why their exploit would work (integer underflow..?)
It looks at the file. The first four bytes are how big the file is, including its own size. So if the file is 16 bytes long, that is 4 bytes of the header and 12 bytes of data. That first four bytes reads 16.
So the XBox reads in the first four bytes (16), takes 4 away and then knows to look for 12 more bytes (16-4).
Apparently it uses those first four bytes (16) to allocate the memory. It then takes 4 away from that value (4 from 16 is 12) and reads those bytes (next 12) into memory.
Well, if you feed it 0..3 instead of 16 in that example, you get an underflow. It sees those first 0..3, takes away 4, and gets a very large number (whatever the maximum is, assume 8^4). So it then writes large amounts of YOUR data to memory even when only 0..3 bytes are allocated (or it is smart and will only do 4). So now you have YOUR own code/data in memory that isn't for that file.
This just seems to me to be a cheap attempt to chisel money and personal advantage under the cover of pretending to be doing it for the benefit of Xbox Linux.
Yah, releasing it free on the internet is indeed a very cheap attempt to get money.
Lineage II also looks incredible. I've never played the original Lineage, but millions of Korean's can't be wrong! Plus they have Richard Garriot omg! And the anime chick elves!
One problem I can see with SliMP3 is that you are limiting yourself to only playing MP3's. What if you migrate to Vorbis, MPC, WMA, FLAC, or one of the other competing formats. MP3's are the most common no doubt, but storage space is not much of a concern these days. Lossless is starting to make some sense (seeing mp3's encoded at 320kpbs in the name of quality makes me wonder why not lossless).
It would be nice to see the delivery of raw audio instead which would make your encoding format irrelevant.
A slimp-link device that did that would be awesome. Ethernet->DAC->Audio. I'd rather just buy the nuts/bolts of a device like that instead of seeing the LCD screen included. Just a small black box that took ethernet and had audio-out. Let the user interface be up to me.
I think this is the greatest strength of the OSS movement. When a government or country is going to invest millions of dollars into IT, doesn't it make sense for that money to be kept local? Munich signed SuSE, a Germany company. It only makes sense.
The great thing is that this fragmentization is a strength of OSM. A lot of small companies all working on OSS independantly, but all of them providing benefit to each other. It is a system where competition makes everyone stronger.
Dmitri was arrested in the United States and was charged with trafficking a circumvention device because the program, which was copyrighted to him, was being sold for a profit off of US servers.
I'm not defending the DMCA, but it was within the US borders.
Marketing excersize, to hell with performance. Exactly. Just imagine what would of happened if Intel had let engineers design the chip with performance in mind. Instead of a P4 that beats the top of the line Athlon, we'd have a P4 that beats the top of the line Athlon.
Mine starts with 1-800. It's a real pain in the ass when people ask for your D/L number and they always double check you aren't giving them a phone number.
I used to do private parcel delivery on commercial aircraft, where your D/L number was basically your a-okay this wasn't a bomb. Of course, things are different now--takes a lot more than a D/L number post 9-11.
The problem is that he already has a ton of power and pull in Washington where seniority rules. He's chairman of the most esteemed committee in Washington, and has blessing from the Church.
One has nothing to do with the other. Bringing up religion is of little substance and shows some grudge you hold. In fact, the mormon religion has never endorsed any candidate unlike many other religions (look at the south).
Senority does rule, and despite being a nut job, he brings a lot of money and power to Utah. That is why a lot of nut jobs get elected over and over again, for example, Trent Lott and that decrepit shell of a man he praised.
-Eyston Nevada btw, my senator is 'blessed' as you put it though
That seems like what is going on with UWB. They allowed limited use in the 3.1GHz to 10GHz range. Article goes on to say if it proves succesful they expect the range to be increased(lowered below 3.1GHz). Seems reasonable. I don't have a handy graph of the spectrum allocations, but most media-money-making spectrum is below 3.1GHz, so testing above that is a safer bet.
UWB looks pretty interesting, especially if it is opened to the full spectrum. I think even Intel is playing along. It is rather short range although I'm not sure if that is a consequence of UWB in general, or due to the power/frequency limitations applied. Since it theoretically doesn't interfere with anything, it seems as a good a place as any to put theory to practice.
Anyways, FCC seems to be listening after the success of WiFi. Hope their attention holds.
Unless IBM's license agreement specifically allows SCO to revoke it (and can you imagine IBM signing that?), they don't have a leg to stand on.
IANAL, but if what SCO is alleging is true, IBM broke the contract. IBM licensed code for AIX, and that got into the Linux distribution. I'm sure the licensing agreement doesn't allow IBM to give code away. Therefore, IBM broke the contract.
Whether this gives SCO the right to revoke the contract since IBM broke, or if it was revoked as soon as IBM broke it, I don't know.
All I know is that this Friday/Monday is going to be fun.
This isn't a question at all. He isn't 'asking slashdot' because he wants an answer.
This is a (long) rant pretending to be a question. He obviously dislikes Redhat or the idea of Enterprise Linux solutions, and wants to vent. He answers his question, not once, but twice, in the post in ways to say how useless Enterprise edition is.
I don't understand why its taken 4 years for this to happen. The guy obviously is not suited for corporate coding and when it comes to money I would think he's pretty well off. Having the legal backing of a big corporation might be nice but not if all they do is pull your code to avoid doing anything.
Ms. Johnson maintained that Mr. Max had invaded her privacy by publishing accurate information about her and had used her name and picture for commercial purposes. (my emphasis)
So she admits everything he said was true.
So basically this ruling is saying that he can't talk about Ms. Johnson eventhough he is doing it through his own experiences. So he lost the right to part of his own life.
Slashdot Mirror
why their exploit would work (integer underflow..?)
It looks at the file. The first four bytes are how big the file is, including its own size. So if the file is 16 bytes long, that is 4 bytes of the header and 12 bytes of data. That first four bytes reads 16.
So the XBox reads in the first four bytes (16), takes 4 away and then knows to look for 12 more bytes (16-4).
Apparently it uses those first four bytes (16) to allocate the memory. It then takes 4 away from that value (4 from 16 is 12) and reads those bytes (next 12) into memory.
Well, if you feed it 0..3 instead of 16 in that example, you get an underflow. It sees those first 0..3, takes away 4, and gets a very large number (whatever the maximum is, assume 8^4). So it then writes large amounts of YOUR data to memory even when only 0..3 bytes are allocated (or it is smart and will only do 4). So now you have YOUR own code/data in memory that isn't for that file.
I think. Fuck if I really know.
-Eyston
This just seems to me to be a cheap attempt to chisel money and personal advantage under the cover of pretending to be doing it for the benefit of Xbox Linux.
Yah, releasing it free on the internet is indeed a very cheap attempt to get money.
-Eyston
It's not the only hope!
Lineage II also looks incredible. I've never played the original Lineage, but millions of Korean's can't be wrong! Plus they have Richard Garriot omg! And the anime chick elves!
-Eyston
One problem I can see with SliMP3 is that you are limiting yourself to only playing MP3's. What if you migrate to Vorbis, MPC, WMA, FLAC, or one of the other competing formats. MP3's are the most common no doubt, but storage space is not much of a concern these days. Lossless is starting to make some sense (seeing mp3's encoded at 320kpbs in the name of quality makes me wonder why not lossless).
It would be nice to see the delivery of raw audio instead which would make your encoding format irrelevant.
A slimp-link device that did that would be awesome. Ethernet->DAC->Audio. I'd rather just buy the nuts/bolts of a device like that instead of seeing the LCD screen included. Just a small black box that took ethernet and had audio-out. Let the user interface be up to me.
-Eyston
Nationalism.
I think this is the greatest strength of the OSS movement. When a government or country is going to invest millions of dollars into IT, doesn't it make sense for that money to be kept local? Munich signed SuSE, a Germany company. It only makes sense.
The great thing is that this fragmentization is a strength of OSM. A lot of small companies all working on OSS independantly, but all of them providing benefit to each other. It is a system where competition makes everyone stronger.
-Eyston
Dmitri was arrested in the United States and was charged with trafficking a circumvention device because the program, which was copyrighted to him, was being sold for a profit off of US servers.
I'm not defending the DMCA, but it was within the US borders.
-Eyston
I understand you have to give up performance for size, but do you also have to give up price at the same time? Small and cheap isn't even cheap.
-Eyston
True, but if most of thier audience can't use the files without converting them, than its kind of a waste, eh?
Anyone can use FLAC, it's GPL.
-Eyston
Nice to see the AMD fanboys get to use FUD now.
Marketing excersize, to hell with performance. Exactly. Just imagine what would of happened if Intel had let engineers design the chip with performance in mind. Instead of a P4 that beats the top of the line Athlon, we'd have a P4 that beats the top of the line Athlon.
Oh wait...
-Eyston
btw, I mean the first one, not this challenge-response peice of junk.
-Eyston
This is exactly what a lot of them do.
I think Earthlinks Spam Blocker is using that idea.
-Eyston
Mine starts with 1-800. It's a real pain in the ass when people ask for your D/L number and they always double check you aren't giving them a phone number.
I used to do private parcel delivery on commercial aircraft, where your D/L number was basically your a-okay this wasn't a bomb. Of course, things are different now--takes a lot more than a D/L number post 9-11.
Anyways, this came up a lot. Bastards.
-Eyston
The problem is that he already has a ton of power and pull in Washington where seniority rules. He's chairman of the most esteemed committee in Washington, and has blessing from the Church.
One has nothing to do with the other. Bringing up religion is of little substance and shows some grudge you hold. In fact, the mormon religion has never endorsed any candidate unlike many other religions (look at the south).
Senority does rule, and despite being a nut job, he brings a lot of money and power to Utah. That is why a lot of nut jobs get elected over and over again, for example, Trent Lott and that decrepit shell of a man he praised.
-Eyston
Nevada btw, my senator is 'blessed' as you put it though
Is this just a flagrant attempt to recapture the interest of the thousands of fans they lost in their battle with Napster
Yes.
-Eyston
Not a fan of the Roxy's 10 dollar slice of cheesecake?
-Eyston
That seems like what is going on with UWB. They allowed limited use in the 3.1GHz to 10GHz range. Article goes on to say if it proves succesful they expect the range to be increased(lowered below 3.1GHz). Seems reasonable. I don't have a handy graph of the spectrum allocations, but most media-money-making spectrum is below 3.1GHz, so testing above that is a safer bet.
UWB looks pretty interesting, especially if it is opened to the full spectrum. I think even Intel is playing along. It is rather short range although I'm not sure if that is a consequence of UWB in general, or due to the power/frequency limitations applied. Since it theoretically doesn't interfere with anything, it seems as a good a place as any to put theory to practice.
Anyways, FCC seems to be listening after the success of WiFi. Hope their attention holds.
-Eyston
I can't think of one positive the FCC has done for RF bandwidth in a long time.
"The starting gun was just fired in February 2002 when the FCC allowed limited use of UWB techniques in the 3.1- to 10-GHz spectrum."
-Eyston
Unless IBM's license agreement specifically allows SCO to revoke it (and can you imagine IBM signing that?), they don't have a leg to stand on.
IANAL, but if what SCO is alleging is true, IBM broke the contract. IBM licensed code for AIX, and that got into the Linux distribution. I'm sure the licensing agreement doesn't allow IBM to give code away. Therefore, IBM broke the contract.
Whether this gives SCO the right to revoke the contract since IBM broke, or if it was revoked as soon as IBM broke it, I don't know.
All I know is that this Friday/Monday is going to be fun.
-Eyston
This copy of WinXP Pro I found on the net does it automatically, so there!
-Eyston
This isn't a question at all. He isn't 'asking slashdot' because he wants an answer.
This is a (long) rant pretending to be a question. He obviously dislikes Redhat or the idea of Enterprise Linux solutions, and wants to vent. He answers his question, not once, but twice, in the post in ways to say how useless Enterprise edition is.
Mod parent up as troll
-Eyston
All this sounds great, but where will the gear draw its power from ?
They harness the recoil from the gun to recharge the batteries. Unfortunately, the soldiers have to meet a quota for shots fired or they power down.
-Eyston
I don't understand why its taken 4 years for this to happen. The guy obviously is not suited for corporate coding and when it comes to money I would think he's pretty well off. Having the legal backing of a big corporation might be nice but not if all they do is pull your code to avoid doing anything.
-Eyston
Ms. Johnson maintained that Mr. Max had invaded her privacy by publishing accurate information about her and had used her name and picture for commercial purposes. (my emphasis)
So she admits everything he said was true.
So basically this ruling is saying that he can't talk about Ms. Johnson eventhough he is doing it through his own experiences. So he lost the right to part of his own life.
-Eyston
Linux or no linux, jobs/projects are being out sourced to india because of one simple reason . CHEAP LABOUR.
Two reasons:
Cheap Labour
Skilled Labour
Cheap Labour is everywhere.
-Eyston
Bit of advice. Next time use AC to post that you wanted to watch the MTV awards.
-Eyston