I remember when my friend changed mainboards on his win2k box it would not boot. The solution that MS gave him was install the old one then install the driver for the new one and install the new one again.
That may work if you upgrading but what if your old one died (like his did) and they don't sell that model anymore (also what happened to him)?
Also when I upgraded my Linux box from a celeron 366 to an athlon 750 every thing booted up with out a hitch. the previous upgrade from 333 to cel 366 (with a new mainboard) required three reboots as it installed all the drivers.
Oh shit. I showed up late and tried (and failed) to find the group. I was totaly standing right next to you at the bar. I though it might be you guys but how would I go about asking?
Me to randome guy: "Excuse me, have you ever heard of slashdot?" Randome guy: "Are you trying to sell drugs in here? Security!"
To spoof verisign and https it would require that you have a valid cert(yes it is possible to make them).To spoof a connection that used a false cert would alert the user to that fact. The fact of the matter is that apple swupdate doesn't even use SSL! So it doesn't matter if you can spoof SSL.
The story says that the vulnerable is because apple uses http and not https. My point was that if you can spoof IPs you cloud easly spoof both the https server IP and the signing authorities IP. Thus bypassing any https connection. Unless public keys for all the signing authorities are included with every https implementation.
Anyhow it's a workaround. It workaround this exploit. Hopefully apple will update software update to use crypto signed packages and SSL connections. Till then I'm keeping the line in my/etc/hosts and checking every update first.
I never said it was a "'solution'" I said it was a workaround. If they could do all that they could easly spoof off Verisign and then HTTPS is fucked also. So whats your point?
Okay looks like I assumed wrong (you don't all know). You can activate your/etc/hosts file by setting/locations/lookupd/hosts/LookupOrder -> ( CacheAgent, FFAgent, NIAgent, YPAgent, DNSAgent, NILAgent ) in netinfo.
Simply copy this file to lookupd.txt. Then type: niload -r/locations/lookupd / < lookupd.txt
Yes, I "stole" all of this from this page. Except mine is modifyed to activate the/etc/hosts file also.
There is a very simple workaround. Just add the following line to your/etc/hosts
204.179.120.93 swquery.apple.com
Now if somebody tries the DNS attack it won't work as we hardcoded swquery.apple.com -> 204.179.120.93
You will of course have to activate your/etc/hosts file but, I'm pretty sure that you people (/.ers) know how to do this already.
I could not agree more. Some would like to site that since it is in fact supported in windows that this is all moot. That is untrue the reason that it won't and can't be supported on macs is that the macintosh market in israel is almost nonexistent. If you want Office X to support Hebrew perhaps first you should build a mac/Hebrew market.
If healthy media criticism still existed, someone might have pointed out the insane hype that shrouded tragedies like the death of Princess Di and TWA Flight 800.
Notably absent from your list is Columbine and 911.
Oh wait those are the ones you use. It all makes sense now.
"Sarah Michelle Gellar is a very good actress: if you tried watching some of her quieter, subtler moments you'd see some of the best screen acting currently being done."
Sure whatever fanboy.
"Is it a shame that Joss Whedon is doing so many series that his shows are starting to suffer? No doubt. Is all the acting up to snuff? No - Michelle Trachtenberg seems to be the Scrappy Doo of BtVS."
Okay so which is it the best thing since sliced bread or the product of a poor overworked director?
"If you truly compare it to Charmed which is at best a warmed-over Buffy rip-off written and produced by network hacks, then I'd advise you give up that dream of becoming a professional TV critic and start practicing "would you like fries with that" line..."
Okay fanboy whatever. I used to feel the same way about Buffy then I grew out of puberty. Perhaps one day you'll do the same once you start thinking with your brain instead of something else.
Just because watching Buffy's err, fists movie really fast and willow doing some hot girl on girl action. get's you all hot and bothered doesn't make it a good show.
The acting is week, the story is lame and it's pretty much on par with Charmed.
Slashdot Mirror
800 AUS = 441.36 USD.
:)
Watson still has a few tricks on Sherlock.
To clarify the upgrade from cel 333 to cell 366 was when I was still using win98. Before the upgrade to athlon 750 I switched to Linux.
Space tourism. w00t!
Just so long as it doesn't involve a rocket jump.
I remember when my friend changed mainboards on his win2k box it would not boot. The solution that MS gave him was install the old one then install the driver for the new one and install the new one again.
That may work if you upgrading but what if your old one died (like his did) and they don't sell that model anymore (also what happened to him)?
Also when I upgraded my Linux box from a celeron 366 to an athlon 750 every thing booted up with out a hitch. the previous upgrade from 333 to cel 366 (with a new mainboard) required three reboots as it installed all the drivers.
Hope you didn't get flamed too hard for that. :)
I think maybe it was a mistake; the rebate form I saw originally never had Mac OS X 10.2 on it.
Hey puge! Look again. I have a backup of the rebateform here.
Oh shit. I showed up late and tried (and failed) to find the group. I was totaly standing right next to you at the bar. I though it might be you guys but how would I go about asking?
Me to randome guy: "Excuse me, have you ever heard of slashdot?"
Randome guy: "Are you trying to sell drugs in here? Security!"
Something tells me that book has a lotof spelling and grammar errors.
Because I'm a unix guy damn it!. :)
Take that newfangeled netinfo thingy and give my my flat files anyday.
I wasn't affeneded at all. Not quite sure what made you think that. Perhaps it's the '!' in the subject line.
:)
Wow, getting called "sir" I feel all giddy now.
And yes you're right it wont be fully secure till they have cripto singned updates.
To spoof verisign and https it would require that you have a valid cert(yes it is possible to make them).To spoof a connection that used a false cert would alert the user to that fact. The fact of the matter is that apple swupdate doesn't even use SSL! So it doesn't matter if you can spoof SSL.
/etc/hosts and checking every update first.
The story says that the vulnerable is because apple uses http and not https. My point was that if you can spoof IPs you cloud easly spoof both the https server IP and the signing authorities IP. Thus bypassing any https connection. Unless public keys for all the signing authorities are included with every https implementation.
Anyhow it's a workaround. It workaround this exploit. Hopefully apple will update software update to use crypto signed packages and SSL connections. Till then I'm keeping the line in my
I never said it was a "'solution'" I said it was a workaround. If they could do all that they could easly spoof off Verisign and then HTTPS is fucked also. So whats your point?
Okay looks like I assumed wrong (you don't all know). You can activate your /etc/hosts file by setting /locations/lookupd/hosts/LookupOrder -> ( CacheAgent, FFAgent, NIAgent, YPAgent, DNSAgent, NILAgent ) in netinfo.
/locations/lookupd / < lookupd.txt
/etc/hosts file also.
Simply copy this file to lookupd.txt. Then type:
niload -r
Yes, I "stole" all of this from this page. Except mine is modifyed to activate the
There is a very simple workaround. Just add the following line to your /etc/hosts
/etc/hosts file but, I'm pretty sure that you people (/.ers) know how to do this already.
204.179.120.93 swquery.apple.com
Now if somebody tries the DNS attack it won't work as we hardcoded swquery.apple.com -> 204.179.120.93 You will of course have to activate your
"Is there a way I could meet that DJ chick ..." -- Dell dude
:(
Me and the dell dude think alike. I hang my head in shame
Seriously ObviousGuy, I'm intrigued what happens next.
side note: for those who aren't in "the know" OG lives in Japan.
So did you meat her? Was she cute? Aren't you married?
I could not agree more. Some would like to site that since it is in fact supported in windows that this is all moot. That is untrue the reason that it won't and can't be supported on macs is that the macintosh market in israel is almost nonexistent. If you want Office X to support Hebrew perhaps first you should build a mac/Hebrew market.
I'm talking more about how every story of his has to some how mention in this "post 911 world".
Yah in this post 911 world people blow shit way out of proportion and try to compare everything to 911.
Guess what 911 happened it over. Now can we stop relating every movie, video game, and cd that comes out to 911?
If healthy media criticism still existed, someone might have pointed out the insane hype that shrouded tragedies like the death of Princess Di and TWA Flight 800.
Notably absent from your list is Columbine and 911.
Oh wait those are the ones you use. It all makes sense now.
I never said Buffy was unenjoyable I just find the idea that it somehow deserves an award appalling.
I'm also wondering how many little girls have been beaten up because they did their best Buffy impression on someone who didn't watch the show..
:)
Or better yet thouse same girsl heartbroken when instink doesn't win a grammy
"Sarah Michelle Gellar is a very good actress: if you tried watching some of her quieter, subtler moments you'd see some of the best screen acting currently being done."
Sure whatever fanboy.
"Is it a shame that Joss Whedon is doing so many series that his shows are starting to suffer? No doubt. Is all the acting up to snuff? No - Michelle Trachtenberg seems to be the Scrappy Doo of BtVS."
Okay so which is it the best thing since sliced bread or the product of a poor overworked director?
"If you truly compare it to Charmed which is at best a warmed-over Buffy rip-off written and produced by network hacks, then I'd advise you give up that dream of becoming a professional TV critic and start practicing "would you like fries with that" line..."
Okay fanboy whatever. I used to feel the same way about Buffy then I grew out of puberty. Perhaps one day you'll do the same once you start thinking with your brain instead of something else.
Just because watching Buffy's err, fists movie really fast and willow doing some hot girl on girl action. get's you all hot and bothered doesn't make it a good show.
The acting is week, the story is lame and it's pretty much on par with Charmed.
What next Xeana and Shiva?
True I guess. It would have been better written. "When was he last time you paid microsoft for a microsoft product."
:)
Of course then people would point out that since they in fact bought it at fries they did not pay microsoft directly.
Will I ever get the bang for my MS buck?
Oh please, when was the last time you actually bought a microsoft product?