What's better is that CS==DS was a common mode [known as a .COM or TINY model program].

    So there goes your theory.

    Tom

  4. Re:No original thought anymore. Fear! on Exploit Based On Leaked Windows Code Released · · Score: 1

    It's all from fucking ACs. I wish you could turn ACs off completely from /. that way I wouldn't have to see the nonsense of jackasses trying to give people a hard time over every little detail.

    Well go fuck yourselfs. You win. Here I'm giving up my /. account.

    The password will be "ihateac" in about 20 seconds. Enjoy the account folks!

    Tom

  5. Re:What the fuck? on Exploit Based On Leaked Windows Code Released · · Score: 1

    What was signed? I don't recall posting ISO C code here. I posted pseudo-code. In my pseudo-code language all "ints" are unsigned.

    There. Now I'm correct and you're wrong. Go fuck yourself.

    Tom

  6. Re:Um shutup on Extinction Of Human Languages Affects Programming? · · Score: 4, Funny

    Deparate for what? I do real coding as well. It is people like the famous anonymous coward that really drain the usability of slashdot down. Keep it up though. You might say something funny eventually.

    Tom

  7. Um shutup on Extinction Of Human Languages Affects Programming? · · Score: 5, Funny

    How exactly is C or Pascal based off a spoken language?

    while (alive)

    while (lust && !state(HUNGER)) {
    seek_women(HIGH_PRIORITY);
    if (found) {
    sex_up(BYPAIRS)
    sleep();
    } else {
    sex_up(MANUALLY);
    watch(CARTOONS);
    }
    }

    if (state(HUNGER))
    {
    seek_food();
    if (found) {
    chow_down_like_no_tommorow();
    } else {
    slaughter(NEIGHBOUR);
    chow_down_like_is_tommorow();
    }
    }

    }

    Oh I get it ....

  8. No original thought anymore. Fear! on Exploit Based On Leaked Windows Code Released · · Score: 1

    What exploited? I didn't post code. In fact the code I have posted [not here of course] properly uses unsigned types.

    And in fact I never said "an int C-type". I said "int" as in short for "integer". And how do you know I didn't mean unsigned int?

    Anyways, the fact I have an archive going back over a year of crypto code that uses unsigned over signed ints shows I know this "fact" already.

    Tom

  9. Re:What the fuck? on Exploit Based On Leaked Windows Code Released · · Score: 1

    As you're the 9th person to point this out I'll reply once again. It was pseudo code. In my real code [re: LibTomCrypt for instance] I use unsigned types.

    Now stop thinking your leet shit by pointing out trivialities in PSEUDO-CODE and get a fucking life.

    Tom

  10. Re:What the fuck? on Exploit Based On Leaked Windows Code Released · · Score: 1

    Which? French or English?

    I speaks them both ya dumb hockey hoser!

  11. Re:Uhm, this WAS the code. on Exploit Based On Leaked Windows Code Released · · Score: 1

    Um check my publicly archived LibTomCrypt code. I know to use unsigned types.

    Tom

  12. Re:What the fuck? on Exploit Based On Leaked Windows Code Released · · Score: 2, Interesting

    Which is why you load unsigned values. By "int" I meant "an integer".

    For example, from my LibTomCrypt a macro to load a variable length mp_int [mycrypt_pk.h INPUT_BIGNUM] logic works as follows

    1. inlen == sizeof input
    2. y = 0, current offset

    for all bignums
    1. if y + 4 > inlen return error
    2. load 32-bit unsigned into x, advance by 4
    3. if x+y > inlen return error
    4. load x byte mpint
    5. check if mpint loads correctly.

    [I'm in the middle of doing massive updates to my PK code though...;-)]

    But that's the jist of it. Really simple and since I use macros I only have to work out/code the logic once.

    Tom

  13. Re:What the fuck? on Exploit Based On Leaked Windows Code Released · · Score: 1

    copyrighted? hehehe

    Probably violates the DMCA too right?

    Or as we say in Canada "le ACMD!"

    Tom

  14. Re:What the fuck? on Exploit Based On Leaked Windows Code Released · · Score: 2, Funny

    MS optimized it [their innovative]

    1. Look at bitmap, get scared.
    2. user == root

    They also merged in a backdoor so the attacker wouldn't have to embed it in the bitmap

    3. open port 1234 as a rsh automatically logged in.

    Tom

  15. Re:What the fuck? on Exploit Based On Leaked Windows Code Released · · Score: 2, Funny

    char whatoverflow[3];

    scanf("%s", whatoverflow);

    ;-)

  16. Re:Is it good or bad on Exploit Based On Leaked Windows Code Released · · Score: 1, Insightful

    You sir are a moron. It's bad that the source got out. It means "clean house" implementations of similar technologies could fall to the MSFT whoredom.

    Tom

  17. What the fuck? on Exploit Based On Leaked Windows Code Released · · Score: 4, Funny

    What the fuck in a bitmap renderer could overflow and cause such problems?

    Fuck MSFT it's called bounds checking. e.g.

    1. load int from char array
    2. check int against sizeof(yourbuffer)
    3. reject if greater

    Not exactly a challenging task. I guess they're too busy adding in all that crapware to actually code at least one thing right.

    Tom

  18. Re:I knew it! on Europa's Acid Ice Fields · · Score: 1

    Actually I agree. But see I knew of the joke before I knew the site so I just googled for 2 seconds to make a joke.

    You could just highlight the first line to read it.

    You think that page is bad? Goto their "home" page. It's a travesty of HTML and other junk. They have mouse text thingies, a status message that overwrites any links you highlight, etc... Pure crap. MBA ==> Major Boring Asshat

    Tom

  19. Re:They still don't get it on Microsoft, Monocultures, Security FUD & Other Fun · · Score: 1

    Except redhat pulled downloads from the free users. Which essentially made them "fucked".

    At least with gentoo if a mirror backs out it's not the end of the world [if gentoo.org did it would suck though but would be manageable].

    So binary updates for free OSes are not always freely available

  20. Re:They still don't get it on Microsoft, Monocultures, Security FUD & Other Fun · · Score: 2, Insightful

    For someone who has been around slashdot so long [user # 10000] you are by far the most "full of /.'ty goodness" person I've ever seen. You spew vile "anti-MS" without a second thought.

    I dunno where you get your facts but most people I know admin their own windows boxes. Most newbies I know either ignore updates or attempt them theirselves.

    There is no "sandbox" in either OS though. At some point you have to run as super to install updates. That will be your point of vulnerability. Sure Linux [and all other Unix like OSes] benefit from having a non-root "sandbox'ed like" user but that doesn't stop them from running viruses as their user [e.g. DDOS zombie, wipe all their files, etc].

    The point isn't that Windows is insecure it's that most users don't setup/use their computer properly. Changing the OS won't really solve this problem.

    Tom

  21. I knew it! on Europa's Acid Ice Fields · · Score: 3, Funny

    Jupiter is an enemy planet

    Tom

  22. Re:They still don't get it on Microsoft, Monocultures, Security FUD & Other Fun · · Score: 1

    WinXP comes with the firewall turned on by default. That means it blocks out quite a few virii.

    Sure the first thing you have todo with a WinXP [even SP1] install is download 80MB of patches [school network helps here] but once you get the patches + virus scanner + turn off html/attachments in MSOE you're pretty much safe.

    I've been using this setup in school for five months and have yet to have the slightest problem. Even in blaster infected labs [stupid ass dumb students bring their HD caddies home and get infected!!!]

    Tom

  23. Re:Congrats on AMD Back in the Black · · Score: 1

    The P4 won't shut down though. It clocks down to cool off. The AMD Athlons will either die, die horribly or power down.

    All of which are annoying if you're say an hour from home and your server goes down. Hence I either leave my box in the cold basement or I have a huge desk fan blowing in it [case walls removed]. Keeps it nice and cool.

    Tom

  24. Re:They still don't get it on Microsoft, Monocultures, Security FUD & Other Fun · · Score: 1

    You sir are all wrong.

    I use WinXP on my laptop with the firewall turned on. I can use all the normal apps I used to use [www, usenet, imap, smtp, ym and msn]. On the bonus side when I plug into the school network it stops all ICMP from others and blocks out the services I normally leave running [file sharing which I only use at home but am to Lazy to turn on and off].

    As for the virus scanner, at some point your average windows user will because a linux user [or macos or whatever]. They'll expect binary installers, binary patches, binary blah. So in the long run you will still need a virus scanner. Cuz even if a virus can't run as root it can still do a lot of damage. Hint: if you always login as your user [not root] then a virus could wipe out all of your work. A virus could still bind to ports>1000 and act as a DDOS zombie, etc...

    The real security crux here is the user. If they use any other os like they use linux then they're screwed. Now don't get all pissy at that. You might have your own users [not root], a patched up SSH, latest cvs kernel, etc, etc, etc.

    Good for you. You sir are not representative of what the average windows user would do with linux.

    Tom

  25. Re:They still don't get it on Microsoft, Monocultures, Security FUD & Other Fun · · Score: 4, Insightful

    "machine user" and "machine admin"

    ARE THE SAME FUCKING THING ON A HOME PC.

    As for modding the kernel you have to have root privileges to mod your /boot or your /lib/modules dir [or at least it SHOULD be root only otherwise what's the point?].

    The truth is you have to login as root to admin then as your user to use it. hence the name "user". You can't admin a box from a non-root account without chmod 777 all of your dirs/files in which case what's the point?

    So the clueless newb will either run linux as root or login as root and install everything they see under the sun [re: virii]

    Thanks, you fail it.

    The solution is really smarter users. They have to know what a root account means and how to use it properly otherwise you need automation which we know is often exploitable.

    Tom