I fail to see how this is controversial in the least. It is just another bug found in a piece of software full of bugs. The guy reporting it gave Microsoft a full month before he went public, that should have been more than enough time to build a patch.
As for the exploit itself, whats wrong with the code he wrote? If it scares the PHB's into actually demanding a more secure IE from MS then all the better.
From the sounds of it this is more of a cluster type supercomputer. Thus the connections would be via some sort of converter at the actual nodes. Well thats my guess anyway.
Okay first off let me say I am not a TCP/IP expert by any means however this does present some interesting points.
Firstly as a poster has noted before, by going under the radar by directly using the IP layer, this is going to open up a whole new rash of attack methods which we would be much better investigating and defending against.
Secondly, I think its cool, it renews my faith in the basic tenet of geekdom - play with it until you break it, then learn to fix it again.
What has surprised me has been the vitriol that has been directed not at the spammers and Verio but at the spam blockers. I mean some of the comments have come close to being as bad as an Emacs v Vi debate. I have only this to say, services such as spam hause (i think thats it) and other similar services, are not compulsory, you don't like it, you stop using it.
There is also a massive difference between legitimate marketing via email to a list of opt-in users and the profligate assault that is the "Penis Enlargement" message. I mean come on how many slashot readers are actually going to need that one??? Why the silence? hello is this thing on?
Im sorry but come on, since when is a persons name a breach of copyright?
A persons name is part of their very being and like their genetic make up should not be part of the "sue til ya drop" atmosphere that seems to be affecting the US and the rest of the World more and more.
Re:Did somone steal the story?
on
Go Go Gadget Minisaw
·
· Score: 2, Informative
Just a little Info
the ABC is the Government funded but independantly run media organisation while the SMH is part of a fully privatised newspaper group called The Fairfax group
Okay I can sort of see the Freedom of Speech angle people seem to be throwing up here but it really doens't hold water.
Gator is and always will be a viral piece of software that offers no benefits to the victims of its attacks and plenty of problems least of all being the pop-ups.
It hijacks web sites with which the parent company has no agreement for ad hosting or serving and displays competitors ads. Sort of like everytime you get into a ford your cellular rings and its someone from Toyota telling you to go their lots.
All in all its an annoying piece of shit.
This law suit they are bringing is just a bullshit attempt to play the freedom of speech card.
Hmmm Evolution not proven through Scientific methods. Well in that case could you just climb back into that tree and we'll observe the descent of man.
Seriously, the way science works means that there is nothing on this planet that can be proven beyond a reasonable doubt. It is all a series of bets that you're ideas will match up with the data better than the other guys.
So before you go blowing some one off take a moment to think, is his/her idea closer than yours? If so then in the best traditions of intellectuals everywhere, taunt them mercilessly and then turn round a couple of years later and claim you believed it all along.
If I rant it means I haven't had nicotene for a couple of days.
kudos to you for actually RTFSpec. However its a bit worrying that a spec whos entire reason for existing is cross-authentication between two or more different sets of Web Services does not make encryption part of its core.
I will be reading the spec tonight, but as I said in my previous post in this case I believe that any sort of authentication standard has to move away from plain text across the net as its base and onto encryption.
and keep in mind I am not all that up to speed with web services but are any of these XML files that are going to be used for authentication going to be encrypted?
I can see a giant hole here in terms of a dedicated cracker intercepting un-encrypted XML files, parsing the information and then using that info for their own nefarious (yes its a big word) schemes.
Again when it comes to Web Services I am not the most up to date, its just a thought
You know what? I am tired of hearing about ICANNs bullshit.
I am still confused as to why an American company can possibly be allowed to control the Internet. I know the history so don't tell me about ARPANet and the rest, the simple fact is, the Internet is no longer an American institution, it has gone global.
Why not set up an International body to take over from ICANN? A body with full participation of the Internet Community from the start.
Ah forget it, why would they do that, it would only give power to the people.
Slashdot Mirror
I can just imagine it, the million geek march through Sims-Online, all the fun of protesting without actually having to get off your arse. Perfect.
I fail to see how this is controversial in the least. It is just another bug found in a piece of software full of bugs. The guy reporting it gave Microsoft a full month before he went public, that should have been more than enough time to build a patch.
As for the exploit itself, whats wrong with the code he wrote? If it scares the PHB's into actually demanding a more secure IE from MS then all the better.
Dammit you beat me too it. As Kryten would say "Your a smeeeee...iiiiiii!"
From the sounds of it this is more of a cluster type supercomputer. Thus the connections would be via some sort of converter at the actual nodes. Well thats my guess anyway.
"at a speed equivalent to the human brain"
Before or after the six pack?
Okay first off let me say I am not a TCP/IP expert by any means however this does present some interesting points.
Firstly as a poster has noted before, by going under the radar by directly using the IP layer, this is going to open up a whole new rash of attack methods which we would be much better investigating and defending against.
Secondly, I think its cool, it renews my faith in the basic tenet of geekdom - play with it until you break it, then learn to fix it again.
What has surprised me has been the vitriol that has been directed not at the spammers and Verio but at the spam blockers. I mean some of the comments have come close to being as bad as an Emacs v Vi debate. I have only this to say, services such as spam hause (i think thats it) and other similar services, are not compulsory, you don't like it, you stop using it. There is also a massive difference between legitimate marketing via email to a list of opt-in users and the profligate assault that is the "Penis Enlargement" message. I mean come on how many slashot readers are actually going to need that one??? Why the silence? hello is this thing on?
A nomadic spam tribe? Bloody vikings, and no I will NOT sing the song, I can't remember the words
Im sorry but come on, since when is a persons name a breach of copyright?
A persons name is part of their very being and like their genetic make up should not be part of the "sue til ya drop" atmosphere that seems to be affecting the US and the rest of the World more and more.
I give up. Wake me up when we get to reality
No one expects the spanish inquisition!!!
Just a little Info
the ABC is the Government funded but independantly run media organisation while the SMH is part of a fully privatised newspaper group called The Fairfax group
So they are completely different organisations
Or even better if its a scantily clad athlete kissing Kylie Minogue, or is that Picture magazine(Warning blatant Aussie reference)
Alright I'll give you that one, but its still a piece of shit.
Okay I can sort of see the Freedom of Speech angle people seem to be throwing up here but it really doens't hold water.
Gator is and always will be a viral piece of software that offers no benefits to the victims of its attacks and plenty of problems least of all being the pop-ups.
It hijacks web sites with which the parent company has no agreement for ad hosting or serving and displays competitors ads. Sort of like everytime you get into a ford your cellular rings and its someone from Toyota telling you to go their lots.
All in all its an annoying piece of shit.
This law suit they are bringing is just a bullshit attempt to play the freedom of speech card.
Don't... make... me... sing... the .... Galaxy... Song
Hmmm Evolution not proven through Scientific methods. Well in that case could you just climb back into that tree and we'll observe the descent of man.
Seriously, the way science works means that there is nothing on this planet that can be proven beyond a reasonable doubt. It is all a series of bets that you're ideas will match up with the data better than the other guys.
So before you go blowing some one off take a moment to think, is his/her idea closer than yours? If so then in the best traditions of intellectuals everywhere, taunt them mercilessly and then turn round a couple of years later and claim you believed it all along.
If I rant it means I haven't had nicotene for a couple of days.
Oh that pig skin game is nothing like Rugby, trust me. For a start it doesn't take three hours to play an 80 minute game.
You see this is why I don't like press releases, you get a whole bunch of nothing.
What exactly is the terms of settlement? Is Nu-Sphere going to get more than a slap on the wrist or what?
What is happening now?
Okay the kudos for WTFSpec then ;)
As I said I will try and read the spec tonight,family permitting.
kudos to you for actually RTFSpec. However its a bit worrying that a spec whos entire reason for existing is cross-authentication between two or more different sets of Web Services does not make encryption part of its core.
I will be reading the spec tonight, but as I said in my previous post in this case I believe that any sort of authentication standard has to move away from plain text across the net as its base and onto encryption.
and keep in mind I am not all that up to speed with web services but are any of these XML files that are going to be used for authentication going to be encrypted?
I can see a giant hole here in terms of a dedicated cracker intercepting un-encrypted XML files, parsing the information and then using that info for their own nefarious (yes its a big word) schemes.
Again when it comes to Web Services I am not the most up to date, its just a thought
CASH!!
I know, I know, its very sad, Im sorry I'll go back to my corner now
If Linux is like getting a free puppy, then Windows is like paying for a pure breed only to find you've got some mutt that craps itself constantly.
Now theres a concept - OSP - Open Source Porn.
You know what? I am tired of hearing about ICANNs bullshit.
I am still confused as to why an American company can possibly be allowed to control the Internet. I know the history so don't tell me about ARPANet and the rest, the simple fact is, the Internet is no longer an American institution, it has gone global.
Why not set up an International body to take over from ICANN? A body with full participation of the Internet Community from the start.
Ah forget it, why would they do that, it would only give power to the people.