IPfilter doesn't seem to do type/offset matching - that sounds like what Ascend used to in the MAX products ("generic filters") or the packet filter that used to ship with Irix 5.3 (whose name I forget).
How about some exercise? Your recipe (pun intended) would leave a slightly less obese person who still lacks muscle tone and cardiovascular fitness.
I really irks me when people talk about "weight loss" rather than fitness and health. "Weight loss" is usually about vanity, "fitness" is about self care.
Walking a few kilometers a day is all it takes and is enjoyable in all but the worst weather.
Information technologies and the internet *are* different for a simple reason: information scarcities are almost puerly artificial.
Until recently, even software distribution has had a physical component (e.g. the media + manual). We are approaching the point where software this is the exception, with the norm being distribution via the internet (free software has already passed this point). Any pretence of software or "content" being scarce in the traditional sense of the word will then be completely bogus.
Add to this decades of corporate abuse of the copyright system (Sonny Bono, et al.) and you have a system that is terminally screwed. Perhaps they are right: we shouldn't be making exceptions for the Internet, we should overhauling the whole system:)
Notice how the crucible and insulating assembly looks over exposed in the photos linked from the article. I wonder if this is because they are emitting a large amount of IR? This would be invisible to the eye, but visible to a CCD camera, even through a the cheap plastic filters they use.
In addition, this overflow only works when SKEY and/or BSD_AUTH is enabled. But this seems to be "not enabled...in many distributions". How about Linux? However, OpenBSD has BSD_AUTH enabled (natch).
Actually you may be vulnerable if you have PAMAuthenticationViaKdbInt set as well.
Can someone please explain why this vulnerability was handled this way? Why wasn't there a maintainance release that just fixed the @#$@#% problem?
I know: since the bug affected so many people, Theo thought it would be better to bury the problem in his privsep code, instead of fixing it and letting the blackhats run "diff" and find it for an easy 0-day-'sploit. In other words, security by obscurity, just like the big guys.
No, a release with a workaround (privsep) was distributed to give people a chance to immunise themselves before the real problem was publicised.
I'm just thanking my stars that (so far) the politicians havent fscked up like they did after the '29 stock market crash. The US enacted protectionist trade tarrifs which effectively were the first blow in killing off the *world* economy.
You had better tell Bush that - the US has just instituted steel tariffs and upped farm subsidies to insane levels.
Looking at the diff file is a damn useless way of figuring out what the exploit is.
Did you bother reading my original message? I was responding to the assertion that there may be a backdoor in openssh-3.3. If this was the case (which it is not) then reading the diff would be the best way to detect this.
Please read the diff! It is because people prefer to complain more than look at code that we are in this situation.
If you can exploit the bug in 3.3 with privsep on, then you find yourself as a unprivileged user in an empty chroot which you do not have write access to.
3. They have the backing of a shitload of major players... IBM, INTEL, and AMD to name a few
Quoth unitedlinux.com: "Majority of enterprise system and software vendors including AMD, [...] , Progress Software, and SAP, support effort to create standard Linux platform".
I wouldn't call this "backing". Backing implies a commitment of money or resources which is not mentioned AFAIK.
Let's hope they do a better job of being open than Caldera or SuSE did.
"the GNU Project starts developing an operating system, and years later Linus Torvalds adds one important piece"
Stallman convieniently ignores the contributions made by X11, the BSD people and the many others who have worked to create the operating system I conveniently call "Linux".
This mad grasp for recognition cheapens all the other good work that the FSF and the GNU project have done.
Mars is interesting and romantic, but mankind's future in space is really going to be driven by the availablility of resources.
The mention in the report of a manned return to the moon and a first manned trip to an asteroid is (IMO) far more exciting than a trip to Mars.
A long-term, manned presence on the moon would be more useful than the ISS (and probably far cheaper too). Apart from the resources available, there is a lot of basic science to be done on the moon's formation and the role it had in Earth's past.
Slashdot Mirror
> the concept of netstrings [cr.yp.to]
Only Bernstein could think that an ASCII representation of Pascal strings is original.
> > Disallow possible ways of close RP, AI or
> > framework of the Engine
>
> GPL does that.
I don't see how you can say that. The GPL explicitly denies the possibility of linked code being closed source.
IPfilter doesn't seem to do type/offset matching - that sounds like what Ascend used to in the MAX products ("generic filters") or the packet filter that used to ship with Irix 5.3 (whose name I forget).
How about some exercise? Your recipe (pun intended) would leave a slightly less obese person who still lacks muscle tone and cardiovascular fitness.
I really irks me when people talk about "weight loss" rather than fitness and health. "Weight loss" is usually about vanity, "fitness" is about self care.
Walking a few kilometers a day is all it takes and is enjoyable in all but the worst weather.
Information technologies and the internet *are* different for a simple reason: information scarcities are almost puerly artificial.
:)
Until recently, even software distribution has had a physical component (e.g. the media + manual). We are approaching the point where software this is the exception, with the norm being distribution via the internet (free software has already passed this point). Any pretence of software or "content" being scarce in the traditional sense of the word will then be completely bogus.
Add to this decades of corporate abuse of the copyright system (Sonny Bono, et al.) and you have a system that is terminally screwed. Perhaps they are right: we shouldn't be making exceptions for the Internet, we should overhauling the whole system
Notice how the crucible and insulating assembly looks over exposed in the photos linked from the article. I wonder if this is because they are emitting a large amount of IR? This would be invisible to the eye, but visible to a CCD camera, even through a the cheap plastic filters they use.
Was the map automatically generated or hand drawn? If it was auto-generated, what software did you use?
In addition, this overflow only works when SKEY and/or BSD_AUTH is enabled. But this seems to be "not enabled...in many distributions". How about Linux? However, OpenBSD has BSD_AUTH enabled (natch).
Actually you may be vulnerable if you have PAMAuthenticationViaKdbInt set as well.
Can someone please explain why this vulnerability was handled this way? Why wasn't there a maintainance release that just fixed the @#$@#% problem?
I know: since the bug affected so many people, Theo thought it would be better to bury the problem in his privsep code, instead of fixing it and letting the blackhats run "diff" and find it for an easy 0-day-'sploit. In other words, security by obscurity, just like the big guys.
No, a release with a workaround (privsep) was distributed to give people a chance to immunise themselves before the real problem was publicised.
That stinks, if you ask me.
Nobody did.
Redhat installations may be vulnerable if they have enabled PAMAuthenticationViaKbdInt.
Cheers, Theo, you just cried Wolf for the entire community.
Perhaps you would have preferred to leave the people who need kbd-int authentication hanging out to dry? That's a pretty selfish attitude to take.
I'm just thanking my stars that (so far) the politicians havent fscked up like they did after the '29 stock market crash. The US enacted protectionist trade tarrifs which effectively were the first blow in killing off the *world* economy.
You had better tell Bush that - the US has just instituted steel tariffs and upped farm subsidies to insane levels.
Looking at the diff file is a damn useless way of figuring out what the exploit is.
Did you bother reading my original message? I was responding to the assertion that there may be a backdoor in openssh-3.3. If this was the case (which it is not) then reading the diff would be the best way to detect this.
Please read the diff! It is because people prefer to complain more than look at code that we are in this situation.
No, the diff from 3.2.3p1 to 3.3p1 does:
77 files changed, 2172 insertions(+), 1291 deletions(-)
Most of which are straight moves of code from one file into several. Your comment is less than factual.
Um, it's not fixed by 3.3!
If you can exploit the bug in 3.3 with privsep on, then you find yourself as a unprivileged user in an empty chroot which you do not have write access to.
When you are finished fixing up your tinfoil hat, you can read the diffs to see exactly what has changed.
So read it and test it - you have the code. What more do you want?
It came up to me and asked me if I knew anyone called "Sarah Connor"...
"no one i wont shoot on sight will argue it anyway"
.au too :)
Voltaire must be glad that guns are banned in
VoIP in the U.S. is almost pointless because the PSTN is too good
What about interstate or international calls? If your ISP doesn't volume charge, then surely it would be attractive.
3.5Ghz sucks when you get too many people in a an area
Surely this could be mitigated with directional antennae?
www.unwired.com.au is unreachable - connections just time out
3. They have the backing of a shitload of major players... IBM, INTEL, and AMD to name a few
Quoth unitedlinux.com: "Majority of enterprise system and software vendors including AMD, [...] , Progress Software, and SAP, support effort to create standard Linux platform".
I wouldn't call this "backing". Backing implies a commitment of money or resources which is not mentioned AFAIK.
Let's hope they do a better job of being open than Caldera or SuSE did.
"the GNU Project starts developing an operating system, and years later Linus Torvalds adds one important piece"
Stallman convieniently ignores the contributions made by X11, the BSD people and the many others who have worked to create the operating system I conveniently call "Linux".
This mad grasp for recognition cheapens all the other good work that the FSF and the GNU project have done.
Mars is interesting and romantic, but mankind's future in space is really going to be driven by the availablility of resources.
The mention in the report of a manned return to the moon and a first manned trip to an asteroid is (IMO) far more exciting than a trip to Mars.
A long-term, manned presence on the moon would be more useful than the ISS (and probably far cheaper too). Apart from the resources available, there is a lot of basic science to be done on the moon's formation and the role it had in Earth's past.
Oh, and Apple's creation of the first sexy server.
Silicon Graphics did that a decade or more ago. Short memories...