Slashdot Mirror


User: maxwell+demon

maxwell+demon's activity in the archive.

Stories
0
Comments
12,279
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,279

  1. Re:Oddly enough... on Microsoft Refuses To Patch Rootkit-Compromised XP Machines · · Score: 1

    Their Malicious Software Removal Tool (sent out on Patch Tuesday) can remove the rootkit.

    So the tool to remove it comes in a patch, and patches refuse to install if you are infected?

  2. Re:wish list on Entertainment Industry's Dystopia of the Future · · Score: 1

    Which reminds me of a story I've heard somewhere:

    Two children quarrel about a cake: One thinks it should be divided in a fair way, the other wants the whole cake. Then an adult comes by and suggests a compromise: One child gets a quarter of the cake, the other one three quarters.

  3. Re:Market balancing itself on Entertainment Industry's Dystopia of the Future · · Score: 1

    If they get the laws they want, it will be the state which will impose the restrictions and annoyances on you. Even if you don't watch movies or listen to music at all.

  4. Re:Don't forget... on Entertainment Industry's Dystopia of the Future · · Score: 1

    The problem isn't access or non-access to their stuff. The problem is the measures they use to prevent it. Those measures affect everyone, even people who are not the least interested in Hollywood stuff, be it purchased of copied. There are no illegal movies on my computer. But there's also no Hollywood spyware on my computer. And I don't want any to be there. First, how can I be sure that it will not destroy completely legitimate data? After all, it's not unheared about that an antivirus program mis-detects a harmless file as virus-infected since it happens to accidentally match a virus signature. Now, if that happens with AV, you can simply ignore that false warning. But I'm sure the option to ignore would not be given by MPAA malware. Not to mention that I'd surely get trouble for that "illegal copy" the malware "detected." Even if I can ultimately prove that it was not an illegal copy (which isn't a given, even if it happens to be so), there will be enough trouble until then.
    Moreover, who tells me what else the malware submits from my computer? After all, why should I trust an association which obviously doesn't care about my privacy?

    And that's just about the first point mentioned in the article.

  5. Re:Apple is Evil on The iPad vs. Microsoft's "Jupiter" Devices · · Score: 2, Informative

    Unlike Microsoft, neither Google nor Apple are convicted monopolists. Hence they are not as "evil".

    It just means their behaviour is not illegal. It doesn't tell anything about the morality of their behaviour.

  6. Re:hmm... on Library of Congress To Archive All Public Tweets · · Score: 1

    Twitter messages should be highly compressible.

  7. Re:Libraries have an exception on Library of Congress To Archive All Public Tweets · · Score: 1

    But the LoC is only in the US.

  8. Re:hmm... on Library of Congress To Archive All Public Tweets · · Score: 1

    Isn't it conceivable that I, Anonymous Coward, will become famous in 20 years time?

    At least, you are a quite well-known and active Slashdot user. However, it seems you suffer from a massively split personality.

  9. Re:Why? on Library of Congress To Archive All Public Tweets · · Score: 2, Interesting

    Soon after, he publishes a paper with his revolutionary new theory: People in the 21st century were so forgetful that they decided to record all details about their daily life in a central database so they could recover it if necessary.

  10. Re:Great, another deskop environment on Is OS/2 Coming Back? · · Score: 1

    As a general rule it never possible to be too cynical.

    Well, you better hire a cynicism consultant before making such bold statements. A good cynicism consultant will tell you exactly how much cynicism is appropriate in each situation. That's not simple, so you really shouldn't try to do it on your own. A good cynicism consultant is a must!

    SCNR :-)

  11. Re:Serving two masters on The Pirate Party of Canada Is Official · · Score: 2, Funny

    But what worries me about the Pirate Party is precisely that it is fundamentally international in nature.

    They are not international. They are region-free.

  12. Re:History will look upon the pirate parties... on The Pirate Party of Canada Is Official · · Score: 1

    A perpetual right is not only unconstitutional (the Constitution requires that copyrights be granted only for a limited time), but clearly cannot ever promote the public interest precisely because it is perpetual.

    Well, the part about it being unconstitutional can be changed by changing the constitution.

    About the perpetual rights: While I indeed don't think the right to deny certain parodies should be perpetual (actually I'm not sure that it should exist at all), I can't think how the right to be identified as author could be harmful to public interest. Or does the public lose anything by keeping the information who wrote something? Of course it should be a right the author could opt out from (indeed, there should probably be a complementary right to anonymity, although that one clearly should not be perpetual).

  13. Re:Pirate parties should rename themselves on The Pirate Party of Canada Is Official · · Score: 1

    You still have full legislative influence by being in parliament.

    Which is the same thing as being in the government.

    No. Being in parliament means having the right to vote for or against laws, and the right to propose laws to be discussed and voted on (and depending on the concrete parlamentary system a few other rights, like electing the government). Being in government means making decisions about the actual politics based on the laws, and usually the government also has the right to propose laws to the parliament (but not to vote on them, except that if someone is part of both the parliament and the government, he of course can vote as member of parliament).

    For example, the parliament can make a law that selling pure alcohol is forbidden. The government can then decide to employ more policemen to better find those selling pure alcohol, or it can instead decide that finding murderers is more important and direct more of the police forces toward that goal. The parliament cannot employ the policemen or decide their priorities, and the government cannot decide whether selling pure alcohol should be forbidden or not.

  14. Re:Just stop it on WePad Tablet Will Use Linux To Rival the iPad · · Score: 1

    Apple sold 700,000 iPads the first day? How did they end up with only 400K for the month then?

    300K were returned? :-)

  15. Re:printf "GIVE ME ALL YOUR MONEY!" null on How To Exploit NULL Pointers · · Score: 1

    Actually it did work. It's just that root didn't have any money.

  16. Re:Is the kernel address mapping part still true? on How To Exploit NULL Pointers · · Score: 1

    1) Segmentation is essentially non-existent* in 64-bit mode.

    That's a fact I was not aware of. And which I personally don't consider a good change.

    2) Segmentation sucks. Always has, always will. That's why even in 32-bit mode most segments are made with base 0 and max limit, and processors are optimized for this case.

    I strongly disagree. Segmented addressing got a bad name from the days of real mode (where the segment just gave an offset into memory, and segments were restricted to 64k) and 16 bit protected mode (where the 64k limit still applied). There it basically forced you to make pointless splits into different segments whenever you needed more than 64k, which made segmentation unnecessarily painful. However, in the scenario I described, you'd effectively have just four segments, user code/data and kernel code/data. That's not really hard to handle, especially since the code/data part is automatically handled by the processor.

    3) Okay, so you switch your CS and DS segments when you go into kernel mode (well actually you do anyway, but they're non-base-zero in this case). That's great, but you still need to map your linear address (linear = virtual address + segment base) to a physical address. So you either need to write to CR3 to use the kernel's page table, or you need to map your kernel's memory into the user's page table.

    Yes, the kernel memory would still be in the user's page table. But that doesn't matter because it's not in the user segments. Kernel code would have to explicitly distinguish between user mode access and kernel mode access (which IMHO is good). Kernel code would not accidentally execute user code, or access user data instead of kernel data.

  17. Re:Exceptons? on How To Exploit NULL Pointers · · Score: 2, Informative

    If there are exploitable bugs in the kernel, then those are the fault in OS security.

  18. Re:Is the kernel address mapping part still true? on How To Exploit NULL Pointers · · Score: 1

    For a start, because code segments no longer exist in x86_64.

    I didn't know that. That was IMHO a bad move by AMD.

  19. Re:OS dependent on How To Exploit NULL Pointers · · Score: 1

    It's not even about any NULL pointer dereference in the kernel. It's only about those used for calling functions through function pointers.

  20. Re:Is the kernel address mapping part still true? on How To Exploit NULL Pointers · · Score: 1

    Why should a change of the page table be needed? All you need are separate segments for kernel and user mode. Since pointers are relative to the corresponding segment, the kernel segment address 0 would be completely different from the user mode address 0 (and should be in reserved kernel space).

  21. Re:Shush Now on How To Exploit NULL Pointers · · Score: 2, Insightful

    Well, if you read the article, you'll find out that you have to
    * circumvent the protection against mmap to address 0 (in the article, that one was just done as root)
    * get the kernel to call a function through a function NULL pointer (that's what was done through the special kernel module)

    Since the exploit doesn't make much sense if you already are root, for this exploit you have to
    * find an existing bug in the kernel which allows you to circumvent the mmap protection.
    * find another existing bug in the kernel which causes the kernel to do a function call through a NULL function pointer.

    So you need two independent bugs in the kernel to make an actual exploit from this demonstration code.

    Having said that, I think it would certainly be a nice option to be able to trade performance for security by telling the system to put the kernel into its own memory space.

  22. Re:Fixed that for ya. on Hard Drives Shipping with Star Trek · · Score: 1

    And you don't even have to stop using it during liftoff and landing.

  23. Re:Universities should teach ... on Professor Says UFO Studies Should Be Taught At Universities · · Score: 1

    Why "or"? After all, wasn't it angels in UFOs who destroyed Atlantis because their horoscope said it was a good day for destructive actions? :-)

  24. Re:Anthropology on Professor Says UFO Studies Should Be Taught At Universities · · Score: 1

    Most of the UFOs were destroyed by the dreaded y2k bug.

  25. Re:UFO is an acronym on Professor Says UFO Studies Should Be Taught At Universities · · Score: 1

    It means: Unidentified Flying Object.

    If you don't count it as UFO if you identify it as airplane, then it cannot be an UFO either if you identify it as flying saucer. Especially anyone claiming to be abducted by an UFO is obviously lying: Assuming the abduction really happened, they could clearly identify the object as alien spaceship, therefore it wasn't an UFO.