Anyway, A danish customer checked it and found out that session related cookies to the homebanking solution (which is hosted elsewhere) is called NSSID. https://twitter.com/kimtiede/s...
The researcher didn't actually test if he could hijack a session.
If he had tried he would see that the cookies in question are not authentication cookies used by the bank. The cookies in question are described as 'statistical' cookies on http://www.danskebank.com/en-u...
I'm really amazed about the publicity one single blogger can get with such undocumented claims.
Yeah, I'm sick and tired of warlocks like you that think their Demonology build should be the only viable defense against melee. And don't pretend you know how well I play my class? You don't. Every warlocks KNOWS that rogues & warriors are pisshard to beat once they get up close.
You think I knew where the end-game zones we're gonna be and what level was required to gain a shard by looking at the box-cover? What are you stupid??
I'm so sick and tired of these warlocks outright dimissing obvious class problems just because the've either got better gear, specced around it (Demonology) or chosen a helpful profession (Engineering).
The rest of us have serious problems gaining any sort of distance to any type of melee class in combat. Just look at the recent post Blizzard made regarding what warlocks want the most. Just count the number of times "Escape capability" and "Shard solution" show up.
What do you want us to do? Drain-tank them? We can't even get a 1.5 sec Fear off, and even if we did, almost everybody can break it or become immune now.
How do you think the priests would like it if their shield were an end-tier talent into the Holy tree?
Or what about mages? Make Blink, Frost-Nova and Polymorf talent based, and when they whine you just say "Learn to play your class"? "Spec for it you noob!"?
People are not asking to be overpowered - they simply want to be at the same level with other classes. Where does it say in the class description that warlocks aren't supposed to survive a rogue, warrior or any undead unless they spec demonology, pick up Engineering and buy potions from the auction house?
"Escape Spell: You have more hit points than any given mage or priest COMBINED, unless you have really exceptionally bad gear. I routinely have almost 5K, unbuffed, with my PvE gear on. My PvP gear has more stamina on it."
Looks like you have some epic gear! Congratulations! On top of that you're probably Demonology specced too, right? Good for you!
"Here's your escape spell to keep from getting ganked by rogues: Team up with a rogue. Be bait."
Aaahhh, the priceless "outnumber them if you can't beat them" argument! We're talking class balance here, not zerging. You do think classes should be somewhat balanced, don't you?
"Then, at some point, explain to me how ice block saves a mage from a rogue"
It doesn't. But the cooldown on Frost-Nova and Blink is now over, so...
"Or an 8 second easily dispellable polymorph that fully heals it's target helps a mage with a rogue"
This definately helps a mage escape. Besides, I thought this was more than 8 seconds.
"Soul Shards: Please go read the class description. You should have known what you were getting into when you signed up. Your lack of ability to RTFM is not my (or Blizzard's) problem."
I'm sorry, I must have missed the part saying "Once you hit lvl 60, you must travel 2 flightpaths and then spend 40 minutes farming shards."
And these issues are "just" class-issues - don't even get me started on the list of current bugs (incomplete list) plaguing us.
'We haven't talked to a single user who has said they're using [open source] because it's better.'
I'm attending the conference in Copenhagen (don't ask why!) and they had this session about Microsoft and Open Source. During the session the speaker asked who in the audience thought Linux was more secure than Windows. Me and 2-3 other guys raised our hands. Then he asked who thought Windows was more secure than Linux and a forrest of hands went into the air. In that moment I couldn't decide wether to cry or laugh and thought "what planet are these guys from?!?". I guess it's that kind of users he's refering to.
The game of Chess is not a measure of intelligence. It's a measure of mathematics and memory
True, but as Turing pointed out: if you can't tell the difference in a certain context, does it really matter if it's *really* intelligent or not?
AI is a misplaced term - "adaptive systems" would fit much better. I too have a problem with calling something that doesn't even know it's playing chess for intelligent.
I've been looking for something like this to run Mythtv on. Only problem is, I have no clue how this VIA CPU performs and I have no reference to how well MythTV performs in general.
Have anybody tried this out on the Hush or something similar? And was is enough to watch TV and encode a stream, etc?
A PIII/733Mhz system can encode one video stream using the MPEG-4 codec using 480x480 capture resolution. This does not allow for live TV watching, but does allow for encoding video and then watching it later.
The developer states that his AMD1800+ system can almost encode two MPEG4 video streams and watch one program simultaneously.
A PIII/800Mhz system with 512MB RAM can encode one video stream using the RTJPEG codec with 480x480 capture resolution and play it back simultaneously, thereby allowing live TV watching.
A dual Celeron/450Mhz is able to view a 480x480 MPEG4/3300Kbps file created on a different system with 30% CPU usage.
A P4 2.4Ghz machine can encode two 3300Kbps 480x480 MPEG4 files and simultaneously serve content to a remote frontend.
The review mentions the Hush comes shipped with a MPEG-2 decoder, clearly an important paramter in this equation.
when will these companies realize that many people have multiple computers in their home?
How many users "with multiple computers" do you know which have a NAT-gateway separating 2 parts of his/her own LAN? I can think of only people with Access-points. Remember that you need a whole new LAN-segment to get this 1 TTL difference. Normal users won't be affected, although the difference in initial TTL will still be present and revealing.
This idea also came up in the
other/. story.
Physical separation of networks _is_ widely used among government and military networks. The reason being very simple: It's the only cost-effective way to guarantee security.
However, even if you lease a private line it would still be in control of a third party, the telephone company for instance. In these cases cryptographic hardware is used to secure the channel.
the T610 is fully compatible with any computer. Your phone books and calendars will stay synchronized and updated
Sounds promising, but is this also true for the various open-source calendar software? I've tentatively been looking for non-Windows synchronization software for my t39m without any luck.
The point is not who and how, but merely that obscurity is a useless principle in security. I could mention certain modern software companies here, but since names makes you tick....
Security through obscurity might not be good in principle, but in practice it's well-tested and the only way to go
Really? When MIT-students back in the 60-70ies stopped playing with modeltrains and started looking into the new emerging telephone networks, I thought we learned that obscurity is no match for devoted geeks.
In a typical geek-enduser setup where multiple computers are either directly connected to the router or through a hub, the TTL will still be same for all of them. You need several routed chunks of internal networks in order to use TTL to distinguish anything, and what you'll se in this scenario will only be LAN-segments, not indivual PC's.
However, different OS'es uses different initial TTL values, so you can potentially discover what types of OS'es are present behind the NAT.
Slashdot Mirror
QSI_HistorySession is listed as a "user survey" cookie on the danish version.
mbox is probably Site Catalyst: http://cookiepedia.co.uk/cooki...
Anyway, A danish customer checked it and found out that session related cookies to the homebanking solution (which is hosted elsewhere) is called NSSID. https://twitter.com/kimtiede/s...
The researcher didn't actually test if he could hijack a session.
If he had tried he would see that the cookies in question are not authentication cookies used by the bank. The cookies in question are described as 'statistical' cookies on http://www.danskebank.com/en-u...
I'm really amazed about the publicity one single blogger can get with such undocumented claims.
Yeah, I'm sick and tired of warlocks like you that think their Demonology build should be the only viable defense against melee. And don't pretend you know how well I play my class? You don't. Every warlocks KNOWS that rogues & warriors are pisshard to beat once they get up close.
You think I knew where the end-game zones we're gonna be and what level was required to gain a shard by looking at the box-cover? What are you stupid??
I'm so sick and tired of these warlocks outright dimissing obvious class problems just because the've either got better gear, specced around it (Demonology) or chosen a helpful profession (Engineering).
The rest of us have serious problems gaining any sort of distance to any type of melee class in combat. Just look at the recent post Blizzard made regarding what warlocks want the most. Just count the number of times "Escape capability" and "Shard solution" show up.
What do you want us to do? Drain-tank them? We can't even get a 1.5 sec Fear off, and even if we did, almost everybody can break it or become immune now.
How do you think the priests would like it if their shield were an end-tier talent into the Holy tree?
Or what about mages? Make Blink, Frost-Nova and Polymorf talent based, and when they whine you just say "Learn to play your class"? "Spec for it you noob!"?
People are not asking to be overpowered - they simply want to be at the same level with other classes. Where does it say in the class description that warlocks aren't supposed to survive a rogue, warrior or any undead unless they spec demonology, pick up Engineering and buy potions from the auction house?
"Escape Spell: You have more hit points than any given mage or priest COMBINED, unless you have really exceptionally bad gear. I routinely have almost 5K, unbuffed, with my PvE gear on. My PvP gear has more stamina on it."
Looks like you have some epic gear! Congratulations! On top of that you're probably Demonology specced too, right? Good for you!
"Here's your escape spell to keep from getting ganked by rogues: Team up with a rogue. Be bait."
Aaahhh, the priceless "outnumber them if you can't beat them" argument! We're talking class balance here, not zerging. You do think classes should be somewhat balanced, don't you?
"Then, at some point, explain to me how ice block saves a mage from a rogue"
It doesn't. But the cooldown on Frost-Nova and Blink is now over, so...
"Or an 8 second easily dispellable polymorph that fully heals it's target helps a mage with a rogue"
This definately helps a mage escape. Besides, I thought this was more than 8 seconds.
"Soul Shards: Please go read the class description. You should have known what you were getting into when you signed up. Your lack of ability to RTFM is not my (or Blizzard's) problem."
I'm sorry, I must have missed the part saying "Once you hit lvl 60, you must travel 2 flightpaths and then spend 40 minutes farming shards."
And these issues are "just" class-issues - don't even get me started on the list of current bugs (incomplete list) plaguing us.
This will be about as exciting as watching a fork truck competing in weightliftning at the Olympics.
'We haven't talked to a single user who has said they're using [open source] because it's better.'
I'm attending the conference in Copenhagen (don't ask why!) and they had this session about Microsoft and Open Source. During the session the speaker asked who in the audience thought Linux was more secure than Windows. Me and 2-3 other guys raised our hands. Then he asked who thought Windows was more secure than Linux and a forrest of hands went into the air. In that moment I couldn't decide wether to cry or laugh and thought "what planet are these guys from?!?". I guess it's that kind of users he's refering to.
I hereby take ownership of the term "Star" and "War"
Erhem wait...Lucas already has that one...dammit
The game of Chess is not a measure of intelligence. It's a measure of mathematics and memory
True, but as Turing pointed out: if you can't tell the difference in a certain context, does it really matter if it's *really* intelligent or not?
AI is a misplaced term - "adaptive systems" would fit much better. I too have a problem with calling something that doesn't even know it's playing chess for intelligent.
Have anybody tried this out on the Hush or something similar? And was is enough to watch TV and encode a stream, etc?
The MythTV FAQ have some info about CPU usage:
A PIII/733Mhz system can encode one video stream using the MPEG-4 codec using 480x480 capture resolution. This does not allow for live TV watching, but does allow for encoding video and then watching it later.
The developer states that his AMD1800+ system can almost encode two MPEG4 video streams and watch one program simultaneously.
A PIII/800Mhz system with 512MB RAM can encode one video stream using the RTJPEG codec with 480x480 capture resolution and play it back simultaneously, thereby allowing live TV watching.
A dual Celeron/450Mhz is able to view a 480x480 MPEG4/3300Kbps file created on a different system with 30% CPU usage.
A P4 2.4Ghz machine can encode two 3300Kbps 480x480 MPEG4 files and simultaneously serve content to a remote frontend.
The review mentions the Hush comes shipped with a MPEG-2 decoder, clearly an important paramter in this equation.
when will these companies realize that many people have multiple computers in their home?
/. story.
How many users "with multiple computers" do you know which have a NAT-gateway separating 2 parts of his/her own LAN? I can think of only people with Access-points. Remember that you need a whole new LAN-segment to get this 1 TTL difference. Normal users won't be affected, although the difference in initial TTL will still be present and revealing.
This idea also came up in the other
I don't know anything about how/if NSA secure Linux development was stoppped, but it nevertheless looks pretty real to me...
Physical separation of networks _is_ widely used among government and military networks. The reason being very simple: It's the only cost-effective way to guarantee security.
However, even if you lease a private line it would still be in control of a third party, the telephone company for instance. In these cases cryptographic hardware is used to secure the channel.
Will this one have all guns replaced by walkie-talkies? Or is that Super Extended Collectors Special Edition?
the T610 is fully compatible with any computer. Your phone books and calendars will stay synchronized and updated
Sounds promising, but is this also true for the various open-source calendar software? I've tentatively been looking for non-Windows synchronization software for my t39m without any luck.
let me help you control your anger.
The point is not who and how, but merely that obscurity is a useless principle in security. I could mention certain modern software companies here, but since names makes you tick....
Security through obscurity might not be good in principle, but in practice it's well-tested and the only way to go
Really? When MIT-students back in the 60-70ies stopped playing with modeltrains and started looking into the new emerging telephone networks, I thought we learned that obscurity is no match for devoted geeks.
In a typical geek-enduser setup where multiple computers are either directly connected to the router or through a hub, the TTL will still be same for all of them. You need several routed chunks of internal networks in order to use TTL to distinguish anything, and what you'll se in this scenario will only be LAN-segments, not indivual PC's. However, different OS'es uses different initial TTL values, so you can potentially discover what types of OS'es are present behind the NAT.