The problem is this; in the first case the internet cafe browser, hacked, can display what you wanted to do (pay $50 bill to AT&T) and send an entirely different transaction to the bank (move all money on savings account to random account in Jersey) Since the PIN is totally independent of the transaction, the only thing that you authenticate is that it's actually you getting ripped off, not anyone else;-)
Case 2 will limit the amount that gets stolen, but except for that the same weakness applies.
As for example; http://cracktohack.blogspot.com/2007/10/how-to-clone-gsm-sim.html shows, "not retrievable at all" is a bit overstating, at least regarding GSM, but at least this attack requires (a few hours' temporary) physical access to the SIM card to get Ki.
This is untested by me since I don't run x64, but here is supposedly the Vista x64 RTM method for permanently disabling the driver signing requirement:
Start/Programs/Accessories Right-click "command prompt" and select "run as administrator" At the command prompt, type bcdedit/set loadoptions DDISABLE_INTEGRITY_CHECKS Reboot!
In case you want to enable the driver signing requirement again: bcdedit -deletevalue loadoptions
Hopefully this won't be a U.S. only service, most large media services (one notable exception being iTunes) are U.S. only which won't affect piracy all that much in the end. After all, a lot of piracy is due to the near impossibility of paying for the same content in a decently timely manner in the rest of the world. People in Europe need to pirate or wait for months (sometimes years) for the "hottest movies" to be released on DVD or the next episode of our favourite series to show up on the worst time slots on TV:-/
According to the developer documentation (universal_binary.pdf);
"The term x86 is a generic term used throughout this book to refer to the class of microprocessors
manufactured by Intel. This book uses the term x86 as a synonym for IA-32 (Intel Architecture 32-bit)."
In other words, there seems to be no 64bit support on Intel mentioned in their developer documentation at all, so it seems 32bit is the way to go for now on Intel.
since both threads are scheduled on the same functional units, you can just profile how your own (lower priority) thread is scheduled to the units (ie which are busy at each time) and by that calculate which branches/calculations are made by the "main" thread.
This would be _very_ hard to counteract since being scheduled to free functional units is basically a feature of HT, not something you can change really.
My girlfriend's Nokia 6230 can play mp3 and aac files, and also play mpeg4 files. And it (as another poster wished for) also has Bluetooth.
I can't seem to find it sold in the US though, at least not under that name.
Or, even better, fix windows update to - if there is a requirement to disable active scripting to be safe - have an update that fixes this until the real fix is available. I want my mother to be safe, not just the average slashdot user that will know to do this once the s**t hits the fan.
Idea for all OS vendors (not good from the publicity but probably security point of view) Please put up a _single page_ with your currently outstanding security problems so people can actually protect themselves! Right now bugtrack and various other security lists don't cut it. I really don't want to browse a number of mailing lists to do my job, so could you please do your job and tell people what to protect themselves from in a comprehensive way?
(Windows update is a good idea once things are finally "patched", but before that I'm out in the cold)
And what power supply did you use? I've still never been able to find an even decently quiet one, and the Ahanix cases mostly seem to come without one.
* splitting the money into 100 parts of $2500 each
* Giving the money out to the 100 first unique reported remote vulnerabilities
* Actually fixing the vulnerabilities
Now that would improve security, as well as give people an incentive to report bugs instead of exploiting them in worms etc...
Slashdot Mirror
Also, the other way around; they cut Telia off not that long ago.
The problem is this; in the first case the internet cafe browser, hacked, can display what you wanted to do (pay $50 bill to AT&T) and send an entirely different transaction to the bank (move all money on savings account to random account in Jersey) Since the PIN is totally independent of the transaction, the only thing that you authenticate is that it's actually you getting ripped off, not anyone else ;-)
Case 2 will limit the amount that gets stolen, but except for that the same weakness applies.
The service is DNS-based, right? What would happen if there actually is a recursing DNS server on "127.0.0.1"?
As for example; http://cracktohack.blogspot.com/2007/10/how-to-clone-gsm-sim.html shows, "not retrievable at all" is a bit overstating, at least regarding GSM, but at least this attack requires (a few hours' temporary) physical access to the SIM card to get Ki.
I suggest you look into isochronous transfers on USB, which indeed can guarantee a minimum bandwidth.
This is untested by me since I don't run x64, but here is supposedly the Vista x64 RTM method for permanently disabling the driver signing requirement:
/set loadoptions DDISABLE_INTEGRITY_CHECKS
2 0068&start=20)
Start/Programs/Accessories
Right-click "command prompt" and select "run as administrator"
At the command prompt, type bcdedit
Reboot!
In case you want to enable the driver signing requirement again:
bcdedit -deletevalue loadoptions
(Blatantly borrowed from http://www.teamxlink.co.uk/forum/viewtopic.php?t=
Sounds like it'll only return RMS every time.
Hopefully this won't be a U.S. only service, most large media services (one notable exception being iTunes) are U.S. only which won't affect piracy all that much in the end. :-/
After all, a lot of piracy is due to the near impossibility of paying for the same content in a decently timely manner in the rest of the world.
People in Europe need to pirate or wait for months (sometimes years) for the "hottest movies" to be released on DVD or the next episode of our favourite series to show up on the worst time slots on TV
However, Apples developer documentation (Universal Binary pdf) explicitly states IA32 support, not IA64 support :-/
As long as the OS and hardware support EM64T this may be a temporary restriction, changing it later may be problematic otherwise.
"The term x86 is a generic term used throughout this book to refer to the class of microprocessors manufactured by Intel. This book uses the term x86 as a synonym for IA-32 (Intel Architecture 32-bit)."
In other words, there seems to be no 64bit support on Intel mentioned in their developer documentation at all, so it seems 32bit is the way to go for now on Intel.
since both threads are scheduled on the same functional units, you can just profile how your own (lower priority) thread is scheduled to the units (ie which are busy at each time) and by that calculate which branches/calculations are made by the "main" thread.
This would be _very_ hard to counteract since being scheduled to free functional units is basically a feature of HT, not something you can change really.
Due to interlacing, a single 525 line picture is split into two ~262 line frames for display on the TV screen.
Lines 243-262 of each frame (off the bottom of the TV) start with 0.3V for 4.7us, and the rest is 0V. This tells the TV to prepare for a new frame.
This leaves just 242*2=484 lines of effective display.
http://eyetap.org/ece385/lab5.htm
Man, so few words, I'm not a tree hugger and _I_ want to smack you over the head!
You make it sound like Cisco getting better at BGP would really be a bad thing.
I for one can sincerely not see the harm.
My girlfriend's Nokia 6230 can play mp3 and aac files, and also play mpeg4 files. And it (as another poster wished for) also has Bluetooth. I can't seem to find it sold in the US though, at least not under that name.
Now if you take away the word "accidental" in the physician/gun owner comparison, I'm sure you'll see a rather major shift in the numbers...
True, but it's still very useful for triangulating the phone with multiple sensors.
Or, even better, fix windows update to - if there is a requirement to disable active scripting to be safe - have an update that fixes this until the real fix is available. I want my mother to be safe, not just the average slashdot user that will know to do this once the s**t hits the fan.
Yes!
Idea for all OS vendors (not good from the publicity but probably security point of view) Please put up a _single page_ with your currently outstanding security problems so people can actually protect themselves!
Right now bugtrack and various other security lists don't cut it. I really don't want to browse a number of mailing lists to do my job, so could you please do your job and tell people what to protect themselves from in a comprehensive way?
(Windows update is a good idea once things are finally "patched", but before that I'm out in the cold)
And what power supply did you use? I've still never been able to find an even decently quiet one, and the Ahanix cases mostly seem to come without one.
* splitting the money into 100 parts of $2500 each
* Giving the money out to the 100 first unique reported remote vulnerabilities
* Actually fixing the vulnerabilities
Now that would improve security, as well as give people an incentive to report bugs instead of exploiting them in worms etc...