Authentication (IIRC) is the term used when describing the need to assure the source of any given package (e.g. via PGP signature, etc.).
This means that the MD5 sum is signed by an entity verifiable by a certificate of authentication that is difficult or near-impossible to spoof (e.g. asymmetrical public/private keypair, etc.).
So, in the event that an intruder manipulates code/binaries/checksums, it is unlikely they will will be able to manipulate the certificate of authentication.
It is important to note that if the *only* place you store the cert (i.e. PGP key, etc.) is in a file in the same directory, or on a web page on a local server, you're asking to have that spoofed as well. This is why (I think) you're supposed to advertise your public key as much as possible (to a reasonable extent, I'm sure) -- to provide verifiability.
This game has become like a cheap slot machine in our office...
Heading 180.00 (as close as you can get) Pitch ~78.5 Full force.
Sometimes the leg will get stuck, sometimes not. When it gets stuck, the numbers can start rocketing before he starts falling.
My high score is 616,000 and change... 580,000 before he started falling.
I prefer the guy's left foot at the default camera, so when your scores don't add up, you still get to see him smash his head on the top step repeatedly.:P
I found this awhile back by linking back from a Google search. I was pleasantly surprised to a) learn of its existence and b) find it being offered for free.
For those of you into tales of hacking/cracking this is a good read that keeps me 'scared whitehat'.
http://www.underground-book.com/
It's strange how much is out there out there in terms of free literature and documentation, but the only unified, exhaustive index is Google.:P
When they ask, "When would be a good time to call you back?", I say, "Tomorrow evening" or "2 months from now" or whatever is appropriate for the situation, depending on who is calling and for what. For instance, RESPs can wait for two months, but telephone services usually only wait for up to two days. Either way, you get a break.
Then, when they call back I tell them the same thing. Over and over again. Endlessly. After a few calls, you can get them trained to phone back at a specific date and time, and make plans to be out for that time. Then you get to say "Oh, yeah, I was out. Sorry about that. Can you call again in another 2 months?"
Slashdot Mirror
Perhaps the parent needs to be modded up...
Authentication (IIRC) is the term used when describing the need to assure the source of any given package (e.g. via PGP signature, etc.).
This means that the MD5 sum is signed by an entity verifiable by a certificate of authentication that is difficult or near-impossible to spoof (e.g. asymmetrical public/private keypair, etc.).
So, in the event that an intruder manipulates code/binaries/checksums, it is unlikely they will will be able to manipulate the certificate of authentication.
It is important to note that if the *only* place you store the cert (i.e. PGP key, etc.) is in a file in the same directory, or on a web page on a local server, you're asking to have that spoofed as well. This is why (I think) you're supposed to advertise your public key as much as possible (to a reasonable extent, I'm sure) -- to provide verifiability.
This game has become like a cheap slot machine in our office...
:P
Heading 180.00 (as close as you can get)
Pitch ~78.5
Full force.
Sometimes the leg will get stuck, sometimes not. When it gets stuck, the numbers can start rocketing before he starts falling.
My high score is 616,000 and change... 580,000 before he started falling.
I prefer the guy's left foot at the default camera, so when your scores don't add up, you still get to see him smash his head on the top step repeatedly.
Phew! For a minute I thought someone had compiled ffmpeg's free Windows Media Decoder and was trying to make a quick buck.
f fm peg/ffmpeg/libavcodec/wmadec.c
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/
I found this awhile back by linking back from a Google search. I was pleasantly surprised to a) learn of its existence and b) find it being offered for free. For those of you into tales of hacking/cracking this is a good read that keeps me 'scared whitehat'. http://www.underground-book.com/ It's strange how much is out there out there in terms of free literature and documentation, but the only unified, exhaustive index is Google. :P
For now, I use the passive approach:
When they ask, "When would be a good time to call you back?", I say, "Tomorrow evening" or "2 months from now" or whatever is appropriate for the situation, depending on who is calling and for what. For instance, RESPs can wait for two months, but telephone services usually only wait for up to two days. Either way, you get a break.
Then, when they call back I tell them the same thing. Over and over again. Endlessly. After a few calls, you can get them trained to phone back at a specific date and time, and make plans to be out for that time. Then you get to say "Oh, yeah, I was out. Sorry about that. Can you call again in another 2 months?"