mod parent up. Indeed, without the keys, this list is useless. I have 2 accounts in this list, and I know the password. That doesn't help me at all in decrypting the other passwords. As far as I know, there is no easy know-plaintext attack on 3DES.
Unfortunately, the repeater is a Windows program. That is what you need to run on a server with a fixed IP. If you already have a server somewhere with a fixed IP, chances are high that it runs Linux or some BSD.
I once set up a very simple repeater on my Debian server, to use with UltraVNC (which is what ChunkVNC uses). It worked, but there were no easy instructions on how to set it up, or how to pre-configure the Windows UltraVNC endpoints. Also, if I remember correctly, it only supported one connection at a time.
Anyway, ChunkVNC would probably be a nice solution if it had a repeater daemon for Unix systems. And while ChunkVNC itself is open source, I don't think that it's UltraVNC component is.
I do agree bootup times don't matter if you run a server.
Indeed.
And isn't Debian mostly used on servers?
I know it's what I use on all my servers, while using Ubuntu these days for my notebook. If my notebook can boot faster when I need to restart it, I'm interested. But for my servers, no thanks. What is wrong with the simple and reliable SysV init scripts used by Debian now?
I have tried several GUIs for iptables, and also a few firewall scripts for both a few servers and my notebook. In the end, I have always been frustrated.
Finally, for my rather simple needs, I have a simple (~ 100-150 lines) file in "iptables-save" format, and a short custom init script which basically does iptables-restore from that file or saves to it.
I am not convinced that a GUI would be clearer / more readable / more flexible than that. At least, the ones I tried were not.
One interesting feature in NFTables for me is that it seems to support predefined variables. As I understand it, I could use a very similar approach, just have the added benefit of being able to declare stuff like "LAN=192.168.xx.0/24", "Mail=xxx.xxx.xxx.xxx" etc. and use variables in the actual rules. That would be a nice improvement, even if I have to learn a new rule syntax, which doesn't seem too obscure from what I could see.
When I heard last year that there may have been problems with the leap second, I checked the few Linux servers I take care of, and all seemed to be fine. They sync their time to NTP servers.
What was that problem, anyway? Or did it only affect some very busy servers? Or only in some very special circumstances? Last year's leap second wasn't anything really new either. There had been occasional leap seconds for many years. (But usually on Dec 31).
Who knows, maybe one of them will put in that killer feature we've all been waiting for?
Like making it able to write clean structured HTML for people who want to write (not code in a text editor)? That would be great, but I wouldn't count on it.
Still waiting for the killer new generation word.processor which focuses on HTML instead of Letter/A4 printing...
I agree. And I also noticed that children tend to go sites for children because that is where they find what they want. The "pornography" they might stumble upon accidentally is soft, and they don't even notice it because it's not intersting Once they start finding pornography interesting, you cannot prevent them from finding it, and why would you anyway. As teenagers, before the Internet, we had some pornographic magazines which someone would have found and which we would look at in a far away corner of the school yard. It hasn't traumatized me.
In short, my children who are now almost adult always had access to the Internet, and I have never noticed a problem with pornography.
The title says "Attack from inside India". But the quote only seems to say "Since the target is Pakistan, the attacker can only be India". That doesn't sound like very solid evidence...
Of course, I haven't read the article (yet?), but the summary doesn't really suggest I would learn anything more.
I'm wondering too. Reading the/. discussion in the hope of finding the answer, but all I read so far was just the usual MS-bashing and MS-defense blabber.
How can a browser vulnerability compromise a server? Or are the redirects only happening in the browser? Then the summary is misleading.
No, I meant another animal, just in case the person who did the dictionary is an xkcd fan, and put that in for fun.
But for the number of characters, I think you may have to revisit your math, as other have already pointed out. And this is an online attack, which severely limits the speed anyway (not the speed of trying, but the speed of getting a reply from the server).
If that's the case, that may an incentive for ffmpeg to support 10 bit encoding into DNxHD, which would be nice to have. Currently, it decodes 10 bit, but only encodes into 8 bit (for DNxHD). Unless they use ProRes. Are there any other formats that are NLE-friendly (intra-frame compresion only)? Maybe MJPEG? But MJPEG would be 8-bit only, I think. Then again, 8-bit may be sufficient for what a b&w negative is able to capture...:-)
Can you still actually buy 35 mm. motion picture camera negative? As far as I know, one should be able to buy Orwo negative from Russia. But is Kodak still manufacturing B&W? Even Color negatives from Kodak are not so easy to get any more.
Maybe there is good b&w photo film available. I don't know. But for motion pictures, the stock has not really evolved for decades. So cinematographers started using Kodak Vision color negative even for b&w movies. Or digital. In the end, if the shoot is indeed done on 35mm, the negative will be scanned so that grading and VFX can be done in digital.
But anyway, it sounds like a fun project. And 35 mm cameras are definitely a pleasure to work with. It will be interesting to see if this project will contribute to push for the addition of professional features to Linux NLEs. That would be great.
(The logic makes sense. I haven't tested the syntax yet)
It also suggests an insane 30-character password abomination:
for example the relatively strong password: th1$l1ttl3p1ggy$3cur3dth31rW0rdpr3$$$1t3 is simply "thislittlepiggysecuredtheirWordpresssite" with i->1, s->$, e=3, and o->0 (zero)
In theory, yes. But you picked a particularly bad example with gardening. A programmer whose hobby is programming really needs that little exercise he would get from gardening. Replacing it with more programming will lead to his brain rotting, and his programming skills declining rapidly.
Slashdot Mirror
Well, hex is fine to give the age up to 57. From 50 to 57, it makes you look really youg: 32 to 39. Then at 58, it starts to look weird: 3A.
Will the dark side be able to disturb the course of this story?
traceroute -m 100 216.81.59.173
Yes, it's only on google.co.uk for me. It's actually not only a logo, but a silly little game. Funny.
What Google doodle? Was it yesterday?
Yes, where is the link? I'm not in the UK, so I can't see it. Where is the torrent???
mod parent up. Indeed, without the keys, this list is useless. I have 2 accounts in this list, and I know the password. That doesn't help me at all in decrypting the other passwords. As far as I know, there is no easy know-plaintext attack on 3DES.
the filename is users.tar.gz of course, not users.atr.gz
Here is the essential part missing from the summary:
magnet:?xt=urn:btih:441582b9204dad5a26199aa51c7746d641f95b21&dn=users.tar.gz&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&tr=udp%3A%2F%2Ftracker.istole.it%3A6969&tr=udp%3A%2F%2Ftracker.ccc.de%3A80&tr=udp%3A%2F%2Fopen.demonii.com%3A1337
The file is called users.atr.gz, and is 4 GB.
As already shown by http://xkcd.com/1286/ , this looks like a fun project for a lonely rainy week-end...
Unfortunately, the repeater is a Windows program. That is what you need to run on a server with a fixed IP. If you already have a server somewhere with a fixed IP, chances are high that it runs Linux or some BSD.
I once set up a very simple repeater on my Debian server, to use with UltraVNC (which is what ChunkVNC uses). It worked, but there were no easy instructions on how to set it up, or how to pre-configure the Windows UltraVNC endpoints. Also, if I remember correctly, it only supported one connection at a time.
Anyway, ChunkVNC would probably be a nice solution if it had a repeater daemon for Unix systems. And while ChunkVNC itself is open source, I don't think that it's UltraVNC component is.
I do agree bootup times don't matter if you run a server.
Indeed.
And isn't Debian mostly used on servers?
I know it's what I use on all my servers, while using Ubuntu these days for my notebook. If my notebook can boot faster when I need to restart it, I'm interested. But for my servers, no thanks. What is wrong with the simple and reliable SysV init scripts used by Debian now?
I have tried several GUIs for iptables, and also a few firewall scripts for both a few servers and my notebook. In the end, I have always been frustrated.
Finally, for my rather simple needs, I have a simple (~ 100-150 lines) file in "iptables-save" format, and a short custom init script which basically does iptables-restore from that file or saves to it.
I am not convinced that a GUI would be clearer / more readable / more flexible than that. At least, the ones I tried were not.
One interesting feature in NFTables for me is that it seems to support predefined variables. As I understand it, I could use a very similar approach, just have the added benefit of being able to declare stuff like "LAN=192.168.xx.0/24", "Mail=xxx.xxx.xxx.xxx" etc. and use variables in the actual rules. That would be a nice improvement, even if I have to learn a new rule syntax, which doesn't seem too obscure from what I could see.
When I heard last year that there may have been problems with the leap second, I checked the few Linux servers I take care of, and all seemed to be fine. They sync their time to NTP servers.
What was that problem, anyway? Or did it only affect some very busy servers? Or only in some very special circumstances? Last year's leap second wasn't anything really new either. There had been occasional leap seconds for many years. (But usually on Dec 31).
This tehnique won't work for long: https://www.google.com/search?q=five+plus+seventeen
Who knows, maybe one of them will put in that killer feature we've all been waiting for?
Like making it able to write clean structured HTML for people who want to write (not code in a text editor)? That would be great, but I wouldn't count on it.
Still waiting for the killer new generation word.processor which focuses on HTML instead of Letter/A4 printing...
No point in all these rants. It's indeed just a bug (for now).
(There are plenty of other good reasons to rant at Oracle)
It was one thing looking at Playboy
The seventies magazines I was referring to were not Playboy. If you consider Playboy to be pornography, then you really have a problem.
I agree. And I also noticed that children tend to go sites for children because that is where they find what they want.
The "pornography" they might stumble upon accidentally is soft, and they don't even notice it because it's not intersting
Once they start finding pornography interesting, you cannot prevent them from finding it, and why would you anyway.
As teenagers, before the Internet, we had some pornographic magazines which someone would have found and which we would look at in a far away corner of the school yard. It hasn't traumatized me.
In short, my children who are now almost adult always had access to the Internet, and I have never noticed a problem with pornography.
The title says "Attack from inside India". But the quote only seems to say "Since the target is Pakistan, the attacker can only be India". That doesn't sound like very solid evidence...
Of course, I haven't read the article (yet?), but the summary doesn't really suggest I would learn anything more.
I'm wondering too. Reading the /. discussion in the hope of finding the answer, but all I read so far was just the usual MS-bashing and MS-defense blabber.
How can a browser vulnerability compromise a server? Or are the redirects only happening in the browser? Then the summary is misleading.
Yes, but those would have been shot in 2011. Didn't Kodak file for bankrupcy since?
You mean "correct horse battery staple"
.
No, I meant another animal, just in case the person who did the dictionary is an xkcd fan, and put that in for fun.
But for the number of characters, I think you may have to revisit your math, as other have already pointed out. And this is an online attack, which severely limits the speed anyway (not the speed of trying, but the speed of getting a reply from the server).
It will use anything supported by ffmpeg
If that's the case, that may an incentive for ffmpeg to support 10 bit encoding into DNxHD, which would be nice to have. Currently, it decodes 10 bit, but only encodes into 8 bit (for DNxHD). Unless they use ProRes. Are there any other formats that are NLE-friendly (intra-frame compresion only)? Maybe MJPEG? But MJPEG would be 8-bit only, I think. Then again, 8-bit may be sufficient for what a b&w negative is able to capture... :-)
Can you still actually buy 35 mm. motion picture camera negative? As far as I know, one should be able to buy Orwo negative from Russia. But is Kodak still manufacturing B&W? Even Color negatives from Kodak are not so easy to get any more.
Maybe there is good b&w photo film available. I don't know. But for motion pictures, the stock has not really evolved for decades. So cinematographers started using Kodak Vision color negative even for b&w movies. Or digital. In the end, if the shoot is indeed done on 35mm, the negative will be scanned so that grading and VFX can be done in digital.
But anyway, it sounds like a fun project. And 35 mm cameras are definitely a pleasure to work with. It will be interesting to see if this project will contribute to push for the addition of professional features to Linux NLEs. That would be great.
The useful part of that blog post seems to be:
RewriteEngine on
RewriteCond %{REQUEST_METHOD} =POST
RewriteCond %{HTTP_REFERER} !^http://(.*)?.example.com [NC]
RewriteCond %{REQUEST_URI} ^/wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^/wp-admin$
RewriteRule ^(.*)$ - [R=403,L]
(The logic makes sense. I haven't tested the syntax yet)
It also suggests an insane 30-character password abomination:
for example the relatively strong password: th1$l1ttl3p1ggy$3cur3dth31rW0rdpr3$$$1t3 is simply "thislittlepiggysecuredtheirWordpresssite" with i->1, s->$, e=3, and o->0 (zero)
I prefer "wrong chicken battery staple", which is probably not in attacker's dictionnary.
In theory, yes. But you picked a particularly bad example with gardening. A programmer whose hobby is programming really needs that little exercise he would get from gardening. Replacing it with more programming will lead to his brain rotting, and his programming skills declining rapidly.