Well, I guess his PhD would not be about imagining those features, but about implementing them. He asked for ideas what to implement, not for ideas how to implement it.
Yeah, and Duke Nukem Forever will cure all illnesses. You ever wondered why it's not out yet? It's because of the pharma industry is concerned about their profit.
Sorry, I cannot find anything about the relative size of Pluto and Eris at any of those places. Indeed, it seems the Bible doesn't mention either at all.
Ultimately it's the CPU which implements the security at the instruction and memory level. The OS only tells the CPU what code should run under which security context.
Given that Parrot also runs JavaScript (according to their page), it would be interesting to compare its speed with the JavaScript speed of current browsers. Also, given that there's a.NET bytecode translator (again, according to their page) a benchmark against.NET would also be interesting.
They could have called it Goo. They just would have to be careful to never put "grey" in front of it. Actually, thinking again, I guess they actually want it to behave like grey goo: Eat up market share from any other language until everyone writes his code in Goo.
Maybe an attack using a cross-platform browser hole which allows to execute machine code, but to know which machine code to run the exploit needs to know the processor (because x86 machine code on an ARM most probably will just crash).
I think you wouldn't put your actual malware there. You would just put enough there to avoid your actual malware to be restricted and/or detected. Maybe add an "escalate priviledge" instruction. Or maybe instruct the processor to replace the destination address of certain jumps (e.g. the timer interrupt) to another memory address, so your malware can run without letting a trace of it running (except for traces the malware itself leaves, of course).
Der Windows7-eigene Screenreader fängt beim Vorlesen die Eingaben über die Tastatur direkt ab. Dadurch wird auch die eingegebene PIN im Klartext vorgelesen.
Translation: The Windows7 built in screen reader captures entries directly from the keyboard when reading. Therefore also the entered PIN is read aloud in cleartext.
Which shows two things: (i) There should be a separate keypad on the card reader. You simply cannot trust the computer. (ii) Using Windows7 can lead to unexpected security holes even on non-compromised computers (after all, this should apply to anything expecting passwords). But then, it's from Microsoft, so that's somewhat expected:-)
The really safe solution would have been to have a reader with PIN entry required, and have that reader directly communicate with the server (using a secure, encrypted protocol, of course), so for identification purposes, the computer acts only as a router for the secure communication. Of course that still doesn't protect against compromised readers, but I guess those are much more easy to protect than computers (after all, they are single-purpose appliances).
But for that, they would not need to add that security hole. They could just install it from the regular update server of the app. Or redirect DNS, but use the original certificate.
Actually, the opposite is the case: The propeller is used to take energy from the wind, which is then used to drive the wheels and move the vehicle forward. This is most easily seen if looking at it on its own frame of reference. At stationary speed the wind comes from the front (because it's moving faster than the wind), while the road underneath goes backwards. The propeller takes energy from that wind and uses that energy to drive the wheels, which then keep the vehicle in place, against the forces of the wind and the road, which both try to move it backwards.
Well, they would of course keep the unblurred material at some not publicly accessible place, but the point is that blurring would be done directly on the images used for the service, instead of added dynamically. That way, something would be blurred either everywhere or nowhere.
The problem with this is, when you're finished splitting up your tasks into those small units, you'll probably find that you've used up all the time you had for doing the work...
Well, I guess his PhD would not be about imagining those features, but about implementing them. He asked for ideas what to implement, not for ideas how to implement it.
Yeah, and Duke Nukem Forever will cure all illnesses. You ever wondered why it's not out yet? It's because of the pharma industry is concerned about their profit.
Actually, I cannot see any inconvenience. I never logged into Facebook, and I never missed anything.
Sorry, I cannot find anything about the relative size of Pluto and Eris at any of those places. Indeed, it seems the Bible doesn't mention either at all.
Ultimately it's the CPU which implements the security at the instruction and memory level. The OS only tells the CPU what code should run under which security context.
Given that Parrot also runs JavaScript (according to their page), it would be interesting to compare its speed with the JavaScript speed of current browsers. .NET bytecode translator (again, according to their page) a benchmark against .NET would also be interesting.
Also, given that there's a
They could have called it Goo. They just would have to be careful to never put "grey" in front of it.
Actually, thinking again, I guess they actually want it to behave like grey goo: Eat up market share from any other language until everyone writes his code in Goo.
So obviously it was the contrail of a time machine.
I think the ad industry will also be interested in fingerprinting ... not for starting exploits, but for more effective tracking.
Maybe an attack using a cross-platform browser hole which allows to execute machine code, but to know which machine code to run the exploit needs to know the processor (because x86 machine code on an ARM most probably will just crash).
I think you wouldn't put your actual malware there. You would just put enough there to avoid your actual malware to be restricted and/or detected. Maybe add an "escalate priviledge" instruction. Or maybe instruct the processor to replace the destination address of certain jumps (e.g. the timer interrupt) to another memory address, so your malware can run without letting a trace of it running (except for traces the malware itself leaves, of course).
From here:
Der Windows7-eigene Screenreader fängt beim Vorlesen die Eingaben über die Tastatur direkt ab. Dadurch wird auch die eingegebene PIN im Klartext vorgelesen.
Translation: The Windows7 built in screen reader captures entries directly from the keyboard when reading. Therefore also the entered PIN is read aloud in cleartext.
Which shows two things: :-)
(i) There should be a separate keypad on the card reader. You simply cannot trust the computer.
(ii) Using Windows7 can lead to unexpected security holes even on non-compromised computers (after all, this should apply to anything expecting passwords). But then, it's from Microsoft, so that's somewhat expected
The really safe solution would have been to have a reader with PIN entry required, and have that reader directly communicate with the server (using a secure, encrypted protocol, of course), so for identification purposes, the computer acts only as a router for the secure communication. Of course that still doesn't protect against compromised readers, but I guess those are much more easy to protect than computers (after all, they are single-purpose appliances).
But for that, they would not need to add that security hole. They could just install it from the regular update server of the app. Or redirect DNS, but use the original certificate.
Depends on if you are Swiss :-)
In Germany it's Scheiße, in Switzerland it's Scheisse.
Yeah, who cares if those pictures are naked. All we care about is if you are naked on the picture.
Firefox 4 comes with HSTS
Sorry, but that's an AIDU.
(I admit I'm now TLTG)
The admin's job is to make everyone on your network suddenly a guru of security? :-)
Yes, on further thinking you're right. My explanation would have meant to accelerate the wind, which wouldn't make sense. Sorry for the confusion.
http://www.phdcomics.com/comics/archive.php?comicid=1388
Must be a Ph.D. in arts, or they'd know to label their axes. Is that meant to be time on the horizontal axis?
They meant to label those axes. However they never got around to actually do it.
Since at the time you are writing the test, the test is supposed to fail, a failing test is a success. A succeeding test would be a failure.
...we obey the laws of thermodynamics.
I don't! :-)
Actually, the opposite is the case: The propeller is used to take energy from the wind, which is then used to drive the wheels and move the vehicle forward. This is most easily seen if looking at it on its own frame of reference. At stationary speed the wind comes from the front (because it's moving faster than the wind), while the road underneath goes backwards. The propeller takes energy from that wind and uses that energy to drive the wheels, which then keep the vehicle in place, against the forces of the wind and the road, which both try to move it backwards.
Well, they would of course keep the unblurred material at some not publicly accessible place, but the point is that blurring would be done directly on the images used for the service, instead of added dynamically. That way, something would be blurred either everywhere or nowhere.
The problem with this is, when you're finished splitting up your tasks into those small units, you'll probably find that you've used up all the time you had for doing the work ...