Of course, you can always install a dashboard like Avalaunch and change the voltage on the fan to slow it down and reduce the noise a bit, although i'm not sure what happens when you boot into XBMC or whatever. I don't bother because my 250Gb HD is probably louder, and my sound system even more so:-)
Of course, you could just replace the fan if you are that bothered - if I remember correctly they are just standard 80mm PC fans. Maybe something from Quiet PC or similar?
Except you don't know what you are talking about. This article refers to the Nokia 6670 which runs the Symbian OS which allows 3rd party applications to be written in C++ or Java and installed on the phone. Therefore, viruses are just disguised as the latest piece of neat software and some people will blindly install them, infecting their phone. These mobile viruses simply infect a single host, as yet they cannot replicate between devices and i'm not sure how they could do as even when they are online they don't have anything more than a presence through the gateway. I'm sure i'll be proven wrong in the future.
My phone flashes up a warning when installing any new software, but you are relying on people actually taking some responsibility for their devices... something which the new virus outbreaks every day proves doesn't happen.
Ok, so they could be trying to make the operating system more secure, but your assertion that they could just "analyse packages on the server level" doesn't make any sense because that simply isnt the attack vector.
You seem to think that people will actually use all this space. In fact, it boils down to the "bigger is better" mentality that consumers have in general. The average joe will usually go for a device that can store 10,000 songs over 4,000 because its MORE. It's the same process that keeps PC retailers selling high powered machines - people will tend to buy the most powerful computer they can for the smallest tasks, regardless of whether or not they will use all the power or not.
Its the same thing with the whole webmail shake-up that is going on at the moment with GMail - they offer 1Gb of storage, other places offer 2Gb and so on. Hardly anyone will actually use all that, but hey, isn't 2Gb better?!
Besides, you are also forgetting that most people don't start from scratch with their music. Sure, your maths works if they don't have any music, but most people who are willing to drop large amounts of cash on digital players are likely to have tons of CD's and things already which they can put on.
Actually, its got nothing to do with time - TTL is simply a hop counter. If a packet goes through five routers, the TTL is reduced by five. This is used to prevent circular (ie broken) routing from stopping traffic from ever arriving.
Now, timeouts on sessions are a completely different matter, and do rely on actual time elapsed. But they aren't the same as the TTL.
My point that I didn't quite hit the mark with was that we already have reliable (barring critical system failiure) delivery using TCP and the like... its got nothing to do with IP. IP is a lower level protocol that deals with the physical shunting of packets from one place to another and encapsulates TCP, UDP etc to move them from host to host.
I suppose speed issues could be improved by actually effectively using the Type of Service part of the IP header (high throughput etc), but it seems to me like Gibson misunderstands the way packets are transmitted across the network. Considering this, it makes you question why he is being given column inches complaining about issues that don't exist in the places he is looking.
Reliability of data transmission could however be improved using the advanced routing capabilities such as packet priorities earmarked in IPv6.
Gibson cast some of the blame on the packet-based nature of Internet Protocol, which was not designed for foolproof delivery of messages. The protocol cannot guarantee delivery of e-mail, for instance.
Who is this guy really? Thats not what IP is for - foolproof delivery of packets is handled by connection-orientated protocols like TCP. Sure, it might not get the *right away*, but the flexibility of packet based routing is something that has made networks as reliable as they are today (despite the huge amount of moaning that people do about them).
Mind you, as people have pointed out before, IPv6 has been waiting in the wings for a while now, and a military request for change might be the kind action needed to kick other people into gear.
Re:Of course, you could have bought a Mac....
on
DVD Burner Round-up
·
· Score: 1
Thats very true. I was referring to the RIAA thing - i've later said that I think its purely a cheap way to gain a lot of publicity for what is basically Yet Another Overflow Exploit. No-one would really care that much... unless you tagged some littler story on the end.
And you are quite right - it would be trivial to code a program that truncates the headers of all your mp3s regardless of whether or not the header is finished. I'm not really that attached to the metadata anyway.
You know, all this hub-ub from large sites about this so called worm and RIAA sure makes for a nice loud, noisy way to announce a fairly trival overflow exploit (like we've never seen them before).
I just looks like a cheap way to get some credit for something that isn't that groundbreaking. Yay.
The idea behind it isn't that it uses an executable file, but as another poster in this thread said, using tag overflows. Standard stack overflow procedure applies - you stuff too much data into a small container and if this buffer is unchecked then it will overflow. At the end of the data string you place architecture/operating system code that you want to execute, and with luck the overflowing program will dump the memory pointer to your code, executing it.
I'm not sure using this procedure how you would set it up so you could comprimise many different OS types etc. I *still* think this is all just bullshit though:-)
Apparently the "hydra" uses exploits/overflows on a number of popular media players - including xmms, which is a Linux mp3 player and WinAMP, which is a Windows mp3 player. Therefore that would suggest it can infect multiple operating systems.
More details including the original post can be found here.
I still doubt the possible risk/effectiveness - or even that its true though.
I may be a little offtopic and negative about this, but it seems odd to debate the punishment of these crimes before seeing any real concerted effort to catching these people.
I admin a few servers, one of which had accounts comprimised through a fault in the network it was sitting on. Although the cracker/hacker/whatever couldn't escalate their privileges to root (at least the head admin and myself had set up the actual machine correct, shame about the network of the colocator) until we caught on they potentially had another stop-off point they could SSH from and maybe root another box or play with one.
After checking the server out and seeing to it that everything was ok, we checked where the attacker had connected from - a machine owned by CNET. Despite our best efforts we haven't got a word out of them (you think they would be bothered) OR Rackspace who they colocate from, so the buck stops here for the moment. We can't warn any other potential targets, or trace the attacker. Law enforcement probably won't help as there was no financial loss and we are based in the UK, so laws only apply to a few very high-profile attacks. I'm sure many other admins have suffered the same problems too.
Actually, I think very low level processes are run by System, which is a level higher in privileges than Administrator. For most practical purposes you are right though.
Actually, the idea is usually to retain a high rate of frames per second no matter what you are doing.
For example, my old 900mhz PC can do about 70-80 fps on Quake 3 with a moderate level of detail on if i'm just standing still (and looking at a wall, heh). When I start to move around, this fps will drop and rise depending on what is being presented on the screen at the time, such as texture detail, depth of view and other players. This causes me some real grief when trying to shoot people, especially with hit-scan weapons like railguns (ie they hit the instant you fire or there abouts, they don't travel like rockets) because you are introduced to a kind of graphical "lag", with the timing of the graphics on the screen changing constantly in relation to the actual action.
In summary, its usually a lot better to have a card that can pump out a nice steady 125fps using a ratecap than a hypothetical one which could push 160fps but will fluctuate wildly. Obviously the higher the framerate, the less noticable effect, but I at least seem to notice it. Therefore, the solution is to either lower your detail settings (I can get 80fps solid in "Tetris Mode" Quake3) or buy a card that can chuck out silly amounts of frames per second.
You can't always apply the same results to all cases. Don't get me wrong, i'm not convinced that it should be banned, but I have a friend who used to be a pretty heavy user. After a while he began to easily lose all concentration and would often tail off mid-sentence or forget what he was talking about.
Now he's stopped smoking weed he has gotten a lot better, but only after 6 months or so. He also says that his memory isn't what it used to be. I doubt its old age as he is only 20.
Of course, you could say that it could have been another factor that produced the symptoms and I would agree with you, but it does seem the overriding factor that caused his problems. I think the moral is that too much of anything is a bad thing...
90 million tonnes of water is a hell of a lot when crammed into a small valley.
What happened was that the ground was saturated with water from previous rainfall, so most of the stormfall ran straight into the river. The run-off then washed boulders downstream until they got caught under one of the bridges upstream, damming it up. The water kept on being held back until the bridge broke, causing a wall of water to travel to the next bridge. By the time it got to Lynmouth, there was enough stored water to permanently change the course of the river - straight through some peoples houses.
Slashdot Mirror
Of course, you can always install a dashboard like Avalaunch and change the voltage on the fan to slow it down and reduce the noise a bit, although i'm not sure what happens when you boot into XBMC or whatever. I don't bother because my 250Gb HD is probably louder, and my sound system even more so :-)
Of course, you could just replace the fan if you are that bothered - if I remember correctly they are just standard 80mm PC fans. Maybe something from Quiet PC or similar?
Except you don't know what you are talking about. This article refers to the Nokia 6670 which runs the Symbian OS which allows 3rd party applications to be written in C++ or Java and installed on the phone. Therefore, viruses are just disguised as the latest piece of neat software and some people will blindly install them, infecting their phone. These mobile viruses simply infect a single host, as yet they cannot replicate between devices and i'm not sure how they could do as even when they are online they don't have anything more than a presence through the gateway. I'm sure i'll be proven wrong in the future.
My phone flashes up a warning when installing any new software, but you are relying on people actually taking some responsibility for their devices... something which the new virus outbreaks every day proves doesn't happen.
Ok, so they could be trying to make the operating system more secure, but your assertion that they could just "analyse packages on the server level" doesn't make any sense because that simply isnt the attack vector.
You seem to think that people will actually use all this space. In fact, it boils down to the "bigger is better" mentality that consumers have in general. The average joe will usually go for a device that can store 10,000 songs over 4,000 because its MORE. It's the same process that keeps PC retailers selling high powered machines - people will tend to buy the most powerful computer they can for the smallest tasks, regardless of whether or not they will use all the power or not.
Its the same thing with the whole webmail shake-up that is going on at the moment with GMail - they offer 1Gb of storage, other places offer 2Gb and so on. Hardly anyone will actually use all that, but hey, isn't 2Gb better?!
Besides, you are also forgetting that most people don't start from scratch with their music. Sure, your maths works if they don't have any music, but most people who are willing to drop large amounts of cash on digital players are likely to have tons of CD's and things already which they can put on.
Actually, its got nothing to do with time - TTL is simply a hop counter. If a packet goes through five routers, the TTL is reduced by five. This is used to prevent circular (ie broken) routing from stopping traffic from ever arriving. Now, timeouts on sessions are a completely different matter, and do rely on actual time elapsed. But they aren't the same as the TTL.
My point that I didn't quite hit the mark with was that we already have reliable (barring critical system failiure) delivery using TCP and the like... its got nothing to do with IP. IP is a lower level protocol that deals with the physical shunting of packets from one place to another and encapsulates TCP, UDP etc to move them from host to host.
I suppose speed issues could be improved by actually effectively using the Type of Service part of the IP header (high throughput etc), but it seems to me like Gibson misunderstands the way packets are transmitted across the network. Considering this, it makes you question why he is being given column inches complaining about issues that don't exist in the places he is looking.
Reliability of data transmission could however be improved using the advanced routing capabilities such as packet priorities earmarked in IPv6.
Gibson cast some of the blame on the packet-based nature of Internet Protocol, which was not designed for foolproof delivery of messages. The protocol cannot guarantee delivery of e-mail, for instance.
Who is this guy really? Thats not what IP is for - foolproof delivery of packets is handled by connection-orientated protocols like TCP. Sure, it might not get the *right away*, but the flexibility of packet based routing is something that has made networks as reliable as they are today (despite the huge amount of moaning that people do about them).
Mind you, as people have pointed out before, IPv6 has been waiting in the wings for a while now, and a military request for change might be the kind action needed to kick other people into gear.
Except.... yeah.
Thats very true. I was referring to the RIAA thing - i've later said that I think its purely a cheap way to gain a lot of publicity for what is basically Yet Another Overflow Exploit. No-one would really care that much... unless you tagged some littler story on the end.
And you are quite right - it would be trivial to code a program that truncates the headers of all your mp3s regardless of whether or not the header is finished. I'm not really that attached to the metadata anyway.
You know, all this hub-ub from large sites about this so called worm and RIAA sure makes for a nice loud, noisy way to announce a fairly trival overflow exploit (like we've never seen them before).
I just looks like a cheap way to get some credit for something that isn't that groundbreaking. Yay.
The idea behind it isn't that it uses an executable file, but as another poster in this thread said, using tag overflows. Standard stack overflow procedure applies - you stuff too much data into a small container and if this buffer is unchecked then it will overflow. At the end of the data string you place architecture/operating system code that you want to execute, and with luck the overflowing program will dump the memory pointer to your code, executing it.
:-)
I'm not sure using this procedure how you would set it up so you could comprimise many different OS types etc. I *still* think this is all just bullshit though
Apparently the "hydra" uses exploits/overflows on a number of popular media players - including xmms, which is a Linux mp3 player and WinAMP, which is a Windows mp3 player. Therefore that would suggest it can infect multiple operating systems.
More details including the original post can be found here.
I still doubt the possible risk/effectiveness - or even that its true though.
I may be a little offtopic and negative about this, but it seems odd to debate the punishment of these crimes before seeing any real concerted effort to catching these people.
I admin a few servers, one of which had accounts comprimised through a fault in the network it was sitting on. Although the cracker/hacker/whatever couldn't escalate their privileges to root (at least the head admin and myself had set up the actual machine correct, shame about the network of the colocator) until we caught on they potentially had another stop-off point they could SSH from and maybe root another box or play with one.
After checking the server out and seeing to it that everything was ok, we checked where the attacker had connected from - a machine owned by CNET. Despite our best efforts we haven't got a word out of them (you think they would be bothered) OR Rackspace who they colocate from, so the buck stops here for the moment. We can't warn any other potential targets, or trace the attacker. Law enforcement probably won't help as there was no financial loss and we are based in the UK, so laws only apply to a few very high-profile attacks. I'm sure many other admins have suffered the same problems too.
Actually, I think very low level processes are run by System, which is a level higher in privileges than Administrator. For most practical purposes you are right though.
Actually, the idea is usually to retain a high rate of frames per second no matter what you are doing.
For example, my old 900mhz PC can do about 70-80 fps on Quake 3 with a moderate level of detail on if i'm just standing still (and looking at a wall, heh). When I start to move around, this fps will drop and rise depending on what is being presented on the screen at the time, such as texture detail, depth of view and other players. This causes me some real grief when trying to shoot people, especially with hit-scan weapons like railguns (ie they hit the instant you fire or there abouts, they don't travel like rockets) because you are introduced to a kind of graphical "lag", with the timing of the graphics on the screen changing constantly in relation to the actual action.
In summary, its usually a lot better to have a card that can pump out a nice steady 125fps using a ratecap than a hypothetical one which could push 160fps but will fluctuate wildly. Obviously the higher the framerate, the less noticable effect, but I at least seem to notice it. Therefore, the solution is to either lower your detail settings (I can get 80fps solid in "Tetris Mode" Quake3) or buy a card that can chuck out silly amounts of frames per second.
You can't always apply the same results to all cases. Don't get me wrong, i'm not convinced that it should be banned, but I have a friend who used to be a pretty heavy user. After a while he began to easily lose all concentration and would often tail off mid-sentence or forget what he was talking about.
Now he's stopped smoking weed he has gotten a lot better, but only after 6 months or so. He also says that his memory isn't what it used to be. I doubt its old age as he is only 20.
Of course, you could say that it could have been another factor that produced the symptoms and I would agree with you, but it does seem the overriding factor that caused his problems. I think the moral is that too much of anything is a bad thing...
90 million tonnes of water is a hell of a lot when crammed into a small valley.
What happened was that the ground was saturated with water from previous rainfall, so most of the stormfall ran straight into the river. The run-off then washed boulders downstream until they got caught under one of the bridges upstream, damming it up. The water kept on being held back until the bridge broke, causing a wall of water to travel to the next bridge. By the time it got to Lynmouth, there was enough stored water to permanently change the course of the river - straight through some peoples houses.