Dare Apple look any more evil than their dictatorship at the app store has made them out to be?
Oh, they dare. They dare.
They already have their core addicts ^w market, fashionistas and fanbois. The point of their iron control is not to enhance market share; the point of their market share is to enhance their iron control.
To paraphrase Ernestine as an Appstore administrator: "We don't care. We're Apple. We don't have to."
Here are acouple of slot-mount SDD mounting frames.
But the idea of integrating a few score gigabytes of flash, with the appropriate controller and tied to a dedicated Southbridge SATA channel... brilliant! I don't know if anyone will go for it, though, except in the case of super-compact motherboards. Since losing enough flash cells means losing the entire integrated "hard drive", and therefore the full function of the motherboard. (Most motherboards don't have expendable components, like flash memory. Taiwanese knockoff capacitors notwithstanding.)
Might as well just hit on that female night elf instead. World of Warcraft is a better way to get chicks, so long as you got the gold and the purpz to impress the ladies.
If I hit up on a nelf chick, I expect to wind up dead, since (A) I play an orc, and (B) I play an orc who's no damn good at PvP.
Also, (c), the nelf chick is statistically unlikely to be either IRL. (well, 100% guaranteed not to be an elf, unless you're chatting with your imagination, and, yeah, almost certainly not a chick IRL.)
Still, I'm married, so I have no business hitting up on anyone besides my beloved anyways. YMMV.
Well, I could talk about disassembly for reverse engineering, but I fear that might be dangerously close to what grandparent commenter was talking about. So I won't.
Blu Ray and CDs are still "spinning media" aren't they?
To be replaced with network-accessed or network-streamed material. Read-only rotary optical media will be a "way back" story our children will tell our grandchildren. (In other words, my 4-year-old daughter will tell HER 4-year old daughter "I used to watch Dora the Explorer on DVDs.")
Yes, it's sort of a dupe. Same company. I suppose the breakthrough is actually demonstrating 3d printing of tissue, rather that just announcing you'll do it.
In any event, if anyone feels the need to make any jokes about ink cost, cartridge DRM, or other wildly hilarious topics, please just use a reference to the older comments. Thanks.
Exploits based on HTML-based help files. If you can get a user to download and "execute" an HTML-help file from an untrustworthy source, even with a "safe" browser, you'll trigger the IE-related HTML rendering DLLs to display the help file.
There was at least one fairly old vulnerability that Microsoft patched years ago, but the basic attack surface is unchanged.
And the, the-whole-moon-is-covered-with-that-crap property.
Sure. And for all the parts of the Moon that pose an exposure risk to the moondust-o-death, if you're standing there unprotected from this evil powder, you have a far more immediate health risk to deal with.
So the best way to keep your child away from teenage pregnancy is
1) support your child if it starts to show interest in some hobby, get it interested, keep it occupied with something it has fun doing.
Oh. That explains why Mom and Dad supported my teen-age computer nerdery. From the perspective of keeping me from getting laid too young, it certainly worked.
I don't use VOIP, so I don't know... but do you have a POTS phone number for someone to call you? Then that's what your outbound CNID should reflect. If someone can't return a call to you at the number shown in the caller ID, it's a spoofed caller ID.
That's the real point of the article, I think. Not "OMG PIRATEZ" but "kiss the corrupt, archaic, money-sponging, control-grubbing distribution mechanism good-bye."
Cut out the middleman once he's no longer a necessary evil. Get your films into moviehouses without paying your tribute and signing away your rights; bypass the labels and directly publish your tunes to the masses.
That said, the pigopolists will insist it really is all about OMG PIRATEZ. If buggy-whip manufacturers could have, I'm sure they would have insisted on toll gates on every highway, with a big cut going to them.
But you don't. A critical part of the server is the private key. Without the private key any server you may have created is worthless.
THUMP. THUMP.
That's my forehead on the desk. You're right, the good guys don't have access to the real C&C server. Therefore, the command signing process can't be spied. Therefore, there's no way to spoof valid signed commands.
I lost track of the "not owning the real server" issue. That's what happens when you fall in love with an idea; love is blind.
So, lacking any weaknesses in any client bot you can get hold of, the best you can probably do is to note clients as they try to contact the spoofed server and get notification out to the owner of the botted machine. For a quarter-million nodes, that's a lot of work.
UPDATE: Looks like honeynet.org thinks there is an unspecified weakness in Waledec's crypto methodology, and payloads can be decrypted. I don't know if that's enough to step into the place of the real C&C network, though.
I don't normally respond to arrogant tards, but I'll make an exception in your case.
The plaintext you're looking for is the private key. This is a fully automatic system, so the key has to be stored someplace. If you own both endpoints, you almost certainly own the keystore. If the keystore is protected, the passphrase (or equivalent) to open it is also stored someplace in the clear (or obfuscated, which is reversible).
Got it?
Now, admittedly, if the keystore is on a third server someplace, it becomes harder, but since the private key has to be IN THE CLEAR in order to use it for signature purposes, if you can monitor process space you can find it.
Sorry, there's NO way I'm letting a robot with scalpels anywhere near that portion of my anatomy. I prefer not to be one integer underflow exception away from singing soprano.
Again, you have access to both endpoints. For instance, you have a credible chance at cracking it if you can monitor cleartext in the process space of the client system.
Or, you know, maybe not, since teh evil h@x0rs are so 1334. Maybe we should all just surrender now and put in our recurring purchase order for herbal v1@gra or whatever.
Feh. Botnet takeover is a historical fact. It may be an arms race, but there will always be a defender response. And don't forget the classic anti-DRM mantra: in some place, at some point in the process, cleartext must exist. That's where the system is vulnerable and crackable.
prevention is more expensive than repair/recovery/treatment
How? Any prevention effort requires some kind of cost, very often a continual and on-going cost.
Whereas the cost of recovery is only necessary once the negative effect occurs. And since it only happens to other people, that means that the cost of not preventing is 0. Clear win.
Which explains a lot of epidemiology (low vaccination rates, high-risk behaviors spreading unstoppable diseases, etc.); economics (victims of fraud, high-risk investors, etc.); software development practices ("Release NOW" rather than quality).
Unless you can prove that the bad thing WILL happen without prevention, people will skate on luck and denial and write off the risk against the guaranteed cost of preventative measures.
Or, as others in this thread have put it, people are idiots.
Not for one so thoroughly touched by the Reality Distortion Field. I'm afraid the psychosis has run deep, and any attempt to identify a shortcoming or deficiency of an Apple-brand product can only provoke unthinking and violent opposition.
It's like rabies, except we have an immunization for that.
Slashdot Mirror
Maybe he's just a concerned slashdotter, worried about his fellow geeks.
Freedom is indivisible, and when one man is enslaved, all are not free.
-- John F. Kennedy
Sheesh. A software system that can infer my intent? I can't even infer my own intent about half the time.
That's my wife's job.
Dare Apple look any more evil than their dictatorship at the app store has made them out to be?
Oh, they dare. They dare.
They already have their core addicts ^w market, fashionistas and fanbois. The point of their iron control is not to enhance market share; the point of their market share is to enhance their iron control.
To paraphrase Ernestine as an Appstore administrator: "We don't care. We're Apple. We don't have to."
Here are a couple of slot-mount SDD mounting frames.
But the idea of integrating a few score gigabytes of flash, with the appropriate controller and tied to a dedicated Southbridge SATA channel... brilliant! I don't know if anyone will go for it, though, except in the case of super-compact motherboards. Since losing enough flash cells means losing the entire integrated "hard drive", and therefore the full function of the motherboard. (Most motherboards don't have expendable components, like flash memory. Taiwanese knockoff capacitors notwithstanding.)
Might as well just hit on that female night elf instead. World of Warcraft is a better way to get chicks, so long as you got the gold and the purpz to impress the ladies.
If I hit up on a nelf chick, I expect to wind up dead, since (A) I play an orc, and (B) I play an orc who's no damn good at PvP.
Also, (c), the nelf chick is statistically unlikely to be either IRL. (well, 100% guaranteed not to be an elf, unless you're chatting with your imagination, and, yeah, almost certainly not a chick IRL.)
Still, I'm married, so I have no business hitting up on anyone besides my beloved anyways. YMMV.
OK, that's enough, sorry.
No, it's not.
How many Apple executives does it take to change a light bulb?
Just one, if it's Steve Jobs; He holds the light bulb up and the world revolves around him.
Well, I could talk about disassembly for reverse engineering, but I fear that might be dangerously close to what grandparent commenter was talking about. So I won't.
Blu Ray and CDs are still "spinning media" aren't they?
To be replaced with network-accessed or network-streamed material. Read-only rotary optical media will be a "way back" story our children will tell our grandchildren. (In other words, my 4-year-old daughter will tell HER 4-year old daughter "I used to watch Dora the Explorer on DVDs.")
I think we've covered this ground before.
Yes, it's sort of a dupe. Same company. I suppose the breakthrough is actually demonstrating 3d printing of tissue, rather that just announcing you'll do it.
In any event, if anyone feels the need to make any jokes about ink cost, cartridge DRM, or other wildly hilarious topics, please just use a reference to the older comments. Thanks.
Exploits based on HTML-based help files. If you can get a user to download and "execute" an HTML-help file from an untrustworthy source, even with a "safe" browser, you'll trigger the IE-related HTML rendering DLLs to display the help file.
There was at least one fairly old vulnerability that Microsoft patched years ago, but the basic attack surface is unchanged.
Solid state disks.
Essentially, if it has moving parts, it probably stays in air, and uses either conventional air cooling or contact non-submergence liquid cooling.
And the, the-whole-moon-is-covered-with-that-crap property.
Sure. And for all the parts of the Moon that pose an exposure risk to the moondust-o-death, if you're standing there unprotected from this evil powder, you have a far more immediate health risk to deal with.
So the best way to keep your child away from teenage pregnancy is
1) support your child if it starts to show interest in some hobby, get it interested, keep it occupied with something it has fun doing.
Oh. That explains why Mom and Dad supported my teen-age computer nerdery. From the perspective of keeping me from getting laid too young, it certainly worked.
Martial punishment when young,
Did you mean corporal punishment, or do you really kung-fu roundhouse kick your kids, a la Chuck Norris?
if you can gank your classmates for extra credit?
Well, I have this half-monkey half-pony hybrid, but my girlfriend doesn't like it.
I don't use VOIP, so I don't know... but do you have a POTS phone number for someone to call you? Then that's what your outbound CNID should reflect. If someone can't return a call to you at the number shown in the caller ID, it's a spoofed caller ID.
That's the real point of the article, I think. Not "OMG PIRATEZ" but "kiss the corrupt, archaic, money-sponging, control-grubbing distribution mechanism good-bye."
Cut out the middleman once he's no longer a necessary evil. Get your films into moviehouses without paying your tribute and signing away your rights; bypass the labels and directly publish your tunes to the masses.
That said, the pigopolists will insist it really is all about OMG PIRATEZ. If buggy-whip manufacturers could have, I'm sure they would have insisted on toll gates on every highway, with a big cut going to them.
But you don't. A critical part of the server is the private key. Without the private key any server you may have created is worthless.
THUMP. THUMP.
That's my forehead on the desk. You're right, the good guys don't have access to the real C&C server. Therefore, the command signing process can't be spied. Therefore, there's no way to spoof valid signed commands.
I lost track of the "not owning the real server" issue. That's what happens when you fall in love with an idea; love is blind.
So, lacking any weaknesses in any client bot you can get hold of, the best you can probably do is to note clients as they try to contact the spoofed server and get notification out to the owner of the botted machine. For a quarter-million nodes, that's a lot of work.
UPDATE: Looks like honeynet.org thinks there is an unspecified weakness in Waledec's crypto methodology, and payloads can be decrypted. I don't know if that's enough to step into the place of the real C&C network, though.
WILL MICROSOFT LAUNCH A PATENT PEARL HARBOR AGAINST LINUX?
Article text, in 10-point Times New Roman: "No, not really."
Wow, even the /. lameness filter thinks that's too much shouting.
I don't normally respond to arrogant tards, but I'll make an exception in your case.
The plaintext you're looking for is the private key. This is a fully automatic system, so the key has to be stored someplace. If you own both endpoints, you almost certainly own the keystore. If the keystore is protected, the passphrase (or equivalent) to open it is also stored someplace in the clear (or obfuscated, which is reversible).
Got it?
Now, admittedly, if the keystore is on a third server someplace, it becomes harder, but since the private key has to be IN THE CLEAR in order to use it for signature purposes, if you can monitor process space you can find it.
Sorry, there's NO way I'm letting a robot with scalpels anywhere near that portion of my anatomy. I prefer not to be one integer underflow exception away from singing soprano.
Again, you have access to both endpoints. For instance, you have a credible chance at cracking it if you can monitor cleartext in the process space of the client system.
Or, you know, maybe not, since teh evil h@x0rs are so 1334. Maybe we should all just surrender now and put in our recurring purchase order for herbal v1@gra or whatever.
Feh. Botnet takeover is a historical fact. It may be an arms race, but there will always be a defender response. And don't forget the classic anti-DRM mantra: in some place, at some point in the process, cleartext must exist. That's where the system is vulnerable and crackable.
prevention is more expensive than repair/recovery/treatment
How? Any prevention effort requires some kind of cost, very often a continual and on-going cost.
Whereas the cost of recovery is only necessary once the negative effect occurs. And since it only happens to other people, that means that the cost of not preventing is 0. Clear win.
Which explains a lot of epidemiology (low vaccination rates, high-risk behaviors spreading unstoppable diseases, etc.); economics (victims of fraud, high-risk investors, etc.); software development practices ("Release NOW" rather than quality).
Unless you can prove that the bad thing WILL happen without prevention, people will skate on luck and denial and write off the risk against the guaranteed cost of preventative measures.
Or, as others in this thread have put it, people are idiots.
Not for one so thoroughly touched by the Reality Distortion Field. I'm afraid the psychosis has run deep, and any attempt to identify a shortcoming or deficiency of an Apple-brand product can only provoke unthinking and violent opposition.
It's like rabies, except we have an immunization for that.