I think they solved it by Windows 98 - however, maybe there is an old app running on said Windows 2000 server that uses 32 bit milliseconds. Come on guys - we're going to get nowhere by harping on about issues that were fixed years ago. If we stand still, and laugh, Windows is going to sneak up, and run past.
Silly arse. OK, post all your credit card records, emails, bank details, usernames and passwords here. Record and make available all your phone calls. IT'S NOT JUST CRIMINALS THAT USE ENCRYPTION!
The really interesting pages are the ones that have had to be protected due to vandalism or flame wars. Ie the ones that get people really annoyed/are controversial:)
Yeah:( I get so many offers from girls wanting me to watch them on their cams, that it sometimes almost pains me to have to disappoint them.
"No, cos I'm not using MSN."
"No, I can talk to you cos I'm using a different client."
"No, I can't download the Windows version."
"Because I'm not running Windows."
"Because I don't want to."
"No, not running a Mac either."
"The spawn of the devil - Linux."
"Hello?"
snip Provided and/or discovered by:
1) Georgi Guninski
2) Wladimir Palant
3) Georgi Guninski
Hey! Georgi! Didn't someome remind you? You're supposed to find out bugs in IE, not Mozilla!!
That guy seems to find a new browser vuln. every 15 minutes - someone write him a Wikipedia entry.
I don't know. Linux has iptables, PaX, Grsec, Selinux, etc. I still see Sun boxes around without SSH on them - either client or server.
If I had to choose between a Solaris install, or a Linux install, on it's own, with a live IP address, I'd choose Linux every time.
If I had to choose a box to give shells out on, I'd choose Linux.
In fact, I can't think of anything that I would choose Solaris for.
Mmmm, cos that would prevent the key stroke logger from working. It's probably more dangerous if you are using SSL, as you will have that warm fuzzy feeling that all is well, and you'll tap away all your privatest things.
This is strange - I found a bling.exe on a Windows machine at work a while ago, as it was spewwing out 445 if I remember rightly - several weeks. I searched for info on it, and I didn't find anything, which I thought was strange.
I think I must have got hit by an early-adopter version.
why would anyone WANT to have to replace all their equipment (like routers, etc.) just to get IPv6
All your networking stuff probably supports it already.
Linux, BSDs, Windows, and Cisco do, to name but a few. And you can always get a block of addresses to play with via a tunnel broker.
It would be interesting if the Windows implementation of Kerberos used in AD was vulnerable too. Apart from MIT, and Windows, who uses Kerberos nowadays? Doesn't SSH, and public-key based authentication pretty much make the whole thing irrelevant?
The vulnerabilities also affect the VPN 3000 line of Cisco VPN concentrators.
Only if they're configured to authenticate against a KDC. From the Cisco advisory: Cisco VPN 3000 Series Concentrators not authenticating users against a Kerberos Key Distribution Center (KDC) are not impacted.
"Prof Marois said that a VSTM capacity of four was probably not much of a problem in the relatively slower-paced lives of our hunter-gatherer ancestors. Not so today, however. The fast pace of modern life is stretching our Stone Age brains to the limit."
The article is here.
How small can they make it? Can they make one small enough to power a laptop? In fact, how much radioactive material would you need to power the average laptop?
Slashdot Mirror
I think they solved it by Windows 98 - however, maybe there is an old app running on said Windows 2000 server that uses 32 bit milliseconds. Come on guys - we're going to get nowhere by harping on about issues that were fixed years ago. If we stand still, and laugh, Windows is going to sneak up, and run past.
Silly arse. OK, post all your credit card records, emails, bank details, usernames and passwords here. Record and make available all your phone calls. IT'S NOT JUST CRIMINALS THAT USE ENCRYPTION!
Interesting - wonder if it's the same company as me?
The really interesting pages are the ones that have had to be protected due to vandalism or flame wars. Ie the ones that get people really annoyed/are controversial :)
Look right down at the bottom
Or we could all collectively graph our kernel panics.
Yeah :( I get so many offers from girls wanting me to watch them on their cams, that it sometimes almost pains me to have to disappoint them.
"No, cos I'm not using MSN."
"No, I can talk to you cos I'm using a different client."
"No, I can't download the Windows version."
"Because I'm not running Windows."
"Because I don't want to."
"No, not running a Mac either."
"The spawn of the devil - Linux."
"Hello?"
www.gentoo.org. Seriously. And ignore the trolls who don't understand what it's all about.
snip
Provided and/or discovered by:
1) Georgi Guninski
2) Wladimir Palant
3) Georgi Guninski
Hey! Georgi! Didn't someome remind you? You're supposed to find out bugs in IE, not Mozilla!!
That guy seems to find a new browser vuln. every 15 minutes - someone write him a Wikipedia entry.
I don't know. Linux has iptables, PaX, Grsec, Selinux, etc. I still see Sun boxes around without SSH on them - either client or server.
If I had to choose between a Solaris install, or a Linux install, on it's own, with a live IP address, I'd choose Linux every time.
If I had to choose a box to give shells out on, I'd choose Linux.
In fact, I can't think of anything that I would choose Solaris for.
But then again, I'm a lot better with Linux.
Mmmm, cos that would prevent the key stroke logger from working. It's probably more dangerous if you are using SSL, as you will have that warm fuzzy feeling that all is well, and you'll tap away all your privatest things.
Bad encryption is worse than no encryption.
This is strange - I found a bling.exe on a Windows machine at work a while ago, as it was spewwing out 445 if I remember rightly - several weeks. I searched for info on it, and I didn't find anything, which I thought was strange.
I think I must have got hit by an early-adopter version.
One of the funnier posts I've seen on here... :)
I modded this comment up, but some kind souls modded it down again.
What better place to ask about repulsion than a website where sweaty geeks hang out?
Slashdot might be good, but it's not that good.
All your networking stuff probably supports it already.
Linux, BSDs, Windows, and Cisco do, to name but a few. And you can always get a block of addresses to play with via a tunnel broker.
Why no HTML version? Grrr.
Because most of the main US media outlets are, at least from what I see in the UK, terribly right wing?
Yeah, cos you couldn't make just one, and then netboot with NFS and DHCP, for example? Or image hard drives?
Fenimor can't make hyperlinks.... :)
It would be interesting if the Windows implementation of Kerberos used in AD was vulnerable too. Apart from MIT, and Windows, who uses Kerberos nowadays? Doesn't SSH, and public-key based authentication pretty much make the whole thing irrelevant?
Only if they're configured to authenticate against a KDC. From the Cisco advisory:
Cisco VPN 3000 Series Concentrators not authenticating users against a Kerberos Key Distribution Center (KDC) are not impacted.
"Prof Marois said that a VSTM capacity of four was probably not much of a problem in the relatively slower-paced lives of our hunter-gatherer ancestors. Not so today, however. The fast pace of modern life is stretching our Stone Age brains to the limit." The article is here.
And to add another question - is there no way of neutralising/normalising radioactive material once it's past its sell-by-date?
How small can they make it? Can they make one small enough to power a laptop? In fact, how much radioactive material would you need to power the average laptop?