Has anybody written a test to verify that Microsoft's fix has been properly applied? It would be a simple DLL with that pops up a message, and simple EXE that loads the DLL (which has new unique name). Or even two versions of the DLL, one with a good message and one with a bad message. One goes in the system path, one goes in the same path as the EXE, a temp folder.
The Military Aviation Museum in Virginia Beach has an Enigma, along with a misinformed computer demo. There must have been thousands of Enigma machines captured. Wikipedia says 100,000 manufactured, including commercial ones. It also has a picture of the Enigma display at the Natl Cryptologic Museum: http://en.wikipedia.org/wiki/File:Enigmas.jpg
The machine was cool - no numbers, no punctuation - the narrated explanation was perfect, up until the demo, which was a simple substitution cipher: the same letter always meant the same other letter! Somebody's Dilbert boss took over in the media shop! The program had already explained the cipher did not repeat.
Or they have connections who got them their cushy US layabout jobs.
The net history of espionage is like the net profit history of the airline industry. Comes out to about zero on balance (going back to the Wright Brothers, or so they say). But in espionage, even though the topmost levels of the U.S. and British and probably Soviet spy agencies were infiltrated over and over again, I guess there is some argument you can't just unilaterally disband them unless the other side does too.
Environmental tests on Corexit indicate it can be stored in the tissue of organisms, or bioaccumulate...
When used on the surface, dispersants remove oil from where birds, turtles and other sea creatures could eat it or breathe in the poisonous fumes. Marine scientists say they also keep the oil balls suspended in the water, where they are eventually consumed by bacteria, which can pass toxins up the food chain.
"They're talking about using dispersants in the deep water where the oil is coming out that would prevent it from hitting shore, but would actually put it into the water column and possibly force it to the bottom of the ocean," said Cynthia Sarthou, executive director of the New Orleans-based Gulf Restoration Network.
"The environmental impact of that is totally unknown. It could end up killing everything at the bottom of the ocean."
..for what were originally serious felonies of trying to bug a U.S. senator's office in broad daylight in New Orleans. Helped that the co-conspirator was the son of a U.S. Attorney in Louisiana, one suspects. The leader is the same creep who pretended to be a 1970s pimp in order to smear ACORN with a faked the video. Now he's getting off with a slap on the wrist for stuff the Watergate burglars went to prison for. (They went into the Landrieu's office, in a federal building, and pretended to be a telephone repair crew. The receptionist became suspicious when they asked her where the equipment closet was.) http://www.nola.com/crime/index.ssf/2010/04/arraignment_set_in_sen_landrie.html
Another problem is download size, at least for those few of us still on occasional dialup or slow 3G. The minified version of JQuery is 72K. Still that's better than the NYT home page, which makes 30 requests for JS files, though only 60K total.
When US airways were heavily regulated, before 1980, you could sell your seat to someone else, rebook at will, etc., IIRC. Security theater was brought to you largely by the free-marketeer GW Bush. Banana republic levels of social inequality and "federales" were also minted by that non "socialist" president. By contrast, there must have been socialists as well as conservatives involved in building the more sensible, and tougher, British and Israeli security procedures.
As for Southwest, it is friendly, inexpensive, great for one-way and last-minute bookings, etc., but has nothing to do with shutting down European airspace, including airports like London Heathrow that connect continents. Southwest is domestic, it does not even fly to Canada.
You did not get free hotel room at will, but the airlines have decided that is not feasible in volcano distress. Perhaps past regulation and subsidy do make airlines annoying, or maybe it is just corporate bloat.
And when Flash started, it was a very low bandwidth way to do animations. (Remember those enormous animated GIFs? Flash files were tiny.) Now it's more often a video container.
As with traffic accidents, there is a cost-benefit trade-off to closing down the affected transportation way completely. Presumably people are not getting transplant organs delivered by air, etc. In a notorious Washington, D.C., case a few years ago, a jumper stood on the side of an interstate bridge that gets over 200,000 trips a day. So the authorities closed all traffic for hours, causing untold economic and health damage. (Bet you want to know if he jumped! No.) But it happens every day that responders keep accident scenes closed based of their own procedures and risk aversion, etc., because the trade-off is less tangible, and diminishes their own importance.
Long ago cops in raincoats on the side of the road at accidents waved their arms, "move along, move along, buddy!" You never see that anymore. (I saw it in a movie.)
The airlines have refused to discuss the altitudes of their crew-only test flights these last few days. Bizarre, secretive behavior. They seem to be at war with the regulators.
Normal GPG/PGP setup, the private key is stored encrypted, so it takes with a passphrase to use it. That's probably what they had, the encrypted key without the passphrase. You have to store it somewhere. If I recall, in that situation, the passphrase is certainly the weak point.
The French Resistance certainly were subject to being shot as spies, in accordance with the Geneva Conventions, since they were not uniformed. German collective punishment against the French population was illegal, though, and Allied anti-communist action against French Resistance fighters was simple treachery.
The goal is to keep print subscribers from canceling. This simple point is usually missed in the stories. Print gets better advertising rates. You may think it is short sighted, but nothing else the newspapers have tried is working. The number one reason people cancel is because the online version is free.
Automatic trannies in these cars use the shifter as advice only. If shifted into neutral at speed, the engine would spin out, which is very damaging. So the software prevents that. Oops. Note, most cars in the US have automatic transmissions.
Still, the best steps are check the pedal, try neutral, try cutting the engine (tap tap tap, hold, or whatever it takes if it is a button), and use the brake forcefully and completely, before the pads have a chance to heat up. Assuming you have the/!right/ pedal.
It is far-fetched, but note that some news stories said it was an image saved to the desktop, not a live image. The school statement also says they never monitored live except in the case of loss or theft.
Worst case, the student cooked up the whole thing, after realizing the camera could be activated remotely, as a plot to bilk the school district in a lawsuit. He could have staged a drug-like shot with the candy and showed it to the admin/teacher.
Did the student save a picture of himself eating Mike & Ike candies at home, which a school teacher or official later noticed on the desktop? That would be different than the school remotely viewing him at home. I'm as suspicious of anyone of authority, but lets get the facts straight. This could be the lawyer fishing on the *ability* the school had, not what it actually did. Both are bad, but one is worse.
The problem for the teacher or whomever is that once they saw the Mike & Ike picture, assumed it was drugs, they may have been required to report it. The whole thing is insidious.
Slashdot Mirror
Has anybody written a test to verify that Microsoft's fix has been properly applied? It would be a simple DLL with that pops up a message, and simple EXE that loads the DLL (which has new unique name). Or even two versions of the DLL, one with a good message and one with a bad message. One goes in the system path, one goes in the same path as the EXE, a temp folder.
The MS kb patch has one typo, you add a new DWORD value to the registry, not a new key.
http://support.microsoft.com/kb/2264107
MS fixed the other typo mentioned here:
http://isc.sans.edu/diary.html?storyid=9445
The Military Aviation Museum in Virginia Beach has an Enigma, along with a misinformed computer demo. There must have been thousands of Enigma machines captured. Wikipedia says 100,000 manufactured, including commercial ones. It also has a picture of the Enigma display at the Natl Cryptologic Museum: http://en.wikipedia.org/wiki/File:Enigmas.jpg
The machine was cool - no numbers, no punctuation - the narrated explanation was perfect, up until the demo, which was a simple substitution cipher: the same letter always meant the same other letter! Somebody's Dilbert boss took over in the media shop! The program had already explained the cipher did not repeat.
Or they have connections who got them their cushy US layabout jobs.
The net history of espionage is like the net profit history of the airline industry. Comes out to about zero on balance (going back to the Wright Brothers, or so they say). But in espionage, even though the topmost levels of the U.S. and British and probably Soviet spy agencies were infiltrated over and over again, I guess there is some argument you can't just unilaterally disband them unless the other side does too.
http://www.google.com/hostednews/ap/article/ALeqM5j7vkPPClc0lhglDZGwYrrcVS185QD9FGP13O1
Chemicals used to fight Gulf oil slick a trade-off
By JASON DEAREN and RAY HENRY (AP) – 2 hours ago
Difference is that NNTP binaries are stored at the ISP.
..for what were originally serious felonies of trying to bug a U.S. senator's office in broad daylight in New Orleans. Helped that the co-conspirator was the son of a U.S. Attorney in Louisiana, one suspects. The leader is the same creep who pretended to be a 1970s pimp in order to smear ACORN with a faked the video. Now he's getting off with a slap on the wrist for stuff the Watergate burglars went to prison for.
(They went into the Landrieu's office, in a federal building, and pretended to be a telephone repair crew. The receptionist became suspicious when they asked her where the equipment closet was.)
http://www.nola.com/crime/index.ssf/2010/04/arraignment_set_in_sen_landrie.html
And VHS had the first 4-hour tape (Betamax was max 2 hours at the time, IIRC, maybe even 1).
Another problem is download size, at least for those few of us still on occasional dialup or slow 3G. The minified version of JQuery is 72K. Still that's better than the NYT home page, which makes 30 requests for JS files, though only 60K total.
When US airways were heavily regulated, before 1980, you could sell your seat to someone else, rebook at will, etc., IIRC. Security theater was brought to you largely by the free-marketeer GW Bush. Banana republic levels of social inequality and "federales" were also minted by that non "socialist" president. By contrast, there must have been socialists as well as conservatives involved in building the more sensible, and tougher, British and Israeli security procedures.
As for Southwest, it is friendly, inexpensive, great for one-way and last-minute bookings, etc., but has nothing to do with shutting down European airspace, including airports like London Heathrow that connect continents. Southwest is domestic, it does not even fly to Canada.
You did not get free hotel room at will, but the airlines have decided that is not feasible in volcano distress. Perhaps past regulation and subsidy do make airlines annoying, or maybe it is just corporate bloat.
And when Flash started, it was a very low bandwidth way to do animations. (Remember those enormous animated GIFs? Flash files were tiny.) Now it's more often a video container.
As with traffic accidents, there is a cost-benefit trade-off to closing down the affected transportation way completely. Presumably people are not getting transplant organs delivered by air, etc. In a notorious Washington, D.C., case a few years ago, a jumper stood on the side of an interstate bridge that gets over 200,000 trips a day. So the authorities closed all traffic for hours, causing untold economic and health damage. (Bet you want to know if he jumped! No.) But it happens every day that responders keep accident scenes closed based of their own procedures and risk aversion, etc., because the trade-off is less tangible, and diminishes their own importance.
Long ago cops in raincoats on the side of the road at accidents waved their arms, "move along, move along, buddy!" You never see that anymore. (I saw it in a movie.)
The airlines have refused to discuss the altitudes of their crew-only test flights these last few days. Bizarre, secretive behavior. They seem to be at war with the regulators.
The redwoods tend to be quiet too, as there little undergrowth, soil is acidic, etc..
Though I don't know much (anything) about FIPS and physical keys.
Normal GPG/PGP setup, the private key is stored encrypted, so it takes with a passphrase to use it. That's probably what they had, the encrypted key without the passphrase. You have to store it somewhere. If I recall, in that situation, the passphrase is certainly the weak point.
You mean like this FIPS-140-2 "compliant" implementation?
http://it.slashdot.org/story/10/01/09/0416239/NIST-Investigating-Mass-Flash-Drive-Vulnerability
Thanks.
The French Resistance certainly were subject to being shot as spies, in accordance with the Geneva Conventions, since they were not uniformed. German collective punishment against the French population was illegal, though, and Allied anti-communist action against French Resistance fighters was simple treachery.
The goal is to keep print subscribers from canceling. This simple point is usually missed in the stories. Print gets better advertising rates. You may think it is short sighted, but nothing else the newspapers have tried is working. The number one reason people cancel is because the online version is free.
Once the brakes heat up they're useless. But if used strongly right away, they can stop the car at full throttle, according to the articles.
Open the pod bay doors, Hal.
Automatic trannies in these cars use the shifter as advice only. If shifted into neutral at speed, the engine would spin out, which is very damaging. So the software prevents that. Oops. Note, most cars in the US have automatic transmissions.
Still, the best steps are check the pedal, try neutral, try cutting the engine (tap tap tap, hold, or whatever it takes if it is a button), and use the brake forcefully and completely, before the pads have a chance to heat up. Assuming you have the /!right/ pedal.
It is far-fetched, but note that some news stories said it was an image saved to the desktop, not a live image. The school statement also says they never monitored live except in the case of loss or theft.
Worst case, the student cooked up the whole thing, after realizing the camera could be activated remotely, as a plot to bilk the school district in a lawsuit. He could have staged a drug-like shot with the candy and showed it to the admin/teacher.
Did the student save a picture of himself eating Mike & Ike candies at home, which a school teacher or official later noticed on the desktop? That would be different than the school remotely viewing him at home. I'm as suspicious of anyone of authority, but lets get the facts straight. This could be the lawyer fishing on the *ability* the school had, not what it actually did. Both are bad, but one is worse.
The problem for the teacher or whomever is that once they saw the Mike & Ike picture, assumed it was drugs, they may have been required to report it. The whole thing is insidious.