I'm guessing that the difference between "karma whore" and "troll" here is the prescence of a Scientific American link and the abscence of a goatse.cx link:o)
After close inspection, I have found this security hole to also exist in Apache Web Server, Microsoft Internet Information Server, ProFTPD, and wu-ftpd, along with various Windows FTP servers.
It's called "being an friggin idiot and setting the server root to/". However, just like Morpheus and Kazaa, it only takes place under special conditions, notably when "Directory Browsing" is turned on in Apache, called "Virtual Directory Browsing" in IIS.
This bug, previously encountered before, is casually referred to as the "idiot-moron exploit." Tell me you've never seen.doc files shared on WinMX, et al before. Of course for Apache, IIS, etc, your file permissions have to be set correctly... However, Kazaa runs as the current user, so it only has access to whatever the current user does.... SHARING EXPLICITLY WHAT IS IN THAT DIRECTORY! So, say, for example, I "accidentally" place naked_picture_of_my_cute_girlfriend.jpeg in "My Shared Folder".... It's not a freakin' bug if someone has access to that!
Kazaa has always used HTTP as its protocol, and this "interface", should you call it, it probably what it uses to get that respective user's database of files. Duh. Click on them, and look at all their files in Kazaa, or use a web browser. Hardly a difference. Unless of course the docroot is C:\. But then again, is that an exploit??? This is ridiculous. Please Slashdot, check the validity of the articles before posting!!:)
Even though everyone hates you
on
Review: Kung Pow
·
· Score: -1, Flamebait
I think JonKatz is the best writer on Slashdot. He's the only one that probably every took an English class. But then again, the others aren't "writers" even though they claim they are.
Is this story a hoax?
Since publication of this story, CNN and other media have been criticized for falling for a clear hoax. According to popular technical web site slashdot.org the story is full of holes.
"Three 100 Watt light bulbs created a drain of 4500 Watts", - it should be 300 Watts. The inventor comments that perpetual motion is impossible, but then says what he's created is a "self-sustaining unit" that generates surplus energy, surely just another name for the same thing?
Michael Sims, writing on Slashdot, points out that this inventor's claim contravenes the second law of thermodynamics which states that in a closed system, any real physical process ends with less useful energy than it started with, some is always wasted. Since Michael considers himself an authority on everything, we accept all his snide remarks as credible information. He also pointed out how much he would enjoy having buttsex in space.
In other words, a perpetual motion machine is impossible.
To quote Homer J. Simpson: "In this house we obey the laws of thermodynamics!"
Hehehe... I knew someone on/. would prove me wrong. Remember the C64s and Tandys that would use audio tape as the storage medium? Those weren't music. DVDs aren't 'software' either. Just proving my point...:)
I think you're wrong. The region coding is simply a byte (or something similar) set that describes the region coding. The DVD player can choose to (or not to) read it. Music CDs include a serial number that identifies them. How do you think CD player software can dial up CDDB and get the track info? Would that make music CDs software too by your definition? The menu systems are not executables... i'd imagine that they are scripts of some sort, including the images, etc stored somewhere on the DVD. Also, the videos are stored in.VOB files so, the player just looks for them and plays them.
DVD videos are _NOT_ software. They are a _STORAGE MEDIUM_. Just like VCDs. I can make a VCD in Nero with the "logic" you describe --- a menu system, even images that backdrop it. Is it software? Hell no. The studios are just trying to make another quick buck - region coding is _not_ "nasty malicious code."
...when the door to the office slammed open and heavy footsteps, belonging to 2 or 3 people, pounded on the floor. Before he could cry out or even identify the intruders a heavy, black hood was shoved over his head and he was hauled roughly to his feet.
I love how you fools love telling the moderators what to do, but never have the balls to log in. Remember, karma is inversely proportional to penis size.
REMEMBER - THIS IS FOR PEOPLE IN CORPORATES WHO WANTS TO USE OFFICE STUFF AND LINUX
Mmmkay. If you want to use office stuff, you use Windows NT. If you want to use Linux, you use plain old Linux... cause it's secure and built around the multi-user model.
Being that Windows will let any user do anything... why shouldn't lindows? I know XP has an 'admin' account, but that doesn't do much.
Uhhh.... no. You've obviously never used XP, know nothing about it, yet still act like you do. Perhaps you don't know how to set up a system, or maybe you don't know what file permissions are.
Regular users on my system have been able to delete critical files and change some settings.
Uhh, it's called file permissions buddy, unless of course this is bullshit FUD you're posting. Yeah. Maybe your/. username puts it best.
Re:So, wait a second...
on
Lindows Reviewed
·
· Score: -1, Offtopic
(Score:2, Offtopic) Offtopic? By what fucknut zealot moderator? Thank God for M2...
Not only did the installation process not give us the opportunity to add users other than root, it didn't even explain that we *should* add users other than root, didn't tell us that the account was root, and even tended to discourage us from entering the optional security password for root, because, "if you lose this password it cannot be recovered."
Funny that you mention that, cause Windows XP insists that you make users other than Administrator. Then you can specify whether they are limited or administrators. Those who know their way around NT (a la mmc) can even specify the groups they belong to.
How many Linux users are fooled into thinking that their box is "sooo secure cause it's running Linux" but are running NFS, SMB, FTP, DNS, SSH, HTTP, Mandrake Remote Admin, WhoKnowsWhatElse, etc servers and don't know it?
For those of you that didn't read the article, let me boil it down for you: Not a single Windows app (except for RealPlayer 8) worked successfully for the reviewer. Oh and here's the funny part: it insists that you run as root. Ha! What a joke. It won't let you dual-boot with linux.
Here's a quote:
Linux users will find this preview fun to play with, but LindowsOS appears to be hampered without a Windows partition, which defeats the implied purpose of Lindows: to be able to freely run all Windows apps on Linux with no need for Windows. To reach Linux people, this needs to be a true Linux -- easy to install but configurable; transparent to the user so that if he chooses to make changes he can; and secure -- unless Robertson is only seeking previous Windows users who are not interested in configurability and security. And if that is the case, I wonder what benefit Robertson thinks there is for these people to switch to LindowsOS?
So.... let me get this straight... it needs a copy of Windows to run, but still costs $99. And it makes Windows 95 look stable. It is inherently _less_ secure than Win95 was. Even though you still ran as psuedo-root under Win95, you could run AntiVirus software. LindowsOS doesn't have any AV that works.
My favorite quote:
This is a beta and Robertson cautions that it is not expected to work properly
LOL! Beta (as opposed to alpha) is at least supposed to work somewhat properly; it's there to look for bugs. This seems more like "here is LindowsOS, it doesn't work, but we want you to spread some FUD and trick people into thinking it does.
And I don't think that the GNU/Hippies would be too happy about the $99 price tag that includes pretty much all their tools... and that's about it.
That file (hiberfil.sys on XP; it's there by default) is used to dump your memory to disk. It's proportional to the amount of RAM you have in your system.
Man, are all Linux Zealots such fucking assholes???
KOffice: Pull out version 1.0 of MS Office and compare... I thought so.
KOffice is a MS Office clone. The only reason KOffice exists is because it is _trying_ to be Microsoft Office. It will never be Microsoft Office, nor will it compare.
MSOffice:"Have you pet your paperclip lately?"
Actually, I use Rocky, not Clippit. And guess what? You can turn it off if you want to! And you don't have to use vi to edit a text file and subsequently restart Office to do so!! In OfficeXP, the default setting is a text box in the menu bar for help. The Assistant is _OPTIONAL_. Do you assholes fucking understand English? OPTIONAL - there's nothing wrong with OPTIONAL components!
to let you type cp/dev/zero/dev/mem "
Have you tried deleting the contents of your registry yet? NT is stupid enough to let you do that.
Too bad NTFS doesn't mount as async as default like e2-shitty-fs... so if you reboot without unmounting you've hosed your FS. (that's what cp/dev/zero/dev/mem will do...)
BSOD: "It's the vendor's fault"... how typical.. mabye NT internals just suck.
Try pulling out an expansion card whilst your system is running. Like the BSOD? Yeah, NT interals suck, asshole....
ftpd: Your machine got hosed? Thats too bad, maybe you should apply the free upgrade that fixes ALL the problems. No endless litany of hotfixes that may or may not fix one big gapping hole but not the other one.
What the fuck? "Fixes for ftpd are free, and fixes for IIS are...uh.... free.... so consequently IIS sucks." You're a fucking idiot. I'd certainly like to see the free upgrade that fixes ALL problems. From what I recall, wu-ftpd _is_ an endless litnay of hotfixes. The solution for ALL Linux problems is called Windows (or Solaris).
Retard? I'm just playing with a Troll.. here Troll.. good Troll.
You're a fucking zealot. I'll have you know that I'm sleeping well tonight knowing that you're still running a toy OS while the rest of the world can get some serious work done.
Moderator note: The 5 instances of "fuck" and 3^H4 instances of "asshole" are necessary to get through this asshole's thick skull. Thank you.
Slashdot Mirror
I'm guessing that the difference between "karma whore" and "troll" here is the prescence of a Scientific American link and the abscence of a goatse.cx link :o)
It's called "being an friggin idiot and setting the server root to /". However, just like Morpheus and Kazaa, it only takes place under special conditions, notably when "Directory Browsing" is turned on in Apache, called "Virtual Directory Browsing" in IIS.
This bug, previously encountered before, is casually referred to as the "idiot-moron exploit." Tell me you've never seen .doc files shared on WinMX, et al before. Of course for Apache, IIS, etc, your file permissions have to be set correctly... However, Kazaa runs as the current user, so it only has access to whatever the current user does.... SHARING EXPLICITLY WHAT IS IN THAT DIRECTORY! So, say, for example, I "accidentally" place naked_picture_of_my_cute_girlfriend.jpeg in "My Shared Folder".... It's not a freakin' bug if someone has access to that!
Kazaa has always used HTTP as its protocol, and this "interface", should you call it, it probably what it uses to get that respective user's database of files. Duh. Click on them, and look at all their files in Kazaa, or use a web browser. Hardly a difference. Unless of course the docroot is C:\. But then again, is that an exploit??? This is ridiculous. Please Slashdot, check the validity of the articles before posting!! :)
I think JonKatz is the best writer on Slashdot. He's the only one that probably every took an English class. But then again, the others aren't "writers" even though they claim they are.
Like that picture of Satan in the WTC pics :P
Hmm. Maybe Cd-Text would be a better example of what I was trying to illustrate.
Hehehe... I knew someone on /. would prove me wrong. Remember the C64s and Tandys that would use audio tape as the storage medium? Those weren't music. DVDs aren't 'software' either. Just proving my point... :)
DVD videos are _NOT_ software. They are a _STORAGE MEDIUM_. Just like VCDs. I can make a VCD in Nero with the "logic" you describe --- a menu system, even images that backdrop it. Is it software? Hell no. The studios are just trying to make another quick buck - region coding is _not_ "nasty malicious code."
I'd bet it was Hilary Rosen and the RIAA!
Now back to my evil plan of storing my data onto VHS tape and proclaiming it as "software"... heheheh...
Thank you, now we return you to our regularly scheduled programming.
I for one DO, but, this is definitely not the way to go about it. Vinyl (and SonicFoundry Acid...) forever.
I love how you fools love telling the moderators what to do, but never have the balls to log in. Remember, karma is inversely proportional to penis size.
Oh, well.
Anyone know if you can run Solaris binaries on Linux? Thereby running IE for Solaris and HP/UX on Linux?
I'm sure that watches for Windows binaries.... NOT!
Mmmkay. If you want to use office stuff, you use Windows NT. If you want to use Linux, you use plain old Linux... cause it's secure and built around the multi-user model.
Uhhh.... no. You've obviously never used XP, know nothing about it, yet still act like you do. Perhaps you don't know how to set up a system, or maybe you don't know what file permissions are.
Regular users on my system have been able to delete critical files and change some settings.
Uhh, it's called file permissions buddy, unless of course this is bullshit FUD you're posting. Yeah. Maybe your /. username puts it best.
(Score:2, Offtopic) Offtopic? By what fucknut zealot moderator? Thank God for M2...
That's an opinion, not necessarily true (nor insightful...) ;-)
Neither does Windows Media Player (coupled with a DVD decoder codec/hardware decoder).
Funny that you mention that, cause Windows XP insists that you make users other than Administrator. Then you can specify whether they are limited or administrators. Those who know their way around NT (a la mmc) can even specify the groups they belong to.
Put that in your boxen and smoke it!
How many Linux users are fooled into thinking that their box is "sooo secure cause it's running Linux" but are running NFS, SMB, FTP, DNS, SSH, HTTP, Mandrake Remote Admin, WhoKnowsWhatElse, etc servers and don't know it?
Here's a quote:
So.... let me get this straight... it needs a copy of Windows to run, but still costs $99. And it makes Windows 95 look stable. It is inherently _less_ secure than Win95 was. Even though you still ran as psuedo-root under Win95, you could run AntiVirus software. LindowsOS doesn't have any AV that works.
My favorite quote:
This is a beta and Robertson cautions that it is not expected to work properly
LOL! Beta (as opposed to alpha) is at least supposed to work somewhat properly; it's there to look for bugs. This seems more like "here is LindowsOS, it doesn't work, but we want you to spread some FUD and trick people into thinking it does.
And I don't think that the GNU/Hippies would be too happy about the $99 price tag that includes pretty much all their tools... and that's about it.
That file (hiberfil.sys on XP; it's there by default) is used to dump your memory to disk. It's proportional to the amount of RAM you have in your system.
KOffice: Pull out version 1.0 of MS Office and compare... I thought so.
KOffice is a MS Office clone. The only reason KOffice exists is because it is _trying_ to be Microsoft Office. It will never be Microsoft Office, nor will it compare.
MSOffice:"Have you pet your paperclip lately?"
Actually, I use Rocky, not Clippit. And guess what? You can turn it off if you want to! And you don't have to use vi to edit a text file and subsequently restart Office to do so!! In OfficeXP, the default setting is a text box in the menu bar for help. The Assistant is _OPTIONAL_. Do you assholes fucking understand English? OPTIONAL - there's nothing wrong with OPTIONAL components!
to let you type cp /dev/zero /dev/mem "
Have you tried deleting the contents of your registry yet? NT is stupid enough to let you do that.
Too bad NTFS doesn't mount as async as default like e2-shitty-fs... so if you reboot without unmounting you've hosed your FS. (that's what cp /dev/zero /dev/mem will do...)
BSOD: "It's the vendor's fault"... how typical.. mabye NT internals just suck.
Try pulling out an expansion card whilst your system is running. Like the BSOD? Yeah, NT interals suck, asshole....
ftpd: Your machine got hosed? Thats too bad, maybe you should apply the free upgrade that fixes ALL the problems. No endless litany of hotfixes that may or may not fix one big gapping hole but not the other one.
What the fuck? "Fixes for ftpd are free, and fixes for IIS are...uh.... free.... so consequently IIS sucks." You're a fucking idiot. I'd certainly like to see the free upgrade that fixes ALL problems. From what I recall, wu-ftpd _is_ an endless litnay of hotfixes. The solution for ALL Linux problems is called Windows (or Solaris).
Retard? I'm just playing with a Troll.. here Troll.. good Troll.
You're a fucking zealot. I'll have you know that I'm sleeping well tonight knowing that you're still running a toy OS while the rest of the world can get some serious work done.
Moderator note: The 5 instances of "fuck" and 3^H4 instances of "asshole" are necessary to get through this asshole's thick skull. Thank you.